package incheon.com.security.service; import com.dreamsecurity.sso.message.SSOResp; import com.dreamsecurity.sso.service.SSOService; import com.dreamsecurity.sso.service.SSOServiceFactory; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Service; import javax.annotation.PostConstruct; import javax.servlet.http.HttpServletRequest; import java.io.File; /** * MagicSSO API 서비스 * - 세션 유효성 확인, 로그아웃, 토큰 복호화 등 */ @Slf4j @Service public class SsoApiService { @Value("${sso.agent.home:./dreamsecurity/agent}") private String agentHome; private String resolvedAgentHome; @PostConstruct public void init() { try { File agentDir = new File(agentHome); resolvedAgentHome = agentDir.getCanonicalPath(); log.debug("[SSO] 에이전트 홈: {}", resolvedAgentHome); if (!agentDir.exists()) { log.warn("[SSO] 에이전트 폴더 없음: {}", resolvedAgentHome); } } catch (Exception e) { log.error("[SSO] 에이전트 홈 초기화 실패: {}", e.getMessage()); resolvedAgentHome = new File(agentHome).getAbsolutePath(); } } public String getAgentHome() { return resolvedAgentHome; } private SSOService getSSOService(HttpServletRequest request) throws Exception { return SSOServiceFactory.getInstance(resolvedAgentHome).getService(request); } public boolean isSessionAlive(String userId, HttpServletRequest request) { try { SSOService service = getSSOService(request); SSOResp resp = service.sessionAlive(userId, request); log.debug("[SSO] sessionAlive - userId: {}, success: {}", userId, resp.isSuccess()); return resp.getCode() == 0 && resp.isSuccess(); } catch (Exception e) { log.error("[SSO] sessionAlive 오류: {}", e.getMessage()); return false; } } public boolean logout(String userId, String remoteAddr, HttpServletRequest request) { try { SSOService service = getSSOService(request); SSOResp resp = service.logout(userId, remoteAddr); log.debug("[SSO] logout - userId: {}, success: {}", userId, resp.isSuccess()); return resp.getCode() == 0 && resp.isSuccess(); } catch (Exception e) { log.error("[SSO] logout 오류: {}", e.getMessage()); return false; } } /** * 다이렉트 로그아웃 (MagicPass에서 호출) */ public boolean logoutDirect(String encId, String encMac, String remoteAddr, String dlf, HttpServletRequest request) { try { SSOService service = getSSOService(request); // 공백을 +로 치환 (URL 인코딩 이슈 대응) if (encId != null) encId = encId.replaceAll(" ", "+"); if (encMac != null) encMac = encMac.replaceAll(" ", "+"); SSOResp resp = service.logoutC(encId, encMac, remoteAddr, dlf); log.debug("[SSO] logoutC - success: {}", resp.isSuccess()); return resp.getCode() == 0 && resp.isSuccess(); } catch (Exception e) { log.error("[SSO] logoutC 오류: {}", e.getMessage()); return false; } } public String decryptData(String encData, HttpServletRequest request) { try { SSOService service = getSSOService(request); SSOResp resp = service.decryptSym(encData); if (resp.getCode() == 0) { return resp.getMessage(); } log.warn("[SSO] decryptSym 실패 - code: {}", resp.getCode()); return null; } catch (Exception e) { log.error("[SSO] decryptSym 오류: {}", e.getMessage()); return null; } } public String encryptUrl(String source, HttpServletRequest request) { try { SSOService service = getSSOService(request); SSOResp resp = service.encryptURL(source); if (resp.getCode() == 0) { return resp.getMessage(); } log.warn("[SSO] encryptURL 실패 - code: {}", resp.getCode()); return null; } catch (Exception e) { log.error("[SSO] encryptURL 오류: {}", e.getMessage()); return null; } } public boolean clearSession(String userId, HttpServletRequest request) { try { SSOService service = getSSOService(request); SSOResp resp = service.sessionClear(userId, request); log.debug("[SSO] sessionClear - userId: {}, success: {}", userId, resp.isSuccess()); return resp.getCode() == 0 && resp.isSuccess(); } catch (Exception e) { log.error("[SSO] sessionClear 오류: {}", e.getMessage()); return false; } } }