SUPPORT-8682: Fix
This commit is contained in:
Eduard Tihomirov
parent
cd60dded99
commit
8bfbd20525
3 changed files with 57 additions and 20 deletions
|
|
@ -39,8 +39,8 @@ public class EsiaController {
|
|||
}
|
||||
|
||||
@GetMapping(value = "/esia/auth", params = "code")
|
||||
public ResponseEntity<?> esiaAuth(@RequestParam("code") String code, HttpServletRequest request, HttpServletResponse response) {
|
||||
return esiaAuthService.getEsiaTokensByCode(code, request, response);
|
||||
public ResponseEntity<?> esiaAuth(@RequestParam("code") String code, @RequestParam("error") String error, HttpServletRequest request, HttpServletResponse response) {
|
||||
return esiaAuthService.getEsiaTokensByCode(code, error, request, response);
|
||||
}
|
||||
|
||||
@RequestMapping(value = "/esia/refresh")
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
package ru.micord.ervu.security.esia.service;
|
||||
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.lang.invoke.MethodHandles;
|
||||
import java.net.URI;
|
||||
import java.net.URL;
|
||||
import java.net.URLEncoder;
|
||||
|
|
@ -11,19 +12,19 @@ import java.nio.charset.StandardCharsets;
|
|||
import java.time.Duration;
|
||||
import java.time.ZonedDateTime;
|
||||
import java.time.format.DateTimeFormatter;
|
||||
import java.util.Base64;
|
||||
import java.util.LinkedHashMap;
|
||||
import java.util.Map;
|
||||
import java.util.UUID;
|
||||
import java.util.*;
|
||||
import javax.servlet.http.Cookie;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Qualifier;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.context.SecurityContext;
|
||||
import ru.micord.ervu.kafka.model.Document;
|
||||
import ru.micord.ervu.kafka.model.Person;
|
||||
|
|
@ -50,6 +51,7 @@ import ru.micord.ervu.security.webbpm.jwt.model.Token;
|
|||
*/
|
||||
@Service
|
||||
public class EsiaAuthService {
|
||||
private static final Logger LOGGER = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());
|
||||
@Autowired
|
||||
private ObjectMapper objectMapper;
|
||||
|
||||
|
|
@ -146,8 +148,12 @@ public class EsiaAuthService {
|
|||
return uriBuilder.toString();
|
||||
}
|
||||
|
||||
public ResponseEntity<?> getEsiaTokensByCode(String esiaAuthCode, HttpServletRequest request, HttpServletResponse response) {
|
||||
public ResponseEntity<?> getEsiaTokensByCode(String esiaAuthCode, String error,
|
||||
HttpServletRequest request, HttpServletResponse response) {
|
||||
try {
|
||||
if (error != null) {
|
||||
throw new RuntimeException(error);
|
||||
}
|
||||
String clientId = esiaConfig.getClientId();
|
||||
DateTimeFormatter formatter = DateTimeFormatter.ofPattern("yyyy.MM.dd HH:mm:ss xx");
|
||||
ZonedDateTime dt = ZonedDateTime.now();
|
||||
|
|
@ -229,7 +235,25 @@ public class EsiaAuthService {
|
|||
return ResponseEntity.ok("Authentication successful");
|
||||
}
|
||||
catch (Exception e) {
|
||||
throw new RuntimeException(e);
|
||||
Token token = jwtTokenService.createAccessToken(null, 3600L, null);
|
||||
Cookie accessCookie = securityHelper.createAccessCookie(token.getValue(), 3600);
|
||||
response.addCookie(accessCookie);
|
||||
UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken =
|
||||
new UsernamePasswordAuthenticationToken(token.getUserAccountId(), null);
|
||||
SecurityContext context = SecurityContextHolder.createEmptyContext();
|
||||
JwtAuthentication authentication = new JwtAuthentication(usernamePasswordAuthenticationToken,
|
||||
null, token.getValue());
|
||||
context.setAuthentication(authentication);
|
||||
SecurityContextHolder.setContext(context);
|
||||
Cookie authMarkerCookie = securityHelper.createAuthMarkerCookie("true", 3600);
|
||||
response.addCookie(authMarkerCookie);
|
||||
String messageId = getMessageId(e);
|
||||
String messageWithId = String.format("[%s] %s", messageId, e.getMessage());
|
||||
LOGGER.error(messageWithId, e);
|
||||
return new ResponseEntity<>(
|
||||
"Произошла ошибка " + messageId + ". Обратитесь к системному администратору",
|
||||
HttpStatus.FORBIDDEN
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -385,4 +409,19 @@ public class EsiaAuthService {
|
|||
person.setDocument(document);
|
||||
return person;
|
||||
}
|
||||
|
||||
private String getMessageId(Exception exception) {
|
||||
return Integer.toUnsignedString(Objects
|
||||
.hashCode(getCurrentUsername()), 36)
|
||||
+ "-"
|
||||
+ Integer.toUnsignedString(exception.hashCode(), 36);
|
||||
}
|
||||
|
||||
private String getCurrentUsername() {
|
||||
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
|
||||
if (auth != null && auth.isAuthenticated()) {
|
||||
return auth.getName();
|
||||
}
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue