14. EPMO Open Source Coordination Office Redaction File Detail Report

Produced by Araxis Merge on 3/24/2017 5:17:18 PM Eastern Daylight Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.

14.1 Files compared

#	Location	File	Last Modified
1	MHV_2017.2.0.0 Code In Flight.zip\National Portal\mhv_hooks\mhv-liferay-sso-hook\src\main\java\gov\va\med\mhv\sso	LegacyAutoLogin.java	Tue Dec 6 15:20:18 2016 UTC
2	MHV_2017.2.0.0 Code In Flight.zip\National Portal\mhv_hooks\mhv-liferay-sso-hook\src\main\java\gov\va\med\mhv\sso	LegacyAutoLogin.java	Fri Mar 24 20:19:38 2017 UTC

14.2 Comparison summary

Description	Between Files 1 and 2
Description	Text Blocks	Lines
Unchanged	2	674
Changed	1	2
Inserted	0	0
Removed	0	0

14.3 Comparison options

Whitespace
Character case	Differences in character case are significant
Line endings	Differences in line endings (`CR` and `LF` characters) are ignored
CR/LF characters	Not shown in the comparison detail

14.4 Active regular expressions

No regular expressions were active.

14.5 Comparison detail

	1	package go v.va.med.m hv.sso;
	2
	3	import jav a.util.Arr ayList;
	4	import jav a.util.Cal endar;
	5	import jav a.util.Dat e;
	6	import jav a.util.Lis t;
	7
	8	import jav ax.servlet .http.Http ServletReq uest;
	9	import jav ax.servlet .http.Http ServletRes ponse;
	10	import jav ax.servlet .http.Http Session;
	11
	12	import org .springfra mework.bea ns.factory .annotatio n.Autowire d;
	13	import org .springfra mework.bea ns.factory .annotatio n.Qualifie r;
	14
	15	import com .fasterxml .jackson.d atabind.Ob jectMapper ;
	16	import com .liferay.p ortal.kern el.log.Log ;
	17	import com .liferay.p ortal.kern el.log.Log FactoryUti l;
	18	import com .liferay.p ortal.kern el.servlet .PortalSes sionThread Local;
	19	import com .liferay.p ortal.mode l.User;
	20	import com .liferay.p ortal.secu rity.auth. AutoLogin;
	21	import com .liferay.p ortal.secu rity.auth. AutoLoginE xception;
	22	import com .liferay.p ortal.serv ice.UserLo calService Util;
	23	import com .liferay.p ortal.util .PortalUti l;
	24
	25	import gov .va.med.mh v.common.a pi.dto.Pat ientDTO;
	26	import gov .va.med.mh v.common.a pi.dto.Use rProfileDT O;
	27	import gov .va.med.mh v.common.a pi.enumera tion.Field TestEnum;
	28	import gov .va.med.mh v.common.a pi.excepti on.MHVExce ption;
	29	import gov .va.med.mh v.common.a pi.util.Re sponseUtil ;
	30	import gov .va.med.mh v.sso.Syst emDownExce ption.Erro rCodeEnum;
	31	import gov .va.med.mh v.usermgmt .common.dt o.FieldTes tDTO;
	32	import gov .va.med.mh v.usermgmt .service.A ccountVali datorServi ce;
	33	import gov .va.med.mh v.usermgmt .service.M viTreatmen tFacilityU pdator;
	34	import gov .va.med.mh v.usermgmt .service.U serMgmtSer vice;
	35
	36	/**
	37	* Created by DNS on 10/26/ 15.
	38	*/
	39	public cla ss LegacyA utoLogin i mplements AutoLogin {
	40
	41	pr ivate stat ic final L og logger = LogFacto ryUtil.get Log(Legacy AutoLogin. class);
	42
	43	pr ivate stat ic final O bject HTTP _SESSION_E RROR = "ja va.io.IOEx ception: U nable to a ccess the clients ht tp session ";
	44
	45	pu blic stati c final St ring ATTR_ SCREEN_NAM E = "scree nName";
