5. EPMO Open Source Coordination Office Redaction File Detail Report

Produced by Araxis Merge on 12/8/2017 1:33:39 PM Central Standard Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.

5.1 Files compared

#	Location	File	Last Modified
1	PC_CP4_CiF.zip\FPPS_Backend\fpps_app\src\main\java\gov\va\med\fee\service\impl	AuthenticatorServiceImpl.java	Fri Dec 8 17:53:48 2017 UTC
2	PC_CP4_CiF.zip\FPPS_Backend\fpps_app\src\main\java\gov\va\med\fee\service\impl	AuthenticatorServiceImpl.java	Fri Dec 8 18:29:30 2017 UTC

5.2 Comparison summary

Description	Between Files 1 and 2
Description	Text Blocks	Lines
Unchanged	2	830
Changed	1	2
Inserted	0	0
Removed	0	0

5.3 Comparison options

Whitespace
Character case	Differences in character case are significant
Line endings	Differences in line endings (`CR` and `LF` characters) are ignored
CR/LF characters	Not shown in the comparison detail

5.4 Active regular expressions

No regular expressions were active.

5.5 Comparison detail

	1	/**
	2	* @autho r Eyuel Ta ddese
	3	*
	4	*/
	5	package go v.va.med.f ee.service .impl;
	6
	7	import jav a.net.URLE ncoder;
	8	import jav a.text.Sim pleDateFor mat;
	9	import jav a.util.Arr ayList;
	10	import jav a.util.Dat e;
	11	import jav a.util.Has hMap;
	12	import jav a.util.Has hSet;
	13	import jav a.util.Lis t;
	14	import jav a.util.Map ;
	15	import jav a.util.Set ;
	16	import jav a.util.str eam.Collec tors;
	17
	18	import org .apache.lo gging.log4 j.LogManag er;
	19	import org .apache.lo gging.log4 j.Logger;
	20	import org .springfra mework.bea ns.factory .annotatio n.Autowire d;
	21	import org .springfra mework.bea ns.factory .annotatio n.Value;
	22	import org .springfra mework.dao .DataAcces sException ;
	23	import org .springfra mework.dao .DataAcces sResourceF ailureExce ption;
	24	import org .springfra mework.htt p.HttpStat us;
	25	import org .springfra mework.ste reotype.Se rvice;
	26
	27	import gov .va.med.do main.fee.A ppUser;
	28	import gov .va.med.do main.fee.S soAuthenti cation;
	29	import gov .va.med.do main.fee.U serRoleUsa ges;
	30	import gov .va.med.fe e.dao.IApp UserReposi tory;
	31	import gov .va.med.fe e.dao.IAut henticator Repository ;
	32	import gov .va.med.fe e.dao.IUse rFacilityD ataReposit ory;
	33	import gov .va.med.fe e.dao.IUse rRolePermi ssionsRepo sitory;
	34	import gov .va.med.fe e.exceptio ns.Generic Exception;
	35	import gov .va.med.fe e.model.re sponse.Aut henticatio nParamResp onse;
	36	import gov .va.med.fe e.model.re sponse.Use rInfoRespo nse;
	37	import gov .va.med.fe e.model.re sponse.Use rRolePermi ssions;
	38	import gov .va.med.fe e.model.re sponse.Use rRoles;
	39	import gov .va.med.fe e.model.re sponse.Use rStationDe tails;
	40	import gov .va.med.fe e.service. IAuthentic atorServic e;
	41	import gov .va.med.fe e.util.IDC heckAESEnc ryption;
	42	import net .minidev.j son.JSONOb ject;
	43
	44	@Service
	45	public cl ass Authen ticatorSer viceImpl i mplements IAuthentic atorServic e {
	46
	47	pr ivate stat ic final L ogger logg er = LogMa nager.getL ogger(Auth enticatorS erviceImpl .class);
	48
	49	@A utowired
	50	IA uthenticat orReposito ry authent icatorRepo sitory;
	51
	52	@A utowired
	53	IU serFacilit yDataRepos itory user FacilityRe pository;
