package it.acxent.pg.servlet; import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken; import com.google.api.client.googleapis.auth.oauth2.GoogleIdTokenVerifier; import com.google.api.client.http.javanet.NetHttpTransport; import com.google.api.client.json.gson.GsonFactory; import it.acxent.anag.Clifor; import it.acxent.cc.Attivita; import it.acxent.common.Postazione; import it.acxent.contab.RigaDocumento; import it.acxent.contab.RigaDocumentoCR; import it.acxent.db.ApplParmFull; import it.acxent.db.DBAdapter; import it.acxent.db.ResParm; import it.acxent.pg.Users; import java.io.IOException; import java.net.InetAddress; import java.sql.Date; import java.util.Calendar; import java.util.Collections; import javax.servlet.RequestDispatcher; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; public class Logon2Svlt extends it.acxent.servlet.LogonSvlt { protected long checkLoginName(HttpServletRequest req, HttpServletResponse res) { long result = super.checkLoginName(req, res); ApplParmFull apFUll = getApFull(req); if (result == 5L) { Users user = new Users(apFUll); user.findByPrimaryKey(getLoginUserId(req)); req.getSession().setAttribute("user", user); req.setAttribute("user", user); if (user.getId_clifor() > 0L) { RigaDocumento rd = new RigaDocumento(apFUll); RigaDocumentoCR rdCR = new RigaDocumentoCR(apFUll); rdCR.setId_clifor(user.getId_clifor()); req.setAttribute("listRD", rd.findByCR(rdCR, 0, 0)); } } return result; } protected boolean checkLoginProfile(HttpServletRequest req) { try { String msg = ""; Users bean = (Users)getLoginUser(req); if (bean == null) { forceJspPage(getLoginPage(null, null), req); return false; } if (bean.getFlgValido().equals("N")) { forceJspPage(getLoginPage(null, null), req); req.getSession().removeAttribute("loginUser_id"); req.getSession().removeAttribute("utenteLogon"); forceMessage(req, "Utente non valido. Contattare l'amministratore del sito."); return false; } if (bean.getDataScadenza() != null && DBAdapter.getDateDiff(DBAdapter.getToday(), bean.getDataScadenza()) < 0L) { forceMessage(req, "Utente non valido. Utente scaduto."); forceJspPage(getLoginPage(null, null), req); bean.sendNoMorePictureMessageScad(); return true; } if (bean.getNFotoMax() > 0L && bean.getNFotoVisual() > bean.getNFotoMax()) { forceMessage(req, "Utente non valido. Numero massimo di foto visualizzate raggiunto."); forceJspPage(getLoginPage(null, null), req); bean.sendNoMorePictureMessageNumber(); return true; } return true; } catch (Exception e) { handleDebug(e); return false; } } protected String getLoginPage(HttpServletRequest req, HttpServletResponse res) { if (getLoginUserId(req) > 0L && !getRequestParameter(req, "thePage").isEmpty()) { String thePage = getRequestParameter(req, "thePage"); int idx = thePage.substring(8).indexOf("/") + 8; return thePage.substring(idx); } return "/documentoCR.jsp"; } protected it.acxent.common.Users getUser(HttpServletRequest req) { return new Users(getApFull(req)); } protected boolean useControlCodeAccess() { return true; } protected void logOff(HttpServletRequest req, HttpServletResponse res) { req.getSession().removeAttribute("user"); super.logOff(req, res); } public void _logout(HttpServletRequest req, HttpServletResponse res) { try { req.getSession().removeAttribute("utenteLogon"); req.getSession().removeAttribute("loginUser_id"); req.getSession().removeAttribute("user"); setJspPageRelative("index.jsp", req); try { RequestDispatcher rd = getServletContext().getRequestDispatcher(getJspPage(req)); rd.forward((ServletRequest)req, (ServletResponse)res); } catch (Exception e) { handleDebug(e); } } catch (Exception e) { handleDebug(e); sendMessage(req, e.getMessage()); } } protected void otherCommands(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException { if (getCmd(req).equals("logout")) { _logout(req, res); } else if (getCmd(req).equals("googleSignIn")) { _googleSignIn(req, res); } else { super.otherCommands(req, res); } } public void _googleSignIn(HttpServletRequest req, HttpServletResponse res) { ApplParmFull apFull = getApFull(req); ResParm rp = new ResParm(true); Attivita attivita = Attivita.getDefaultInstance(apFull); GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier.Builder(new NetHttpTransport(), new GsonFactory()) .setAudience(Collections.singletonList(attivita.getPGoogleSigninClientId())) .build(); String l_g_csrf_token = getRequestParameter(req, "g_csrf_token"); String l_credential = getRequestParameter(req, "credential"); String csrf_token_cookie = getCookie(req, "g_csrf_token").getValue(); if (csrf_token_cookie == null || csrf_token_cookie.isEmpty()) { rp.setStatus(false); rp.setMsg("No CSRF token in Cookie"); } if (l_g_csrf_token.isEmpty()) { rp.setStatus(false); rp.setMsg("No CSRF token in post