Package org.hoteia.qalingo.core.security.util

Source Code of org.hoteia.qalingo.core.security.util.SecurityUtil

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
/**
* Most of the code in the Qalingo project is copyrighted Hoteia and licensed
* under the Apache License Version 2.0 (release version 0.8.0)
*         http://www.apache.org/licenses/LICENSE-2.0
*
*                   Copyright (c) Hoteia, 2012-2014
* http://www.hoteia.com - http://twitter.com/hoteia - contact@hoteia.com
*
*/
package org.hoteia.qalingo.core.security.util;

import java.util.Random;

import javax.servlet.http.HttpServletRequest;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.WebAuthenticationDetails;
import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;

import org.hoteia.qalingo.core.domain.Customer;
import org.hoteia.qalingo.core.domain.EngineBoSession;
import org.hoteia.qalingo.core.domain.EngineEcoSession;
import org.hoteia.qalingo.core.domain.User;
import org.hoteia.qalingo.core.security.util.SecurityUtil;
import org.hoteia.qalingo.core.service.EngineSessionService;
import org.hoteia.qalingo.core.web.util.RequestUtil;

@Service("securityUtil")
@Transactional
public class SecurityUtil {

  private final Logger logger = LoggerFactory.getLogger(getClass());

    static final String ALPHA_CAPS = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
    static final String ALPHA = "abcdefghijklmnopqrstuvwxyz";
    static final String NUM = "0123456789";
    static final String SPL_CHARS = "!@#$%*";

  @Autowired
  private EngineSessionService engineSessionService;
 
  @Autowired
  private AuthenticationManager authenticationManager;
 
  @Autowired
  private RequestUtil requestUtil;
 
  @Autowired
  protected PasswordEncoder encoder;
 
  public String generatePermalink() {

    // TODO : setting in database
   
    return new String(generatePswd(10, 10, 1, 1, 0));
  }
 
  public void authenticationCustomer(final HttpServletRequest request, final Customer customer) {
    try {
      UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(customer.getEmail(), customer.getPassword());
      token.setDetails(new WebAuthenticationDetails(request));
      Authentication authenticatedUser = authenticationManager.authenticate(token);
 
      SecurityContextHolder.getContext().setAuthentication(authenticatedUser);
      request.getSession().setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY, SecurityContextHolder.getContext());
   
      EngineEcoSession engineEcoSessionWithTransientValues = requestUtil.getCurrentEcoSession(request);
      engineEcoSessionWithTransientValues.setCurrentCustomer(customer);
      engineEcoSessionWithTransientValues.getCart().setCustomerId(customer.getId());
      engineEcoSessionWithTransientValues.getCart().setBillingAddressId(customer.getDefaultBillingAddressId());
      engineEcoSessionWithTransientValues.getCart().setShippingAddressId(customer.getDefaultShippingAddressId());
      engineSessionService.updateAndSynchronizeEngineEcoSession(engineEcoSessionWithTransientValues);
    } catch (Exception e) {
      logger.error("", e);
    }
   
  }
 
  public void authenticationUser(final HttpServletRequest request, final User user) {
    try {
   
      UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(user.getEmail(), user.getPassword());
      token.setDetails(new WebAuthenticationDetails(request));
      Authentication authenticatedUser = authenticationManager.authenticate(token);
 
      SecurityContextHolder.getContext().setAuthentication(authenticatedUser);
      request.getSession().setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY, SecurityContextHolder.getContext());
   
      EngineBoSession engineBoSession = requestUtil.getCurrentBoSession(request);
      engineBoSession.setCurrentUser(user);
      engineSessionService.saveOrUpdateEngineBoSession(engineBoSession);
     
    } catch (Exception e) {
      logger.error("", e);
    }
  }
 
  public String encodePassword(String clearPassword) {
    String result = encoder.encode(clearPassword);
    return result;
  }
 
  public String generateAndEncodePassword() {
    return encodePassword(generatePassword());
  }
   
  public String generatePassword() {

    // TODO : setting in database
   
    return new String(generatePswd(8, 8, 1, 1, 1));
  }
 
  public static char[] generatePswd(int minLen, int maxLen, int noOfCAPSAlpha, int noOfDigits, int noOfSplChars) {
        if(minLen > maxLen)
            throw new IllegalArgumentException("Min. Length > Max. Length!");
        if( (noOfCAPSAlpha + noOfDigits + noOfSplChars) > minLen )
            throw new IllegalArgumentException
            ("Min. Length should be atleast sum of (CAPS, DIGITS, SPL CHARS) Length!");
        Random rnd = new Random();
        int len = rnd.nextInt(maxLen - minLen + 1) + minLen;
        char[] pswd = new char[len];
        int index = 0;
        for (int i = 0; i < noOfCAPSAlpha; i++) {
            index = getNextIndex(rnd, len, pswd);
            pswd[index] = ALPHA_CAPS.charAt(rnd.nextInt(ALPHA_CAPS.length()));
        }
        for (int i = 0; i < noOfDigits; i++) {
            index = getNextIndex(rnd, len, pswd);
            pswd[index] = NUM.charAt(rnd.nextInt(NUM.length()));
        }
        for (int i = 0; i < noOfSplChars; i++) {
            index = getNextIndex(rnd, len, pswd);
            pswd[index] = SPL_CHARS.charAt(rnd.nextInt(SPL_CHARS.length()));
        }
        for(int i = 0; i < len; i++) {
            if(pswd[i] == 0) {
                pswd[i] = ALPHA.charAt(rnd.nextInt(ALPHA.length()));
            }
        }
        return pswd;
    }
    private static int getNextIndex(Random rnd, int len, char[] pswd) {
        int index = rnd.nextInt(len);
        while(pswd[index = rnd.nextInt(len)] != 0);
        return index;
    }
   
}
TOP

Related Classes of org.hoteia.qalingo.core.security.util.SecurityUtil

  • org.hoteia.qalingo.core.domain.EngineBoSession
  • org.hoteia.qalingo.core.domain.EngineEcoSession
  • org.springframework.security.authentication.UsernamePasswordAuthenticationToken
  • org.springframework.security.core.Authentication
  • org.springframework.security.web.authentication.WebAuthenticationDetails
  • java.util.Random
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.