	54
	55	@A utowired
	56	IA ppUserRepo sitory app UserReposi tory;
	57
	58	@A utowired
	59	IU serRolePer missionsRe pository u serRolePer missionRep ository;
	60
	61	@V alue("${po stBack.url }")
	62	privat e String p ostBackUrl ;
	63
	64	@Value ("${captur ed.url}")
	65	privat e String c apturedUrl ;
	66
	67	@Value ("${aspChe ckPage.url }")
	68	privat e String a spCheckPag eUrl;
	69
	70	pr ivate bool ean isAuth enticated = false;
	71
	72	pr ivate List <AppUser> appUsers;
	73	pr ivate List <UserRoles > userRole s;
	74	pr ivate AppU ser appUse r;
	75
	76	/* *
	77	*
	78	* /
	79	pu blic Authe nticatorSe rviceImpl( ) {
	80	appU ser = new AppUser();
	81	appU sers = new ArrayList <>();
	82	user Roles = ne w ArrayLis t<>();
	83	}
	84
	85	/* *
	86	* @param au thenticato rRepositor y
	87	* /
	88	pu blic void setAuthent icatorDAO( IAuthentic atorReposi tory authe nticatorRe pository) {
	89	this .authentic atorReposi tory = aut henticator Repository ;
	90	}
	91
	92	/* *
	93	* @param ap pUserRepos itory
	94	* /
	95	pu blic void setAppUser RoleReposi tory(IAppU serReposit ory appUse rRepositor y) {
	96	this .appUserRe pository = appUserRe pository;
	97	}
	98
	99	/* *
	100	* The metho d accept G UID and qu ery from S soAuthenti cation tab le
	101	* and retur n the User Name. I us ed JDBCTem plate and manually m apped the result to the object
	102	* @param gu id
	103	* @return S tring
	104	* /
	105	@O verride
	106	pu blic Strin g getUsern ameFromAsp Auth(Strin g guid) th rows Gener icExceptio n {
	107	//Fo r testing only
	108	//String g uid1 = " DN S TADDEE";
	109	try {
	110	String userName = null;
	111	List<S soAuthenti cation> re sults = au thenticato rRepositor y.findByGu id(guid);
	112
	113	if(res ults.size( ) != 0) {
	114	SsoAuthe ntication s = result s.get(0);
	115	userName = s.getNt name();
	116	logger.i nfo("getUs ernameFrom AspAuth() Retrieved UserName: "+userName +" from A sp Auth");
	117	}
	118	return userName;
	119	} ca tch(Illega lArgumentE xception e ) {
	120	// thi s exceptio n is throw n by the J PA find me thod when the claimI ndex is in valid form at or null
	121	logger .info("aut henticate : invalid_ input_erro r for "+gu id+" "+e.g etMessage( ));
	122	throw new Generi cException ("invalid_ input_erro r",e.getMe ssage(), H ttpStatus. BAD_REQUES T);
	123	} ca tch(DataAc cessResour ceFailureE xception e ) {
	124	// thi s exceptio n is throw n by the d atabase co nnection f ailure
	125	logger .info("aut henticate : databas e_connecti on_error " +e.getMess age());
	126	throw new Generi cException ("database _connectio n_error",e .getMessag e(), HttpS tatus.INTE RNAL_SERVE R_ERROR);
	127	} ca tch(DataAc cessExcept ion e){
	128	// thi s is root for all th e data acc ess except ions by sp ring frame work
	129	logger .info("aut henticate : data_acc ess_error "+e.getMes sage());
	130	throw new Generi cException ("data_acc ess_error" , e.getMes sage(), Ht tpStatus.I NTERNAL_SE RVER_ERROR );
	131	} c atch(Excep tion e) {
	132	logger .info("aut henticate : internal _server_er ror "+e.g etMessage( ));
	133	throw new Generi cException ("internal _server_er ror", e.ge tMessage() , HttpStat us.INTERNA L_SERVER_E RROR);
	134	}
	135	}
