X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Fpages%2Faccount%2Fcerts%2FCertificateIssueForm.java;h=0a29fb2d7506e8037750e455426485508048b564;hb=65e50396a0c9fdc000036f5990ffa1b388df4c5e;hp=5ac13fda21fb00188b36e3dbe823fc1455aaa97f;hpb=373941c9a4f9cd5cd2e3eae6b18c71611a067842;p=gigi.git diff --git a/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java b/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java index 5ac13fda..0a29fb2d 100644 --- a/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java +++ b/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java @@ -4,25 +4,24 @@ import java.io.IOException; import java.io.PrintWriter; import java.security.GeneralSecurityException; import java.util.HashMap; -import java.util.Iterator; -import java.util.List; import java.util.Map; import javax.servlet.http.HttpServletRequest; import org.cacert.gigi.GigiApiException; import org.cacert.gigi.dbObjects.Certificate; +import org.cacert.gigi.dbObjects.Certificate.CertificateStatus; import org.cacert.gigi.dbObjects.Certificate.SubjectAlternateName; import org.cacert.gigi.dbObjects.CertificateProfile; import org.cacert.gigi.dbObjects.Organisation; -import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.localisation.Language; import org.cacert.gigi.output.CertificateValiditySelector; import org.cacert.gigi.output.HashAlgorithms; import org.cacert.gigi.output.template.Form; import org.cacert.gigi.output.template.IterableDataset; import org.cacert.gigi.output.template.Template; -import org.cacert.gigi.pages.Page; +import org.cacert.gigi.pages.LoginPage; +import org.cacert.gigi.util.AuthorizationContext; import org.cacert.gigi.util.RandomToken; /** @@ -35,7 +34,7 @@ public class CertificateIssueForm extends Form { private final static Template tIni = new Template(CertificateAdd.class.getResource("RequestCertificate.templ")); - private User u; + private AuthorizationContext c; private String spkacChallenge; @@ -43,7 +42,7 @@ public class CertificateIssueForm extends Form { public CertificateIssueForm(HttpServletRequest hsr) { super(hsr); - u = Page.getUser(hsr); + c = LoginPage.getAuthorizationContext(hsr); spkacChallenge = RandomToken.generateToken(16); } @@ -58,62 +57,66 @@ public class CertificateIssueForm extends Form { CertificateValiditySelector issueDate = new CertificateValiditySelector(); @Override - public boolean submit(PrintWriter out, HttpServletRequest req) { + public SubmissionResult submit(HttpServletRequest req) throws GigiApiException { String csr = req.getParameter("CSR"); String spkac = req.getParameter("SPKAC"); try { - try { - if (csr != null) { - cr = new CertificateRequest(u, csr); - cr.checkKeyStrength(out); - } else if (spkac != null) { - cr = new CertificateRequest(u, spkac, spkacChallenge); - cr.checkKeyStrength(out); - } else if (cr != null) { - login = "1".equals(req.getParameter("login")); - issueDate.update(req); - GigiApiException error = new GigiApiException(); - - try { - cr.update(req.getParameter("CN"), req.getParameter("hash_alg"), req.getParameter("profile"), // - req.getParameter("org"), req.getParameter("OU"), req.getParameter("SANs"), out, req); - } catch (GigiApiException e) { - error.mergeInto(e); - } - if (req.getParameter("CCA") == null) { - error.mergeInto(new GigiApiException("You need to accept the CCA.")); - } - Certificate result = null; - try { - result = cr.draft(); - } catch (GigiApiException e) { - error.mergeInto(e); - } - if ( !error.isEmpty() || result == null) { - error.format(out, Page.getLanguage(req)); - return false; - } - result.issue(issueDate.getFrom(), issueDate.getTo()).waitFor(60000); - this.result = result; - return true; - } else { - throw new GigiApiException("Error no action."); + if (csr != null) { + cr = new CertificateRequest(c, csr); + // TODO cr.checkKeyStrength(out); + return new FormContinue(); + } else if (spkac != null) { + cr = new CertificateRequest(c, spkac, spkacChallenge); + // TODO