Initial skeleton code for drm resteasy interface

Integrated files into current servlet structure.
Allowed exceptions to bubble up to top level.
Move bean initialization logic into DAO objects.
Fixed "keyRequest" path to "keyrequest" in KeyRequestDAO

5 files changed, 437 insertions, 0 deletions

diff --git a/pki/base/common/src/com/netscape/cms/servlet/key/KeyResource.java b/pki/base/common/src/com/netscape/cms/servlet/key/KeyResource.java
new file mode 100644
index 000000000..fef29f9cb
--- /dev/null
+++ b/pki/base/common/src/com/netscape/cms/servlet/key/KeyResource.java
@@ -0,0 +1,135 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2011 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package com.netscape.cms.servlet.key;
+
+import javax.ws.rs.Consumes;
+import javax.ws.rs.POST;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.core.Context;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.MultivaluedMap;
+import javax.ws.rs.core.Response;
+import javax.ws.rs.core.UriInfo;
+
+import com.netscape.cms.servlet.key.model.KeyDAO;
+import com.netscape.cms.servlet.key.model.KeyData;
+import com.netscape.cms.servlet.request.model.KeyRequestDAO;
+import com.netscape.cms.servlet.request.model.KeyRequestInfo;
+import com.netscape.cms.servlet.request.model.RecoveryRequestData;
+import com.netscape.certsrv.request.IRequest;
+import com.netscape.certsrv.request.RequestStatus;
+import com.netscape.certsrv.base.EBaseException;
+/**
+ * @author alee
+ * 
+ */
+@Path("/key")
+public class KeyResource {
+    
+    @Context
+    UriInfo uriInfo;
+    
+    /**
+     * Used to retrieve a key
+     * @param data
+     * @return
+     */
+    @POST
+    @Path("retrieve")
+    @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON, MediaType.TEXT_XML })
+    @Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
+    public KeyData retrieveKey(RecoveryRequestData data) {
+        // auth and authz
+        String keyId = validateRequest(data);
+        KeyDAO dao = new KeyDAO();
+        KeyData keyData;
+        try {
+            keyData = dao.getKey(keyId, data);
+        } catch (EBaseException e) {
+            // log error
+            e.printStackTrace();
+            throw new WebApplicationException(Response.Status.INTERNAL_SERVER_ERROR);
+        }
+        if (keyData == null) {
+            // no key record
+            throw new WebApplicationException(Response.Status.GONE);
+        }
+        return keyData;
+    }
+    
+    // retrieval - used to test integration with a browser
+    @POST
+    @Path("retrieve")
+    @Produces(MediaType.TEXT_XML)
+    public KeyData retrieveKey(MultivaluedMap<String, String> form) {
+        RecoveryRequestData data = new RecoveryRequestData(form);
+        return retrieveKey(data);
+    }
+    
+    private String validateRequest(RecoveryRequestData data) {
+        // confirm that at least one wrapping method exists
+        if ((data.getTransWrappedSessionKey() == null) && (data.getTransWrappedSessionKey() == null)) {
+            // log error
+            throw new WebApplicationException(Response.Status.BAD_REQUEST);
+        }
+        
+        // confirm request exists
+        String reqId = data.getRequestId();
+        if (reqId == null) {
+            // log error
+            throw new WebApplicationException(Response.Status.BAD_REQUEST);
+        }
+        KeyRequestDAO reqDAO = new KeyRequestDAO();
+        KeyRequestInfo reqInfo;
+        try {
+            reqInfo = reqDAO.getRequest(reqId, uriInfo);
+        } catch (EBaseException e1) {
+            // failed to get request
+            e1.printStackTrace();
+            throw new WebApplicationException(Response.Status.INTERNAL_SERVER_ERROR);
+        }
+        if (reqInfo == null) {
+            // request not found
+            throw new WebApplicationException(Response.Status.GONE);
+        }
+        
+        //confirm request is of the right type
+        String type = reqInfo.getRequestType();
+        if (!type.equals(IRequest.SECURITY_DATA_RECOVERY_REQUEST)) {
+            // log error
