|
1
|
/**
|
|
2
|
* This work was created by participants in the DataONE project, and is
|
|
3
|
* jointly copyrighted by participating institutions in DataONE. For
|
|
4
|
* more information on DataONE, see our web site at http://dataone.org.
|
|
5
|
*
|
|
6
|
* Copyright ${year}
|
|
7
|
*
|
|
8
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
9
|
* you may not use this file except in compliance with the License.
|
|
10
|
* You may obtain a copy of the License at
|
|
11
|
*
|
|
12
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
13
|
*
|
|
14
|
* Unless required by applicable law or agreed to in writing, software
|
|
15
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
16
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
17
|
* See the License for the specific language governing permissions and
|
|
18
|
* limitations under the License.
|
|
19
|
*
|
|
20
|
* $Id: SuccessServlet.java 7737 2013-05-22 06:05:30Z leinfelder $
|
|
21
|
*/
|
|
22
|
|
|
23
|
package edu.ucsb.nceas.metacat.portal;
|
|
24
|
|
|
25
|
import org.dataone.portal.PortalCertificateManager;
|
|
26
|
|
|
27
|
import edu.uiuc.ncsa.myproxy.oa4mp.client.Asset;
|
|
28
|
import edu.uiuc.ncsa.myproxy.oa4mp.client.AssetResponse;
|
|
29
|
import edu.uiuc.ncsa.myproxy.oa4mp.client.servlet.ClientServlet;
|
|
30
|
import edu.uiuc.ncsa.security.core.exceptions.GeneralException;
|
|
31
|
import edu.uiuc.ncsa.security.servlet.JSPUtil;
|
|
32
|
|
|
33
|
import javax.servlet.ServletConfig;
|
|
34
|
import javax.servlet.ServletException;
|
|
35
|
import javax.servlet.http.HttpServletRequest;
|
|
36
|
import javax.servlet.http.HttpServletResponse;
|
|
37
|
import java.io.PrintWriter;
|
|
38
|
import java.security.cert.X509Certificate;
|
|
39
|
|
|
40
|
import static edu.uiuc.ncsa.security.util.pkcs.CertUtil.toPEM;
|
|
41
|
|
|
42
|
/**
|
|
43
|
* <p>Created by Jeff Gaynor<br>
|
|
44
|
* on Jul 31, 2010 at 3:29:09 PM
|
|
45
|
*/
|
|
46
|
public class SuccessServlet extends ClientServlet {
|
|
47
|
|
|
48
|
public void init(ServletConfig config) throws ServletException {
|
|
49
|
super.init(config);
|
|
50
|
// TODO: anything needed?
|
|
51
|
}
|
|
52
|
|
|
53
|
protected void doIt(HttpServletRequest request, HttpServletResponse response) throws Throwable {
|
|
54
|
String identifier = clearCookie(request, response);
|
|
55
|
if (identifier == null) {
|
|
56
|
throw new ServletException("Error: No identifier for this delegation request was found. ");
|
|
57
|
}
|
|
58
|
info("2.a. Getting token and verifier.");
|
|
59
|
String token = request.getParameter(TOKEN_KEY);
|
|
60
|
String verifier = request.getParameter(VERIFIER_KEY);
|
|
61
|
if (token == null || verifier == null) {
|
|
62
|
warn("2.a. The token is " + (token==null?"null":token) + " and the verifier is " + (verifier==null?"null":verifier));
|
|
63
|
GeneralException ge = new GeneralException("Error: This servlet requires parameters for the token and verifier. It cannot be called directly.");
|
|
64
|
request.setAttribute("exception", ge);
|
|
65
|
JSPUtil.handleException(ge, request, response, "/pages/client-error.jsp");
|
|
66
|
return;
|
|
67
|
//throw ge;
|
|
68
|
}
|
|
69
|
info("2.a Token and verifier found.");
|
|
70
|
X509Certificate cert = null;
|
|
71
|
AssetResponse assetResponse = null;
|
|
72
|
|
|
73
|
try {
|
|
74
|
info("2.a. Getting the cert(s) from the service");
|
|
75
|
