From a2348e95bbacbc9a9961afcabb7bbe82f3c7fe9d Mon Sep 17 00:00:00 2001
From: Vitaly Takmazov
Date: Mon, 18 Oct 2021 00:40:10 +0300
Subject: Display error for social login

* CrossPostService gone
---
 .../com/juick/www/controllers/SocialLogin.java     | 75 +++++++++++++---------
 1 file changed, 43 insertions(+), 32 deletions(-)

(limited to 'src/main/java/com/juick/www/controllers/SocialLogin.java')

diff --git a/src/main/java/com/juick/www/controllers/SocialLogin.java b/src/main/java/com/juick/www/controllers/SocialLogin.java
index 5e9e8b8f..7acd6cdd 100644
--- a/src/main/java/com/juick/www/controllers/SocialLogin.java
+++ b/src/main/java/com/juick/www/controllers/SocialLogin.java
@@ -24,7 +24,6 @@ import com.github.scribejava.core.oauth.OAuth10aService;
 import com.github.scribejava.core.oauth.OAuth20Service;
 import com.juick.model.ext.facebook.User;
 import com.juick.model.ext.vk.UsersResponse;
-import com.juick.service.CrosspostService;
 import com.juick.service.EmailService;
 import com.juick.service.TelegramService;
 import com.juick.service.UserService;
@@ -52,6 +51,8 @@ import javax.inject.Inject;
 import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
 import java.io.IOException;
 import java.util.List;
 import java.util.Map;
@@ -69,6 +70,8 @@ public class SocialLogin {
 
     private static final Logger logger = LoggerFactory.getLogger(SocialLogin.class);
 
+    public static final String AUTH_ERROR = "SocialLogin.AuthenticationError";
+
     @Value("${facebook_appid:appid}")
     private String FACEBOOK_APPID;
     @Value("${facebook_secret:secret}")
@@ -95,8 +98,6 @@ public class SocialLogin {
     @Value("${apple_app_id:appid}")
     private String appleApplicationId;
     @Inject
-    private CrosspostService crosspostService;
-    @Inject
     private UserService userService;
     @Inject
     private EmailService emailService;
@@ -125,18 +126,18 @@ public class SocialLogin {
     @GetMapping("/_fblogin")
     protected String doFacebookLogin(HttpServletRequest request, @RequestParam(required = false) String code,
             @RequestParam(required = false) String state,
-            @RequestHeader(value = "referer", required = false) String referer, HttpServletResponse response)
-            throws IOException, ExecutionException, InterruptedException {
+            @RequestHeader(value = "referer", required = false) String referer, HttpServletResponse response,
+            HttpSession session) throws IOException, ExecutionException, InterruptedException {
         if (StringUtils.isBlank(code)) {
             String fbstate = UUID.randomUUID().toString();
             if (StringUtils.isBlank(state)) {
                 state = Optional.ofNullable(referer).orElse("https://juick.com/");
             }
-            crosspostService.addFacebookState(fbstate, state);
+            userService.addFacebookState(fbstate, state);
             return "redirect:" + facebookAuthService.getAuthorizationUrl(fbstate);
         }
 
-        String redirectUrl = crosspostService.verifyFacebookState(state);
+        String redirectUrl = userService.verifyFacebookState(state);
         if (StringUtils.isEmpty(redirectUrl)) {
             logger.error("state is missing");
             throw new HttpBadRequestException();
@@ -157,26 +158,30 @@ public class SocialLogin {
             throw new HttpBadRequestException();
         }
 
