Merge pull request #198 from appirio-tech/tuxing1986-dev_verify_email_fix_20181031

add the success url and fail url for verify email

Author: ThomasKranitsas

docs/postman/Member Service.postman_collection.json

@@ -24,17 +24,27 @@
 						],
 						"body": {
 							"mode": "raw",
-							"raw": "{\r\n  \"param\": {\r\n\r\n            \"maxRating\": null,\r\n            \"userId\": 132456,\r\n            \"firstName\": \"F_NAME\",\r\n            \"lastName\": \"L_NAME\",\r\n            \"description\": null,\r\n            \"otherLangName\": \"NIAL\",\r\n            \"handle\": \"heffan\",\r\n            \"handleLower\": \"heffan\",\r\n            \"status\": \"ACTIVE\",\r\n            \"email\": \"heffanNew@email.com\",\r\n            \"addresses\": [],\r\n            \"homeCountryCode\": null,\r\n            \"competitionCountryCode\": \"USA\",\r\n            \"photoURL\": \"http://img.picturequotes.com/2/9/8712/dont-panic-quote-1.jpg\",\r\n            \"tracks\": [\r\n                \"DEVELOP\",\r\n                \"DATA_SCIENCE\"\r\n            ],\r\n            \"updatedAt\": \"2015-10-19T11:33Z\",\r\n            \"createdAt\": \"2014-04-10T10:55Z\",\r\n            \"createdBy\": \"40011578\",\r\n            \"updatedBy\": \"40011578\"\r\n  }\r\n}"
+							"raw": "{\r\n  \"param\": {\r\n\r\n            \"maxRating\": null,\r\n            \"userId\": 132456,\r\n            \"firstName\": \"F_NAME\",\r\n            \"lastName\": \"L_NAME\",\r\n            \"description\": null,\r\n            \"otherLangName\": \"NIAL\",\r\n            \"handle\": \"heffan\",\r\n            \"handleLower\": \"heffan\",\r\n            \"status\": \"ACTIVE\",\r\n            \"email\": \"heffanNew111222@email.com\",\r\n            \"addresses\": [],\r\n            \"homeCountryCode\": null,\r\n            \"competitionCountryCode\": \"USA\",\r\n            \"photoURL\": \"https://topcoder-prod-media.s3.amazonaws.com/member/profile/heffan-12345.jpeg\",\r\n            \"tracks\": [\r\n                \"DEVELOP\",\r\n                \"DATA_SCIENCE\"\r\n            ],\r\n            \"updatedAt\": \"2015-10-19T11:33Z\",\r\n            \"createdAt\": \"2014-04-10T10:55Z\",\r\n            \"createdBy\": \"40011578\",\r\n            \"updatedBy\": \"40011578\"\r\n  }\r\n}"
 						},
 						"url": {
-							"raw": "{{apiUrl}}/v3/members/heffan",
+							"raw": "{{apiUrl}}/v3/members/heffan?successUrl=http://www.topcoder.com&failUrl=http://www.yahoo.com",
 							"host": [
 								"{{apiUrl}}"
 							],
 							"path": [
 								"v3",
 								"members",
 								"heffan"
+							],
+							"query": [
+								{
+									"key": "successUrl",
+									"value": "http://www.topcoder.com"
+								},
+								{
+									"key": "failUrl",
+									"value": "http://www.yahoo.com"
+								}
 							]
 						}
 					},
@@ -43,7 +53,7 @@
 				{
 					"name": "Verify User Email",
 					"request": {
-						"method": "POST",
+						"method": "GET",
 						"header": [
 							{
 								"key": "Content-Type",
@@ -59,7 +69,7 @@
 							"raw": ""
 						},
 						"url": {
-							"raw": "{{apiUrl}}/v3/members/heffan/verify?oldEmail=heffan@email.com&newEmail=heffanNew@email.com&token=qL9UH8k3YOjvyOTR",
+							"raw": "{{apiUrl}}/v3/members/heffan/verify?oldEmail=heffanNew@email.com&newEmail=heffanNew111222@email.com&token=DgLz5uJ1CjZAY0iV&successUrl=http://www.topcoder.com&failUrl=http://www.yahoo.com",
 							"host": [
 								"{{apiUrl}}"
 							],
@@ -72,15 +82,23 @@
 							"query": [
 								{
 									"key": "oldEmail",
-									"value": "heffan@email.com"
+									"value": "heffanNew@email.com"
 								},
 								{
 									"key": "newEmail",
-									"value": "heffanNew@email.com"
+									"value": "heffanNew111222@email.com"
 								},
 								{
 									"key": "token",
-									"value": "qL9UH8k3YOjvyOTR"
+									"value": "DgLz5uJ1CjZAY0iV"
+								},
+								{
+									"key": "successUrl",
+									"value": "http://www.topcoder.com"
+								},
+								{
+									"key": "failUrl",
+									"value": "http://www.yahoo.com"
 								}
 							]
 						}

