Commit e88e732d authored by Ghitha Dinan's avatar Ghitha Dinan

add send email

parent 050d737c
Pipeline #406 canceled with stages
package id.go.kemenag.madrasah.pmrms.notif.constant
const val AUTH_URL = "http://localhost:8080"
...@@ -3,6 +3,7 @@ package id.go.kemenag.madrasah.pmrms.notif.controller ...@@ -3,6 +3,7 @@ package id.go.kemenag.madrasah.pmrms.notif.controller
import id.go.kemenag.madrasah.pmrms.notif.model.request.EmailRequest import id.go.kemenag.madrasah.pmrms.notif.model.request.EmailRequest
import id.go.kemenag.madrasah.pmrms.notif.model.response.ReturnData import id.go.kemenag.madrasah.pmrms.notif.model.response.ReturnData
import id.go.kemenag.madrasah.pmrms.notif.service.EmailService import id.go.kemenag.madrasah.pmrms.notif.service.EmailService
import io.swagger.annotations.Api
import org.springframework.beans.factory.annotation.Autowired import org.springframework.beans.factory.annotation.Autowired
import org.springframework.http.ResponseEntity import org.springframework.http.ResponseEntity
import org.springframework.web.bind.annotation.PostMapping import org.springframework.web.bind.annotation.PostMapping
...@@ -11,6 +12,7 @@ import org.springframework.web.bind.annotation.RequestMapping ...@@ -11,6 +12,7 @@ import org.springframework.web.bind.annotation.RequestMapping
import org.springframework.web.bind.annotation.RestController import org.springframework.web.bind.annotation.RestController
import javax.validation.Valid import javax.validation.Valid
@Api(tags = ["Email"], description = "Email API")
@RestController @RestController
@RequestMapping(path = ["email"]) @RequestMapping(path = ["email"])
class EmailController { class EmailController {
......
package id.go.kemenag.madrasah.pmrms.notif.helpers
import com.fasterxml.jackson.databind.DeserializationFeature
import com.fasterxml.jackson.databind.ObjectMapper
import id.go.kemenag.madrasah.pmrms.notif.constant.HEADER_STRING
import id.go.kemenag.madrasah.pmrms.notif.model.response.ReturnData
import kong.unirest.Unirest
import org.apache.http.client.HttpClient
import org.apache.http.conn.ssl.NoopHostnameVerifier
import org.apache.http.conn.ssl.TrustSelfSignedStrategy
import org.apache.http.impl.client.HttpClients
import org.apache.http.ssl.SSLContextBuilder
import java.security.cert.X509Certificate
import javax.net.ssl.SSLContext
class RequestHelpers {
companion object {
private fun configHttpClient() {
val sslContext: SSLContext = SSLContextBuilder().loadTrustMaterial(
null,
object : TrustSelfSignedStrategy() {
override fun isTrusted(chain: Array<X509Certificate?>?, authType: String?): Boolean {
return true
}
}
).build()
val customHttpClient: HttpClient = HttpClients.custom().setSSLContext(sslContext)
.setSSLHostnameVerifier(NoopHostnameVerifier()).build()
Unirest.config().httpClient(customHttpClient)
}
fun authDetail(authUrl: String, bearer: String): ReturnData? {
return try {
configHttpClient()
val objectMapper = ObjectMapper()
objectMapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false)
val reqUrl = "$authUrl/detail"
val response = Unirest.get(reqUrl)
.header("Content-Type", "application/json")
.header(HEADER_STRING, bearer)
.asString()
objectMapper.readValue(response.body, ReturnData::class.java)
} catch (e: Exception) {
e.printStackTrace()
null
}
}
}
}
package id.go.kemenag.madrasah.pmrms.notif.interceptor package id.go.kemenag.madrasah.pmrms.notif.interceptor
import com.auth0.jwt.JWT
import com.auth0.jwt.algorithms.Algorithm
import com.auth0.jwt.exceptions.JWTCreationException import com.auth0.jwt.exceptions.JWTCreationException
import com.auth0.jwt.exceptions.JWTDecodeException import com.auth0.jwt.exceptions.JWTDecodeException
import com.auth0.jwt.exceptions.JWTVerificationException import com.auth0.jwt.exceptions.JWTVerificationException
import com.fasterxml.jackson.databind.DeserializationFeature
