src/club/wpia/gigi/api/CreateCertificate.java

   1 package club.wpia.gigi.api;
   2
   3 import java.io.IOException;
   4 import java.io.PrintWriter;
   5 import java.security.GeneralSecurityException;
   6
   7 import javax.servlet.http.HttpServletRequest;
   8 import javax.servlet.http.HttpServletResponse;
   9
  10 import club.wpia.gigi.GigiApiException;
  11 import club.wpia.gigi.dbObjects.Certificate;
  12 import club.wpia.gigi.dbObjects.CertificateProfile;
  13 import club.wpia.gigi.dbObjects.Job;
  14 import club.wpia.gigi.dbObjects.Organisation;
  15 import club.wpia.gigi.dbObjects.User;
  16 import club.wpia.gigi.dbObjects.Certificate.CertificateStatus;
  17 import club.wpia.gigi.pages.account.certs.CertificateRequest;
  18 import club.wpia.gigi.util.AuthorizationContext;
  19 import club.wpia.gigi.util.CertExporter;
  20
  21 public class CreateCertificate extends APIPoint {
  22
  23     public static final String PATH = "/account/certs/new";
  24
  25     @Override
  26     public void process(HttpServletRequest req, HttpServletResponse resp, User u) throws IOException {
  27         String csr = req.getParameter("csr");
  28         if (csr == null) {
  29             resp.sendError(500, "Error, no CSR found");
  30             return;
  31         }
  32         CertificateProfile cp = null;
  33         String cpS = req.getParameter("profile");
  34         if (cpS != null) {
  35             cp = CertificateProfile.getByName(cpS);
  36             if (cp == null) {
  37                 resp.sendError(500, "Error, profile not found");
  38                 return;
  39             }
  40         }
  41         AuthorizationContext ctx = new AuthorizationContext(u, u);
  42         String asOrg = req.getParameter("asOrg");
  43         if (asOrg != null) {
  44             try {
  45                 int i = Integer.parseInt(asOrg);
  46                 Organisation o0 = null;
  47                 for (Organisation o : u.getOrganisations()) {
  48                     if (o.getId() == i) {
  49                         o0 = o;
  50                         break;
  51                     }
  52                 }
  53                 if (o0 == null) {
  54                     resp.sendError(500, "Error, Organisation with id " + i + " not found.");
  55                     return;
  56                 } else {
  57                     ctx = new AuthorizationContext(o0, u);
  58                 }
  59             } catch (NumberFormatException e) {
  60                 resp.sendError(500, "Error, as Org is not an integer");
  61                 return;
  62             }
  63         }
  64         try {
  65             CertificateRequest cr = new CertificateRequest(ctx, csr, cp);
  66             Certificate result = cr.draft();
  67             Job job = result.issue(null, "2y", u);
  68             job.waitFor(60000);
  69             if (result.getStatus() != CertificateStatus.ISSUED) {
  70                 resp.sendError(510, "Error, issuing timed out");
  71                 return;
  72             }
  73             resp.addHeader("Content-Type", "text/plain");
  74             CertExporter.writeCertCrt(result, resp.getOutputStream(), req.getParameter("chain") != null, req.getParameter("noAnchor") == null, true);
  75             return;
  76         } catch (GeneralSecurityException e) {
  77             resp.sendError(500, "Crypto failed");
  78         } catch (GigiApiException e) {
  79             resp.setStatus(500);
  80             PrintWriter wr = resp.getWriter();
  81             e.formatPlain(wr);
  82         }
  83     }
  84 }