service/src/main/java/com/appirio/service/member/manager/MemberProfileManager.java

@@ -35,6 +35,8 @@
 
 import java.io.UnsupportedEncodingException;
 import java.lang.reflect.InvocationTargetException;
+import java.net.URI;
+import java.net.URISyntaxException;
 import java.net.URLEncoder;
 import java.text.SimpleDateFormat;
 import java.util.ArrayList;
@@ -61,24 +63,24 @@
  * Version 1.2 - Topcoder Member Settings Profile - Email Verification v1.0
  * - use core api 4.3.1, change to use M2M token
  * </p>
- * 
+ *
  * <p>
  * Version 1.3 - Topcoder Member Processor ES Response Fixes Code Challenge v1.0
  * - change the event message structure for update profile/photo
  * </p>
- * 
+ *
  * <p>
  * Version 1.4 - Topcoder Member Service - Update the Members Endpoint version 1.0
  * - get more profile properties from informix db
  * </p>
- * 
+ *
  * <p>
  * Version 1.5 - Topcoder Member Service - Update endpoints to read from ES v1.0
  * - get the profile from elasticsearch if exists
  * </p>
  *
  * @author TCCoder
- * @version 1.5 
+ * @version 1.5
  *
  */
 public class MemberProfileManager {
@@ -127,22 +129,22 @@ public class MemberProfileManager {
      * The email verification config field
      */
     private final EmailVerificationConfiguration emailVerificationConfig;
-    
+
     /**
-     * The jestClient field 
+     * The jestClient field
      */
     private JestClient jestClient;
-    
+
     /**
-     * The membersIndexName field 
+     * The membersIndexName field
      */
     private final String membersIndexName;
-    
+
     /**
-     * The membersTypeName field 
+     * The membersTypeName field
      */
     private final String membersTypeName;
-    
+
     /**
      * The informixDAO field
      */
@@ -167,9 +169,9 @@ public class MemberProfileManager {
      * @param m2mAuthConfiguration the m2mAuthConfiguration to use
      * @param emailVerificationConfig the emailVerificationConfig to use
      */
-    public MemberProfileManager(MemberProfileDAO memberProfileDAO, MemberStatsDAO memberStatsDAO, 
+    public MemberProfileManager(MemberProfileDAO memberProfileDAO, MemberStatsDAO memberStatsDAO,
             MemberProfileInformixDAO informixDAO, MemberProfileInformixDwDAO informixDwDAO, String photoURLDomain, FileInvocationHandler fileInvocationHandler,
-            EventBusServiceClient eventBusServiceClient, M2mAuthConfiguration m2mAuthConfiguration, EmailVerificationConfiguration emailVerificationConfig, 
+            EventBusServiceClient eventBusServiceClient, M2mAuthConfiguration m2mAuthConfiguration, EmailVerificationConfiguration emailVerificationConfig,
             JestClient jestClient, String membersIndexName, String membersTypeName) {
         this.memberProfileDAO = memberProfileDAO;
         this.memberStatsDAO = memberStatsDAO;
@@ -203,7 +205,7 @@ public MemberProfile getMemberProfile(String handle, String data, AuthUser authU
         if (fields.isEmpty()) {
             fields.addAll(Helper.PROFILE_FIELDS);
         }
-        
+
         MemberProfile memberProfile = SearchHelper.getMemberProfile(handle, jestClient, this.membersIndexName, this.membersTypeName);
         if (memberProfile != null) {
             logger.info("Get the member profile from the elasticsearch for the user: " + handle);
@@ -218,7 +220,7 @@ public MemberProfile getMemberProfile(String handle, String data, AuthUser authU
                 memberProfile.setMaxRating(memberStats.getMaxRating());
             }
         }
-        
+
         Helper.addMoreProperties(handle, memberProfile, fields, informixDAO, informixDwDAO);
 
