1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34 package fr.paris.lutece.plugins.mylutece.modules.openiddatabase.authentication.business;
35
36 import fr.paris.lutece.portal.service.i18n.I18nService;
37 import fr.paris.lutece.portal.service.mail.MailService;
38 import fr.paris.lutece.portal.service.plugin.Plugin;
39 import fr.paris.lutece.portal.service.template.AppTemplateService;
40 import fr.paris.lutece.portal.service.util.AppPropertiesService;
41 import fr.paris.lutece.util.html.HtmlTemplate;
42 import fr.paris.lutece.util.sql.DAOUtil;
43
44 import java.util.Calendar;
45 import java.util.Date;
46 import java.util.HashMap;
47 import java.util.Locale;
48
49
50 public class PasswordRecoveryByLinkDAO implements IPasswordRecoveryService
51 {
52 private static final String TEMPLATE_EMAIL_BODY_LINK = "skin/plugins/mylutece/modules/openiddatabase/email_body_link.html";
53 private static final String PROPERTY_EMAIL_OBJECT_LINK = "module.mylutece.openiddatabase.email_link.object";
54 private static final String PROPERTY_MYLUTECE_RECOVERY_LINK_VALIDITY = "mylutece-openiddatabase.email.link.validity";
55 private static final String PROPERTY_NOREPLY_EMAIL = "mail.noreply.email";
56 private static final String MARK_UNIQUE_ID = "operation_id";
57 private static final String MARK_USER = "user";
58 private static final String PROPERTY_PROD_BASE_URL = "lutece.prod.url";
59 private static final String MARK_PROD_URL = "prod_url";
60 private static final String SQL_QUERY_INSERT_USER_OPERATION_DEPENDENCY = "INSERT INTO mylutece_database_openid_recovery_user ( mylutece_database_openid_user_id, id_recovery_operation ) VALUES ( ? , ? )";
61 private static final String SQL_QUERY_INSERT = "INSERT INTO `mylutece_database_openid_recovery`(`id_recovery_operation`,`date_recovery_creation`,`date_recovery_expiration`,`operation_recovery_accomplished`) VALUES ( ? , ? , ? , ? )";
62 private static final String SQL_QUERY_SELECT_BY_TOKEN = "SELECT mylutece_database_openid_user_id FROM mylutece_database_openid_recovery_user where id_recovery_operation= ?";
63 private static final String SQL_QUERY_SELECT_EXPIRATION_DATE_BY_TOKEN = "SELECT date_recovery_expiration FROM mylutece_database_openid_recovery WHERE id_recovery_operation= ? ";
64
65
66 private static PasswordRecoveryByLinkDAO _dao = new PasswordRecoveryByLinkDAO( );
67
68
69
70
71
72
73 static PasswordRecoveryByLinkDAO getInstance( )
74 {
75 return _dao;
76 }
77
78 public boolean verifyOperationValid( String strOperationId, Plugin plugin )
79 {
80
81 return false;
82 }
83
84 public String newOperationKey( )
85 {
86 return java.util.UUID.randomUUID( ).toString( );
87 }
88
89
90
91
92
93
94
95 public void insertDependency( int nUserId, String strIdOperation, Plugin plugin )
96 {
97 DAOUtil daoUtil = new DAOUtil( SQL_QUERY_INSERT_USER_OPERATION_DEPENDENCY, plugin );
98
99 daoUtil.setInt( 1, nUserId );
100 daoUtil.setString( 2, strIdOperation );
101
102 daoUtil.executeUpdate( );
103 daoUtil.free( );
104 }
105
106 public void storeOperation( OpenIdDatabaseUser user, String strOperationId, Plugin plugin )
107 {
108 DAOUtil daoUtil = new DAOUtil( SQL_QUERY_INSERT, plugin );
109 Date dateNow = Calendar.getInstance( ).getTime( );
110 int nDaysValidity = AppPropertiesService.getPropertyInt( PROPERTY_MYLUTECE_RECOVERY_LINK_VALIDITY, 1 );
111 Calendar calExpiration = Calendar.getInstance( );
112 calExpiration.add( Calendar.DATE, nDaysValidity );
113
114 Date dateExpiration = calExpiration.getTime( );
115
116 daoUtil.setString( 1, strOperationId );
117
118 daoUtil.setDate( 2, new java.sql.Date( dateNow.getTime( ) ) );
119 daoUtil.setDate( 3, new java.sql.Date( dateExpiration.getTime( ) ) );
120 daoUtil.setBoolean( 4, true );
121 insertDependency( user.getUserId( ), strOperationId, plugin );
122
123 daoUtil.executeUpdate( );
124 daoUtil.free( );
125 }
126
127 public void processOperations( OpenIdDatabaseUser user, Locale locale, Plugin plugin )
128 {
129 String strNewOperationKey = newOperationKey( );
130 storeOperation( user, strNewOperationKey, plugin );
131
132 HashMap<String, Object> model = new HashMap<String, Object>( );
133 String strSender = AppPropertiesService.getProperty( PROPERTY_NOREPLY_EMAIL );
134 model.put( MARK_UNIQUE_ID, strNewOperationKey );
135 model.put( MARK_USER, user );
136 model.put( MARK_PROD_URL, AppPropertiesService.getProperty( PROPERTY_PROD_BASE_URL ));
137
138 HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_EMAIL_BODY_LINK, locale, model );
139 MailService.sendMailHtml( user.getEmail( ), user.getFirstName( ), strSender, getMailSubject( locale ),
140 template.getHtml( ) );
141 }
142
143 private String getMailSubject( Locale locale )
144 {
145 return I18nService.getLocalizedString( PROPERTY_EMAIL_OBJECT_LINK, locale );
146 }
147
148 public int getUserId( String strIdToken, Plugin plugin )
149 {
150 int nUserId = 0;
151 DAOUtil daoUtil = new DAOUtil( SQL_QUERY_SELECT_BY_TOKEN, plugin );
152 daoUtil.setString( 1, strIdToken );
153
154 daoUtil.executeQuery( );
155
156 if ( daoUtil.next( ) )
157 {
158 nUserId = daoUtil.getInt( 1 );
159 }
160
161 daoUtil.free( );
162
163 return nUserId;
164 }
165
166 public boolean isExpired( String strIdToken, Plugin plugin )
167 {
168 boolean bIsExpired = false;
169 Date dateExpiration = null;
170 DAOUtil daoUtil = new DAOUtil( SQL_QUERY_SELECT_EXPIRATION_DATE_BY_TOKEN, plugin );
171 daoUtil.setString( 1, strIdToken );
172 daoUtil.executeQuery( );
173
174 if ( daoUtil.next( ) )
175 {
176 dateExpiration = daoUtil.getDate( 1 );
177 }
178
179 daoUtil.free( );
180
181 Date dateNow = Calendar.getInstance( ).getTime( );
182
183 if ( dateNow.after( dateExpiration ) )
184 {
185 bIsExpired = true;
186 }
187
188 return bIsExpired;
189 }
190 }