import java.io.InputStreamReader;
import java.io.OutputStream;
import java.lang.reflect.Field;
+import java.net.URISyntaxException;
import java.net.URL;
import java.nio.file.Files;
+import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.Collections;
import java.util.HashMap;
import org.cacert.gigi.dbObjects.ObjectCache;
import org.cacert.gigi.dbObjects.User;
import org.cacert.gigi.localisation.Language;
+import org.cacert.gigi.output.template.Template;
+import org.cacert.gigi.output.template.TranslateCommand;
+import org.cacert.gigi.pages.LoginPage;
import org.cacert.gigi.pages.Page;
-import org.cacert.gigi.util.RandomToken;
+import org.cacert.gigi.pages.account.certs.CertificateRequest;
+import org.cacert.gigi.pages.main.RegisterPage;
+import org.cacert.gigi.util.AuthorizationContext;
import org.cacert.gigi.util.ServerConstants;
import org.kamranzafar.jtar.TarEntry;
import org.kamranzafar.jtar.TarHeader;
ByteArrayOutputStream chunkConfig = new ByteArrayOutputStream();
DataOutputStream dos = new DataOutputStream(chunkConfig);
byte[] cacerts = Files.readAllBytes(Paths.get("config/cacerts.jks"));
- byte[] keystore = Files.readAllBytes(Paths.get("config/keystore.pkcs12"));
+ byte[] keystore = null;
+ Path p = Paths.get("config/keystore.pkcs12");
+ if (p.toFile().exists()) {
+ keystore = Files.readAllBytes(p);
+ } else {
+ mainProps.setProperty("proxy", "true");
+ }
DevelLauncher.writeGigiConfig(dos, "changeit".getBytes("UTF-8"), "changeit".getBytes("UTF-8"), mainProps, cacerts, keystore);
dos.flush();
InputStream oldin = System.in;
System.setIn(new ByteArrayInputStream(chunkConfig.toByteArray()));
new Launcher().boot();
- final String token = RandomToken.generateToken(32);
- addDevelPage(token);
- Desktop.getDesktop().browse(new URL("http://" + ServerConstants.getWwwHostNamePort() + "/ticket?token=" + token).toURI());
+ addDevelPage(true);
+ new Thread("ticket awaiter") {
+
+ @Override
+ public void run() {
+ try {
+ Thread.sleep(8000);
+ } catch (InterruptedException e) {
+ e.printStackTrace();
+ }
+ try {
+ if ( !ticketUsed) {
+ Desktop.getDesktop().browse(new URL("http://" + ServerConstants.getWwwHostNamePort() + "/ticketWait").toURI());
+ }
+ } catch (IOException e) {
+ e.printStackTrace();
+ } catch (URISyntaxException e) {
+ e.printStackTrace();
+ }
+ }
+ }.start();
System.setIn(oldin);
BufferedReader br = new BufferedReader(new InputStreamReader(System.in, "UTF-8"));
System.out.println("Cacert-gigi system sucessfully started.");
}
}
- public static void addDevelPage(String token) {
+ public static void addDevelPage(boolean withToken) {
try {
Field instF = Gigi.class.getDeclaredField("instance");
Field pageF = Gigi.class.getDeclaredField("pages");
// Check if we got a proper map (as much as we can tell)
Object pagesObj = pageF.get(gigi);
+ if ( !(pagesObj instanceof Map)) {
+ throw new Error("Invalid state when initializing page structure");
+ }
+
@SuppressWarnings("unchecked")
- HashMap<String, Page> pages = pagesObj instanceof Map ? new HashMap<>((Map<String, Page>) pagesObj) : null;
+ HashMap<String, Page> pages = new HashMap<>((Map<String, Page>) pagesObj);
pages.put("/manage", new Page("Page-manager") {
@Override
public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
ObjectCache.clearAllCaches();
+ RegisterPage.RATE_LIMIT.bypass();
+ LoginPage.RATE_LIMIT.bypass();
+ CertificateRequest.RATE_LIMIT.bypass();
resp.getWriter().println("All caches cleared.");
System.out.println("Caches cleared.");
}
});
- if (token != null) {
- addTicketPage(pages, token);
+ if (withToken) {
+ addTicketPage(pages);
}
pageF.set(gigi, Collections.unmodifiableMap(pages));
}
}
- private static void addTicketPage(HashMap<String, Page> pages, final String token) {
- pages.put("/ticket", new Page("ticket") {
+ static boolean ticketUsed = false;
- boolean used = false;
+ private static void addTicketPage(HashMap<String, Page> pages) {
+ pages.put("/ticketWait", new Page("ticket") {
+
+ private final Template t = new Template(DevelLauncher.class.getResource("DevelTicketWait.templ"));
+
+ @Override
+ public boolean needsLogin() {
+ return false;
+ }
@Override
public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
- if ( !used && token.equals(req.getParameter("token"))) {
+ resp.setHeader("content-security-policy", "");
+ t.output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
+ }
+
+ });
+ pages.put("/ticket", new Page("ticket") {
+
+ @Override
+ public boolean beforeTemplate(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+ // TODO Auto-generated method stub
+ if ( !ticketUsed) {
HttpSession sess = req.getSession();
User user = User.getById(1);
+ if (user == null) {
+ resp.getWriter().println("ticket consumed but no user available for that action");
+ ticketUsed = true;
+ return true;
+ }
sess.setAttribute(LOGGEDIN, true);
sess.setAttribute(Language.SESSION_ATTRIB_NAME, user.getPreferredLocale());
- sess.setAttribute(USER, user);
- req.getSession().setAttribute(LOGIN_METHOD, "Ticket");
- resp.sendRedirect("/");
+ sess.setAttribute(AUTH_CONTEXT, new AuthorizationContext(user, user));
+ req.getSession().setAttribute(LOGIN_METHOD, new TranslateCommand("Ticket"));
+ resp.getWriter().println("ticket consumed");
+ ticketUsed = true;
}
+ return true;
}
+ @Override
+ public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {}
+
@Override
public boolean needsLogin() {
return false;
}
private static void putTarEntry(byte[] data, TarOutputStream tos, String name) throws IOException {
+ if (data == null) {
+ return;
+ }
TarHeader th = new TarHeader();
th.name = new StringBuffer(name);
th.size = data.length;