· 6 years ago · Sep 03, 2019, 08:18 AM
1package com.infinetworks.pacarana.webservice;
2
3import javax.servlet.http.HttpServletRequest;
4import javax.xml.namespace.QName;
5import javax.xml.soap.SOAPBody;
6import javax.xml.soap.SOAPException;
7import javax.xml.soap.SOAPHeader;
8
9import org.apache.axis.AxisFault;
10import org.apache.axis.MessageContext;
11import org.apache.axis.transport.http.HTTPConstants;
12import org.jpos.space.Space;
13import org.jpos.space.SpaceFactory;
14import org.jpos.util.Log;
15import org.jpos.util.NameRegistrar;
16import org.w3c.dom.Node;
17import org.w3c.dom.NodeList;
18
19import com.infinetworks.pacarana.entities.BgClient;
20import com.infinetworks.pacarana.jmslogger.MessageLog;
21import com.infinetworks.pacarana.util.GeneralHelper;
22import com.infinetworks.pacarana.util.GenerateSecretKey;
23
24public class ArnAxis1WsServerLogHandlerIn extends ArnAxis1WsLogHandler {
25
26 private static final long serialVersionUID = 710702197892092785L;
27 private MessageLog objLogReq;
28
29 @Override
30 public void init() {
31 log = Log.getLog("arn-logger", "axis1-sr-loghandler-in");
32 }
33
34 @SuppressWarnings({ "rawtypes", "unchecked" })
35 @Override
36 public void invoke(MessageContext context) throws AxisFault {
37 Space space = SpaceFactory.getSpace();
38 objLogReq = new MessageLog();
39 objLogReq.setMessage(getStringMessage(context));
40
41 try {
42 String address = null;
43 if(context!=null && context.containsProperty(HTTPConstants.MC_HTTP_SERVLETREQUEST)) {
44 HttpServletRequest servletReq = (HttpServletRequest)context.getProperty(HTTPConstants.MC_HTTP_SERVLETREQUEST);
45 if (servletReq != null)
46 address = servletReq.getRemoteAddr();
47 }
48
49 SOAPHeader header = context.getMessage().getSOAPHeader();
50 NodeList headerNodeList = header.getChildNodes();
51 String signature = "";
52 String dateString = "";
53 if (null != headerNodeList) {
54 for (int i = 0; i < headerNodeList.getLength(); i++) {
55 if (("authorization").equals(headerNodeList.item(i).getNodeName())) {
56 signature = headerNodeList.item(i).getFirstChild().getNodeValue();
57 } else if (("date").equals(headerNodeList.item(i).getNodeName())) {
58 dateString = headerNodeList.item(i).getFirstChild().getNodeValue();
59 }
60 }
61 }
62 log.info("signature ==> " + signature);
63 log.info("dateString ==> " + dateString);
64
65 SOAPBody body = context.getMessage().getSOAPBody();
66 Node node = body.getFirstChild();
67 Node req = node.getChildNodes().item(0);
68 NodeList attr = req.getChildNodes();
69 String custRefNo = "";
70 String bankRefNo = "";
71 String clientId = "";
72 String bankChannel = "";
73 String custId = "";
74
75
76 for(int i = 0; i< attr.getLength();i++){
77 if(attr.item(i).getFirstChild()!=null){
78 //log.info("iterate node list : "+attr.item(i).getNodeName() + "|" +attr.item(i).getFirstChild().getNodeValue());
79 if(attr.item(i).getNodeName().equals("custRefNo")){
80 custRefNo = attr.item(i).getFirstChild().getNodeValue();
81 } else if(attr.item(i).getNodeName().equals("bankRefNo")){
82 bankRefNo = attr.item(i).getFirstChild().getNodeValue();
83 } else if(attr.item(i).getNodeName().equals("bankId")){
84 clientId = attr.item(i).getFirstChild().getNodeValue();
85 } else if(attr.item(i).getNodeName().equals("bankChannel")){
86 bankChannel = attr.item(i).getFirstChild().getNodeValue();
87 } else if(attr.item(i).getNodeName().equals("custId")){
88 custId = attr.item(i).getFirstChild().getNodeValue();
89 }
90 }
91 }
92
93 String nodeName = node.getNodeName();
94 String[] methodServices = nodeName.split(":");
95 String methodService = "";
96 if (null != methodServices && 1 < methodServices.length ) {
97 methodService = methodServices[1];
98 }
99
100 StringBuffer buffer = new StringBuffer();
101 buffer.append(methodService);//Method
102 buffer.append("\n");
103 buffer.append(clientId);//bankId
104 buffer.append("\n");
105 buffer.append(bankRefNo);//bankRefNo
106 buffer.append("\n");
107 buffer.append(bankChannel);//bankChannel
108 buffer.append("\n");
109 buffer.append(custId);//custId
110 buffer.append("\n");
111 buffer.append(dateString);//date string
112
113
114 String reffId = clientId + "-" + bankRefNo + "-" + custRefNo;
115 log.info("Incoming ws request from ["+address+"]\nSet reffId for req objlog : "+reffId);
116 space.out(GeneralHelper.C_KEY_SPACE_AXIS1_SR_REQUEST_OBJLOG + "-" +reffId, objLogReq);
117
118 //add validation
119 Boolean isAuth = Boolean.FALSE;
120 String clientKey = null;
121
122 BgClient bgClient = (BgClient) NameRegistrar.getIfExists(GeneralHelper.CLIENT_DATA + clientId);
123 if (null != bgClient) {
124 isAuth = bgClient.getAuthentication();
125 clientKey = bgClient.getClientKey();
126 }
127
128 boolean isValidate = true;
129 if (isAuth) {
130 String stringToSign = buffer.toString();
131 GenerateSecretKey generateSecretKey = new GenerateSecretKey();
132 String authkey = null;
133 String secretKey = generateSecretKey.generateKey(clientKey, GeneralHelper.VALIDATION_MESSAGE);
134 authkey = generateSecretKey.generateKey(secretKey, stringToSign);
135 log.info("authkey ==> " + authkey);
136 if (!authkey.equalsIgnoreCase(signature)) {
137 isValidate = false;
138 log.info("GA CUCOK BOO ==> " + signature);
139
140 QName qName = new QName("", "401");
141 AxisFault axisFault = new AxisFault(qName, "(401)Unauthorized", null, null);
142 axisFault.removeFaultDetail(org.apache.axis.Constants.QNAME_FAULTDETAIL_STACKTRACE);
143 axisFault.removeFaultDetail(org.apache.axis.Constants.QNAME_FAULTDETAIL_HOSTNAME);
144 throw axisFault;
145 }
146 }
147
148 } catch (SOAPException e) {
149 log.warn("Exception when try send log request to space:"+e);
150 }
151
152 log.info("---- AXIS1-WS Request ----\n" +
153 getStringMessage(context));
154 }
155
156}