upd: more realistic content-type for cert-downloads from API

[gigi.git] / src / org / cacert / gigi / api / CreateCertificate.java

diff --git a/src/org/cacert/gigi/api/CreateCertificate.java b/src/org/cacert/gigi/api/CreateCertificate.java
index a846285778ed497892e761d98e397100320922a3..a939b9e6c7844e4fd9c9b30f06886a43286fba83 100644 (file)
--- a/src/org/cacert/gigi/api/CreateCertificate.java
+++ b/src/org/cacert/gigi/api/CreateCertificate.java
@@ -1,6 +1,7 @@
 package org.cacert.gigi.api;
 
 import java.io.IOException;
+import java.io.PrintWriter;
 import java.security.GeneralSecurityException;
 
 import javax.servlet.http.HttpServletRequest;
@@ -11,10 +12,11 @@ import org.cacert.gigi.dbObjects.Certificate;
 import org.cacert.gigi.dbObjects.Certificate.CertificateStatus;
 import org.cacert.gigi.dbObjects.CertificateProfile;
 import org.cacert.gigi.dbObjects.Job;
+import org.cacert.gigi.dbObjects.Organisation;
 import org.cacert.gigi.dbObjects.User;
 import org.cacert.gigi.pages.account.certs.CertificateRequest;
 import org.cacert.gigi.util.AuthorizationContext;
-import org.cacert.gigi.util.PEM;
+import org.cacert.gigi.util.CertExporter;
 
 public class CreateCertificate extends APIPoint {
 
@@ -32,12 +34,35 @@ public class CreateCertificate extends APIPoint {
         if (cpS != null) {
             cp = CertificateProfile.getByName(cpS);
             if (cp == null) {
-                resp.sendError(500, "Error, profile " + cpS + "not found");
+                resp.sendError(500, "Error, profile not found");
+                return;
+            }
+        }
+        AuthorizationContext ctx = new AuthorizationContext(u, u);
+        String asOrg = req.getParameter("asOrg");
+        if (asOrg != null) {
+            try {
+                int i = Integer.parseInt(asOrg);
+                Organisation o0 = null;
+                for (Organisation o : u.getOrganisations()) {
+                    if (o.getId() == i) {
+                        o0 = o;
+                        break;
+                    }
+                }
+                if (o0 == null) {
+                    resp.sendError(500, "Error, Organisation with id " + i + " not found.");
+                    return;
+                } else {
+                    ctx = new AuthorizationContext(o0, u);
+                }
+            } catch (NumberFormatException e) {
+                resp.sendError(500, "Error, as Org is not an integer");
                 return;
             }
         }
         try {
-            CertificateRequest cr = new CertificateRequest(new AuthorizationContext(u, u), csr, cp);
+            CertificateRequest cr = new CertificateRequest(ctx, csr, cp);
             Certificate result = cr.draft();
             Job job = result.issue(null, "2y", u);
             job.waitFor(60000);
@@ -45,14 +70,15 @@ public class CreateCertificate extends APIPoint {
                 resp.sendError(510, "Error, issuing timed out");
                 return;
             }
-            resp.getWriter().println(PEM.encode("CERTIFICATE", result.cert().getEncoded()));
+            resp.addHeader("Content-Type", "text/plain");
+            CertExporter.writeCertCrt(result, resp.getOutputStream(), req.getParameter("chain") != null, req.getParameter("noAnchor") == null, true);
             return;
         } catch (GeneralSecurityException e) {
-            e.printStackTrace();
+            resp.sendError(500, "Crypto failed");
         } catch (GigiApiException e) {
-            e.printStackTrace();
-        } catch (InterruptedException e) {
-            e.printStackTrace();
+            resp.setStatus(500);
+            PrintWriter wr = resp.getWriter();
+            e.formatPlain(wr);
         }
     }
 }