import com.fasterxml.jackson.databind.ObjectMapper import com.fasterxml.jackson.databind.ObjectMapper
import id.go.kemenag.madrasah.pmrms.notif.model.response.ReturnData
import id.go.kemenag.madrasah.pmrms.notif.constant.* import id.go.kemenag.madrasah.pmrms.notif.constant.*
import id.go.kemenag.madrasah.pmrms.notif.helpers.RequestHelpers
import id.go.kemenag.madrasah.pmrms.notif.model.response.ReturnData
import id.go.kemenag.madrasah.pmrms.notif.pojo.Users
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken import org.springframework.security.authentication.UsernamePasswordAuthenticationToken
import org.springframework.security.core.context.SecurityContextHolder import org.springframework.security.core.context.SecurityContextHolder
import org.springframework.web.util.ContentCachingRequestWrapper import org.springframework.web.util.ContentCachingRequestWrapper
...@@ -33,7 +34,6 @@ class TokenInterceptor : Filter { ...@@ -33,7 +34,6 @@ class TokenInterceptor : Filter {
return return
} }
var authentication: UsernamePasswordAuthenticationToken? = null var authentication: UsernamePasswordAuthenticationToken? = null
var successAuth = true var successAuth = true
...@@ -82,14 +82,25 @@ class TokenInterceptor : Filter { ...@@ -82,14 +82,25 @@ class TokenInterceptor : Filter {
JWTVerificationException::class, JWTVerificationException::class,
IllegalArgumentException::class IllegalArgumentException::class
) )
private fun getAuthentication(request: HttpServletRequest): UsernamePasswordAuthenticationToken { private fun getAuthentication(request: HttpServletRequest): UsernamePasswordAuthenticationToken {
val token = request.getHeader(HEADER_STRING) try {
// parse jwt token from request and validate it internal authentication val token = request.getHeader(HEADER_STRING)
val jwt = val reqAuthDetail: ReturnData =
JWT.require(Algorithm.HMAC512(SECRET.toByteArray())).build().verify(token.replace(TOKEN_PREFIX, "")) RequestHelpers.authDetail(AUTH_URL, token) ?: throw Exception("User $VALIDATOR_MSG_NOT_FOUND")
return if (jwt.subject != null) { // return principal username
val audience = jwt.audience?.get(0) reqAuthDetail.success?.let {
if (!it) {
throw Exception(reqAuthDetail.message)
}
}
val objectMapper = ObjectMapper()
objectMapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false)
val users: Users =
objectMapper.readValue(objectMapper.writeValueAsString(reqAuthDetail.data), Users::class.java)
val audience = "user-admin"
var isAllowed = false var isAllowed = false
AUDIENCE_FILTER_PATH[audience]?.forEach lambda@{ AUDIENCE_FILTER_PATH[audience]?.forEach lambda@{
...@@ -106,31 +117,18 @@ class TokenInterceptor : Filter { ...@@ -106,31 +117,18 @@ class TokenInterceptor : Filter {
} }
} }
if (isAllowed) { return if (isAllowed) {
/*val objectMapper = ObjectMapper() UsernamePasswordAuthenticationToken(
objectMapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false) ObjectMapper().writeValueAsString(users),
val users: Users = objectMapper.readValue(jwt.subject, Users::class.java) audience,
arrayListOf()
val servletContext = request.session.servletContext )
val webApplicationContext = WebApplicationContextUtils.getWebApplicationContext(servletContext)
val repoUser = webApplicationContext!!.getBean(UserRepository::class.java)
val checkUser = repoUser.findByIdAndActive(users.id)
if (checkUser.isPresent) {
UsernamePasswordAuthenticationToken(
objectMapper.writeValueAsString(users),
audience,
ArrayList()
)
} else {
throw Exception("User $VALIDATOR_MSG_NOT_FOUND")
}*/
throw Exception("User $VALIDATOR_MSG_NOT_FOUND")
} else { } else {
throw Exception("User $VALIDATOR_MSG_NOT_HAVE_ACCESS") throw Exception("User $VALIDATOR_MSG_NOT_HAVE_ACCESS")
} }
} else { } catch (e: Exception) {
throw Exception("Token $VALIDATOR_MSG_NOT_VALID") e.printStackTrace()
throw e
} }
} }
} }
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment