/modules/dnet-openaire-users/trunk/src/main/java/eu/dnetlib/openaire/usermanagement/RegisterServiceServlet.java - Annotate - D-Net - D-Net project tracking tool

dnet45/modules/dnet-openaire-users/trunk/src/main/java/eu/dnetlib/openaire/usermanagement/RegisterServiceServlet.java @ 59908

-            katerina.i
+package eu.dnetlib.openaire.usermanagement;
 import com.google.gson.Gson;
-            katerina.i
+import com.google.gson.GsonBuilder;
-            katerina.i
+import com.google.gson.JsonParseException;
-            katerina.i
+import eu.dnetlib.openaire.user.pojos.RegisteredService;
 import eu.dnetlib.openaire.usermanagement.utils.RegisteredServicesUtils;
-            katerina.i
+import eu.dnetlib.openaire.usermanagement.utils.TokenUtils;
-            katerina.i
+import org.apache.commons.validator.routines.UrlValidator;
-            katerina.i
+import org.apache.http.HttpResponse;
-            katerina.i
+import org.apache.log4j.Logger;
-            katerina.i
+import org.mitre.openid.connect.model.OIDCAuthenticationToken;
-            katerina.i
+import org.springframework.beans.factory.annotation.Autowired;
-            k.triantaf
+import org.springframework.security.access.method.P;
-            katerina.i
+import org.springframework.security.core.context.SecurityContextHolder;
-            katerina.i
+import org.springframework.web.context.support.SpringBeanAutowiringSupport;
             katerina.i
-            katerina.i
+import javax.servlet.ServletConfig;
-            katerina.i
+import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
-            katerina.i
+import java.sql.SQLException;
             katerina.i
             katerina.i
-            katerina.i
+public class RegisterServiceServlet extends HttpServlet {
-            katerina.i
+    private Logger logger = Logger.getLogger(RegisterServiceServlet.class);
             katerina.i
-            katerina.i
+    public void init(ServletConfig config) throws ServletException {
         super.init(config);
         SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this,
                 config.getServletContext());
+    }
     @Autowired
     private RegisteredServicesUtils registeredServicesUtils;
-            katerina.i
+    @Autowired
     private TokenUtils tokenUtils;
-            katerina.i
+    public void doGet(HttpServletRequest request, HttpServletResponse response)
             throws ServletException, IOException {
             katerina.i
         OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.
                 getContext().getAuthentication();
-            katerina.i
+        String userid = authentication.getSub();
             katerina.i
-            k.triantaf
+        StringBuilder name = new StringBuilder().append(authentication.getUserInfo().getGivenName().charAt(0));
         name.append(authentication.getUserInfo().getFamilyName().charAt(0));
         request.getSession().setAttribute("name", name.toString());
             katerina.i
         String idParam = request.getParameter("id");
         if (idParam != null && !idParam.isEmpty()) { // EDIT CASE
             System.out.println("In edit");
             try {
                 int id = Integer.parseInt(idParam);
                 RegisteredService registeredService = registeredServicesUtils.getRegisteredServiceDao().fetchRegisteredServiceById(id);
                 if (registeredService != null && registeredServicesUtils.isAuthorized(userid, id)) {
-            k.triantaf
+                    ServiceResponse serviceResponse = tokenUtils.getRegisteredService(registeredService.getClientId(), registeredService.getRegistrationAccessToken());
             katerina.i
-            k.triantaf
+                    updateFormFields(request, registeredService.getName(), registeredService.getKeyType(), serviceResponse);
             katerina.i
                 } else {
                     if (registeredService == null) {
                         System.out.println("No service found!");
                         request.getSession().setAttribute("message", "Not valid registered service with given id " + id + ".");
                         response.sendRedirect("./registeredServices");
                         logger.warn("Not valid registered service with " + id + "id.");
                     } else {
                         System.out.println("Not authorized");
-            katerina.i
+                        request.getSession().setAttribute("message", "Not authorized to edit the registered service with id " + id + ".");
-            katerina.i
+                        response.sendRedirect("./registeredServices");
                         logger.warn("Not authorized to edit the service with " + id + "id.");
+                    }
+                }
-            k.triantaf
+            } catch (NumberFormatException nfe) {
-            katerina.i
+                System.out.println("WRONG FORMAT");
                 request.getSession().setAttribute("message", "Invalid service id.");
                 response.sendRedirect("./registeredServices");
                 logger.error("Invalid service id.", nfe);
