Merge "Suggestions to enhance the SQL call pattern."

[gigi.git] / src / org / cacert / gigi / api / GigiAPI.java
diff --git a/src/org/cacert/gigi/api/GigiAPI.java b/src/org/cacert/gigi/api/GigiAPI.java

index 744432f43fd7a1b02d4a7bbef561a89b43e85720..dbac5a881b8a82dcb0ae100c43753f57af38526f 100644 (file)
--- a/src/org/cacert/gigi/api/GigiAPI.java
+++ b/src/org/cacert/gigi/api/GigiAPI.java
@@ -2,8 +2,7 @@ package org.cacert.gigi.api;
  
  import java.io.IOException;
  import java.io.InputStreamReader;
-import java.security.GeneralSecurityException;
-import java.security.cert.X509Certificate;
+import java.util.HashMap;
  
  import javax.servlet.ServletException;
  import javax.servlet.ServletInputStream;
@@ -11,19 +10,22 @@ import javax.servlet.http.HttpServlet;
  import javax.servlet.http.HttpServletRequest;
  import javax.servlet.http.HttpServletResponse;
  
-import org.cacert.gigi.GigiApiException;
-import org.cacert.gigi.dbObjects.Certificate;
-import org.cacert.gigi.dbObjects.Certificate.CertificateStatus;
-import org.cacert.gigi.dbObjects.User;
-import org.cacert.gigi.pages.LoginPage;
-import org.cacert.gigi.pages.account.certs.CertificateRequest;
-import org.cacert.gigi.util.Job;
-import org.cacert.gigi.util.PEM;
+import org.cacert.gigi.database.DatabaseConnection;
+import org.cacert.gigi.database.DatabaseConnection.Link;
  
  public class GigiAPI extends HttpServlet {
  
      private static final long serialVersionUID = 659963677032635817L;
  
+    HashMap<String, APIPoint> api = new HashMap<>();
+
+    public GigiAPI() {
+        api.put(CreateCertificate.PATH, new CreateCertificate());
+        api.put(RevokeCertificate.PATH, new RevokeCertificate());
+        api.put(CATSImport.PATH, new CATSImport());
+        api.put(CATSResolve.PATH, new CATSResolve());
+    }
+
      @Override
      protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
          String pi = req.getPathInfo();
@@ -42,46 +44,14 @@ public class GigiAPI extends HttpServlet {
              System.out.println(strB);
              return;
          }
-        X509Certificate cert = LoginPage.getCertificateFromRequest(req);
-        if (cert == null) {
-            resp.sendError(403, "Error, cert authing required.");
-            return;
-        }
-        String serial = LoginPage.extractSerialFormCert(cert);
-        User u = LoginPage.fetchUserBySerial(serial);
  
-        if (pi.equals("/account/certs/new")) {
-
-            if ( !req.getMethod().equals("POST")) {
-                resp.sendError(500, "Error, POST required.");
-                return;
-            }
-            if (req.getQueryString() != null) {
-                resp.sendError(500, "Error, no query String allowed.");
-                return;
-            }
-            String csr = req.getParameter("csr");
-            if (csr == null) {
-                resp.sendError(500, "Error, no CSR found");
-                return;
-            }
-            try {
-                CertificateRequest cr = new CertificateRequest(u, csr);
-                Certificate result = cr.draft();
-                Job job = result.issue(null, "2y");
-                job.waitFor(60000);
-                if (result.getStatus() != CertificateStatus.ISSUED) {
-                    resp.sendError(510, "Error, issuing timed out");
-                    return;
-                }
-                resp.getWriter().println(PEM.encode("CERTIFICATE", result.cert().getEncoded()));
-            } catch (GeneralSecurityException e) {
-                e.printStackTrace();
-            } catch (GigiApiException e) {
-                e.printStackTrace();
-            } catch (InterruptedException e) {
-                e.printStackTrace();
+        APIPoint p = api.get(pi);
+        try (Link l = DatabaseConnection.newLink(false)) {
+            if (p != null) {
+                p.process(req, resp);
              }
+        } catch (InterruptedException e) {
+            throw new Error(e);
          }
      }
  }