	46	pu blic stati c final St ring ATTR_ USER_PROFI LE = "user Profile";
	47	pu blic stati c final St ring ATTR_ PATIENT = "patient";
	48	pu blic stati c final St ring ATTR_ SHOW_DELEG ATE_USER_T EXT = "sho wDelegateU serText";
	49	pu blic stati c final St ring ATTR_ DELEGATE_I D = "deleg ateID"; // The user that can a ct in beha lf of a de legator
	50	pu blic stati c final St ring ATTR_ DELEGATOR_ IDS = "del egatorIDsL ist"; // The use rs that ar e allowing the deleg ate act on their beh alf
	51	pr ivate stat ic final S tring ATTR _MHV_API_E RROR_CODE = "mhvapiE rrorCode";
	52
	53	// Values us ed the in the 'statu s' column of the 'ip a' table i n the data base
	54	pr ivate stat ic final S tring DB_V AL_AUTHENT ICATED = " Authentica ted";
	55	pr ivate stat ic final S tring DB_V AL_UNAUTHE NTICATED = "Unauthen ticated";
	56
	57	pu blic stati c final St ring VAR_U SER_ROLE = "MHV_VAR" ;
	58
	59	pr ivate User MgmtServic e userMgmt Service = null;
	60
	61	pr ivate Acco untValidat orService accountVal idatorServ ice;
	62
	63	@A utowired
	64	@Q ualifier(" treatmentF acilityUpd ator")
	65	pr ivate MviT reatmentFa cilityUpda tor mviInt egrationSe rvice;
	66
	67
	68
	69	/* *
	70	* handleExc eption: Ha ndles the exception reported d uring the auto login process.
	71	* @param re quest
	72	* @param re sponse
	73	* @param e
	74	* @return S tring The array of l ogin detai ls.
	75	* @throws A utoLoginEx ception
	76	* /
	77	pu blic Strin g[] handle Exception( HttpServle tRequest r equest, Ht tpServletR esponse re sponse, Ex ception e) throws Au toLoginExc eption {
	78	logg er.error(" Error enco untered by auto logi n process: " + e.get Message(), e);
	79
	80	// n ow we'll j ust return null so t hat it doe s not do a ny auto lo gin stuff:
	81
	82	retu rn null;
	83	}
	84
	85	/* *
	86	* login: Ha ndles the actual aut o-login pr ocess.
	87	* @param re quest
	88	* @param re sponse
	89	* @return T he array o f login de tails.
	90	* @throws A utoLoginEx ception
	91	* /
	92	@O verride
	93	pu blic Strin g[] login( HttpServle tRequest r equest, Ht tpServletR esponse re sponse) th rows AutoL oginExcept ion {
	94	Stri ng[] crede ntials = n ull;
	95
	96	if(l ogger.isDe bugEnabled ()) {
	97	logger .debug("En tering log in method. ");
	98	logger .debug("Re mote Addre ss: " + re quest.getR emoteAddr( ));
	99	}
	100
	101	long companyId = PortalU til.getCom panyId(req uest);
	102
	103	Http Session se ssion = re quest.getS ession();
	104	Obje ctMapper m apper = ne w ObjectMa pper();
	105
	106
	107
	108	try {
	109	User u ser = null ;
	110
	111	String username = (String) request.ge tAttribute ("MHV_EA_U NAME");
	112	String csid = (S tring)requ est.getAtt ribute("MH V_EA_CSID" );
	113	String userHash = (String) request.ge tAttribute ("MHV_EA_H ASH");
	114	String icn = (St ring)reque st.getAttr ibute("MHV _EA_ICN");
	115	String va_eauth_ isdelegate = (String )request.g etAttribut e("MHV_EA_ IS_DELEGAT E");
	116	boolea n isDelega te = "true ".equals(v a_eauth_is delegate);
	117	String va_eauth_ isdelegate _custom = (String)re quest.getA ttribute(" MHV_EA_IS_ DELEGATE_C USTOM");
	118	boolea n isDelega teCustom = "true".eq uals(va_ea uth_isdele gate_custo m);
