diff --git a/src/main/java/ru/nbch/credit_tracker/facade/SignalFacade.java b/src/main/java/ru/nbch/credit_tracker/facade/SignalFacade.java index 176b93a..b62f7f1 100644 --- a/src/main/java/ru/nbch/credit_tracker/facade/SignalFacade.java +++ b/src/main/java/ru/nbch/credit_tracker/facade/SignalFacade.java @@ -1,24 +1,31 @@ package ru.nbch.credit_tracker.facade; +import lombok.AllArgsConstructor; import lombok.Getter; import lombok.Setter; +import lombok.extern.slf4j.Slf4j; import org.springframework.http.ResponseEntity; import org.springframework.stereotype.Service; import org.springframework.web.multipart.MultipartFile; import ru.nbch.credit_tracker.enums.SignalError; import ru.nbch.credit_tracker.service.FailureAnswerGenerator; +import ru.nbch.credit_tracker.service.scoring.AuthorizationService; import java.io.IOException; import java.util.zip.ZipEntry; import java.util.zip.ZipInputStream; +@Slf4j @Service public class SignalFacade { private static final long MAX_XML_FILE_SIZE = 2L * 1024 * 1024 * 1024; + private final AuthorizationService authorizationService; private final FailureAnswerGenerator failureAnswerGenerator; - public SignalFacade(FailureAnswerGenerator failureAnswerGenerator) { + public SignalFacade(AuthorizationService authorizationService, + FailureAnswerGenerator failureAnswerGenerator) { + this.authorizationService = authorizationService; this.failureAnswerGenerator = failureAnswerGenerator; } @@ -64,12 +71,15 @@ public class SignalFacade { } - AuthInfoData authInfoData = parseAuthInfo(zipInputStream); // TODO authorize - + AuthInfoData authInfoData = parseAuthInfo(zipInputStream); + if (!authorizationService.hasAuthorization(authInfoData.getUserId(), authInfoData.getPassword())) { + return ResponseEntity.badRequest().body(failureAnswerGenerator.generateFailureAnswer(SignalError.ERROR_005)); + } // TODO process xml file - } catch (IOException e) { + } catch (Exception e) { + log.error(e.getMessage(), e); return ResponseEntity.internalServerError().body(failureAnswerGenerator.generateFailureAnswer(SignalError.ERROR_001)); } @@ -84,13 +94,14 @@ public class SignalFacade { } private AuthInfoData parseAuthInfo(ZipInputStream zipInputStream) throws IOException { - return new AuthInfoData(); + return new AuthInfoData("0001XX000001", "test"); // TODO parse } @Getter @Setter + @AllArgsConstructor private static class AuthInfoData { - private String username; + private String userId; private String password; } } diff --git a/src/main/java/ru/nbch/credit_tracker/mapper/scoring/ModelUsersMapper.java b/src/main/java/ru/nbch/credit_tracker/mapper/scoring/ModelUsersMapper.java new file mode 100644 index 0000000..70f78dc --- /dev/null +++ b/src/main/java/ru/nbch/credit_tracker/mapper/scoring/ModelUsersMapper.java @@ -0,0 +1,11 @@ +package ru.nbch.credit_tracker.mapper.scoring; + +import org.apache.ibatis.annotations.Mapper; +import org.apache.ibatis.annotations.Param; + +@Mapper +public interface ModelUsersMapper { + + boolean hasAuthorization(@Param("userId") String userId, @Param("password") String password, @Param("productCode") String productCode); + +} diff --git a/src/main/java/ru/nbch/credit_tracker/service/scoring/AuthorizationService.java b/src/main/java/ru/nbch/credit_tracker/service/scoring/AuthorizationService.java new file mode 100644 index 0000000..67e1736 --- /dev/null +++ b/src/main/java/ru/nbch/credit_tracker/service/scoring/AuthorizationService.java @@ -0,0 +1,34 @@ +package ru.nbch.credit_tracker.service.scoring; + +import jakarta.xml.bind.DatatypeConverter; +import org.springframework.stereotype.Service; +import ru.nbch.credit_tracker.mapper.scoring.ModelUsersMapper; + +import java.security.MessageDigest; + +@Service +public class AuthorizationService { + private static final String SGNL_CODE = "SGNL"; + private static final String SALT = "-*-XUSER_"; // TODO move salt to props? + + private final ModelUsersMapper mapper; + + public AuthorizationService(ModelUsersMapper mapper) { + this.mapper = mapper; + } + + public boolean hasAuthorization(String userId, String password) throws Exception { + String hashedPassword = hashPassword(password); + return mapper.hasAuthorization(userId, hashedPassword, SGNL_CODE); + } + + private String hashPassword(String password) throws Exception { + try { + MessageDigest md = MessageDigest.getInstance("MD5"); + byte[] messageDigest = md.digest((SALT + password).getBytes("windows-1251")); + return DatatypeConverter.printHexBinary(messageDigest).toLowerCase(); + } catch (Exception e) { + throw new Exception("Unable to hash password", e); + } + } +} diff --git a/src/main/resources/mybatis/mapper/scoring/ModelUsersMapper.xml b/src/main/resources/mybatis/mapper/scoring/ModelUsersMapper.xml new file mode 100644 index 0000000..ba09c42 --- /dev/null +++ b/src/main/resources/mybatis/mapper/scoring/ModelUsersMapper.xml @@ -0,0 +1,13 @@ + + + + + + + \ No newline at end of file