upd: more realistic content-type for cert-downloads from API

[gigi.git] / src / org / cacert / gigi / api / CreateCertificate.java

diff --git a/src/org/cacert/gigi/api/CreateCertificate.java b/src/org/cacert/gigi/api/CreateCertificate.java
index d21b9c47cabd95500bd5011cb84c797bb7283d9d..a939b9e6c7844e4fd9c9b30f06886a43286fba83 100644 (file)
--- a/src/org/cacert/gigi/api/CreateCertificate.java
+++ b/src/org/cacert/gigi/api/CreateCertificate.java
@@ -12,10 +12,11 @@ import org.cacert.gigi.dbObjects.Certificate;
 import org.cacert.gigi.dbObjects.Certificate.CertificateStatus;
 import org.cacert.gigi.dbObjects.CertificateProfile;
 import org.cacert.gigi.dbObjects.Job;
+import org.cacert.gigi.dbObjects.Organisation;
 import org.cacert.gigi.dbObjects.User;
 import org.cacert.gigi.pages.account.certs.CertificateRequest;
 import org.cacert.gigi.util.AuthorizationContext;
-import org.cacert.gigi.util.PEM;
+import org.cacert.gigi.util.CertExporter;
 
 public class CreateCertificate extends APIPoint {
 
@@ -33,12 +34,35 @@ public class CreateCertificate extends APIPoint {
         if (cpS != null) {
             cp = CertificateProfile.getByName(cpS);
             if (cp == null) {
-                resp.sendError(500, "Error, profile " + cpS + "not found");
+                resp.sendError(500, "Error, profile not found");
+                return;
+            }
+        }
+        AuthorizationContext ctx = new AuthorizationContext(u, u);
+        String asOrg = req.getParameter("asOrg");
+        if (asOrg != null) {
+            try {
+                int i = Integer.parseInt(asOrg);
+                Organisation o0 = null;
+                for (Organisation o : u.getOrganisations()) {
+                    if (o.getId() == i) {
+                        o0 = o;
+                        break;
+                    }
+                }
+                if (o0 == null) {
+                    resp.sendError(500, "Error, Organisation with id " + i + " not found.");
+                    return;
+                } else {
+                    ctx = new AuthorizationContext(o0, u);
+                }
+            } catch (NumberFormatException e) {
+                resp.sendError(500, "Error, as Org is not an integer");
                 return;
             }
         }
         try {
-            CertificateRequest cr = new CertificateRequest(new AuthorizationContext(u, u), csr, cp);
+            CertificateRequest cr = new CertificateRequest(ctx, csr, cp);
             Certificate result = cr.draft();
             Job job = result.issue(null, "2y", u);
             job.waitFor(60000);
@@ -46,7 +70,8 @@ public class CreateCertificate extends APIPoint {
                 resp.sendError(510, "Error, issuing timed out");
                 return;
             }
-            resp.getWriter().println(PEM.encode("CERTIFICATE", result.cert().getEncoded()));
+            resp.addHeader("Content-Type", "text/plain");
+            CertExporter.writeCertCrt(result, resp.getOutputStream(), req.getParameter("chain") != null, req.getParameter("noAnchor") == null, true);
             return;
         } catch (GeneralSecurityException e) {
             resp.sendError(500, "Crypto failed");
@@ -54,8 +79,6 @@ public class CreateCertificate extends APIPoint {
             resp.setStatus(500);
             PrintWriter wr = resp.getWriter();
             e.formatPlain(wr);
-        } catch (InterruptedException e) {
-            resp.sendError(500, "Interrupted");
         }
     }
 }