-        int uid = crosspostService.getUIDbyFBID(fbID);
-        if (uid > 0) {
-            if (!crosspostService.updateFacebookUser(fbID, token.getAccessToken(), fb.getName())) {
+        Optional<com.juick.model.User> existingFacebookUser = userService.getUserByFacebookId(fbID);
+        if (existingFacebookUser.isPresent()) {
+            if (!userService.updateFacebookUser(fbID, token.getAccessToken(), fb.getName())) {
                 logger.error("error updating facebook user, id: {}, token: {}", fbID, token.getAccessToken());
                 throw new HttpBadRequestException();
             }
-            Cookie c = new Cookie("hash", userService.getHashByUID(uid));
-            c.setMaxAge(50 * 24 * 60 * 60);
-            response.addCookie(c);
-            return "redirect:" + redirectUrl;
-        } else {
-            if (!crosspostService.createFacebookUser(fbID, state, token.getAccessToken(), fb.getName())) {
-                if (StringUtils.isNotEmpty(fb.getEmail())) {
-                    logger.info("found {} for facebook user {}", fb.getEmail(), fb.getName());
-                    Integer userId = crosspostService.getUIDbyFBID(fbID);
-                    if (!emailService.getEmails(userId, false).contains(fb.getEmail())) {
-                        emailService.addEmail(userId, fb.getEmail());
-                    }
+            if (StringUtils.isNotEmpty(fb.getEmail())) {
+                logger.info("found {} for facebook user {}", fb.getEmail(), fb.getName());
+                Optional<com.juick.model.User> newFacebookUser = userService.getUserByFacebookId(fbID);
+                if (!emailService.getEmails(newFacebookUser.get().getUid(), false).contains(fb.getEmail())) {
+                    emailService.addEmail(newFacebookUser.get().getUid(), fb.getEmail());
                 }
-                logger.info("email not found for facebook user {}", fb.getName());
+            }
+            if (!existingFacebookUser.get().isBanned()) {
+                Cookie c = new Cookie("hash", userService.getHashByUID(existingFacebookUser.get().getUid()));
+                c.setMaxAge(50 * 24 * 60 * 60);
+                response.addCookie(c);
+                return "redirect:" + redirectUrl;
+            } else {
+                session.setAttribute(SocialLogin.AUTH_ERROR, "User is disabled");
+                return "redirect:/login";
+            }
+        } else {
+            if (!userService.createFacebookUser(fbID, state, token.getAccessToken(), fb.getName())) {
                 throw new HttpBadRequestException();
             }
             return "redirect:/signup?type=fb&hash=" + state;
@@ -257,7 +262,8 @@ public class SocialLogin {
         Response vkResponse = vkAuthService.execute(meRequest);
         if (vkResponse.isSuccessful()) {
             String graph = vkResponse.getBody();
-            com.juick.model.ext.vk.User jsonUser = jsonMapper.readValue(graph, UsersResponse.class).getUsers().stream().findFirst().orElseThrow(HttpBadRequestException::new);
+            com.juick.model.ext.vk.User jsonUser = jsonMapper.readValue(graph, UsersResponse.class).getUsers().stream()
+                    .findFirst().orElseThrow(HttpBadRequestException::new);
             String vkName = jsonUser.getFirstName() + " " + jsonUser.getLastName();
             String vkLink = jsonUser.getScreenName();
 
@@ -267,7 +273,7 @@ public class SocialLogin {
             }
 
             long vkID = NumberUtils.toLong(jsonUser.getId(), 0);
-            int uid = crosspostService.getUIDbyVKID(vkID);
+            int uid = userService.getUIDbyVKID(vkID);
             if (uid > 0) {
                 Cookie c = new Cookie("hash", userService.getHashByUID(uid));
                 c.setMaxAge(50 * 24 * 60 * 60);
@@ -275,14 +281,14 @@ public class SocialLogin {
                 return "redirect:/" + Optional.ofNullable(referer).orElse(StringUtils.EMPTY);
             } else {
                 String loginhash = UUID.randomUUID().toString();
-                if (!crosspostService.createVKUser(vkID, loginhash, token.getAccessToken(), vkName, vkLink)) {
+                if (!userService.createVKUser(vkID, loginhash, token.getAccessToken(), vkName, vkLink)) {
                     logger.error("create vk user error");
                     throw new HttpBadRequestException();
                 }
                 return "redirect:/signup?type=vk&hash=" + loginhash;
             }
         } else {
-            logger.error("vk error {}: {}",  vkResponse.getCode(), vkResponse.getBody());
+            logger.error("vk error {}: {}", vkResponse.getCode(), vkResponse.getBody());
             throw new HttpBadRequestException();
         }
     }
@@ -332,7 +338,7 @@ public class SocialLogin {
 
     @PostMapping("/_apple")
     public String doVerifyAppleResponse(HttpServletRequest request, HttpServletResponse response,
-            @RequestParam Map<String, String> body) throws InterruptedException, ExecutionException, IOException {
+            @RequestParam Map<String, String> body, HttpSession session) throws InterruptedException, ExecutionException, IOException {
         OAuth2AccessToken token = appleSignInService.getAccessToken(body.get("code"));
         var jsonNode = jsonMapper.readTree(token.getRawResponse());
         var idToken = jsonNode.get("id_token").textValue();
@@ -341,10 +347,15 @@ public class SocialLogin {
         if (email.isPresent()) {
             com.juick.model.User user = userService.getUserByEmail(email.get());
             if (!user.isAnonymous()) {
-                Cookie c = new Cookie("hash", userService.getHashByUID(user.getUid()));
-                c.setMaxAge(50 * 24 * 60 * 60);
-                response.addCookie(c);
-                return "redirect:/";
+                if (!user.isBanned()) {
+                    Cookie c = new Cookie("hash", userService.getHashByUID(user.getUid()));
+                    c.setMaxAge(50 * 24 * 60 * 60);
+                    response.addCookie(c);
+                    return "redirect:/";
+                } else {
+                    session.setAttribute(SocialLogin.AUTH_ERROR, "User is disabled");
+                    return "redirect:/login";
+                }
             } else {
                 String verificationCode = RandomStringUtils.randomAlphanumeric(8).toUpperCase();
                 emailService.addVerificationCode(null, email.get(), verificationCode);
-- 
cgit v1.2.3