Summary Table
Categories |
Total Count |
PII |
0 |
URL |
0 |
DNS |
1 |
EKL |
0 |
IP |
0 |
PORT |
0 |
VsID |
0 |
CF |
0 |
AI |
0 |
VPD |
0 |
PL |
0 |
Other |
0 |
File Content
/**
*
*/
package gov.va.med.ars.security;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.text.MessageFormat;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang.StringUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.WebDataBinder;
import org.springframework.web.bind.annotation.InitBinder;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import gov.va.med.ars.exceptions.GenericException;
import gov.va.med.ars.model.request.DecryptionRequest;
import gov.va.med.ars.model.request.EncryptUrl;
import gov.va.med.ars.model.response.EncryptUrlResponse;
import gov.va.med.ars.model.response.UserInfoResponse;
import gov.va.med.ars.service.IAuthenticatorService;
import net.minidev.json.JSONObject;
/**
* @author
DNS
*
*/
@RestController
@RequestMapping("/api/v1/authorize")
public class SsoAuthorizationController {
private static final Logger logger = LogManager.getLogger(SsoAuthorizationController.class);
@Autowired
IAuthenticatorService authenticatorService;
@Value("${postBack.url}")
String postBackUrl;
@Value("${captured.url}")
String capturedUrl;
@Value("${postBack.attachment.url}")
String postBackAttachmentUrl;
@Value("${captured.attachment.url}")
String capturedAttachmentUrl;
@PostMapping("/encryptUrl")
public ResponseEntity<?> getEncryptedUrls(@RequestBody EncryptUrl encryptUrl, HttpServletRequest request) {
EncryptUrlResponse encryptedUrlResponse = new EncryptUrlResponse();
JSONObject object = new JSONObject();
try {
if(StringUtils.isBlank(encryptUrl.getAttachmentId())) {
String encryptedCapturedUrl = AesEncryption
.encrypt(MessageFormat.format(capturedUrl, encryptUrl.getHostname()));
encryptedUrlResponse.setEncodedCapturedUrl(URLEncoder.encode(encryptedCapturedUrl, "UTF-8"));
String encryptedForwardUrl = AesEncryption
.encrypt(MessageFormat.format(postBackUrl, encryptUrl.getHostname()));
encryptedUrlResponse.setEncodedPostBackUrl(
URLEncoder.encode(MessageFormat.format(encryptedForwardUrl, encryptUrl.getHostname()), "UTF-8"));
encryptedUrlResponse.setSessionInformation(request.getSession().getId().toString());
return new ResponseEntity<>(encryptedUrlResponse, HttpStatus.OK);
} else {
String encryptedCapturedUrl = AesEncryption
.encrypt(MessageFormat.format(capturedAttachmentUrl, encryptUrl.getHostname(), encryptUrl.getAttachmentId()));
encryptedUrlResponse.setEncodedCapturedUrl(URLEncoder.encode(encryptedCapturedUrl, "UTF-8"));
String encryptedForwardUrl = AesEncryption
.encrypt(MessageFormat.format(postBackAttachmentUrl, encryptUrl.getHostname(), encryptUrl.getAttachmentId()));
encryptedUrlResponse.setEncodedPostBackUrl(
URLEncoder.encode(MessageFormat.format(encryptedForwardUrl, encryptUrl.getHostname()), "UTF-8"));
encryptedUrlResponse.setSessionInformation(request.getSession().getId().toString());
return new ResponseEntity<>(encryptedUrlResponse, HttpStatus.OK);
}
} catch (Exception e) {
object.put("encryptedUrlResponse", "Error parsing the hostname");
return new ResponseEntity<>(object, HttpStatus.BAD_REQUEST);
}
}
@PostMapping("/decryptUrl")
public ResponseEntity<?> getNtName(@RequestBody DecryptionRequest decryptedRequest) throws GenericException {
String decryptedNTUsername = null;
JSONObject response = null;
try {
if (!StringUtils.isEmpty(decryptedRequest.getGetNtname())) {
String username = URLDecoder.decode(decryptedRequest.getGetNtname(), "UTF-8");
decryptedNTUsername = AesEncryption.decrypt(username);
// Authenticate the User First
//boolean isAuthenticated = authenticatorService.authenticateUser(decryptedNTUsername);
UserInfoResponse userRolesResponse;
//if (isAuthenticated) {
// Get UserRoles
userRolesResponse = authenticatorService.getUserRoles(decryptedNTUsername);
if (userRolesResponse != null && !(userRolesResponse.getUserRoles().isEmpty())) {
if(decryptedRequest.getAttachmentId() != null && !decryptedRequest.getAttachmentId().isEmpty()) {
userRolesResponse.setAttachmentId(decryptedRequest.getAttachmentId());
}
return new ResponseEntity<>(userRolesResponse, HttpStatus.OK);
} else {
response = new JSONObject();
logger.warn("getUserRoles : 0 Roles found for " + decryptedNTUsername);
response.put("errorCode", "Un-Authorized");
response.put("message", "The entered user has no access to the application");
return new ResponseEntity<>(response, HttpStatus.FORBIDDEN);
}
/*} else {
response = new JSONObject();
logger.error("getUserRoles : Authentication failed for userName: " + decryptedNTUsername);
response.put("errorCode", "Invalid User");
response.put("message", "The entered user has no access to the application");
throw new GenericException("", "", HttpStatus.FORBIDDEN);
}*/
} else {
response = new JSONObject();
logger.warn("Windows NT name not found " + decryptedNTUsername);
response.put("errorCode", "Un-Authorized");
response.put("message", "The entered user has no access to the application");
return new ResponseEntity<>(response, HttpStatus.FORBIDDEN);
}
} catch (Exception e) {
response = new JSONObject();
logger.warn("Internal error occured " + decryptedNTUsername);
response.put("errorCode", "Un-Authorized");
response.put("message", "The entered user has no access to the application");
return new ResponseEntity<>(response, HttpStatus.NOT_FOUND);
}
}
@InitBinder()
public void customizeBinding (WebDataBinder binder) {
binder.setDisallowedFields(new String[]{});
}
}