	119	Long u serID = nu ll;
	120
	121	// TOD O - debug only - rem ove when d one with d ev work
	122	if (us ername != null) {
	123	System.o ut.println ("LegacyAu toLogin: login(): ########## ### usern ame = " + username) ;
	124	System.o ut.println ("LegacyAu toLogin: login(): ########## ### csid = " + csid);
	125	System.o ut.println ("LegacyAu toLogin: login(): ########## ### icn = " + icn);
	126	System.o ut.println ("LegacyAu toLogin: login(): ########## ### va_ea uth_isdele gate = " + va_eauth_ isdelegate );
	127	System.o ut.println ("LegacyAu toLogin: login(): ########## ### va_ea uth_isdele gate_custo m = " + va _eauth_isd elegate_cu stom);
	128	System.o ut.println ("LegacyAu toLogin: login(): ########## ### isDel egate = " + isDelega te);
	129	System.o ut.println ("LegacyAu toLogin: login(): ########## ### isDel egateCusto m = " + is DelegateCu stom);
	130	}
	131
	132
	133	logger .debug("Us erName: "+ username) ;
	134
	135
	136	if(use rname !=nu ll && user name.lengt h() > 0) {
	137	user = U serLocalSe rviceUtil. getUserByS creenName( companyId, username) ;
	138
	139	if(user != null) {
	140	if(logger. isDebugEna bled() && user != nu ll) {
	141	lo gger.debug (String.fo rmat("Life ray User F ound havin g ID: %d a nd Screen Name: %s", user.getU serId(), u ser.getScr eenName()) );
	142	lo gger.debug ("User ICN : " + icn) ;
	143	lo gger.debug ("User Has h: " + use rHash);
	144	lo gger.debug ("User CSI D: " + csi d);
	145	}
	146
	147	session.se tAttribute (ATTR_SCRE EN_NAME, u sername);
	148
	149	this.isUse rInactive( username);
	150	session.se tAttribute (ATTR_SCRE EN_NAME, u sername);
	151
	152	this.isUse rInactive( username);
	153	credential s = new St ring[] {St ring.value Of(user.ge tUserId()) , user.get Password() , String.v alueOf(use r.isPasswo rdEncrypte d())};
	154
	155	UserProfil eDTO authe nticatedMh vUserProfi le = this. getUserPro file(usern ame);
	156
	157	if (authen ticatedMhv UserProfil e != null) {
	158
	159	us erID = aut henticated MhvUserPro file.getId ();
	160	Sy stem.out.p rintln("Le gacyAutoLo gin: logi n(): Setti ng ATTR_US ER_PROFILE : userID:: "+userID) ;
	161	se ssion.setA ttribute(A TTR_USER_P ROFILE, ma pper.write ValueAsStr ing(authen ticatedMhv UserProfil e));
	162
	163	Pa tientDTO a uthenticat eMhvPatien t = (authe nticatedMh vUserProfi le != null )
	164	? this .getPatien t(authenti catedMhvUs erProfile. getId()) : null;
	165
	166	if (authenti cateMhvPat ient != nu ll) {
	167	sess ion.setAtt ribute(ATT R_PATIENT, mapper.wr iteValueAs String(aut henticateM hvPatient) );
	168	}
	169
	170	if (csid != null) {
	171	auth enticatedM hvUserProf ile.setSig nInPartner s(csid);
	172	}
	173
	174	// this.doPos tLoginUpda teUser(aut henticated MhvUserPro file.getId ());
	175	pr ocessFacil itiesUpdat e(authenti catedMhvUs erProfile) ;
	176	pr ocessLastL ogin(authe nticatedMh vUserProfi le);
	177
	178
	179	if (hasVARAcc ess(authen ticateMhvP atient)) {
	180	Syst em.out.pri ntln(" * ABOUT TO SET VAR RO LE *** ***");
	181	sess ion.setAtt ribute(VAR _USER_ROLE , VAR_USER _ROLE);
	182	if(l ogger.isIn foEnabled( ))
	183	logger .info("Use r Profile : " + auth enticatedM hvUserProf ile.getUse rName() + " is set f or VAR ACC ESS ");
