diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/key')
4 files changed, 224 insertions, 197 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/key/KeyResource.java b/pki/base/common/src/com/netscape/cms/servlet/key/KeyResource.java index 3f8e8b2cf..c6ddda698 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/key/KeyResource.java +++ b/pki/base/common/src/com/netscape/cms/servlet/key/KeyResource.java @@ -1,53 +1,18 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2011 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- - package com.netscape.cms.servlet.key; import javax.ws.rs.Consumes; import javax.ws.rs.POST; import javax.ws.rs.Path; import javax.ws.rs.Produces; -import javax.ws.rs.WebApplicationException; -import javax.ws.rs.core.Context; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.MultivaluedMap; -import javax.ws.rs.core.Response; -import javax.ws.rs.core.UriInfo; -import com.netscape.cms.servlet.base.CMSResource; -import com.netscape.cms.servlet.key.model.KeyDAO; import com.netscape.cms.servlet.key.model.KeyData; -import com.netscape.cms.servlet.request.model.KeyRequestDAO; -import com.netscape.cms.servlet.request.model.KeyRequestInfo; import com.netscape.cms.servlet.request.model.RecoveryRequestData; -import com.netscape.certsrv.request.IRequest; -import com.netscape.certsrv.request.RequestStatus; -import com.netscape.certsrv.base.EBaseException; -/** - * @author alee - * - */ + @Path("/key") -public class KeyResource extends CMSResource { - - @Context - UriInfo uriInfo; - +public interface KeyResource { + /** * Used to retrieve a key * @param data @@ -57,80 +22,11 @@ public class KeyResource extends CMSResource { @Path("retrieve") @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON, MediaType.TEXT_XML }) @Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) - public KeyData retrieveKey(RecoveryRequestData data) { - // auth and authz - String keyId = validateRequest(data); - KeyDAO dao = new KeyDAO(); - KeyData keyData; - try { - keyData = dao.getKey(keyId, data); - } catch (EBaseException e) { - // log error - e.printStackTrace(); - throw new WebApplicationException(Response.Status.INTERNAL_SERVER_ERROR); - } - if (keyData == null) { - // no key record - throw new WebApplicationException(Response.Status.GONE); - } - return keyData; - } + public KeyData retrieveKey(RecoveryRequestData data); // retrieval - used to test integration with a browser @POST @Path("retrieve") @Produces(MediaType.TEXT_XML) - public KeyData retrieveKey(MultivaluedMap<String, String> form) { - RecoveryRequestData data = new RecoveryRequestData(form); - return retrieveKey(data); - } - - private String validateRequest(RecoveryRequestData data) { - // confirm that at least one wrapping method exists - if ((data.getTransWrappedSessionKey() == null) && (data.getTransWrappedSessionKey() == null)) { - // log error - throw new WebApplicationException(Response.Status.BAD_REQUEST); - } - - // confirm request exists - String reqId = data.getRequestId(); - if (reqId == null) { - // log error - throw new WebApplicationException(Response.Status.BAD_REQUEST); - } - KeyRequestDAO reqDAO = new KeyRequestDAO(); - KeyRequestInfo reqInfo; - try { - reqInfo = reqDAO.getRequest(reqId, uriInfo); - } catch (EBaseException e1) { - // failed to get request - e1.printStackTrace(); - throw new WebApplicationException(Response.Status.INTERNAL_SERVER_ERROR); - } - if (reqInfo == null) { - // request not found - throw new WebApplicationException(Response.Status.GONE); - } - - //confirm request is of the right type - String type = reqInfo.getRequestType(); - if (!type.equals(IRequest.SECURITY_DATA_RECOVERY_REQUEST)) { - // log error - throw new WebApplicationException(Response.Status.BAD_REQUEST); - } - - //confirm that agent is originator of request, else throw 401 - // TO-DO - - // confirm request is in approved state - String status = reqInfo.getRequestStatus(); - if (!status.equals(RequestStatus.APPROVED.toString())) { - // log error - throw new WebApplicationException(Response.Status.UNAUTHORIZED); - } - - String keyURL = reqInfo.getKeyURL(); - return keyURL.substring(keyURL.lastIndexOf("/")); - } - + public KeyData retrieveKey(MultivaluedMap<String, String> form); } diff --git