X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Fapi%2FAPIPoint.java;fp=src%2Forg%2Fcacert%2Fgigi%2Fapi%2FAPIPoint.java;h=72a555b1539a5a89ba51f2bb564c9d1453877f68;hp=8987afdb4bf5f628e61c49c4448cdbfaebb7d32c;hb=635da69a876542e30ed5cc5cbdc1ef4a9793ddfe;hpb=1473ab8375d4fea142ec06facee786c598a8de68

diff --git a/src/org/cacert/gigi/api/APIPoint.java b/src/org/cacert/gigi/api/APIPoint.java
index 8987afdb..72a555b1 100644
--- a/src/org/cacert/gigi/api/APIPoint.java
+++ b/src/org/cacert/gigi/api/APIPoint.java
@@ -6,6 +6,7 @@ import java.security.cert.X509Certificate;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.cacert.gigi.dbObjects.Certificate;
 import org.cacert.gigi.dbObjects.CertificateOwner;
 import org.cacert.gigi.dbObjects.User;
 import org.cacert.gigi.pages.LoginPage;
@@ -19,8 +20,9 @@ public abstract class APIPoint {
             return;
         }
         String serial = LoginPage.extractSerialFormCert(cert);
+        Certificate clientCert = Certificate.getBySerial(serial);
         CertificateOwner u = CertificateOwner.getByEnabledSerial(serial);
-        if (u == null) {
+        if (u == null || clientCert == null) {
             resp.sendError(403, "Error, cert authing required. Serial not found: " + serial);
             return;
         }
@@ -42,6 +44,10 @@ public abstract class APIPoint {
             resp.sendError(500, "Error, no query String allowed.");
             return;
         }
+        process(req, resp, u, clientCert);
+    }
+
+    protected void process(HttpServletRequest req, HttpServletResponse resp, CertificateOwner u, Certificate clientCert) throws IOException {
         process(req, resp, u);
     }