	184	}
	185
	186
	187	}
	188	}
	189	}
	190	} ca tch (AutoL oginExcept ion ale) {
	191	if(ses sion != nu ll && ale. getCause() instanceo f SystemDo wnExceptio n) {
	192	session. setAttribu te(ATTR_MH V_API_ERRO R_CODE, (( SystemDown Exception) ale.getCau se()).getE rrorCode() );
	193	}
	194	throw ale;
	195
	196	}cat ch (Except ion e) {
	197	logger .error("Le gacyAutoLo gin Except ion: " + e .getMessag e(), e);
	198	throw new AutoLo ginExcepti on("Error processing LegacyAut oLogin.", e);
	199	}
	200
	201	if(l ogger.isDe bugEnabled ()) {
	202	logger .debug("Ex iting logi n method." );
	203	}
	204
	205	// cred entials[0] = String. valueOf(10 728);
	206	// cred entials[1] = "AAAAoA AB9AC1H7t9 5P/IMQxT9e yUjojAsDk5 3jaPEW7PCd cn";
	207	// cred entials[2] = Boolean .TRUE.toSt ring();
	208
	209	retu rn credent ials;
	210	}
	211
	212	pr ivate void processLa stLogin(Us erProfileD TO user) {
	213	//JA ZZ # 11194 1 - Remote ID Proofi ng - Last Login
	214	if(u ser.getCur rentLogin( )!=null) {
	215	user.s etLastLogi n(user.get CurrentLog in());
	216	}
	217	//Ja zz136316 L ogout box date time change
	218	user .setCurren tLogin(new Date());
	219	try {
	220	accoun tValidator Service.sa veUserProf ile(user);
	221	} ca tch (MHVEx ception e) {
	222	e.prin tStackTrac e();
	223	}
	224	}
	225
	226	// JAZZ # 128 616 - Proc ess Facili ties Updat e
	227	privat e void pro cessFacili tiesUpdate (UserProfi leDTO user ) {
	228	bool ean sameDa y = false;
	229
	230	Pati entDTO pat ient = acc ountValida torService .getPatien tForUser(u ser.getId( ));;
	231
	232	//02 /1/2016: W e need to check to s ee if pati entDTO exi sts before doing the facility update.
	233	if(p atient != null) {
	234	if(pat ient.getLa stFaciliti esUpdateDa teTime() ! = null) {
	235	Calendar now = Cal endar.getI nstance();
	236	//now.se tTime(now. getTime() - 100060 60*24);
	237	Calendar lastFacil itiesUpdat e = Calend ar.getInst ance();
	238	lastFaci litiesUpda te.setTime (patient.g etLastFaci litiesUpda teDateTime ());
	239
	240	sameDay = now.get( Calendar.Y EAR) == la stFaciliti esUpdate.g et(Calenda r.YEAR) &&
	241	now.get(Ca lendar.DAY _OF_YEAR) == lastFac ilitiesUpd ate.get(Ca lendar.DAY _OF_YEAR);
	242	}
	243	if(!sa meDay) {
	244	try {
	245	//Jazz Id: 230989 - adding HL7 v3 Version code in M VI Request Header.
	246	mviIntegra tionServic e.updateTr eatmentFac ilitiesFor ExistingPa tients(pat ient);
	247	} catch (MHVExcept ion e) {
	248	logger.err or("Error updating f acilities for patien t.", e);
	249	}
	250	}
	251	}
	252	}
	253
	254	pr ivate User ProfileDTO getUserPr ofile(Stri ng screenN ame) throw s AutoLogi nException {
	255	User ProfileDTO userProfi le = null;
	256	t ry {
	257
	258	userPro file = get UserManage mentServic e().getUse rProfile(s creenName) ;
	259
	260	} catch (Ex ception ex ) {
	261	ex. printStack Trace();
	262	if (! HTTP_SESSI ON_ERROR.e quals(ex.g etMessage( ))) {
	263	logger.er ror(ErrorC odeEnum.US ER_MANAGME NT_FAILURE _USER_PROF ILE.toStri ng()+", Sc reename:"+ screenNam e, ex);
	264	throw new AutoLogin Exception( "Error get ting User Profile fr om User Ma nagement S ervice.",