-            k.triantaf
+            } catch (SQLException sqle) {
-            katerina.i
+                System.out.println("SQL PROBLEM");
                 request.getSession().setAttribute("message", "Could not fetch registered service.");
                 response.sendRedirect("./registeredServices");
                 logger.error("Could not fetch registered service.", sqle);
+            }
         } else {// NEW SERVICE CASE
             //Careful! Redirects in method
-            k.triantaf
+            request.getSession().setAttribute("first_name", null);
             request.getSession().setAttribute("key_type", null);
             request.getSession().setAttribute("jwksUri", null);
             request.getSession().setAttribute("value", null);
-            katerina.i
+            checkNumberOfRegisteredServices(request, response, authentication);
+        }
         response.setContentType("text/html");
-            katerina.i
+        request.getRequestDispatcher("./registerService.jsp").include(request, response);
+    }
-            k.triantaf
+    private void updateFormFields(HttpServletRequest request, String serviceName, String keyType, ServiceResponse serviceResponse) {
-            katerina.i
+        System.out.println("UPDATING FORM");
-            k.triantaf
+        request.getSession().setAttribute("first_name", serviceName);
         System.out.println("Service response URI " + serviceResponse.getJwksUri());
         request.getSession().setAttribute("key_type", keyType);
         if (keyType != null) {
             if (keyType.equals("uri")) {
-            katerina.i
+                request.getSession().setAttribute("jwksUri", serviceResponse.getJwksUri());
-            katerina.i
+            } else {
-            katerina.i
+                Key key;
-            k.triantaf
+                if (serviceResponse.getJwks() != null) {
-            katerina.i
+                    key = serviceResponse.getJwks().keys[0];
                 } else {
                     key = new Key();
+                }
-            katerina.i
+                System.out.println("Service response keys " + serviceResponse.getJwksUri());
-            katerina.i
+                Gson gson = new GsonBuilder().setPrettyPrinting().create();
                 request.getSession().setAttribute("value", gson.toJson(key));
+            }
+        }
+    }
-            katerina.i
+    public void doPost(HttpServletRequest request, HttpServletResponse response)
             throws ServletException, IOException {
             katerina.i
-            katerina.i
+        OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.
                 getContext().getAuthentication();
             katerina.i
-            katerina.i
+        response.setContentType("text/html");
-            katerina.i
+        boolean canProceed = true;
             katerina.i
-            katerina.i
+        String mode = request.getParameter("mode").trim();
         System.out.println("Mode was " + mode);
         checkmode(mode);
         System.out.println("Mode is " + mode);
             katerina.i
-            katerina.i
+        String serviceId = request.getParameter("id");
-            katerina.i
+        String name = request.getParameter("first_name").trim();
-            k.triantaf
+        if (name.isEmpty()) {
-            katerina.i
+            request.getSession().setAttribute("first_name_error", true);
             canProceed = false;
+        }
-            k.triantaf
+        String keyType = request.getParameter("key_type");
-            katerina.i
+        String jwksUri = null;
         String jwksString = null;
         Jwks jwks = null;
-            k.triantaf
+        if(keyType != null) {
             keyType = keyType.trim();
             if (keyType.equals("uri")) {
                 jwksUri = request.getParameter("uri");
                 request.getSession().setAttribute("jwksUri", jwksUri);
             katerina.i
-            k.triantaf
+                String[] schemes = {"https"};
                 UrlValidator urlValidator = new UrlValidator(schemes);
                 if (!urlValidator.isValid(jwksUri)) {
                     request.getSession().setAttribute("uri_error", true);
                     canProceed = false;
+                }
             } else {
                 jwksString = request.getParameter("value");
                 try {
                     Gson gson = new GsonBuilder().registerTypeAdapter(Jwks.class, new JwksDeserializer()).create();
                     String jwksSet = String.format("{\"keys\":[%s]}", jwksString);
                     jwks = gson.fromJson(jwksSet, Jwks.class);
                     request.getSession().setAttribute("value", jwksString);
             katerina.i
-            k.triantaf
+                    if (jwks.getKeys() == null || jwks.getKeys().length == 0) {
                         System.out.println("Something wrong with the keys.");
                         request.getSession().setAttribute("value_error", true);
                         canProceed = false;
+                    }
             katerina.i
             k.triantaf