+            throw new WebApplicationException(Response.Status.BAD_REQUEST);
+        }
+        
+        //confirm that agent is originator of request, else throw 401 
+        //  TO-DO
+        
+        // confirm request is in approved state
+        String status = reqInfo.getRequestStatus();
+        if (!status.equals(RequestStatus.APPROVED.toString())) {
+            // log error
+            throw new WebApplicationException(Response.Status.UNAUTHORIZED);
+        }
+        
+        String keyURL = reqInfo.getKeyURL();
+        return keyURL.substring(keyURL.lastIndexOf("/")); 
+    }
+
+}
diff --git a/pki/base/common/src/com/netscape/cms/servlet/key/KeysResource.java b/pki/base/common/src/com/netscape/cms/servlet/key/KeysResource.java
new file mode 100644
index 000000000..38a124e9a
--- /dev/null
+++ b/pki/base/common/src/com/netscape/cms/servlet/key/KeysResource.java
@@ -0,0 +1,68 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2011 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+/**
+ * 
+ */
+package com.netscape.cms.servlet.key;
+
+import javax.ws.rs.GET;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.core.Context;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.Response;
+import javax.ws.rs.core.UriInfo;
+ 
+import java.util.List;
+
+import com.netscape.certsrv.base.EBaseException;
+import com.netscape.cms.servlet.key.model.KeyDAO;
+import com.netscape.cms.servlet.key.model.KeyDataInfo;
+
+/**
+ * @author alee
+ * 
+ */
+@Path("/keys")
+public class KeysResource {
+    @Context
+    UriInfo uriInfo;
+
+    /**
+     * Used to generate list of key infos based on the search parameters
+     */
+    @GET
+    @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON, MediaType.TEXT_XML })
+    public List<KeyDataInfo> listKeys() {
+        // auth and authz
+        // parse search parameters from uriInfo and create search filter
+        // String clientID = uriInfo.getQueryParameters().getFirst(CLIENT_ID);
+        String filter = "objectClass=keyRecord";
+        KeyDAO dao = new KeyDAO();
+        List<KeyDataInfo> info;
+        try {
+            info = dao.listKeys(filter, uriInfo);
+        } catch (EBaseException e) {
+            e.printStackTrace();
+            throw new WebApplicationException(Response.Status.INTERNAL_SERVER_ERROR);
+        }
+        return info;
+    }
+
+}
diff --git a/pki/base/common/src/com/netscape/cms/servlet/key/model/KeyDAO.java b/pki/base/common/src/com/netscape/cms/servlet/key/model/KeyDAO.java
new file mode 100644
index 000000000..b7a2d8ed1
--- /dev/null
+++ b/pki/base/common/src/com/netscape/cms/servlet/key/model/KeyDAO.java
@@ -0,0 +1,102 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2011 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.cms.servlet.key.model;
+
+import java.math.BigInteger;
+import java.util.ArrayList;
+import java.util.Enumeration;
+import java.util.List;
+
+import javax.ws.rs.core.UriBuilder;
+import javax.ws.rs.core.UriInfo;
+import com.netscape.certsrv.apps.CMS;
+import com.netscape.certsrv.base.EBaseException;
+import com.netscape.certsrv.dbs.keydb.IKeyRecord;
+import com.netscape.certsrv.dbs.keydb.IKeyRepository;
+import com.netscape.certsrv.kra.IKeyRecoveryAuthority;
+import com.netscape.cms.servlet.request.model.RecoveryRequestData;
+
+/**
+ * @author alee
+ *
+ */
+public class KeyDAO {
+
+    private IKeyRepository repo;
+    private int maxSize = 100;
+    private int maxTime = 20;
+    
+    public KeyDAO() {
+        IKeyRecoveryAuthority kra = null;
+        kra = ( IKeyRecoveryAuthority ) CMS.getSubsystem( "kra" );
+        repo = kra.getKeyRepository();
+    }
+    /**
+     * This will find the keys in the database matching the specified search parameters
+     * Needs input validation and probably paging, maybe using the vlv functions
+     * @throws EBaseException 
+     */
+    public List<KeyDataInfo> listKeys(String filter, UriInfo uriInfo) throws EBaseException {
+        List <KeyDataInfo> list = new ArrayList<KeyDataInfo>();         
+        Enumeration<IKeyRecord> e = null;
+        
+        e = repo.searchKeys(filter, maxSize, maxTime);
+         
