MeController.java
/*
* Copyright 2019 Global Crop Diversity Trust
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.gringlobal.api.v2.impl;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.tags.Tag;
import lombok.extern.slf4j.Slf4j;
import org.genesys.blocks.oauth.model.OAuthClient;
import org.genesys.blocks.oauth.service.OAuthClientService;
import org.gringlobal.api.ApiBaseController;
import org.gringlobal.api.exception.InvalidApiUsageException;
import org.gringlobal.api.model.OAuthClientDTO;
import org.gringlobal.api.model.SysUserDTO;
import org.gringlobal.api.v2.facade.OAuthClientApiService;
import org.gringlobal.api.v2.facade.UserApiService;
import org.gringlobal.model.SysUser;
import org.gringlobal.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.oauth2.server.resource.authentication.AbstractOAuth2TokenAuthenticationToken;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
@RestController("meApi2")
@RequestMapping(MeController.API_URL)
@PreAuthorize("isAuthenticated() && (hasRole('USER') || hasRole('ADMINISTRATOR'))") // Don't allow OAuth clients here
@Tag(name = "Profile")
@Slf4j
public class MeController extends ApiBaseController {
/** The Constant API_URL. */
public static final String API_URL = ApiBaseController.APIv2_BASE + "/me";
@Autowired
private UserService userService;
@Autowired
private UserApiService userApiService;
@Autowired
private OAuthClientApiService oAuthClientApiService;
@Autowired
@Qualifier("soapPasswordEncoder")
private PasswordEncoder soapPasswordEncoder;
/**
* Gets the profile.
*
* @return the profile
*/
@PreAuthorize("isAuthenticated()") // Available for OAuth clients
@GetMapping(value = "/user")
@Operation(summary = "Get current user")
public SysUserDTO getProfile() {
return userApiService.getProfile();
}
@GetMapping(value = "/client")
@Operation(summary = "Get current client")
public OAuthClientDTO getClient() {
return oAuthClientApiService.getCurrentClient();
}
/**
* Change password.
*
* @param oldPassword the old password
* @param newPassword the new password
* @return the string
*/
@PostMapping(value = "/password")
@Operation(summary = "Change own password")
public ResponseEntity<HttpStatus> changePassword(@RequestParam(name = "old", required = true) final String oldPassword,
@RequestParam(name = "new", required = true) final String newPassword) throws Exception {
final SysUser currentUser = userApiService.getProfileEntity();
if (soapPasswordEncoder.matches(oldPassword, currentUser.getPassword())) {
userService.setPassword(currentUser, newPassword);
return ResponseEntity.ok().build();
} else {
throw new InvalidApiUsageException("The current password is not valid.");
}
}
}