src/club/wpia/gigi/api/RevokeCertificate.java

   1 package club.wpia.gigi.api;
   2
   3 import java.io.IOException;
   4
   5 import javax.servlet.http.HttpServletRequest;
   6 import javax.servlet.http.HttpServletResponse;
   7
   8 import club.wpia.gigi.dbObjects.Certificate;
   9 import club.wpia.gigi.dbObjects.Certificate.CertificateStatus;
  10 import club.wpia.gigi.dbObjects.Certificate.RevocationType;
  11 import club.wpia.gigi.dbObjects.Job;
  12 import club.wpia.gigi.dbObjects.User;
  13
  14 public class RevokeCertificate extends APIPoint {
  15
  16     public static final String PATH = "/account/certs/revoke";
  17
  18     @Override
  19     public void process(HttpServletRequest req, HttpServletResponse resp, User u) throws IOException {
  20
  21         if ( !req.getMethod().equals("POST")) {
  22             resp.sendError(500, "Error, POST required.");
  23             return;
  24         }
  25
  26         if (req.getQueryString() != null) {
  27             resp.sendError(500, "Error, no query String allowed.");
  28             return;
  29         }
  30
  31         String tserial = req.getParameter("serial");
  32         if (tserial == null) {
  33             resp.sendError(500, "Error, no Serial found");
  34             return;
  35         }
  36
  37         Certificate c = Certificate.getBySerial(tserial);
  38         if (c == null || c.getOwner() != u) {
  39             resp.sendError(403, "Access Denied");
  40             return;
  41         }
  42
  43         Job job = c.revoke(RevocationType.USER);
  44         job.waitFor(60000);
  45         if (c.getStatus() != CertificateStatus.REVOKED) {
  46             resp.sendError(510, "Error, issuing timed out");
  47             return;
  48         }
  49
  50         resp.getWriter().println("OK");
  51
  52     }
  53 }