a/pki/base/common/src/com/netscape/cms/servlet/key/KeyResourceService.java b/pki/base/common/src/com/netscape/cms/servlet/key/KeyResourceService.java new file mode 100644 index 000000000..887820c3f --- /dev/null +++ b/pki/base/common/src/com/netscape/cms/servlet/key/KeyResourceService.java @@ -0,0 +1,123 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2011 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- + +package com.netscape.cms.servlet.key; + +import javax.ws.rs.WebApplicationException; +import javax.ws.rs.core.Context; +import javax.ws.rs.core.MultivaluedMap; +import javax.ws.rs.core.Response; +import javax.ws.rs.core.UriInfo; + +import com.netscape.cms.servlet.base.CMSResourceService; +import com.netscape.cms.servlet.key.model.KeyDAO; +import com.netscape.cms.servlet.key.model.KeyData; +import com.netscape.cms.servlet.request.model.KeyRequestDAO; +import com.netscape.cms.servlet.request.model.KeyRequestInfo; +import com.netscape.cms.servlet.request.model.RecoveryRequestData; +import com.netscape.certsrv.request.IRequest; +import com.netscape.certsrv.request.RequestStatus; +import com.netscape.certsrv.base.EBaseException; +/** + * @author alee + * + */ +public class KeyResourceService extends CMSResourceService implements KeyResource{ + + @Context + UriInfo uriInfo; + + /** + * Used to retrieve a key + * @param data + * @return + */ + public KeyData retrieveKey(RecoveryRequestData data) { + // auth and authz + String keyId = validateRequest(data); + KeyDAO dao = new KeyDAO(); + KeyData keyData; + try { + keyData = dao.getKey(keyId, data); + } catch (EBaseException e) { + // log error + e.printStackTrace(); + throw new WebApplicationException(Response.Status.INTERNAL_SERVER_ERROR); + } + if (keyData == null) { + // no key record + throw new WebApplicationException(Response.Status.GONE); + } + return keyData; + } + + // retrieval - used to test integration with a browser + public KeyData retrieveKey(MultivaluedMap<String, String> form) { + RecoveryRequestData data = new RecoveryRequestData(form); + return retrieveKey(data); + } + + private String validateRequest(RecoveryRequestData data) { + // confirm that at least one wrapping method exists + if ((data.getTransWrappedSessionKey() == null) && (data.getTransWrappedSessionKey() == null)) { + // log error + throw new WebApplicationException(Response.Status.BAD_REQUEST); + } + + // confirm request exists + String reqId = data.getRequestId(); + if (reqId == null) { + // log error + throw new WebApplicationException(Response.Status.BAD_REQUEST); + } + KeyRequestDAO reqDAO = new KeyRequestDAO(); + KeyRequestInfo reqInfo; + try { + reqInfo = reqDAO.getRequest(reqId, uriInfo); + } catch (EBaseException e1) { + // failed to get request + e1.printStackTrace(); + throw new WebApplicationException(Response.Status.INTERNAL_SERVER_ERROR); + } + if (reqInfo == null) { + // request not found + throw new WebApplicationException(Response.Status.GONE); + } + + //confirm request is of the right type + String type = reqInfo.getRequestType(); + if (!type.equals(IRequest.SECURITY_DATA_RECOVERY_REQUEST)) { + // log error + throw new WebApplicationException(Response.Status.BAD_REQUEST); + } + + //confirm that agent is originator of request, else throw 401 + // TO-DO + + // confirm request is in approved state + String status = reqInfo.getRequestStatus(); + if (!status.equals(RequestStatus.APPROVED.toString())) { + // log error + throw new WebApplicationException(Response.Status.UNAUTHORIZED); + } + + String keyURL = reqInfo.getKeyURL(); + return keyURL.substring(keyURL.lastIndexOf("/")); + } + +} diff --git a/pki/base/common/src/com/netscape/cms/servlet/key/KeysResource.java b/pki/base/common/src/com/netscape/cms/servlet/key/KeysResource.java index 4cf5db3f4..35cd5ccbe 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/key/KeysResource.java +++ b/pki/base/common/src/com/netscape/cms/servlet/key/KeysResource.java @@ -1,23 +1,3 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2011 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -/** - * - */ package com.netscape.cms.servlet.key; import javax.ws.rs.DefaultValue; @@ -25,81 +5,19 @@ import javax.ws.rs.GET; import javax.ws.rs.Path; import javax.ws.rs.Produces; import javax.ws.rs.QueryParam; -import javax.ws.rs.WebApplicationException; -import