001// -------------------------------------------------------------------------------- 002// Copyright 2002-2025 Echo Three, LLC 003// 004// Licensed under the Apache License, Version 2.0 (the "License"); 005// you may not use this file except in compliance with the License. 006// You may obtain a copy of the License at 007// 008// http://www.apache.org/licenses/LICENSE-2.0 009// 010// Unless required by applicable law or agreed to in writing, software 011// distributed under the License is distributed on an "AS IS" BASIS, 012// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013// See the License for the specific language governing permissions and 014// limitations under the License. 015// -------------------------------------------------------------------------------- 016 017package com.echothree.model.control.user.server.transfer; 018 019import com.echothree.model.control.party.server.control.PartyControl; 020import com.echothree.model.control.user.common.UserConstants; 021import com.echothree.model.control.user.common.transfer.UserLoginPasswordTransfer; 022import com.echothree.model.control.user.server.control.UserControl; 023import com.echothree.model.data.user.server.entity.UserLoginPassword; 024import com.echothree.model.data.user.server.entity.UserVisit; 025import com.echothree.util.server.persistence.Session; 026import javax.enterprise.context.RequestScoped; 027 028@RequestScoped 029public class UserLoginPasswordTransferCache 030 extends BaseUserTransferCache<UserLoginPassword, UserLoginPasswordTransfer> { 031 032 PartyControl partyControl = Session.getModelController(PartyControl.class); 033 UserControl userControl = Session.getModelController(UserControl.class); 034 035 /** Creates a new instance of UserLoginPasswordTransferCache */ 036 protected UserLoginPasswordTransferCache() { 037 super(); 038 } 039 040 public UserLoginPasswordTransfer getUserLoginPasswordTransfer(UserVisit userVisit, UserLoginPassword userLoginPassword) { 041 var userLoginPasswordTransfer = get(userLoginPassword); 042 043 if(userLoginPasswordTransfer == null) { 044 var party = partyControl.getPartyTransfer(userVisit, userLoginPassword.getParty()); 045 var userLoginPasswordType = userControl.getUserLoginPasswordTypeTransfer(userVisit, userLoginPassword.getUserLoginPasswordType()); 046 String password = null; 047 Long unformattedChangedTime = null; 048 String changedTime = null; 049 Boolean wasReset = null; 050 051 var userLoginPasswordTypeName = userLoginPasswordType.getUserLoginPasswordTypeName(); 052 if(userLoginPasswordTypeName.equals(UserConstants.UserLoginPasswordType_STRING) || 053 userLoginPasswordTypeName.equals(UserConstants.UserLoginPasswordType_RECOVERED_STRING)) { 054 var userLoginPasswordString = userControl.getUserLoginPasswordString(userLoginPassword); 055 var userLoginPasswordEncoderTypeName = userLoginPasswordType.getUserLoginPasswordEncoderType().getUserLoginPasswordEncoderTypeName(); 056 057 // Allow only one very carefully checked case where the password will be returned in the TO. Only recovered passwords, and only if they are 058 // plain text. Hashed passwords will never be returned. 059 if(userLoginPasswordTypeName.equals(UserConstants.UserLoginPasswordType_RECOVERED_STRING) && 060 userLoginPasswordEncoderTypeName.equals(UserConstants.UserLoginPasswordEncoderType_TEXT)) { 061 password = userLoginPasswordString.getPassword(); 062 } 063 064 unformattedChangedTime = userLoginPasswordString.getChangedTime(); 065 changedTime = formatTypicalDateTime(userVisit, unformattedChangedTime); 066 wasReset = userLoginPasswordString.getWasReset(); 067 } 068 069 userLoginPasswordTransfer = new UserLoginPasswordTransfer(party, userLoginPasswordType, password, unformattedChangedTime, changedTime, wasReset); 070 put(userVisit, userLoginPassword, userLoginPasswordTransfer); 071 } 072 073 return userLoginPasswordTransfer; 074 } 075 076}