2 * Copyright 2010 Electronic Business Systems Ltd.
4 * This file is part of GSS.
6 * GSS is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation, either version 3 of the License, or
9 * (at your option) any later version.
11 * GSS is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with GSS. If not, see <http://www.gnu.org/licenses/>.
19 package gr.ebs.gss.server.rest;
21 import gr.ebs.gss.client.exceptions.ObjectNotFoundException;
22 import gr.ebs.gss.client.exceptions.RpcException;
23 import gr.ebs.gss.server.domain.User;
25 import java.io.IOException;
26 import java.io.PrintWriter;
28 import javax.servlet.http.HttpServletRequest;
29 import javax.servlet.http.HttpServletResponse;
31 import org.apache.commons.codec.binary.Base64;
32 import org.apache.commons.logging.Log;
33 import org.apache.commons.logging.LogFactory;
37 * A class that handles authentication token renewal.
41 public class TokenHandler extends RequestHandler {
45 private static Log logger = LogFactory.getLog(TokenHandler.class);
48 * Invalidate the current authentication token and return a newly-issued one.
50 * @param req The servlet request we are processing
51 * @param resp The servlet response we are processing
52 * @throws IOException if an input/output error occurs
54 void newToken(HttpServletRequest req, HttpServletResponse resp) throws IOException {
55 String path = getInnerPath(req, PATH_TOKEN);
58 if (!"/".equals(path)) {
59 String error = "Invalid request for new token";
61 resp.setContentType("text/html");
62 resp.sendError(HttpServletResponse.SC_FORBIDDEN, error);
67 User user = getUser(req);
68 // The following can't happen, but it's better to be safe than sorry.
70 throw new ObjectNotFoundException();
71 user = getService().updateUserToken(user.getId());
72 String tokenEncoded = new String(Base64.encodeBase64(user.getAuthToken()), "US-ASCII");
73 resp.setContentType("text/plain");
74 PrintWriter out = resp.getWriter();
75 out.println(tokenEncoded);
76 } catch (ObjectNotFoundException e) {
77 logger.error("User not found", e);
78 resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
80 } catch (RpcException e) {
82 resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);