Untitled

 avatar
unknown
plain_text
2 months ago
13 kB
2
Indexable
    public EpiResponseDTO<?> verifyOtp(VerifyOTPRequest verifyOTPRequest) {
        String sessionId = authService.getTxnRefNo();
        UserSessionDetails userSessionDetails = userSessionDetailsService.getSessionDetails(sessionId);
        String codMandateRefNo = userSessionDetails.getCodMandateRefNo();
        TransactionParamsRequest transactionParamsRequest = userSessionDetails.getPayload();

        VerifyOtpRequestDTO verifyOtpRequestDTO = otpUtils.getVerifyOtpDTO(verifyOTPRequest, authService.getCustomerId());

        VerifyOtpObpRequest verifyOtpObpRequest = VerifyOtpObpRequest.builder()
                .verifyOtpRequestDTO(verifyOtpRequestDTO)
                .sessionContext(CommonObpDTO.SessionContext.builder()
                        .channel(channelId).bankCode(otpProperties.getBankCode()).userId(otpProperties.getUserId()).transactionBranch(otpProperties.getTransactionBranch())
                        .transactingPartyCode(otpProperties.getTransactingPartyCode()).externalReferenceNo(String.valueOf(Instant.now().getEpochSecond()))
                        .build())
                .build();

        VerifyOtpResponseDTO verifyOtpResponseDTO = otpClient.verifyOtp(verifyOtpObpRequest);


        String replyText = verifyOtpResponseDTO.getStatus().getReplyText();

        if(!replyText.equalsIgnoreCase(OBP_REPLY_TEXT_DEFAULT)) {
            log.error("Error in verifying OTP: {}", replyText);
            throw new ValidationException(GenericErrorCode.GENERIC_ERROR);
        }

        String statusCode = verifyOtpResponseDTO.getResponseString().getStatusCode();
        String errorDetail = verifyOtpResponseDTO.getResponseString().getErrorDetail();

        OtpDetails otpDetails = userSessionDetails.getOtpDetails();

        String phoneNumber = otpDetails.getPhoneNumber();
        //TODO: Add the successful transaction alert once obp req body is known
        if(statusCode.equalsIgnoreCase(OBP_SUCCESS_STATUS_CODE)) {
            if (authService.getMerchantType() == MerchantType.NACH) {
                onlineMandateService.notifyOnlineMandate("", "", userSessionDetails.getMerchant().getMerchantCode(),
                        authService.getCustomerId(), userSessionDetails.getCodMandateRefNo(),
                        transactionParamsRequest.getMerchantRefNo());
            }
            EpiResponseDTO<VerifyOTPResponse> verifyOTPResponseEpiResponseDTO = new EpiResponseDTO<>();
            verifyOTPResponseEpiResponseDTO.setBody(new VerifyOTPResponse(true));
            log.info("OTP Verification successful for customer ID: {}", authService.getCustomerId());
            return verifyOTPResponseEpiResponseDTO;
        } else if(statusCode.equalsIgnoreCase(OBP_INVALID_OTP_STATUS_CODE)) {
            log.info("Invalid OTP entered by user: {}", authService.getCustomerId());
            String formattedAlertTemplate = getFormattedIncorrectAlertTemplate();
            publishAlert(phoneNumber, MessageType.SMS, formattedAlertTemplate, AlertType.OTP);
            throw new ValidationException(ErrorCode.INVALID_OTP_ATTEMPT);
        } else if(statusCode.equalsIgnoreCase(OBP_BLOCKED_OTP_STATUS_CODE) ) {
            log.info("OTP for user: {} blocked after 3 incorrect attempts", authService.getCustomerId());
            MerchantType merchantType = authService.getMerchantType();
            if(merchantType == MerchantType.NACH || merchantType == MerchantType.TIN) {
                String onlineMandateErrorCode;
                if(merchantType == MerchantType.NACH) {
                    onlineMandateErrorCode = genericCacheManager.getCacheValue(EpiCacheTypes.APP_GEN, CacheConstants.getAppGenPrimaryKey(AppGen.NACH_OTP_EXPIRED_EN009.getParamKey(), AppGen.NACH_OTP_EXPIRED_EN009.getSubParamKey()), AdminConfig.class).getParamValue();
                } else {
                    onlineMandateErrorCode = genericCacheManager.getCacheValue(EpiCacheTypes.APP_GEN, CacheConstants.getAppGenPrimaryKey(AppGen.TIN_TIN_204.getParamKey(), AppGen.TIN_TIN_204.getSubParamKey()), AdminConfig.class).getParamValue();
                }
                onlineMandateService.notifyOnlineMandate(onlineMandateErrorCode,
                        "OTP blocked after maximum retry attempts", userSessionDetails.getMerchant().getMerchantCode(),
                        authService.getCustomerId(),
                        codMandateRefNo,
                        transactionParamsRequest.getMerchantRefNo());
            }
            return sessionTerminationService.terminateUserSession(KillSessionType.OTP_FAIL, ErrorCode.BLOCKED_OTP);
        } else if(statusCode.equalsIgnoreCase(OBP_OTP_EXPIRY_STATUS_CODE)) {
            log.info("OTP for customer ID: {} has expired", authService.getCustomerId());
            if(authService.getMerchantType() == MerchantType.NACH || authService.getMerchantType() == MerchantType.TIN) {
                String onlineMandateErrorCode;
                if(authService.getMerchantType() == MerchantType.NACH) {
                    onlineMandateErrorCode = genericCacheManager.getCacheValue(EpiCacheTypes.APP_GEN, CacheConstants.getAppGenPrimaryKey(AppGen.NACH_OTP_EXPIRED_EN009.getParamKey(), AppGen.NACH_OTP_EXPIRED_EN009.getSubParamKey()), AdminConfig.class).getParamValue();
                } else {
                    onlineMandateErrorCode = genericCacheManager.getCacheValue(EpiCacheTypes.APP_GEN, CacheConstants.getAppGenPrimaryKey(AppGen.TIN_TIN_109.getParamKey(), AppGen.TIN_TIN_109.getSubParamKey()), AdminConfig.class).getParamValue();
                }
                onlineMandateService.notifyOnlineMandate(onlineMandateErrorCode,
                        "OTP Expired", userSessionDetails.getMerchant().getMerchantCode(),
                        authService.getCustomerId(),
                        codMandateRefNo,
                        transactionParamsRequest.getMerchantRefNo());
                return sessionTerminationService.terminateUserSession(KillSessionType.OTP_FAIL, ErrorCode.NACH_OTP_EXPIRY);
            }
            return sessionTerminationService.terminateUserSession(KillSessionType.OTP_FAIL, ErrorCode.OTP_EXPIRED);
        }
        else {
            log.error("Error in verifying OTP: {}, {}", errorDetail, statusCode);
            throw new ValidationException(GenericErrorCode.GENERIC_ERROR);
        }
    }