         // if user is not logged in
@@ -241,25 +243,46 @@ public MemberProfile getMemberProfile(String handle, String data, AuthUser authU
     /**
      * Update member profile
      *
-     * @param handle Handle of the user
-     * @param authUser Authentication user
-     * @param memberProfile Member profile
-     * @return MemberProfile Member profile
+     * @param handle the handle to use
+     * @param successUrl the successUrl to use
+     * @param failUrl the failUrl to use
+     * @param authUser the authUser to use
+     * @param memberProfile the memberProfile to use
      * @throws SupplyException if any error occurs
      * @throws IllegalAccessException if any error occurs
-     * @throws InvocationTargetException if any error occurs
-     * @throws InstantiationException if any error occurs
      * @throws NoSuchMethodException if any error occurs
+     * @throws InstantiationException if any error occurs
+     * @throws SupplyException if any error occurs
+     * @throws InvocationTargetException if any error occurs
+     * @throws JsonProcessingException if any error occurs
+     * @return the MemberProfile result
      */
-    public MemberProfile updateMemberProfile(String handle, AuthUser authUser, MemberProfile memberProfile) throws
-            IllegalAccessException, NoSuchMethodException, InstantiationException, SupplyException,
+    public MemberProfile updateMemberProfile(String handle, String successUrl, String failUrl, AuthUser authUser, MemberProfile memberProfile)
+            throws IllegalAccessException, NoSuchMethodException, InstantiationException, SupplyException,
             InvocationTargetException, JsonProcessingException {
 
         MemberProfile existingMemberProfile = memberProfileDAO.validateHandle(handle, authUser, false);
 
         boolean verifyEmail = false;
         if (!existingMemberProfile.getEmail().equals(memberProfile.getEmail())) {
             verifyEmail = true;
+            if (successUrl == null || successUrl.trim().length() == 0) {
+                throw new SupplyException("The success redirect url should be provided for the verification of email", HttpServletResponse.SC_BAD_REQUEST);
+            }
+            if (failUrl == null || failUrl.trim().length() == 0) {
+                throw new SupplyException("The failUrl redirect url should be provided for the verification of email", HttpServletResponse.SC_BAD_REQUEST);
+            }
+            try {
+                new URI(successUrl);
+            } catch (URISyntaxException e) {
+                throw new SupplyException("The successUrl is syntax invalid", HttpServletResponse.SC_BAD_REQUEST);
+            }
+            try {
+                new URI(failUrl);
+            } catch (URISyntaxException e) {
+                throw new SupplyException("The failUrl is syntax invalid", HttpServletResponse.SC_BAD_REQUEST);
+            }
+
             if (!EmailValidator.getInstance().isValid((String) memberProfile.getEmail())) {
                 throw new SupplyException("The email is invalid:" + memberProfile.getEmail(), HttpServletResponse.SC_BAD_REQUEST);
             } else {
@@ -284,11 +307,11 @@ public MemberProfile updateMemberProfile(String handle, AuthUser authUser, Membe
         // fire event on to the event bus to update member profile
         logger.info("publish member-profile-update-event");
         Helper.publishEventMessage(eventBusServiceClient, m2mAuthConfiguration,
-                memberProfile.getUserId(), 
+                memberProfile.getUserId(),
                 "member.action.profile.update", existingMemberProfile, memberProfile, logger);
 
         if (verifyEmail) {
-            this.fireEmailVerificationEvent(authUser, memberProfile);
+            this.fireEmailVerificationEvent(authUser, memberProfile, successUrl, failUrl);
         }
 
