1 package org.cacert.gigi.api;
3 import java.io.IOException;
4 import java.security.cert.X509Certificate;
6 import javax.servlet.http.HttpServletRequest;
7 import javax.servlet.http.HttpServletResponse;
9 import org.cacert.gigi.dbObjects.CertificateOwner;
10 import org.cacert.gigi.dbObjects.User;
11 import org.cacert.gigi.pages.LoginPage;
13 public abstract class APIPoint {
15 public void process(HttpServletRequest req, HttpServletResponse resp) throws IOException {
16 X509Certificate cert = LoginPage.getCertificateFromRequest(req);
18 resp.sendError(403, "Error, cert authing required. No cert found.");
21 String serial = LoginPage.extractSerialFormCert(cert);
22 CertificateOwner u = CertificateOwner.getByEnabledSerial(serial);
24 resp.sendError(403, "Error, cert authing required. Serial not found: " + serial);
28 if ( !req.getMethod().equals("POST")) {
29 resp.sendError(500, "Error, POST required.");
32 if (req.getQueryString() != null) {
33 resp.sendError(500, "Error, no query String allowed.");
36 process(req, resp, u);
39 protected void process(HttpServletRequest req, HttpServletResponse resp, CertificateOwner u) throws IOException {
40 if (u instanceof User) {
41 process(req, resp, (User) u);
43 resp.sendError(500, "Error, requires a User certificate.");
48 protected void process(HttpServletRequest req, HttpServletResponse resp, User u) throws IOException {