	136	/* *
	137	* This meth od will au thenticate GUID of U ser and ge t AppUser
	138	* @param gu id
	139	* @return b oolean
	140	* /
	141	@O verride
	142	pu blic final boolean a uthenticat e(String g uid) throw s GenericE xception {
	143	logg er.info("a utoLogin : Performin g AutoLogi n");
	144	try {
	145	logger .info(" gu id from th e request is :"+guid );
	146	String decrypted Guid = IDC heckAESEnc ryption.de crypt(guid );
	147	logger .info("dec ryptedGuid is :"+dec ryptedGuid );
	148	String userName = getUsern ameFromAsp Auth(decry ptedGuid);
	149	if(use rName != n ull) {
	150	// Get A ppUser usi ng userNam e
	151	appUser s = appUse rRepositor y.findByAp pUserName( userName);
	152	isAuthe nticated = true;
	153	} else {
	154	logger.e rror("auth enticate() : could no t obtain u serName fr om ASP. Au thenticati on module error ");
	155	isAuthen ticated = false;
	156	throw ne w GenericE xception(" Asp.Authen tication F ailed","Co uld not ob tain userN ame for gu id:"+guid+ " from ASP Authentic ation modu le",HttpSt atus.BAD_R EQUEST);
	157	}
	158	return isAuthent icated;
	159	} c atch(Illeg alArgument Exception e) {
	160	// thi s exceptio n is throw n by the J PA find me thod when the claimI ndex is in valid form at or null
	161	logger .info("aut henticate : invalid_ input_erro r for "+gu id+" "+e.g etMessage( ));
	162	throw new Generi cException ("invalid_ input_erro r",e.getMe ssage(), H ttpStatus. BAD_REQUES T);
	163	} ca tch(DataAc cessResour ceFailureE xception e ) {
	164	// thi s exceptio n is throw n by the d atabase co nnection f ailure
	165	logger .info("aut henticate : databas e_connecti on_error " +e.getMess age());
	166	throw new Generi cException ("database _connectio n_error",e .getMessag e(), HttpS tatus.INTE RNAL_SERVE R_ERROR);
	167	} ca tch(DataAc cessExcept ion e){
	168	// thi s is root for all th e data acc ess except ions by sp ring frame work
	169	logger .info("aut henticate : data_acc ess_error "+e.getMes sage());
	170	throw new Generi cException ("data_acc ess_error" , e.getMes sage(), Ht tpStatus.I NTERNAL_SE RVER_ERROR );
	171	} ca tch(Generi cException e ) {
	172	throw e;
	173	} ca tch(Except ion e) {
	174	logger .info("aut henticate : internal _server_er ror "+e.g etMessage( ));
	175	throw new Generi cException ("internal _server_er ror", e.ge tMessage() , HttpStat us.INTERNA L_SERVER_E RROR);
	176	}
	177
	178	}
	179
	180	/* *
	181	* Update th e lastlogi n of AppUs er
	182	* @param ap puser
	183	* /
	184	pr ivate void updateLas tLogin(App User appus er) throws GenericEx ception {
	185	try {
	186	logger .info("Upd ateLastLog in() : Upd ating user LastLogin for "+appu ser.getUse rName());
	187	appuse r.setLastL oginDate(n ew Date()) ;
	188	appUse rRepositor y.save(app user);
	189
	190	} ca tch(DataAc cessResour ceFailureE xception e ) {
	191	// thi s exceptio n is throw n by the d atabase co nnection f ailure
	192	logger .info("upd ateLastLog in : data base_conne ction_erro r "+e.getM essage());
	193	throw new Generi cException ("database _connectio n_error",e .getMessag e(), HttpS tatus.INTE RNAL_SERVE R_ERROR);
	194	} ca tch(DataAc cessExcept ion e){
	195	// thi s is root for all th e data acc ess except ions by sp ring frame work