cr.checkKeyStrength(out); + return new FormContinue(); + } else if (cr != null) { + login = "1".equals(req.getParameter("login")); + issueDate.update(req); + GigiApiException error = new GigiApiException(); + + try { + cr.update(req.getParameter("CN"), req.getParameter("hash_alg"), req.getParameter("profile"), // + req.getParameter("org"), req.getParameter("OU"), req.getParameter("SANs")); + } catch (GigiApiException e) { + error.mergeInto(e); } - } catch (IOException e) { - e.printStackTrace(); - } catch (IllegalArgumentException e) { - e.printStackTrace(); - throw new GigiApiException("Certificate Request format is invalid."); - } catch (GeneralSecurityException e) { - e.printStackTrace(); - throw new GigiApiException("Certificate Request format is invalid."); - } catch (InterruptedException e) { - e.printStackTrace(); + + Certificate result = null; + try { + result = cr.draft(); + } catch (GigiApiException e) { + error.mergeInto(e); + } + if ( !error.isEmpty() || result == null) { + throw error; + } + if (login) { + result.setLoginEnabled(true); + } + result.issue(issueDate.getFrom(), issueDate.getTo(), c.getActor()).waitFor(60000); + this.result = result; + Certificate c = result; + if (c.getStatus() != CertificateStatus.ISSUED) { + throw new PermamentFormException(new GigiApiException("Timeout while waiting for certificate.")); + } + String ser = c.getSerial(); + if (ser.isEmpty()) { + throw new PermamentFormException(new GigiApiException("Timeout while waiting for certificate.")); + } + return new RedirectResult(Certificates.PATH + "/" + ser); + } else { + throw new GigiApiException("Error no action."); } - } catch (GigiApiException e) { - e.format(out, Page.getLanguage(req)); + } catch (IOException e) { + e.printStackTrace(); + throw new GigiApiException("Certificate Request format is invalid."); + } catch (IllegalArgumentException e) { + e.printStackTrace(); + throw new GigiApiException("Certificate Request format is invalid."); + } catch (GeneralSecurityException e) { + e.printStackTrace(); + throw new GigiApiException("Certificate Request format is invalid."); } - return false; } @Override @@ -133,7 +136,6 @@ public class CertificateIssueForm extends Form { @Override protected void outputContent(PrintWriter out, Language l, Map vars) { HashMap vars2 = new HashMap(vars); - vars2.put("CCA", "CCA"); StringBuffer content = new StringBuffer(); for (SubjectAlternateName SAN : cr.getSANs()) { @@ -144,23 +146,29 @@ public class CertificateIssueForm extends Form { } vars2.put("CN", cr.getName()); - vars2.put("department", cr.getOu()); + if (c.getTarget() instanceof Organisation) { + vars2.put("orga", "true"); + vars2.put("department", cr.getOu()); + } vars2.put("validity", issueDate); vars2.put("emails", content.toString()); vars2.put("hashs", new HashAlgorithms(cr.getSelectedDigest())); vars2.put("profiles", new IterableDataset() { - int i = 1; + CertificateProfile[] cps = CertificateProfile.getAll(); + + int i = 0; @Override public boolean next(Language l, Map vars) { CertificateProfile cp; do { - cp = CertificateProfile.getById(i++); - if (cp == null) { + if (i >= cps.length) { return false; } - } while ( !cp.canBeIssuedBy(u)); + cp = cps[i]; + i++; + } while ( !cp.canBeIssuedBy(c.getTarget(), c.getActor())); if (cp.getId() == cr.getProfile().getId()) { vars.put("selected", " selected"); @@ -172,27 +180,6 @@ public class CertificateIssueForm extends Form { return true; } }); - final List orgs = u.getOrganisations(); - vars2.put("orga", orgs.size() == 0 ? null : new IterableDataset() { - - Iterator iter = orgs.iterator(); - - @Override - public boolean next(Language l, Map vars) { - if ( !iter.hasNext()) { - return false; - } - Organisation orga = iter.next(); - vars.put("key", orga.getId()); - vars.put("name", orga.getName()); - if (orga == cr.getOrg()) { - vars.put("selected", " selected"); - } else { - vars.put("selected", ""); - } - return true; - } - }); t.output(out, l, vars2); }