	265	new Sys temDownExc eption(Err orCodeEnum .USER_MANA GMENT_FAIL URE_USER_P ROFILE, ex ));
	266
	267	}
	268	}
	269
	270	r eturn user Profile;
	271	}
	272
	273
	274	pr ivate Pati entDTO get Patient(Lo ng userPro fileId) th rows AutoL oginExcept ion {
	275	tr y {
	276	return g etUserMana gementServ ice().getP atient(use rProfileId );
	277	} catch (Exc eption ex) {
	278	logger.e rror(Error CodeEnum.U SER_MANAGM ENT_FAILUR E_PATIENT. toString() , ex);
	279	throw ne w AutoLogi nException ("Error ge tting Pati ent from U ser Manage ment Servi ce.", new SystemDown Exception( ErrorCodeE num.USER_M ANAGMENT_F AILURE_PAT IENT, ex)) ;
	280	}
	281	}
	282
	283	pr ivate void doPostLog inUpdateUs er(Long us erProfileI d) throws AutoLoginE xception {
	284	tr y {
	285	this.u serMgmtSer vice.postL oginUpdate User(userP rofileId);
	286	} catch (MHV Exception ex) {
	287	logg er.error(E rrorCodeEn um.USER_MA NAGMENT_FA ILURE_POST _LOGIN_UPD ATE.toStri ng(), ex);
	288	throw ne w AutoLogi nException ("Error pe rforming p ost login updates fo r User.", new System DownExcept ion(ErrorC odeEnum.US ER_MANAGME NT_FAILURE _POST_LOGI N_UPDATE, ex));
	289	}
	290	}
	291
	292	pr ivate User MgmtServic e getUserM anagementS ervice() {
	293	if (this.use rMgmtServi ce == null ) {
	294	this .userMgmtS ervice = ( UserMgmtSe rvice) App licationCo ntextProvi der.getApp licationCo ntext().ge tBean("use rMgmtServi ceProxy");
	295	}
	296	re turn this. userMgmtSe rvice;
	297	}
	298
	299	pr ivate void isUserIna ctive(Stri ng screenN ame) throw s AutoLogi nException {
	300	tr y {
	301	if (getA ccountVali datorServi ce().isUse rInactive( screenName )) {
	302	logg er.error(s creenName + ":: is d eactivated ");
	303	thro w new Auto LoginExcep tion(new U serDeactiv atedExcept ion(String .format("U ser: %s is not activ e.", scree nName)));
	304	}
	305	} catch (MHV Exception e) {
	306	// somet hing faile d with the web servi ce. fail a uthenticat ion.
	307	logg er.error(E rrorCodeEn um.ACCOUNT _VALIDATOR _FAILURE_I S_USER_INA CTIVE.toSt ring(), e) ;
	308	throw ne w AutoLogi nException ("Error ge tting User Profile f rom User M anagement Service.", new Syste mDownExcep tion(Error CodeEnum.A CCOUNT_VAL IDATOR_FAI LURE_IS_US ER_INACTIV E, e));
	309	}
	310	}
	311
	312	pr ivate Acco untValidat orService getAccount ValidatorS ervice() {
	313	if (this.acc ountValida torService == null) {
	314	this.acc ountValida torService = (Accoun tValidator Service) A pplication ContextPro vider.getA pplication Context(). getBean("a ccountVali datorServi ceProxy");
	315	}
	316
	317	re turn this. accountVal idatorServ ice;
	318	}
	319
	320
	321	pr ivate bool ean hasVAR Access(Pat ientDTO pa tient) {
	322	bool ean hasVar Access =fa lse;
	323	try {
	324	hasVar Access = g etUserMana gementServ ice().chec kVAREligib ilityForPa tient(pati ent.getId( ));
	325	} ca tch (Excep tion e) {
	326	// TOD O Auto-gen erated cat ch block
	327	e.prin tStackTrac e();
	328	return false;
	329	}
	330
	331	if(l ogger.isIn foEnabled( ))
	332	logger .info("Use r Profile id "+patie nt.getUser ProfileId( ) + " VAR Access sta tus is: " + hasVarA ccess);
	333
	334	retu rn hasVarA ccess;
	335	}
	336
	337
	338	}