001// -------------------------------------------------------------------------------- 002// Copyright 2002-2026 Echo Three, LLC 003// 004// Licensed under the Apache License, Version 2.0 (the "License"); 005// you may not use this file except in compliance with the License. 006// You may obtain a copy of the License at 007// 008// http://www.apache.org/licenses/LICENSE-2.0 009// 010// Unless required by applicable law or agreed to in writing, software 011// distributed under the License is distributed on an "AS IS" BASIS, 012// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013// See the License for the specific language governing permissions and 014// limitations under the License. 015// -------------------------------------------------------------------------------- 016 017package com.echothree.model.control.user.server.transfer; 018 019import javax.inject.Inject; 020import com.echothree.model.control.party.server.control.PartyControl; 021import com.echothree.model.control.user.common.UserConstants; 022import com.echothree.model.control.user.common.transfer.UserLoginPasswordTransfer; 023import com.echothree.model.data.user.server.entity.UserLoginPassword; 024import com.echothree.model.data.user.server.entity.UserVisit; 025import javax.enterprise.context.RequestScoped; 026 027@RequestScoped 028public class UserLoginPasswordTransferCache 029 extends BaseUserTransferCache<UserLoginPassword, UserLoginPasswordTransfer> { 030 031 @Inject 032 PartyControl partyControl; 033 034 /** Creates a new instance of UserLoginPasswordTransferCache */ 035 protected UserLoginPasswordTransferCache() { 036 super(); 037 } 038 039 public UserLoginPasswordTransfer getUserLoginPasswordTransfer(UserVisit userVisit, UserLoginPassword userLoginPassword) { 040 var userLoginPasswordTransfer = get(userLoginPassword); 041 042 if(userLoginPasswordTransfer == null) { 043 var party = partyControl.getPartyTransfer(userVisit, userLoginPassword.getParty()); 044 var userLoginPasswordType = userControl.getUserLoginPasswordTypeTransfer(userVisit, userLoginPassword.getUserLoginPasswordType()); 045 String password = null; 046 Long unformattedChangedTime = null; 047 String changedTime = null; 048 Boolean wasReset = null; 049 050 var userLoginPasswordTypeName = userLoginPasswordType.getUserLoginPasswordTypeName(); 051 if(userLoginPasswordTypeName.equals(UserConstants.UserLoginPasswordType_STRING) || 052 userLoginPasswordTypeName.equals(UserConstants.UserLoginPasswordType_RECOVERED_STRING)) { 053 var userLoginPasswordString = userControl.getUserLoginPasswordString(userLoginPassword); 054 var userLoginPasswordEncoderTypeName = userLoginPasswordType.getUserLoginPasswordEncoderType().getUserLoginPasswordEncoderTypeName(); 055 056 // Allow only one very carefully checked case where the password will be returned in the TO. Only recovered passwords, and only if they are 057 // plain text. Hashed passwords will never be returned. 058 if(userLoginPasswordTypeName.equals(UserConstants.UserLoginPasswordType_RECOVERED_STRING) && 059 userLoginPasswordEncoderTypeName.equals(UserConstants.UserLoginPasswordEncoderType_TEXT)) { 060 password = userLoginPasswordString.getPassword(); 061 } 062 063 unformattedChangedTime = userLoginPasswordString.getChangedTime(); 064 changedTime = formatTypicalDateTime(userVisit, unformattedChangedTime); 065 wasReset = userLoginPasswordString.getWasReset(); 066 } 067 068 userLoginPasswordTransfer = new UserLoginPasswordTransfer(party, userLoginPasswordType, password, unformattedChangedTime, changedTime, wasReset); 069 put(userVisit, userLoginPassword, userLoginPasswordTransfer); 070 } 071 072 return userLoginPasswordTransfer; 073 } 074 075}