src/org/cacert/gigi/api/RevokeCertificate.java

   1 package org.cacert.gigi.api;
   2
   3 import java.io.IOException;
   4
   5 import javax.servlet.http.HttpServletRequest;
   6 import javax.servlet.http.HttpServletResponse;
   7
   8 import org.cacert.gigi.dbObjects.Certificate;
   9 import org.cacert.gigi.dbObjects.Certificate.CertificateStatus;
  10 import org.cacert.gigi.dbObjects.Job;
  11 import org.cacert.gigi.dbObjects.User;
  12
  13 public class RevokeCertificate extends APIPoint {
  14
  15     public static final String PATH = "/account/certs/revoke";
  16
  17     @Override
  18     public void process(HttpServletRequest req, HttpServletResponse resp, User u) throws IOException {
  19
  20         if ( !req.getMethod().equals("POST")) {
  21             resp.sendError(500, "Error, POST required.");
  22             return;
  23         }
  24         if (req.getQueryString() != null) {
  25             resp.sendError(500, "Error, no query String allowed.");
  26             return;
  27         }
  28         String tserial = req.getParameter("serial");
  29         if (tserial == null) {
  30             resp.sendError(500, "Error, no Serial found");
  31             return;
  32         }
  33         try {
  34             Certificate c = Certificate.getBySerial(tserial);
  35             if (c == null || c.getOwner() != u) {
  36                 resp.sendError(403, "Access Denied");
  37                 return;
  38             }
  39             Job job = c.revoke();
  40             job.waitFor(60000);
  41             if (c.getStatus() != CertificateStatus.REVOKED) {
  42                 resp.sendError(510, "Error, issuing timed out");
  43                 return;
  44             }
  45             resp.getWriter().println("OK");
  46             return;
  47         } catch (InterruptedException e) {
  48             e.printStackTrace();
  49         }
  50     }
  51 }