         MemberProfile result = memberProfileDAO.getMemberProfile(handle);
@@ -352,9 +375,12 @@ public void verifyUserEmail(String handle, AuthUser authUser, String newEmail, S
      * Fire email verification event
      *
      * @param authUser the authUser to use
-     * @param profile the member profile to use
+     * @param profile the profile to use
+     * @param successUrl the successUrl to use
+     * @param failUrl the failUrl to use
+     * @throws SupplyException if any error occurs
      */
-    private void fireEmailVerificationEvent(AuthUser authUser, MemberProfile profile) throws SupplyException {
+    private void fireEmailVerificationEvent(AuthUser authUser, MemberProfile profile, String successUrl, String failUrl) throws SupplyException {
         EventMessage msg = new EventMessage();
         msg.setTopic("member.action.email.profile.emailchange.verification").setMimeType("application/json").setOriginator("tc-member-profile").setTimestamp(new Date());
         Map<String, String> data = new LinkedHashMap<String, String>();
@@ -366,9 +392,16 @@ private void fireEmailVerificationEvent(AuthUser authUser, MemberProfile profile
                 .replace("{token}", profile.getEmailVerifyToken())
                 .replace("{newEmail}", profile.getNewEmail())
                 .replace("{oldEmail}", profile.getEmail())
-                .replace("{jwtToken}", authUser.getToken());
+                .replace("{jwtToken}", authUser.getToken())
+                .replace("{redirectTo}", successUrl);
         String verificationDisagreeUrl = this.emailVerificationConfig.getVerificationDisagreeUrl()
-                .replace("{baseUrl}", this.emailVerificationConfig.getBaseUrl());
+                .replace("{baseUrl}", this.emailVerificationConfig.getBaseUrl())
+                .replace("{handle}", profile.getHandle())
+                .replace("{token}", profile.getEmailVerifyToken())
+                .replace("{newEmail}", profile.getNewEmail())
+                .replace("{oldEmail}", profile.getEmail())
+                .replace("{jwtToken}", authUser.getToken())
+                .replace("{redirectTo}", failUrl);
         data.put("verificationAgreeUrl", verificationAgreeUrl);
         data.put("verificationDisagreeUrl", verificationDisagreeUrl);
         data.put("verificationToken", profile.getEmailVerifyToken());
@@ -480,7 +513,7 @@ public String updatePhoto(String handle, AuthUser authUser, PhotoTokenContentTyp
 
         logger.info("publish member-profile-photo-update-event");
         Helper.publishProfilePhotoEvent(eventBusServiceClient, m2mAuthConfiguration, "member.action.profile.photo.update", eventObj, logger);
-        
+
         return photoURL;
     }
 

service/src/main/java/com/appirio/service/member/resources/MemberProfileResource.java

@@ -5,6 +5,7 @@
 import com.appirio.service.member.api.PhotoTokenContentType;
 import com.appirio.service.member.manager.MemberProfileManager;
 import com.appirio.supply.ErrorHandler;
+import com.appirio.supply.SupplyException;
 import com.appirio.tech.core.api.v3.request.FieldSelector;
 import com.appirio.tech.core.api.v3.request.PostPutRequest;
 import com.appirio.tech.core.api.v3.request.annotation.APIFieldParam;
@@ -17,6 +18,10 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import java.net.URI;
+import java.net.URISyntaxException;
+
+import javax.servlet.http.HttpServletResponse;
 import javax.validation.Valid;
 import javax.ws.rs.Consumes;
 import javax.ws.rs.GET;
@@ -28,6 +33,7 @@
 import javax.ws.rs.QueryParam;
 import javax.ws.rs.core.Context;
 import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.Response;
 import javax.ws.rs.core.SecurityContext;
 
 /**
@@ -113,20 +119,24 @@ public ApiResponse getMemberProfile(@PathParam("handle") String handle,
     }
 