+        if (e == null) {
+            throw new EBaseException("search results are null");
+        }
+        
+        while (e.hasMoreElements()) {
+            IKeyRecord rec = e.nextElement();
+            list.add(createKeyDataInfo(rec, uriInfo));
+        }
+        return list;
+    }
+    
+    public KeyData getKey(String keyId, RecoveryRequestData data) throws EBaseException {
+        KeyData keyData = null;
+        BigInteger serial = new BigInteger(keyId);
+        
+        // get wrapped key
+        IKeyRecord rec = repo.readKeyRecord(serial);
+        if (rec == null) {
+            // key does not exist
+            // log the error
+            return null;  
+        }
+        // TODO unwrap the key and wrap with the credential in RecoveryRequestData
+        // need to figure out how to do this with jmagne 
+        
+        return keyData;
+    }
+    
+    public KeyDataInfo createKeyDataInfo(IKeyRecord rec, UriInfo uriInfo) throws EBaseException {
+        KeyDataInfo ret = new KeyDataInfo();
+        String serial = null;
+        serial = (rec.getSerialNumber()).toString();
+         
+        UriBuilder keyBuilder = uriInfo.getBaseUriBuilder();
+        keyBuilder.path("/key/" + serial);
+        ret.setKeyURL(keyBuilder.build().toString());
+        
+        // clientID = rec.getClientID();
+        // TODO add other fields as needed
+        return ret;
+    }
+    
+}
diff --git a/pki/base/common/src/com/netscape/cms/servlet/key/model/KeyData.java b/pki/base/common/src/com/netscape/cms/servlet/key/model/KeyData.java
new file mode 100644
index 000000000..0e6e80dec
--- /dev/null
+++ b/pki/base/common/src/com/netscape/cms/servlet/key/model/KeyData.java
@@ -0,0 +1,57 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2011 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+/**
+ * 
+ */
+package com.netscape.cms.servlet.key.model;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlRootElement;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlElement;
+
+/**
+ * @author alee
+ *
+ */
+@XmlRootElement(name="SecurityData")
+@XmlAccessorType(XmlAccessType.FIELD)
+public class KeyData {
+    @XmlElement
+    String wrappedPrivateData;
+    
+    public KeyData() {
+        // required for JAXB (defaults)
+    }
+
+    /**
+     * @return the wrappedPrivateData
+     */
+    public String getWrappedPrivateData() {
+        return wrappedPrivateData;
+    }
+
+    /**
+     * @param wrappedPrivateData the wrappedPrivateData to set
+     */
+    public void setWrappedPrivateData(String wrappedPrivateData) {
+        this.wrappedPrivateData = wrappedPrivateData;
+    }
+    
+}
diff --git a/pki/base/common/src/com/netscape/cms/servlet/key/model/KeyDataInfo.java b/pki/base/common/src/com/netscape/cms/servlet/key/model/KeyDataInfo.java
new file mode 100644
index 000000000..46843ba90
--- /dev/null
+++ b/pki/base/common/src/com/netscape/cms/servlet/key/model/KeyDataInfo.java
@@ -0,0 +1,75 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2011 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+/**
+ * 
+ */
+package com.netscape.cms.servlet.key.model;
+
+ 
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlRootElement;
+import javax.xml.bind.annotation.XmlAccessorType;
+
+/**
+ * @author alee
+ *
+ */
+@XmlRootElement(name="SecurityDataInfo")
+@XmlAccessorType(XmlAccessType.FIELD)
+public class KeyDataInfo {
+    
+    @XmlElement
+    protected String keyURL;
+
+    @XmlElement
+    protected String clientID;
+    
+    public KeyDataInfo() {
+        // required for JAXB (defaults)
+    }
+
+    /**
+     * @return the keyURL
+     */
+    public String getKeyURL() {
+        return keyURL;
+    }
+
+    /**
+     * @param keyURL the keyURL to set
+     */
+    public void setKeyURL(String keyURL) {
+        this.keyURL = keyURL;
+    }
+
+    /**
+     * @return the clientID
+     */
+    public String getClientID() {
+        return clientID;
+    }
+
+    /**
+     * @param clientID the clientID to set
+     */
+    public void setClientID(String clientID) {
+        this.clientID = clientID;
+    }
+
+}