	196	logger .info("upd ateLastLog in : data_ access_err or "+e.get Message()) ;
	197	throw new Generi cException ("data_acc ess_error" , "Unable to update user lastL oginDate", HttpStatu s.INTERNAL _SERVER_ER ROR);
	198	} ca tch(Except ion e) {
	199	logger .info("upd ateLastLog in : inter nal_server _error "+ e.getMessa ge());
	200	throw new Generi cException ("internal _server_er ror", e.ge tMessage() , HttpStat us.INTERNA L_SERVER_E RROR);
	201	}
	202	}
	203
	204	/* *
	205	* This meth od return list of Ro les assign ed
	206	* @param gu id
	207	* @return L ist<UserRo les>
	208	* /
	209	@O verride
	210	pu blic UserI nfoRespons e getUserR oles() thr ows Generi cException {
	211	logg er.info( " Getting us er role de tails ");
	212	User InfoRespon se userInf oResponse = null;
	213	Set< String> ro les = new HashSet<St ring>();
	214	Set< Long> assi gnedRoles = null;
	215	try {
	216	if(isA uthenticat ed) {
	217	//AppUse r appUser = new AppU ser();
	218	this.use rRoles = n ew ArrayLi st<>();
	219	if(appUs ers.size() > 0) {
	220	appUser = appUsers.g et(0);
	221
	222	//Get user who is en abled
	223	if(appUser .getEnable d().equals IgnoreCase ("Y")) {
	224	Se t<UserRole Usages> us erRoleUsag es = appUs er.getUser RoleUsages ();
	225	// Update Ap p_User Las tLoginDate
	226	up dateLastLo gin(appUse r);
	227
	228	if (userRoleU sages.size () > 0) {
	229	assi gnedRoles = new Hash Set<Long>( );
	230	// A dd the rol e name des cription a nd send it to the co ntroller
	231	for( UserRoleUs ages u : u serRoleUsa ges) {
	232	UserRo les userRo le = new U serRoles() ;
	233	userRo le.setRole Name(u.get AppRole(). getRoleNam e());
	234	userRo le.setDesc ription(u. getAppRole ().getDesc ription()) ;
	235	userRo les.add(us erRole);
	236
	237	// add the user roles to t he set
	238	assign edRoles.ad d(u.getApp Role().get AppRoleId( ));
	239	roles. add(u.getA ppRole().g etRoleName ());
	240	}
	241	} else {
	242	logg er.error(" getUserRol es(): No R ole found for User " +appUser.g etUserName ());
	243	thro w new Gene ricExcepti on("UserRo le Error", "No UserRo le found f or "+appUs er.getUser Name(),Htt pStatus.BA D_REQUEST) ;
	244	}
	245
	246	us erInfoResp onse = new UserInfoR esponse();
	247	us erInfoResp onse.setUs erName(app User.getUs erName());
	248
	249	Si mpleDateFo rmat dateF ormat = ne w SimpleDa teFormat(" MM/dd/yyyy HH:mm:ss" );
	250
	251	us erInfoResp onse.setLa stLogin(da teFormat.f ormat(appU ser.getLas tLoginDate ()));
	252	us erInfoResp onse.setUs erRoles(ro les);
	253
	254	// set permi ssions of the user
	255	lo gger.debug ("Setting permission s of the u ser");
	256	us erInfoResp onse.setPe rmissions( getPermiss ions(assig nedRoles)) ;
	257	lo gger.debug ("Invoking the getUs erStations Details() ");
	258	Us erStationD etails use rStationDe tails = us erFacility Repository .getUserSt ationsDeta ils(appUse r.getUserN ame(),user RoleUsages );
	259	lo gger.debug ("The role s of the u ser are :" +userInfoR esponse.to String());
	260	us erInfoResp onse.setUs erFacility Data(userS tationDeta ils);
	261	}
	262	}
	263
	264	return u serInfoRes ponse;
	265	}
	266	else {
	267	logger.e rror("getU serRoles() : GUID is not Authen ticated ") ;
	268	}