     /**
-     * Update profile
-     * @param handle       Handle of the user
-     * @param authUser     Authentication user
-     * @param putRequest   Put request
-     * @return ApiResponse Api response
+     * Update member profile
+     *
+     * @param handle the handle to use
+     * @param successUrl the successUrl to use
+     * @param failUrl the failUrl to use
+     * @param authUser the authUser to use
+     * @param putRequest the putRequest to use
+     * @return the ApiResponse result
      */
     @PUT
     @Timed
-    public ApiResponse updateMemberProfile(@PathParam("handle") String handle, @Auth AuthUser authUser,
-                                           @Valid PostPutRequest<MemberProfile> putRequest) {
+    public ApiResponse updateMemberProfile(@PathParam("handle") String handle, @QueryParam("successUrl") String successUrl, 
+            @QueryParam("failUrl") String failUrl, @Auth AuthUser authUser,
+            @Valid PostPutRequest<MemberProfile> putRequest) {
         try {
             logger.debug("updateMemberProfile, handle : " + handle + " auth : " + authUser);
             MemberProfile memberProfile = putRequest.getParam();
-            MemberProfile resultMemberProfile = memberProfileManager.updateMemberProfile(handle, authUser, memberProfile);
+            MemberProfile resultMemberProfile = memberProfileManager.updateMemberProfile(handle, successUrl, failUrl, authUser, memberProfile);
             return ApiResponseFactory.createResponse(resultMemberProfile);
         } catch (Throwable ex) {
             return ErrorHandler.handle(ex, logger);
@@ -140,21 +150,42 @@ public ApiResponse updateMemberProfile(@PathParam("handle") String handle, @Auth
      * @param newEmail the newEmail to use
      * @param oldEmail the oldEmail to use
      * @param token the token to use
+     * @param successUrl the successUrl to use
+     * @param failUrl the failUrl to use
      * @param authUser the authUser to use
-     * @return the ApiResponse result
+     * @throws SupplyException if any error occurs
+     * @return the Response result
      */
-    @POST
+    @GET
     @Path("/verify")
     @Timed
-    public ApiResponse verifyUserEmail(@PathParam("handle") String handle, @QueryParam("newEmail") String newEmail, @QueryParam("oldEmail") String oldEmail, 
-            @QueryParam("token") String token, @Auth AuthUser authUser) {
+    public Response verifyUserEmail(@PathParam("handle") String handle, @QueryParam("newEmail") String newEmail, @QueryParam("oldEmail") String oldEmail, 
+            @QueryParam("token") String token, @QueryParam("successUrl") String successUrl, @QueryParam("failUrl") String failUrl, 
+            @Auth AuthUser authUser) throws SupplyException {
+        
         try {
             logger.debug("verifyUserEmail, handle : " + handle + ", newEmail : " + newEmail + ", oldEmail : " + 
                 oldEmail + ", token : " + token + " auth : " + authUser);
+            if (successUrl == null || successUrl.trim().length() == 0) {
+                throw new SupplyException("The success redirect rl should be provided for the verification of email", HttpServletResponse.SC_BAD_REQUEST);
+            }
+            if (failUrl == null || failUrl.trim().length() == 0) {
+                throw new SupplyException("The fail redirect url should be provided for the verification of email", HttpServletResponse.SC_BAD_REQUEST);
+            }
+            
             memberProfileManager.verifyUserEmail(handle, authUser, newEmail, oldEmail, token);
-            return ApiResponseFactory.createResponse(null);
+            return Response.temporaryRedirect( new URI(successUrl)).build();
+        } catch (SupplyException se) {
+            throw se;
+        } catch (URISyntaxException use) {
+            throw new SupplyException("The successUrl is syntax invalid", HttpServletResponse.SC_BAD_REQUEST);
         } catch (Throwable ex) {
-            return ErrorHandler.handle(ex, logger);
+            logger.error(ex.getMessage(), ex);
+            try {
+                return Response.temporaryRedirect(new URI(failUrl)).build();
+            } catch (URISyntaxException e) {
+                throw new SupplyException("The failUrl is syntax invalid", HttpServletResponse.SC_BAD_REQUEST);
+            }
         }
     }