    public EpiResponseDTO<?> verifyOtp(VerifyOTPRequest verifyOTPRequest) {
        String sessionId = authService.getTxnRefNo();
        UserSessionDetails userSessionDetails = userSessionDetailsService.getSessionDetails(sessionId);
        String codMandateRefNo = userSessionDetails.getCodMandateRefNo();
        TransactionParamsRequest transactionParamsRequest = userSessionDetails.getPayload();
        String customerId = authService.getCustomerId(); // Cache customer ID
        MerchantType merchantType = authService.getMerchantType(); // Cache merchant type
        OtpDetails otpDetails = userSessionDetails.getOtpDetails();
        String phoneNumber = otpDetails.getPhoneNumber();
        VerifyOtpResponseDTO verifyOtpResponseDTO = callOtpService(verifyOTPRequest, customerId); // Extract OBP call
        String statusCode = verifyOtpResponseDTO.getResponseString().getStatusCode();

        if (!verifyOtpResponseDTO.getStatus().getReplyText().equalsIgnoreCase(OBP_REPLY_TEXT_DEFAULT)) {
            log.error("Error in verifying OTP: {}", verifyOtpResponseDTO.getStatus().getReplyText());
            throw new ValidationException(GenericErrorCode.GENERIC_ERROR);
        }
       return switch (statusCode) {
            case OBP_SUCCESS_STATUS_CODE ->
                    handleSuccess(userSessionDetails, transactionParamsRequest, customerId, merchantType, codMandateRefNo);
            case OBP_INVALID_OTP_STATUS_CODE -> {
                handleInvalidOtp(phoneNumber, customerId);
                throw new ValidationException(ErrorCode.INVALID_OTP_ATTEMPT);
            }
            case OBP_BLOCKED_OTP_STATUS_CODE ->
                    handleBlockedOtp(userSessionDetails, transactionParamsRequest, customerId, merchantType, codMandateRefNo);
            case OBP_OTP_EXPIRY_STATUS_CODE ->
                    handleOtpExpiry(userSessionDetails, transactionParamsRequest, customerId, merchantType, codMandateRefNo);
            default -> {
                log.error("Error in verifying OTP: {}, {}", verifyOtpResponseDTO.getResponseString().getErrorDetail(), statusCode);
                throw new ValidationException(GenericErrorCode.GENERIC_ERROR);
            }
        };
    }

    private VerifyOtpResponseDTO callOtpService(VerifyOTPRequest verifyOTPRequest, String customerId) {
        VerifyOtpRequestDTO verifyOtpRequestDTO = otpUtils.getVerifyOtpDTO(verifyOTPRequest, customerId);