                 } catch (JsonParseException jpe) {
-            k.triantaf
+                    request.getSession().setAttribute("value_error", true);
-            katerina.i
+                    canProceed = false;
+                }
             katerina.i
             katerina.i
-            katerina.i
+        String userid = authentication.getSub();
         String email = authentication.getUserInfo().getEmail();
-            katerina.i
+        ServiceResponse serviceResponse = null;
-            katerina.i
+        if (nameIsValid(name) && userInfoIsValid(userid, email) && keyIsValid(keyType, jwksUri, jwksString) && canProceed) {
             katerina.i
-            katerina.i
+            String serverMessage;
-            k.triantaf
+            if (mode.equals("create")) {
-            katerina.i
+                //Careful! Redirects in method
-            katerina.i
+                if (!checkNumberOfRegisteredServices(request, response, authentication)) {
                     return;
+                }
-            k.triantaf
+                String serverRequestJSON = null;
                 if(keyType == null) {
                     serverRequestJSON = createServiceJson(null, name, email);
                 } else if (keyType.equals("uri")) {
-            k.triantaf
+                    serverRequestJSON = createServiceJson(null, name, email, jwksUri);
-            k.triantaf
+                } else if (keyType.equals("value")){
-            k.triantaf
+                    serverRequestJSON = createServiceJson(null, name, email, jwks);
+                }
-            k.triantaf
+                if(serverRequestJSON != null) {
                     System.out.println("SERVER JSON " + serverRequestJSON);
                     serverMessage = tokenUtils.registerService(serverRequestJSON);
                     logger.debug(serverMessage);
                     if (serverMessage == null) {
                         request.getSession().setAttribute("message", "There was an error registering your service. Please try again later.");
                         response.sendRedirect("./registeredServices");
                         return;
+                    }
                     serviceResponse = new Gson().fromJson(serverMessage, ServiceResponse.class);
                     String client_id = serviceResponse.getClientId();
             katerina.i
-            k.triantaf
+                    RegisteredService registeredService = new RegisteredService(client_id, userid, name, serviceResponse.getRegistrationAccessToken(), keyType);
             katerina.i
-            k.triantaf
+                    try {
                         registeredServicesUtils.addRegistedService(registeredService);
                         if(registeredService.getKeyType() != null) {
                             request.getSession().setAttribute("success",
                                     "Your service has been successfully registered!<br>" +
-            katerina.i
+                                            "<b>Client ID</b>: " + serviceResponse.getClientId());
-            k.triantaf
+                        } else {
                             request.getSession().setAttribute("success",
                                     "Your service has been successfully registered!<br>" +
                                           "<b>Client ID</b>: " + serviceResponse.getClientId() +
-            k.triantaf
+                                          "<br><span style=\"word-wrap: break-word\"><b>Client Secret</b>:" + serviceResponse.getClientSecret() + "</span>");
             k.triantaf
             katerina.i
-            k.triantaf
+                    } catch (SQLException sqle) {
                         logger.error("Fail to save service.", sqle);
                         request.getSession().setAttribute("message", "There was an error registering your service. Please try again later.");
                         response.sendRedirect("./registeredServices");
                         return;
+                    }
                 } else {
                     logger.error("Service request JSON is null");
-            katerina.i
+                    request.getSession().setAttribute("message", "There was an error registering your service. Please try again later.");
                     response.sendRedirect("./registeredServices");
                     return;
+                }
-            katerina.i
+            } else {
-            k.triantaf
+                int serviceIdInt = 0;
-            katerina.i
+                if (serviceId == null || serviceId.isEmpty()) { //TODO WRONG MESSAGE
                     request.getSession().setAttribute("message", "Service with id " + serviceId + " does not exist.");
                     response.sendRedirect("./registeredServices");
             katerina.i
-            katerina.i
+                } else {
                     System.out.println("In edit...");
                     try {
                         serviceIdInt = Integer.parseInt(serviceId);
                         if (!registeredServicesUtils.isAuthorized(authentication.getSub(), serviceIdInt)) {
