Commit f2322e77 authored by ls1947's avatar ls1947
Browse files

add possibility to query otp by localUid

parent e8ceb1fc
......@@ -71,4 +71,7 @@ public interface RegistryDao extends BaseDao<RegistryEntity, Long> {
List<RegistryEntity> findByServiceAndStatusOrderByRecon(ServiceEntity service, RegistryStatus status, int limit);
List<RegistryEntity> findAllByRegValueAndStatus(ServiceEntity service, String key, String value,
RegistryStatus status);
}
......@@ -40,6 +40,19 @@ import edu.kit.scc.webreg.entity.UserEntity;
@ApplicationScoped
public class JpaRegistryDao extends JpaBaseDao<RegistryEntity, Long> implements RegistryDao {
@SuppressWarnings("unchecked")
@Override
public List<RegistryEntity> findAllByRegValueAndStatus(ServiceEntity service, String key, String value, RegistryStatus status) {
return em.createQuery("select r from RegistryEntity r join r.registryValues rv "
+ "where (key(rv) = :key and rv = :val) "
+ "and r.service = :service and r.registryStatus = :status")
.setParameter("key", key)
.setParameter("val", value)
.setParameter("service", service)
.setParameter("status", status)
.getResultList();
}
@Override
public RegistryEntity findByIdWithAgreements(Long id) {
CriteriaBuilder builder = em.getCriteriaBuilder();
......
package edu.kit.scc.webreg.service.twofa;
import java.util.Date;
import java.util.List;
import javax.ejb.Stateless;
import javax.inject.Inject;
......@@ -58,17 +59,42 @@ public class TwoFaLoginServiceImpl implements TwoFaLoginService {
logger.debug("New otpLogin for {} and {}", eppn, serviceShortName);
UserEntity user = userDao.findByEppn(eppn);
if (user == null)
throw new NoUserFoundException("no such user");
ServiceEntity service = serviceDao.findByShortName(serviceShortName);
if (service == null)
throw new NoServiceFoundException("no such service");
RegistryEntity registry = null;
UserEntity user = null;
RegistryEntity registry = findRegistry(user, service);
if (registry == null)
throw new NoRegistryFoundException("user not registered for service");
if (eppn != null) {
if (eppn.contains("@")) {
user = userDao.findByEppn(eppn);
if (user == null)
throw new NoUserFoundException("no such user");
registry = findRegistry(user, service);
if (registry == null)
throw new NoRegistryFoundException("user not registered for service");
}
else {
/*
* eppn is not an eppn, but a localUid
*/
List<RegistryEntity> registryList = registryDao.findAllByRegValueAndStatus(service, "localUid", eppn, RegistryStatus.ACTIVE);
if (registryList.size() == 0) {
registryList.addAll(registryDao.findAllByRegValueAndStatus(service, "localUid", eppn, RegistryStatus.LOST_ACCESS));
}
if (registryList.size() == 0) {
registryList.addAll(registryDao.findAllByRegValueAndStatus(service, "localUid", eppn, RegistryStatus.ON_HOLD));
}
registry = registryList.get(0);
user = registry.getUser();
}
}
else {
// username is not set
return ":-(";
}
if (! service.getServiceProps().containsKey("twofa_validate_secret")) {
logger.warn("No validation secret configured for service {}. Please configure service property twofa_validate_secret", service.getShortName());
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment