Merge "add: implement to define a strong authenticated login"

[gigi.git] / util-testing / club / wpia / gigi / pages / Manager.java

diff --git a/util-testing/club/wpia/gigi/pages/Manager.java b/util-testing/club/wpia/gigi/pages/Manager.java
index b33d52c439429be5e4d744cbb7341865be91cb24..cdde36f25f2ff82cfbd52d575f06838fd74d5f5a 100644 (file)
--- a/util-testing/club/wpia/gigi/pages/Manager.java
+++ b/util-testing/club/wpia/gigi/pages/Manager.java
@@ -39,6 +39,8 @@ import club.wpia.gigi.dbObjects.CertificateOwner;
 import club.wpia.gigi.dbObjects.Country;
 import club.wpia.gigi.dbObjects.Digest;
 import club.wpia.gigi.dbObjects.Domain;
+import club.wpia.gigi.dbObjects.DomainPingConfiguration;
+import club.wpia.gigi.dbObjects.DomainPingExecution;
 import club.wpia.gigi.dbObjects.DomainPingType;
 import club.wpia.gigi.dbObjects.EmailAddress;
 import club.wpia.gigi.dbObjects.Group;
@@ -47,6 +49,7 @@ import club.wpia.gigi.dbObjects.NamePart.NamePartType;
 import club.wpia.gigi.dbObjects.User;
 import club.wpia.gigi.dbObjects.Verification.VerificationType;
 import club.wpia.gigi.email.DelegateMailProvider;
+import club.wpia.gigi.email.EmailProvider;
 import club.wpia.gigi.localisation.Language;
 import club.wpia.gigi.output.template.IterableDataset;
 import club.wpia.gigi.output.template.Template;
@@ -55,6 +58,7 @@ import club.wpia.gigi.ping.DomainPinger;
 import club.wpia.gigi.ping.PingerDaemon;
 import club.wpia.gigi.util.AuthorizationContext;
 import club.wpia.gigi.util.DayDate;
+import club.wpia.gigi.util.DomainAssessment;
 import club.wpia.gigi.util.HTMLEncoder;
 import club.wpia.gigi.util.Notary;
 import club.wpia.gigi.util.TimeConditions;
@@ -231,12 +235,14 @@ public class Manager extends Page {
         }
 
         @Override
-        public void ping(Domain domain, String configuration, CertificateOwner target, int confId) {
-            System.out.println("Test: " + domain);
+        public DomainPingExecution ping(Domain domain, String configuration, CertificateOwner target, DomainPingConfiguration conf) {
+            System.err.println("TestManager: " + domain.getSuffix());
             if (pingExempt.contains(domain.getSuffix())) {
-                enterPingResult(confId, DomainPinger.PING_SUCCEDED, "Succeeded by TestManager pass-by", null);
+                return enterPingResult(conf, DomainPinger.PING_SUCCEDED, "Succeeded by TestManager pass-by", null);
             } else {
-                dps.get(dpt).ping(domain, configuration, target, confId);
+                DomainPinger pinger = dps.get(dpt);
+                System.err.println("Forward to old pinger: " + pinger);
+                return pinger.ping(domain, configuration, target, conf);
             }
         }
 
@@ -296,9 +302,29 @@ public class Manager extends Page {
 
     @Override
     public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+        AuthorizationContext sessionAc = (AuthorizationContext) req.getSession().getAttribute(Gigi.AUTH_CONTEXT);
         if (req.getParameter("create") != null) {
-            batchCreateUsers(req.getParameter("prefix"), req.getParameter("suffix"), Integer.parseInt(req.getParameter("amount")), resp.getWriter());
-            resp.getWriter().println("User batch created.");
+            String prefix = req.getParameter("prefix");
+            String domain = req.getParameter("suffix");
+            try {
+                if (null == prefix) {
+                    throw new GigiApiException("No prefix given.");
+                }
+                if (null == domain) {
+                    throw new GigiApiException("No domain given.");
+                }
+
+                DomainAssessment.checkCertifiableDomain(domain, false, true);
+
+                if ( !EmailProvider.isValidMailAddress(prefix + "@" + domain)) {
+                    throw new GigiApiException("Invalid email address template.");
+                }
+
+                batchCreateUsers(prefix, domain, Integer.parseInt(req.getParameter("amount")), resp.getWriter());
+                resp.getWriter().println("User batch created.");
+            } catch (GigiApiException e) {
+                throw new Error(e);
+            }
         } else if (req.getParameter("addpriv") != null || req.getParameter("delpriv") != null) {
             User u = User.getByEmail(req.getParameter("email"));
             if (u == null) {
@@ -399,7 +425,7 @@ public class Manager extends Page {
                 e.printStackTrace();
                 resp.getWriter().println("An internal error occured.");
             } catch (GigiApiException e) {
-                e.format(resp.getWriter(), Language.getInstance(Locale.ENGLISH));
+                e.format(resp.getWriter(), Language.getInstance(Locale.ENGLISH), getDefaultVars(req));
             }
         } else if (req.getParameter("addCert") != null) {
             User u = User.getByEmail(req.getParameter("addCertEmail"));
@@ -413,7 +439,7 @@ public class Manager extends Page {
 
                 byte[] res = s.getEncoded(sign);
 
-                CertificateRequest cr = new CertificateRequest(new AuthorizationContext(u, u), Base64.getEncoder().encodeToString(res), "challenge");
+                CertificateRequest cr = new CertificateRequest(new AuthorizationContext(u, u, sessionAc.isStronglyAuthenticated()), Base64.getEncoder().encodeToString(res), "challenge");
                 cr.update(CertificateRequest.DEFAULT_CN, Digest.SHA512.toString(), "client", null, "", "email:" + u.getEmail());
                 Certificate draft = cr.draft();
                 draft.issue(null, "2y", u).waitFor(10000);
@@ -426,7 +452,7 @@ public class Manager extends Page {
                 e1.printStackTrace();
                 resp.getWriter().println("error");
             } catch (GigiApiException e) {
-                e.format(resp.getWriter(), Language.getInstance(Locale.ENGLISH));
+                e.format(resp.getWriter(), Language.getInstance(Locale.ENGLISH), getDefaultVars(req));
             }
 
         } else if (req.getParameter("addExDom") != null) {