                             request.getSession().setAttribute("message", "You have no permission to edit the service.");
                             response.sendRedirect("./registeredServices");
             katerina.i
-            katerina.i
+                        } else {
             katerina.i
-            katerina.i
+                            RegisteredService registeredService = registeredServicesUtils.getRegisteredServiceDao().fetchRegisteredServiceById(serviceIdInt);
                             if (registeredService != null && registeredService.getClientId() != null) {
                                 String serverRequestJSON = null;
                                 if (keyType == null) {
                                     serverRequestJSON = createServiceJson(registeredService.getClientId(), name, email);
                                 } else if (keyType.equals("uri")) {
                                     serverRequestJSON = createServiceJson(registeredService.getClientId(), name, email, jwksUri);
                                 } else if (keyType.equals("value")) {
                                     serverRequestJSON = createServiceJson(registeredService.getClientId(), name, email, jwks);
+                                }
                                 if (serverRequestJSON != null) {
                                     System.out.println("SERVER JSON " + serverRequestJSON);
                                     HttpResponse resp = tokenUtils.updateService(registeredService.getClientId(), serverRequestJSON, registeredService.getRegistrationAccessToken());
                                     if (resp.getStatusLine().getStatusCode() == 200) {
                                         System.out.println("NAME >>>>" + name);
                                         registeredService.setName(name);
                                         System.out.println("Client Id " + registeredService.getClientId());
                                         try {
                                             registeredServicesUtils.getRegisteredServiceDao().update(registeredService);
                                         } catch (SQLException sqle) {
                                             logger.error("Unable to contact db.", sqle);
                                             request.getSession().setAttribute("message", "Fail to delete the service. Please try again later.");
                                             response.setContentType("text/html");
                                             request.getRequestDispatcher("./registeredServices.jsp").include(request, response);
                                             return;
+                                        }
                                         request.getSession().setAttribute("success",
                                                 "Your service has been successfully updated!<br>" +
                                                         "<b>Client ID</b>: " + registeredService.getClientId());
             k.triantaf
             katerina.i
                                 } else {
                                     request.getSession().setAttribute("message", "Service with id " + serviceId + " does not exist.");
                                     response.sendRedirect("./registeredServices");
                                     return;
             katerina.i
-            k.triantaf
+                            } else {
-            katerina.i
+                                logger.error("Service request JSON is null");
                                 request.getSession().setAttribute("message", "There was an error registering your service. Please try again later.");
-            k.triantaf
+                                response.sendRedirect("./registeredServices");
                                 return;
             katerina.i
+                        }
-            katerina.i
+                    } catch(SQLException sqle){
                         logger.error("Unable to access service with id " + serviceId, sqle);
                         request.getSession().setAttribute("message", "There was an error accessing your service.");
                         response.sendRedirect("./registeredServices");
             katerina.i
-            katerina.i
+                    } catch(NumberFormatException nfe){
                         logger.error("Unable to access service with id " + serviceId, nfe);
                         request.getSession().setAttribute("message", "Service with id " + serviceId + " does not exist.");
                         response.sendRedirect("./registeredServices");
+                    }
             katerina.i
             katerina.i
         } else {
             //something is wrong with the form and the error messages will appear
-            katerina.i
+            request.getSession().setAttribute("first_name", name);
-            k.triantaf
+            request.getSession().setAttribute("key_type", keyType);
             request.getSession().setAttribute("uri", jwksUri);