javax.ws.rs.core.Context; import javax.ws.rs.core.MediaType; -import javax.ws.rs.core.Response; -import javax.ws.rs.core.UriInfo; - -import com.netscape.certsrv.apps.CMS; -import com.netscape.certsrv.base.EBaseException; -import com.netscape.cms.servlet.base.CMSResource; -import com.netscape.cms.servlet.key.model.KeyDAO; import com.netscape.cms.servlet.key.model.KeyDataInfos; - -/** - * @author alee - * - */ + @Path("/keys") -public class KeysResource extends CMSResource { - - private static final String DEFAULT_MAXTIME = "10"; - private static final String DEFAULT_MAXRESULTS = "100"; - - @Context - UriInfo uriInfo; - - /** - * Used to generate list of key infos based on the search parameters - */ +public interface KeysResource { + public static final String DEFAULT_MAXTIME = "10"; + public static final String DEFAULT_MAXRESULTS = "100"; + @GET @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON, MediaType.TEXT_XML }) public KeyDataInfos listKeys(@QueryParam("clientID") String clientID, @QueryParam("status") String status, @DefaultValue(DEFAULT_MAXRESULTS) @QueryParam("maxResults") int maxResults, - @DefaultValue(DEFAULT_MAXTIME) @QueryParam("maxTime") int maxTime) { - // auth and authz - - // get ldap filter - String filter = createSearchFilter(status, clientID); - CMS.debug("listKeys: filter is " + filter); - - KeyDAO dao = new KeyDAO(); - KeyDataInfos infos; - try { - infos = dao.listKeys(filter, maxResults, maxTime, uriInfo); - } catch (EBaseException e) { - e.printStackTrace(); - throw new WebApplicationException(Response.Status.INTERNAL_SERVER_ERROR); - } - return infos; - } + @DefaultValue(DEFAULT_MAXTIME) @QueryParam("maxTime") int maxTime); - private String createSearchFilter(String status, String clientID) { - String filter = ""; - int matches = 0; - - if ((status == null) && (clientID == null)) { - filter = "(serialno=*)"; - return filter; - } - - if (status != null) { - filter += "(status=" + status + ")"; - matches ++; - } - - if (clientID != null) { - filter += "(clientID=" + clientID + ")"; - matches ++; - } - - if (matches > 1) { - filter = "(&" + filter + ")"; - } - - return filter; - } - } diff --git a/pki/base/common/src/com/netscape/cms/servlet/key/KeysResourceService.java b/pki/base/common/src/com/netscape/cms/servlet/key/KeysResourceService.java new file mode 100644 index 000000000..b5032fa86 --- /dev/null +++ b/pki/base/common/src/com/netscape/cms/servlet/key/KeysResourceService.java @@ -0,0 +1,90 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2011 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +/** + * + */ +package com.netscape.cms.servlet.key; + +import javax.ws.rs.WebApplicationException; +import javax.ws.rs.core.Context; +import javax.ws.rs.core.Response; +import javax.ws.rs.core.UriInfo; + +import com.netscape.certsrv.apps.CMS; +import com.netscape.certsrv.base.EBaseException; +import com.netscape.cms.servlet.base.CMSResourceService; +import com.netscape.cms.servlet.key.model.KeyDAO; +import com.netscape.cms.servlet.key.model.KeyDataInfos; + +/** + * @author alee + * + */ +public class KeysResourceService extends CMSResourceService implements KeysResource { + + @Context + UriInfo uriInfo; + + /** + * Used to generate list of key infos based on the search parameters + */ + public KeyDataInfos listKeys(String clientID, String status, int maxResults, int maxTime) { + // auth and authz + + // get ldap filter + String filter = createSearchFilter(status, clientID); + CMS.debug("listKeys: filter is " + filter); + + KeyDAO dao = new KeyDAO(); + KeyDataInfos infos; + try { + infos = dao.listKeys(filter, maxResults, maxTime, uriInfo); + } catch (EBaseException e) { + e.printStackTrace(); + throw new WebApplicationException(Response.Status.INTERNAL_SERVER_ERROR); + } + return infos; + } + + private String createSearchFilter(String status, String clientID) { + String filter = ""; + int matches = 0; + + if ((status == null) && (clientID == null)) { + filter = "(serialno=*)"; + return filter; + } + + if (status != null) { + filter += "(status=" + status + ")"; + matches ++; + } + + if (clientID != null) { + filter += "(clientID=" + clientID + ")"; + matches ++; + } + + if (matches > 1) { + filter = "(&" + filter + ")"; + } + + return filter; + } + +} |