        VerifyOtpObpRequest verifyOtpObpRequest = VerifyOtpObpRequest.builder()
                .verifyOtpRequestDTO(verifyOtpRequestDTO)
                .sessionContext(CommonObpDTO.SessionContext.builder()
                        .channel(channelId).bankCode(otpProperties.getBankCode()).userId(otpProperties.getUserId()).transactionBranch(otpProperties.getTransactionBranch())
                        .transactingPartyCode(otpProperties.getTransactingPartyCode()).externalReferenceNo(String.valueOf(Instant.now().getEpochSecond()))
                        .build())
                .build();

        return otpClient.verifyOtp(verifyOtpObpRequest);
    }

    private EpiResponseDTO<VerifyOTPResponse> handleSuccess(UserSessionDetails userSessionDetails, TransactionParamsRequest transactionParamsRequest, String customerId, MerchantType merchantType, String codMandateRefNo) {
        if (merchantType == MerchantType.NACH) {
            onlineMandateService.notifyOnlineMandate("", "", userSessionDetails.getMerchant().getMerchantCode(),
                    customerId, codMandateRefNo,
                    transactionParamsRequest.getMerchantRefNo());
        }
        EpiResponseDTO<VerifyOTPResponse> verifyOTPResponseEpiResponseDTO = new EpiResponseDTO<>();
        verifyOTPResponseEpiResponseDTO.setBody(new VerifyOTPResponse(true));
        log.info("OTP Verification successful for customer ID: {}", customerId);
        return verifyOTPResponseEpiResponseDTO;
    }

    private void handleInvalidOtp(String phoneNumber, String customerId) {
        log.info("Invalid OTP entered by user: {}", customerId);
        String formattedAlertTemplate = getFormattedIncorrectAlertTemplate();
        publishAlert(phoneNumber, MessageType.SMS, formattedAlertTemplate, AlertType.OTP);
    }

    private EpiResponseDTO<?> handleBlockedOtp(UserSessionDetails userSessionDetails, TransactionParamsRequest transactionParamsRequest, String customerId, MerchantType merchantType, String codMandateRefNo) {
        log.info("OTP for user: {} blocked after 3 incorrect attempts", customerId);
        if (merchantType == MerchantType.NACH || merchantType == MerchantType.TIN) {
            String onlineMandateErrorCode = getOnlineMandateErrorCode(merchantType);
            onlineMandateService.notifyOnlineMandate(onlineMandateErrorCode,
                    "OTP blocked after maximum retry attempts", userSessionDetails.getMerchant().getMerchantCode(),
                    customerId,
                    codMandateRefNo,
                    transactionParamsRequest.getMerchantRefNo());
        }
        return sessionTerminationService.terminateUserSession(KillSessionType.OTP_FAIL, ErrorCode.BLOCKED_OTP);
    }

    private EpiResponseDTO<?> handleOtpExpiry(UserSessionDetails userSessionDetails, TransactionParamsRequest transactionParamsRequest, String customerId, MerchantType merchantType, String codMandateRefNo) {
        log.info("OTP for customer ID: {} has expired", customerId);
        String errorCode = ErrorCode.OTP_EXPIRED;
        if (merchantType == MerchantType.NACH || merchantType == MerchantType.TIN) {
            String onlineMandateErrorCode = getOnlineMandateErrorCode(merchantType);
            onlineMandateService.notifyOnlineMandate(onlineMandateErrorCode,
                    "OTP Expired", userSessionDetails.getMerchant().getMerchantCode(),
                    customerId,
                    codMandateRefNo,
                    transactionParamsRequest.getMerchantRefNo());
            errorCode = ErrorCode.NACH_OTP_EXPIRY;
        }
        return sessionTerminationService.terminateUserSession(KillSessionType.OTP_FAIL, errorCode);
    }

    private String getOnlineMandateErrorCode(MerchantType merchantType) {
        String appGenKey;
        String subParamKey;

        if (merchantType == MerchantType.NACH) {
            appGenKey = AppGen.NACH_OTP_EXPIRED_EN009.getParamKey();
            subParamKey = AppGen.NACH_OTP_EXPIRED_EN009.getSubParamKey();
        } else { // MerchantType.TIN
            appGenKey = AppGen.TIN_TIN_204.getParamKey();
            subParamKey = AppGen.TIN_TIN_204.getSubParamKey();
        }

        return genericCacheManager.getCacheValue(EpiCacheTypes.APP_GEN, CacheConstants.getAppGenPrimaryKey(appGenKey, subParamKey), AdminConfig.class).getParamValue();
    }
Editor is loading...
Leave a Comment