             request.getSession().setAttribute("value", jwksString);
             katerina.i
-            k.triantaf
+            if (serviceId != null && !serviceId.isEmpty()) {
                 request.getRequestDispatcher("./registerService.jsp?id=" + serviceId).forward(request, response);
             katerina.i
             } else {
                 request.getRequestDispatcher("./registerService.jsp").include(request, response);
+            }
-            katerina.i
+            return;
             katerina.i
-            katerina.i
+        response.sendRedirect("./registeredServices");
+    }
             katerina.i
-            katerina.i
+    private void checkmode(String mode) {
-            k.triantaf
+        if (mode != null && !mode.isEmpty()) {
             if (!mode.equals("edit") || mode.equals("create")) {
-            katerina.i
+                mode = "create";
+            }
         } else {
             mode = "create";
+        }
+    }
-            katerina.i
+    private boolean keyIsValid(String keyType, String jwksUri, String jwksString) {
-            k.triantaf
+        return keyType == null || (keyType.equals("uri") && jwksUri != null && !jwksUri.isEmpty()) ||
-            katerina.i
+                keyType.equals("value") && jwksString != null && !jwksString.isEmpty();
+    }
             katerina.i
-            katerina.i
+    private boolean userInfoIsValid(String userid, String email) {
         return userid != null && !userid.isEmpty() &&
                 email != null && !email.isEmpty();
+    }
     private boolean nameIsValid(String name) {
         return name != null && !name.isEmpty();
+    }
-            katerina.i
+    private boolean checkNumberOfRegisteredServices(HttpServletRequest request, HttpServletResponse response, OIDCAuthenticationToken authentication) throws IOException {
-            katerina.i
+        try {
-            katerina.i
+            long numberOfRegisteredServices =
                     registeredServicesUtils.getRegisteredServiceDao().countRegisteredServices(authentication.getSub());
             katerina.i
-            katerina.i
+            if (numberOfRegisteredServices >= 5) {
                 response.sendRedirect("./registeredServices"); // The message there already exists.
-            katerina.i
+                return false;
             katerina.i
             katerina.i
-            katerina.i
+        } catch (SQLException sqle) {
-            katerina.i
+            logger.error("Unable to count registered services.", sqle);
             request.getSession().setAttribute("message", "Unable to contact DB. Please try again later.");
-            katerina.i
+            response.sendRedirect("./registeredServices");
-            katerina.i
+            return false;
             katerina.i
             katerina.i
         return true;
             katerina.i
             katerina.i
-            k.triantaf
+    private static String createServiceJson(String clientId, String name, String email) {
         ServiceRequest serviceJSON = new ServiceRequest();
         serviceJSON.setClientId(clientId);
         serviceJSON.setClientName(name);
         serviceJSON.setContacts(new String[]{email});
         serviceJSON.setToken_endpoint_auth_method("client_secret_basic");
         serviceJSON.setTokenEndpointAuthSigningAlg(null);
         GsonBuilder builder = new GsonBuilder();
         builder.serializeNulls();
         Gson gson = builder.create();
         System.out.println("Created json " + serviceJSON);
         return gson.toJson(serviceJSON);
+    }
-            k.triantaf
+    private static String createServiceJson(String clientId, String name, String email, String jwksURI) {
-            katerina.i
+        ServiceRequest serviceJSON = new ServiceRequest();
-            k.triantaf
+        serviceJSON.setClientId(clientId);
-            katerina.i
+        serviceJSON.setClientName(name);
         serviceJSON.setContacts(new String[]{email});
         serviceJSON.setJwksUri(jwksURI);
             katerina.i
-            katerina.i
+        GsonBuilder builder = new GsonBuilder();
         builder.serializeNulls();
         Gson gson = builder.create();
-            k.triantaf
+        System.out.println("Created json " + serviceJSON);
-            katerina.i
+        return gson.toJson(serviceJSON);
             katerina.i
             katerina.i
-            k.triantaf
+    private static String createServiceJson(String clientId, String name, String email, Jwks jwks) {
-            katerina.i
+        ServiceRequest serviceJSON = new ServiceRequest();
-            k.triantaf
+        serviceJSON.setClientId(clientId);
-            katerina.i
+        serviceJSON.setClientName(name);
         serviceJSON.setContacts(new String[]{email});
         serviceJSON.setJwks(jwks);
         GsonBuilder builder = new GsonBuilder();
         builder.serializeNulls();
         Gson gson = builder.create();
-            k.triantaf
+        System.out.println("Created json " + serviceJSON);
-            katerina.i
+        return gson.toJson(serviceJSON);
+    }
             katerina.i

Project

General

Profile

D-Net