body"); } if (!l_g_csrf_token.equals(csrf_token_cookie)) { rp.setStatus(false); rp.setMsg("Failed to verify double submit cookie"); } if (l_credential.isEmpty()) { rp.setStatus(false); rp.setMsg("Failed to get credentials"); } if (rp.getStatus()) { try { GoogleIdToken idToken = verifier.verify(l_credential); if (idToken != null) { GoogleIdToken.Payload payload = idToken.getPayload(); String userId = payload.getSubject(); String email = payload.getEmail(); boolean emailVerified = Boolean.valueOf(payload.getEmailVerified().booleanValue()); String cognome = (String)payload.get("family_name"); String nome = (String)payload.get("given_name"); if (emailVerified) socialLogin(req, res, 0L, userId, email, nome, cognome); } else { System.out.println("Invalid ID token.xx"); } } catch (Exception e) { e.printStackTrace(); } } else { String jspPage = getCal(req); if (jspPage.isEmpty()) jspPage = " "; sendMessage(req, rp.getMsg()); setJspPageRelative(jspPage, req); RequestDispatcher rd = getServletContext().getRequestDispatcher(getJspPage(req)); try { rd.forward((ServletRequest)req, (ServletResponse)res); } catch (Exception e) {} } } private void socialLogin(HttpServletRequest req, HttpServletResponse res, long l_socialType, String l_socialId, String socialEmail, String l_nome, String l_cognome) { ApplParmFull apFull = getApFull(req); ResParm rp = new ResParm(true); String jspPage = getCal(req); try { Users utente = new Users(apFull); utente.findUsersBySocialId(l_socialId, l_socialType); if (utente.getId_users() == 0L) utente.findUsersByEmail(socialEmail); if (utente.getId_users() > 0L) { if (utente.getFlgValido().equals("S")) { boolean saveUtente = false; if (utente.getSocialId().isEmpty() || !utente.getSocialId().equals(l_socialId)) { utente.setSocialId(l_socialId); utente.setFlgSocialIdType(l_socialType); saveUtente = true; } if (saveUtente) rp = utente.save(); HttpSession session = req.getSession(); handleDebug("Ok. Recording loginuser_id in the session."); session.setAttribute("loginUser_id", new Long(utente.getId_users())); String ip = req.getRemoteHost(); InetAddress ia = InetAddress.getByName(ip); byte[] ipBytes = ia.getAddress(); ia = InetAddress.getByAddress(ipBytes); Postazione pos = new Postazione(getApFull(req)); if (!ia.getHostName().isEmpty()) pos.findByHostname(ia.getHostName()); if (pos.getDBState() != 1) pos.findByIp(ip); if (pos.getDBState() == 1) utente.setId_postazione(pos.getId_postazione()); System.out.println("socialLoginByEmail: LOGIN EFFETTUATO: user:" + utente.getLogin() + " ip:" + ip + " HOSTNAME:" + ia.getHostName() + " Postazione: " + utente.getPostazione().getDescrizione()); utente.setCurrentIp(ip); session.setAttribute("utenteLogon", utente); req.setAttribute("logon", "logonOk"); rp.setStatus(true); } } else { utente.setNome(l_nome); utente.setCognome(l_cognome); utente.setLogin(socialEmail); utente.setEMail(socialEmail); utente.setFlgValido("S"); utente.setId_userProfile(utente.getIdUserProfileWww()); utente.setSocialId(l_socialId); utente.setFlgSocialIdType(l_socialType); if (getParm("GG_VALIDITA").getNumeroInt() > 0) { Calendar cal = Calendar.getInstance(); cal.add(6, getParm("GG_VALIDITA").getNumeroInt()); utente.setDataScadenza(new Date(cal.getTimeInMillis())); } if (getParm("N_FOTO_MAX").getNumeroInt() > 0) utente.setNFotoMax(getParm("N_FOTO_MAX").getNumeroLong()); Clifor cliente = utente.getClifor(); cliente.setNome(l_nome); cliente.setCognome(l_cognome); cliente.setEMail(socialEmail); cliente.setFlgAzienda(0L); cliente.setFlgTipo("C"); rp = cliente.save(); if (rp.getStatus()) { utente.setId_clifor(cliente.getId_clifor()); rp.append(utente.save()); } if (!rp.getStatus()) { sendMessage(req, "Impossibile salvare: " + rp.getMsg()); rp.setStatus(false); rp.setMsg("Impossibile salvare: " + rp.getMsg()); } if (rp.getStatus()) { HttpSession session = req.getSession(); session.setAttribute("loginUser_id", new Long(utente.getId_users())); session.setAttribute("utenteLogon", utente); req.setAttribute("logon", "logonOk"); } } if (rp.getStatus()) { setJspPageRelative(jspPage, req); RequestDispatcher rd = getServletContext().getRequestDispatcher(getJspPage(req)); try { rd.forward((ServletRequest)req, (ServletResponse)res); } catch (Exception e) {} } else { sendMessage(req, rp.getMsg()); setJspPageRelative(jspPage, req); RequestDispatcher rd = getServletContext().getRequestDispatcher(getJspPage(req)); try { rd.forward((ServletRequest)req, (ServletResponse)res); } catch (Exception e) {} } } catch (Exception e) { e.printStackTrace(); sendMessage(req, e.getMessage()); setJspPageRelative(jspPage, req); RequestDispatcher rd = getServletContext().getRequestDispatcher(getJspPage(req)); try { rd.forward((ServletRequest)req, (ServletResponse)res); } catch (Exception exception) {} } } }