/*******************************************************************************
* Open Behavioral Health Information Technology Architecture (OBHITA.org)
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
* * Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* * Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* * Neither the name of the <organization> nor the
* names of its contributors may be used to endorse or promote products
* derived from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
******************************************************************************/
package gov.samhsa.consent2share.service.account;
import gov.samhsa.consent2share.domain.account.EmailToken;
import gov.samhsa.consent2share.domain.account.EmailTokenRepository;
import gov.samhsa.consent2share.domain.account.Users;
import gov.samhsa.consent2share.domain.account.UsersRepository;
import gov.samhsa.consent2share.domain.commondomainservices.EmailSender;
import gov.samhsa.consent2share.domain.commondomainservices.EmailType;
import gov.samhsa.consent2share.domain.patient.Patient;
import gov.samhsa.consent2share.domain.patient.PatientRepository;
import gov.samhsa.consent2share.infrastructure.security.TokenExpiredException;
import gov.samhsa.consent2share.infrastructure.security.TokenNotExistException;
import gov.samhsa.consent2share.infrastructure.security.UsernameNotExistException;
import gov.samhsa.consent2share.service.dto.AccountVerificationDto;
import javax.mail.MessagingException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.util.StringUtils;
/**
* The Class AccountVerificationServiceImpl.
*/
public class AccountVerificationServiceImpl implements
AccountVerificationService {
/** The logger. */
private final Logger logger = LoggerFactory.getLogger(this.getClass());
/** The users repository. */
private UsersRepository usersRepository;
/** The patient repository. */
private PatientRepository patientRepository;
/** The email token repository. */
private EmailTokenRepository emailTokenRepository;
/** The email sender. */
private EmailSender emailSender;
/**
* Instantiates a new account verification service impl.
*
* @param usersRepository
* the users repository
* @param patientRepository
* the patient repository
* @param emailTokenRepository
* the email token repository
* @param emailSender
* the email sender
*/
public AccountVerificationServiceImpl(UsersRepository usersRepository,
PatientRepository patientRepository,
EmailTokenRepository emailTokenRepository, EmailSender emailSender) {
this.usersRepository = usersRepository;
this.patientRepository = patientRepository;
this.emailTokenRepository = emailTokenRepository;
this.emailSender = emailSender;
}
/*
* (non-Javadoc)
*
* @see gov.samhsa.consent2share.service.account.AccountVerificationService#
* isAccountVerificationTokenExpired(java.lang.String)
*/
@Override
public Boolean isAccountVerificationTokenExpired(String token)
throws TokenNotExistException {
if (!StringUtils.hasText(token)) {
throw new IllegalArgumentException(
"Account verification token is required.");
}
EmailToken accountVerificatioinToken = findToken(token);
Boolean isExpired = accountVerificatioinToken.isTokenExpired();
return isExpired;
}
/*
* (non-Javadoc)
*
* @see gov.samhsa.consent2share.service.account.AccountVerificationService#
* enableAccount
* (gov.samhsa.consent2share.service.dto.AccountVerificationDto,
* java.lang.String)
*/
@Override
public void enableAccount(AccountVerificationDto accountVerificationDto,
String linkUrl) throws TokenNotExistException,
TokenExpiredException, UsernameNotExistException,
MessagingException {
if (accountVerificationDto == null) {
throw new IllegalArgumentException(
"Account verification dto is required.");
}
String token = accountVerificationDto.getToken();
EmailToken emailToken = findToken(token);
Boolean isExpired = emailToken.isTokenExpired();
if (isExpired) {
throw new TokenExpiredException("Email token is expired.");
}
emailToken.setIsTokenUsed(true);
emailTokenRepository.save(emailToken);
String username = emailToken.getUsername();
Users user = null;
try {
user = usersRepository.loadUserByUsername(username);
} catch (UsernameNotFoundException e) {
logger.warn(String.format(e.getMessage()), e);
throw new UsernameNotExistException(e.getMessage());
}
Users updatedUser = new Users(user.getFailedLoginAttempts(), username,
user.getPassword(), true, user.isAccountNonExpired(),
user.isCredentialsNonExpired(), user.getAuthorities());
usersRepository.updateUser(updatedUser);
Patient patient = patientRepository.findByUsername(username);
emailSender.sendMessage(
patient.getFirstName() + " " + patient.getLastName(),
patient.getEmail(), EmailType.SIGNUP_CONFIRMATION, linkUrl,
null);
}
/**
* Find token.
*
* @param token
* the token
* @return the email token
* @throws TokenNotExistException
* the token not exist exception
*/
private EmailToken findToken(String token) throws TokenNotExistException {
EmailToken emailToken = emailTokenRepository.findByToken(token);
if (emailToken == null) {
throw new TokenNotExistException("Email token doesn't exist.");
}
return emailToken;
}
}