	269	return userInfoR esponse;
	270	} catch( GenericExc eption e) {
	271	logger .info("upd ateLastLog in : inter nal_server _error "+ e.getMessa ge());
	272	throw new Generi cException ("internal _server_er ror", e.ge tMessage() , HttpStat us.INTERNA L_SERVER_E RROR);
	273	} catch(Exce ption e) {
	274	logger .info("upd ateLastLog in : inter nal_server _error "+ e.getMessa ge());
	275	throw new Generi cException ("internal _server_er ror", e.ge tMessage() , HttpStat us.INTERNA L_SERVER_E RROR);
	276	}
	277
	278	}
	279
	280	/* (non-Java doc)
	281	* @see gov. va.med.fee .service.I Authentica torService #getAuthPa rams(java. lang.Strin g)
	282	* /
	283	pu blic Authe nticationP aramRespon se getAuth Params(Str ing sessio nId) throw s GenericE xception{
	284	logg er.info("g etAuthPara ms() :"+se ssionId);
	285
	286	Stri ng aspChec kPageUrl= this.aspCh eckPageUrl ;
	287	Stri ng encrypt edPostBack Url = null ;
	288	Stri ng encrypt edCaptured Url = null ;
	289	try {
	290	encryp tedPostBac kUrl = URL Encoder.en code(IDChe ckAESEncry ption.encr ypt(this.p ostBackUrl ), "UTF-8" );
	291	encryp tedCapture dUrl = URL Encoder.en code(IDChe ckAESEncry ption.encr ypt(this.c apturedUrl ), "UTF-8" );
	292	} ca tch (Excep tion e) {
	293	logger .error("Ex ception wh ile encrip ting urls" +e.getMess age());
	294	throw new Generi cException ("getAuthP aramsFaile d","Retrie ve Authent ication Pa rams Faile d",HttpSta tus.INTERN AL_SERVER_ ERROR);
	295	}
	296
	297	Auth entication ParamRespo nse respon se = new A uthenticat ionParamRe sponse();
	298	resp onse.setEn cryptedCap turedUrl(e ncryptedCa pturedUrl) ;
	299	resp onse.setEn cryptedPos tBackUrl(e ncryptedPo stBackUrl) ;
	300	resp onse.setSe ssionId(se ssionId);
	301	resp onse.setAs pCheckPage Url(aspChe ckPageUrl) ;
	302
	303	retu rn respons e;
	304	}
	305
	306	/* *
	307	* @return t he appUser s
	308	* /
	309	pu blic List< AppUser> g etAppUsers () {
	310	retu rn appUser s;
	311	}
	312
	313	/* *
	314	* @return t he appUser
	315	* @throws G enericExce ption
	316	* /
	317	pu blic AppUs er getAppU ser(String decrypted Guid) thro ws Generic Exception {
	318	Stri ng userNam e = getUse rnameFromA spAuth(dec ryptedGuid );
	319	if ( userName ! = null) {
	320	// Get AppUser u sing userN ame
	321	appUse rs = appUs erReposito ry.findByA ppUserName (userName) ;
	322	if (ap pUsers.siz e() > 0) {
	323	appUser = appUsers .get(0);
	324	}
	325	}
	326
	327	retu rn appUser ;
	328	}
	329
	330
	331
	332
	333	/* *
	334	* @param as signedRole sSet
	335	* @return
	336	* /
	337	pu blic JSONO bject getP ermissions (Set<Long> assignedR olesSet) {
	338
	339	Set< String> as signedRole sString = new HashSe t<String>( );
	340	if ( assignedR olesSet != null ) {
	341	assign edRolesSet .forEach(r ole -> {
	342	if( role != null ) {
	343	assignedRo lesString. add(role.t oString()) ;
	344	}
	345	});
	346	}
	347
	348	logg er.debug(" assignedR olesString is :"+ass ignedRoles String);
	349	Stri ng roleIds = String. join(",", assignedRo lesString) ;
	350	logg er.debug(" roleIds i s :"+roleI ds);
	351	List <UserRoleP ermissions > userRole Permission s = userRo lePermissi onReposito ry.getUser RolePermis sions(role Ids);
	352