assetResponse = getOA4MPService().getCert(token, verifier);
|
|
76
|
X509Certificate[] certificates = assetResponse.getX509Certificates();
|
|
77
|
// update the asset to include the returned certificate
|
|
78
|
Asset asset = getOA4MPService().getEnvironment().getAssetStore().get(identifier);
|
|
79
|
asset.setCertificates(certificates);
|
|
80
|
getOA4MPService().getEnvironment().getAssetStore().save(asset);
|
|
81
|
cert = certificates[0];
|
|
82
|
} catch (Throwable t) {
|
|
83
|
warn("2.a. Exception from the server: " + t.getCause().getMessage());
|
|
84
|
error("Exception while trying to get cert. message:" + t.getMessage());
|
|
85
|
request.setAttribute("exception", t);
|
|
86
|
JSPUtil.handleException(t, request, response, "/pages/client-error.jsp");
|
|
87
|
return;
|
|
88
|
//throw t;
|
|
89
|
}
|
|
90
|
|
|
91
|
// add teh cookie for later request processing
|
|
92
|
PortalCertificateManager.getInstance().setCookie(identifier, response);
|
|
93
|
|
|
94
|
// find where we should end up
|
|
95
|
String target = (String) request.getSession().getAttribute("target");
|
|
96
|
if (target != null) {
|
|
97
|
// remove from the session once we use it
|
|
98
|
request.getSession().removeAttribute("target");
|
|
99
|
// send the redirect
|
|
100
|
response.sendRedirect(target);
|
|
101
|
return;
|
|
102
|
}
|
|
103
|
|
|
104
|
// otherwise show us information
|
|
105
|
response.setContentType("text/html");
|
|
106
|
PrintWriter pw = response.getWriter();
|
|
107
|
/* Put the key and certificate in the result, but allow them to be initially hidden. */
|
|
108
|
String y = "<html>\n" +
|
|
109
|
"<style type=\"text/css\">\n" +
|
|
110
|
".hidden { display: none; }\n" +
|
|
111
|
".unhidden { display: block; }\n" +
|
|
112
|
"</style>\n" +
|
|
113
|
"<script type=\"text/javascript\">\n" +
|
|
114
|
"function unhide(divID) {\n" +
|
|
115
|
" var item = document.getElementById(divID);\n" +
|
|
116
|
" if (item) {\n" +
|
|
117
|
" item.className=(item.className=='hidden')?'unhidden':'hidden';\n" +
|
|
118
|
" }\n" +
|
|
119
|
"}\n" +
|
|
120
|
"</script>\n" +
|
|
121
|
"<body>\n" +
|
|
122
|
"<h1>Success!</h1>\n" +
|
|
123
|
"<p>You have successfully requested a DataONE certificate. It will be accessible for 18 hours using your cookie.</p>\n" +
|
|
124
|
"<ul>\n" +
|
|
125
|
" <li><a href=\"javascript:unhide('showSubject');\">Show/Hide subject</a></li>\n" +
|
|
126
|
" <div id=\"showSubject\" class=\"unhidden\">\n" +
|
|
127
|
" <p><pre>" + cert.getSubjectDN().toString() + "</pre>\n" +
|
|
128
|
" </div>\n" +
|
|
129
|
" <li><a href=\"javascript:unhide('showCert');\">Show/Hide certificate</a></li>\n" +
|
|
130
|
" <div id=\"showCert\" class=\"hidden\">\n" +
|
|
131
|
" <p><pre>" + toPEM(cert) + "</pre>\n" +
|
|
132
|
" </div>\n" +
|
|
133
|
" <li><a href=\"javascript:unhide('showKey');\">Show/Hide private key</a></li>\n" +
|
|
134
|
" <div id=\"showKey\" class=\"hidden\">\n" +
|
|
135
|
" <p><pre>" + "hidden for security" + "</pre>\n" +
|
|
136
|
" </div>\n" +
|
|
137
|
"\n" +
|
|
138
|
"</ul>\n" +
|
|
139
|
"<a href=" + request.getContextPath() + ">" +
|
|
140
|
"Return to portal" +
|
|
141
|
"</a> or " +
|
|
142
|
"<a href=" + target + ">" +
|
|
143
|
"Continue to target" +
|
|
144
|
"</a>" +
|
|
145
|
"</body>\n" +
|
|
146
|
"</html>";
|
|
147
|
pw.println(y);
|
|
148
|
pw.flush();
|
|
149
|
}
|
|
150
|
|
|
151
|
|
|
152
|
}
|