src/club/wpia/gigi/api/RevokeCertificate.java

   1 package club.wpia.gigi.api;
   2
   3 import java.io.IOException;
   4 import java.math.BigInteger;
   5
   6 import javax.servlet.http.HttpServletRequest;
   7 import javax.servlet.http.HttpServletResponse;
   8
   9 import club.wpia.gigi.dbObjects.Certificate;
  10 import club.wpia.gigi.dbObjects.Certificate.CertificateStatus;
  11 import club.wpia.gigi.dbObjects.Certificate.RevocationType;
  12 import club.wpia.gigi.dbObjects.Job;
  13 import club.wpia.gigi.dbObjects.User;
  14
  15 public class RevokeCertificate extends APIPoint {
  16
  17     public static final String PATH = "/account/certs/revoke";
  18
  19     @Override
  20     public void process(HttpServletRequest req, HttpServletResponse resp, User u) throws IOException {
  21
  22         if ( !req.getMethod().equals("POST")) {
  23             resp.sendError(500, "Error, POST required.");
  24             return;
  25         }
  26
  27         if (req.getQueryString() != null) {
  28             resp.sendError(500, "Error, no query String allowed.");
  29             return;
  30         }
  31
  32         String tserial = req.getParameter("serial");
  33         if (tserial == null || tserial.isEmpty()) {
  34             resp.sendError(500, "Error, no Serial found");
  35             return;
  36         }
  37
  38         Certificate c = Certificate.getBySerial(new BigInteger(tserial, 16));
  39         if (c == null || c.getOwner() != u) {
  40             resp.sendError(403, "Access Denied");
  41             return;
  42         }
  43
  44         Job job = c.revoke(RevocationType.USER);
  45         job.waitFor(60000);
  46         if (c.getStatus() != CertificateStatus.REVOKED) {
  47             resp.sendError(510, "Error, issuing timed out");
  48             return;
  49         }
  50
  51         resp.getWriter().println("OK");
  52
  53     }
  54 }