	353	logg er.debug(" userRoleP ermissions from the repository are : ", userRolePe rmissions. toString() );
	354
	355	Hash Set<String > pages = new HashSe t<String>( );
	356	Map< String, Ob ject> perm issions = new HashMa p<String, Object>();
	357	Map< String,Boo lean> page Permission s = new Ha shMap<Stri ng,Boolean >();
	358
	359	for( UserRoleP ermissions userRoleP ermission : userRole Permission s ) {
	360	pages. add(userRo lePermissi on.getPage Name());
	361	}
	362
	363	logg er.debug(" List of t he pages f rom the re pository a re : "+pag es.toStrin g());
	364
	365	for( String pa ge : pages ) {
	366	logger .debug(" G etting the permissio ns for the page : "+ page);
	367	List<U serRolePer missions> filteredPe rmissions = userRole Permission s.stream() .filter( p ermission -> permiss ion.getPag eName().eq uals(page) ).collect( Collectors .toList()) ;
	368	logger .debug(" f ilteredPer missions a re : "+fil teredPermi ssions);
	369	pagePe rmissions = new Hash Map<String ,Boolean>( );
	370
	371	for( U serRolePer missions f iltered : filteredPe rmissions ) {
	372	// when multiple r oles has t he same pe rmissions, the below condition will set t he permiss ion as ena bled if on e of the r ole has it as enable d
	373	if( !(pa gePermissi ons.contai nsKey(filt ered.getPe rmissionNa me())) \|\|
	374	(p agePermiss ions.conta insKey(fil tered.getP ermissionN ame()) && !(pagePerm issions.ge t(filtered .getPermis sionName() ))))
	375	pagePerm issions.pu t(filtered .getPermis sionName() , filtered .getEnable d());
	376	else
	377	pagePerm issions.pu t(filtered .getPermis sionName() , Boolean. TRUE);
	378	}
	379
	380	logger .debug(" P ermissions for the p age : "+pa ge+" are : "+pagePerm issions.to String());
	381	permis sions.put( page, pag ePermissio ns);
	382	}
	383
	384	JSONObje ct permiss ionsJson = new JSONO bject();
	385	permissi onsJson.pu tAll( perm issions );
	386
	387	logger.d ebug("Perm issions of the user are : "+pe rmissionsJ son.toStri ng());
	388	return p ermissions Json;
	389	}
	390
	391
	392	/* *
	393	* This meth od is intr oduced to retrieve t he updated station c ount detai ls for a l ogged in u ser
	394	* @param us erName
	395	* @return
	396	* @throws G enericExce ption
	397	* /
	398	pu blic UserS tationDeta ils getUpd atedUserSt ationDetai ls(String userName) throws Gen ericExcept ion {
	399	logg er.debug(" Getting th e UserStat ionDetails for userN ame :",use rName);
	400
	401	if(u serName != null) {
	402	// Get AppUser u sing userN ame
	403	appUs ers = appU serReposit ory.findBy AppUserNam e(userName );
	404	} el se {
	405	logger .error("au thenticate (): could not obtain details f or userNam e : "+user Name);
	406	throw new Generi cException ("Error ge tting User StationDet ails for : "+userName ,"No User Found with userName :"+userNam e, HttpSta tus.BAD_RE QUEST);
	407	}
	408
	409	appU ser = appU sers.get(0 );
	410	Set< UserRoleUs ages> user RoleUsages = appUser .getUserRo leUsages() ;
	411	User StationDet ails userS tationDeta ils = user FacilityRe pository.g etUserStat ionsDetail s(userName ,userRoleU sages);
	412	logg er.debug(" UserStatio nDetails o btained fo r the user are : "+u serStation Details);
	413	retu rn userSta tionDetail s;
	414	}
	415	}
	416