1 package club.wpia.gigi.dbObjects;
3 import java.util.Collections;
4 import java.util.LinkedList;
7 import club.wpia.gigi.GigiApiException;
8 import club.wpia.gigi.database.GigiPreparedStatement;
9 import club.wpia.gigi.database.GigiResultSet;
10 import club.wpia.gigi.dbObjects.Certificate.RevocationType;
11 import club.wpia.gigi.util.DomainAssessment;
13 public class Domain implements IdCachable, Verifyable {
15 private CertificateOwner owner;
17 private String suffix;
21 private Domain(GigiResultSet rs, int id) {
23 owner = CertificateOwner.getById(rs.getInt(1));
24 suffix = rs.getString(2);
27 public Domain(User actor, CertificateOwner owner, String suffix) throws GigiApiException {
28 suffix = suffix.toLowerCase();
29 synchronized (Domain.class) {
30 DomainAssessment.checkCertifiableDomain(suffix, actor.isInGroup(Group.CODESIGNING), true);
37 private static void checkInsert(String suffix) throws GigiApiException {
38 try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT 1 FROM `domains` WHERE (`domain`=? OR (CONCAT('.', `domain`)=RIGHT(?,LENGTH(`domain`)+1) OR RIGHT(`domain`,LENGTH(?)+1)=CONCAT('.',?::VARCHAR))) AND `deleted` IS NULL")) {
39 ps.setString(1, suffix);
40 ps.setString(2, suffix);
41 ps.setString(3, suffix);
42 ps.setString(4, suffix);
43 GigiResultSet rs = ps.executeQuery();
44 boolean existed = rs.next();
47 throw new GigiApiException("Domain could not be inserted. Domain is already known to the system.");
52 private void insert() throws GigiApiException {
54 throw new GigiApiException("already inserted.");
57 try (GigiPreparedStatement ps = new GigiPreparedStatement("INSERT INTO `domains` SET memid=?, domain=?")) {
58 ps.setInt(1, owner.getId());
59 ps.setString(2, suffix);
61 id = ps.lastInsertId();
66 public void delete() throws GigiApiException {
68 throw new GigiApiException("not inserted.");
70 synchronized (Domain.class) {
72 try (GigiPreparedStatement ps = new GigiPreparedStatement("UPDATE `domains` SET `deleted`=CURRENT_TIMESTAMP WHERE `id`=?")) {
76 LinkedList<Job> revokes = new LinkedList<Job>();
77 for (Certificate cert : fetchActiveCertificates()) {
78 revokes.add(cert.revoke(RevocationType.USER));
80 long start = System.currentTimeMillis();
81 for (Job job : revokes) {
82 int toWait = (int) (60000 + start - System.currentTimeMillis());
86 break; // canceled... waited too log
92 public CertificateOwner getOwner() {
101 public String getSuffix() {
105 private LinkedList<DomainPingConfiguration> configs = null;
107 public List<DomainPingConfiguration> getConfiguredPings() {
108 LinkedList<DomainPingConfiguration> configs = this.configs;
109 if (configs == null) {
110 configs = new LinkedList<>();
111 try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT id FROM pingconfig WHERE domainid=? AND `deleted` IS NULL")) {
113 GigiResultSet rs = ps.executeQuery();
115 configs.add(DomainPingConfiguration.getById(rs.getInt(1)));
118 this.configs = configs;
121 return Collections.unmodifiableList(configs);
124 public void addPing(DomainPingType type, String config) throws GigiApiException {
125 try (GigiPreparedStatement ps = new GigiPreparedStatement("INSERT INTO `pingconfig` SET `domainid`=?, `type`=?::`pingType`, `info`=?")) {
128 ps.setString(3, config);
134 public void clearPings() throws GigiApiException {
135 try (GigiPreparedStatement ps = new GigiPreparedStatement("UPDATE `pingconfig` SET `deleted`=CURRENT_TIMESTAMP WHERE `deleted` is NULL AND `domainid`=?")) {
142 public synchronized boolean isVerifyable(String hash) throws GigiApiException {
143 try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT 1 FROM `domainPinglog` WHERE `challenge`=? AND `state`='open' AND `configId` IN (SELECT `id` FROM `pingconfig` WHERE `domainid`=? AND `type`='email')")) {
144 ps.setString(1, hash);
146 return ps.executeQuery().next();
150 public synchronized void verify(String hash) throws GigiApiException {
151 try (GigiPreparedStatement ps = new GigiPreparedStatement("UPDATE `domainPinglog` SET `state`='success' WHERE `challenge`=? AND `state`='open' AND `configId` IN (SELECT `id` FROM `pingconfig` WHERE `domainid`=? AND `type`='email')")) {
152 ps.setString(1, hash);
154 if ( !ps.executeMaybeUpdate()) {
155 throw new IllegalArgumentException("Given token could not be found to complete the verification process (Domain Ping).");
161 * Determines current domain validity. A domain is valid, iff at least two
162 * configured pings are currently successful.
164 * @return true, iff domain is valid
165 * @throws GigiApiException
167 public boolean isVerified() {
169 boolean[] used = new boolean[DomainPingType.values().length];
170 for (DomainPingConfiguration config : getConfiguredPings()) {
171 if (config.isValid() && !used[config.getType().ordinal()]) {
173 used[config.getType().ordinal()] = true;
182 public DomainPingExecution[] getPings() throws GigiApiException {
183 try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT `state`, `type`, `info`, `result`, `configId`, `when` FROM `domainPinglog` INNER JOIN `pingconfig` ON `pingconfig`.`id`=`domainPinglog`.`configId` WHERE `pingconfig`.`domainid`=? ORDER BY `when` DESC;", true)) {
185 GigiResultSet rs = ps.executeQuery();
187 DomainPingExecution[] contents = new DomainPingExecution[rs.getRow()];
189 for (int i = 0; i < contents.length && rs.next(); i++) {
190 contents[i] = new DomainPingExecution(rs);
197 private static final ObjectCache<Domain> myCache = new ObjectCache<>();
199 public static synchronized Domain getById(int id) {
200 Domain em = myCache.get(id);
202 try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT `memid`, `domain` FROM `domains` WHERE `id`=? AND `deleted` IS NULL")) {
204 GigiResultSet rs = ps.executeQuery();
208 myCache.put(em = new Domain(rs, id));
214 public static Domain searchDomain(String domain) {
215 try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT `id` FROM `domains` WHERE `domain` = ? AND `deleted` IS NULL")) {
216 ps.setString(1, domain);
217 GigiResultSet res = ps.executeQuery();
219 return getById(res.getInt(1));
226 public Certificate[] fetchActiveCertificates() {
227 try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT `certs`.`id` FROM `certs` INNER JOIN `subjectAlternativeNames` ON `subjectAlternativeNames`.`certId` = `certs`.`id` WHERE (`contents`=? OR RIGHT(`contents`,LENGTH(?)+1)=CONCAT('.',?::VARCHAR)) AND `type`='DNS' AND `revoked` IS NULL AND `expire` > CURRENT_TIMESTAMP AND `memid`=? GROUP BY `certs`.`id`", true)) {
228 ps.setString(1, suffix);
229 ps.setString(2, suffix);
230 ps.setString(3, suffix);
231 ps.setInt(4, owner.getId());
232 GigiResultSet rs = ps.executeQuery();
234 Certificate[] res = new Certificate[rs.getRow()];
238 res[i++] = Certificate.getById(rs.getInt(1));