package org.cacert.gigi;
+import static org.cacert.gigi.Gigi.*;
+
+import java.awt.Desktop;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.lang.reflect.Field;
+import java.net.URISyntaxException;
import java.net.URL;
import java.nio.file.Files;
+import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.Collections;
import java.util.HashMap;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
import org.cacert.gigi.dbObjects.ObjectCache;
+import org.cacert.gigi.dbObjects.User;
+import org.cacert.gigi.localisation.Language;
+import org.cacert.gigi.output.template.Template;
+import org.cacert.gigi.output.template.TranslateCommand;
+import org.cacert.gigi.pages.LoginPage;
import org.cacert.gigi.pages.Page;
+import org.cacert.gigi.pages.account.certs.CertificateRequest;
+import org.cacert.gigi.pages.main.RegisterPage;
+import org.cacert.gigi.util.AuthorizationContext;
+import org.cacert.gigi.util.ServerConstants;
import org.kamranzafar.jtar.TarEntry;
import org.kamranzafar.jtar.TarHeader;
import org.kamranzafar.jtar.TarOutputStream;
ByteArrayOutputStream chunkConfig = new ByteArrayOutputStream();
DataOutputStream dos = new DataOutputStream(chunkConfig);
byte[] cacerts = Files.readAllBytes(Paths.get("config/cacerts.jks"));
- byte[] keystore = Files.readAllBytes(Paths.get("config/keystore.pkcs12"));
+ byte[] keystore = null;
+ Path p = Paths.get("config/keystore.pkcs12");
+ if (p.toFile().exists()) {
+ keystore = Files.readAllBytes(p);
+ } else {
+ mainProps.setProperty("proxy", "true");
+ }
DevelLauncher.writeGigiConfig(dos, "changeit".getBytes("UTF-8"), "changeit".getBytes("UTF-8"), mainProps, cacerts, keystore);
dos.flush();
- InputStream oldin = System.in;
- System.setIn(new ByteArrayInputStream(chunkConfig.toByteArray()));
- new Launcher().boot();
- addDevelPage();
- System.setIn(oldin);
+ new Launcher().boot(new ByteArrayInputStream(chunkConfig.toByteArray()));
+ addDevelPage(true);
+ new Thread("ticket awaiter") {
+
+ @Override
+ public void run() {
+ try {
+ Thread.sleep(8000);
+ } catch (InterruptedException e) {
+ e.printStackTrace();
+ }
+ try {
+ if ( !ticketUsed) {
+ Desktop.getDesktop().browse(new URL("http://" + ServerConstants.getWwwHostNamePort() + "/ticketWait").toURI());
+ }
+ } catch (IOException e) {
+ e.printStackTrace();
+ } catch (URISyntaxException e) {
+ e.printStackTrace();
+ }
+ }
+ }.start();
BufferedReader br = new BufferedReader(new InputStreamReader(System.in, "UTF-8"));
System.out.println("Cacert-gigi system sucessfully started.");
System.out.println("Press enter to shutdown.");
}
}
- public static void addDevelPage() {
+ public static void addDevelPage(boolean withToken) {
try {
Field instF = Gigi.class.getDeclaredField("instance");
Field pageF = Gigi.class.getDeclaredField("pages");
// Check if we got a proper map (as much as we can tell)
Object pagesObj = pageF.get(gigi);
+ if ( !(pagesObj instanceof Map)) {
+ throw new Error("Invalid state when initializing page structure");
+ }
+
@SuppressWarnings("unchecked")
- HashMap<String, Page> pages = pagesObj instanceof Map ? new HashMap<>((Map<String, Page>) pagesObj) : null;
+ HashMap<String, Page> pages = new HashMap<>((Map<String, Page>) pagesObj);
pages.put("/manage", new Page("Page-manager") {
@Override
public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
ObjectCache.clearAllCaches();
+ RegisterPage.RATE_LIMIT.bypass();
+ LoginPage.RATE_LIMIT.bypass();
+ CertificateRequest.RATE_LIMIT.bypass();
resp.getWriter().println("All caches cleared.");
System.out.println("Caches cleared.");
}
});
+ if (withToken) {
+ addTicketPage(pages);
+ }
+
pageF.set(gigi, Collections.unmodifiableMap(pages));
} catch (ReflectiveOperationException e) {
e.printStackTrace();
}
}
+ static boolean ticketUsed = false;
+
+ private static void addTicketPage(HashMap<String, Page> pages) {
+ pages.put("/ticketWait", new Page("ticket") {
+
+ private final Template t = new Template(DevelLauncher.class.getResource("DevelTicketWait.templ"));
+
+ @Override
+ public boolean needsLogin() {
+ return false;
+ }
+
+ @Override
+ public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+ resp.setHeader("content-security-policy", "");
+ t.output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
+ }
+
+ });
+ pages.put("/ticket", new Page("ticket") {
+
+ @Override
+ public boolean beforeTemplate(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+ // TODO Auto-generated method stub
+ if ( !ticketUsed) {
+ HttpSession sess = req.getSession();
+ User user = User.getById(1);
+ if (user == null) {
+ resp.getWriter().println("ticket consumed but no user available for that action");
+ ticketUsed = true;
+ return true;
+ }
+ sess.setAttribute(LOGGEDIN, true);
+ sess.setAttribute(Language.SESSION_ATTRIB_NAME, user.getPreferredLocale());
+ sess.setAttribute(AUTH_CONTEXT, new AuthorizationContext(user, user));
+ req.getSession().setAttribute(LOGIN_METHOD, new TranslateCommand("Ticket"));
+ resp.getWriter().println("ticket consumed");
+ ticketUsed = true;
+ }
+ return true;
+ }
+
+ @Override
+ public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {}
+
+ @Override
+ public boolean needsLogin() {
+ return false;
+ }
+ });
+ }
+
public static void writeGigiConfig(OutputStream target, byte[] keystorepw, byte[] truststorepw, Properties mainprop, byte[] cacerts, byte[] keystore) throws IOException {
TarOutputStream tos = new TarOutputStream(target);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
}
private static void putTarEntry(byte[] data, TarOutputStream tos, String name) throws IOException {
+ if (data == null) {
+ return;
+ }
TarHeader th = new TarHeader();
th.name = new StringBuffer(name);
th.size = data.length;
projects / gigi.git / blobdiff