code.grnet.gr Git - pithos/blob - src/gr/ebs/gss/server/rest/TokenHandler.java

   1 /*
   2  * Copyright 2010 Electronic Business Systems Ltd.
   3  *
   4  * This file is part of GSS.
   5  *
   6  * GSS is free software: you can redistribute it and/or modify
   7  * it under the terms of the GNU General Public License as published by
   8  * the Free Software Foundation, either version 3 of the License, or
   9  * (at your option) any later version.
  10  *
  11  * GSS is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  * GNU General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU General Public License
  17  * along with GSS.  If not, see <http://www.gnu.org/licenses/>.
  18  */
  19 package gr.ebs.gss.server.rest;
  20
  21 import gr.ebs.gss.client.exceptions.ObjectNotFoundException;
  22 import gr.ebs.gss.client.exceptions.RpcException;
  23 import gr.ebs.gss.server.domain.User;
  24
  25 import java.io.IOException;
  26 import java.io.PrintWriter;
  27
  28 import javax.servlet.http.HttpServletRequest;
  29 import javax.servlet.http.HttpServletResponse;
  30
  31 import org.apache.commons.codec.binary.Base64;
  32 import org.apache.commons.logging.Log;
  33 import org.apache.commons.logging.LogFactory;
  34
  35
  36 /**
  37  * A class that handles authentication token renewal.
  38  *
  39  * @author past
  40  */
  41 public class TokenHandler extends RequestHandler {
  42         /**
  43          * The logger.
  44          */
  45         private static Log logger = LogFactory.getLog(TokenHandler.class);
  46
  47         /**
  48      * Invalidate the current authentication token and return a newly-issued one.
  49      *
  50      * @param req The servlet request we are processing
  51      * @param resp The servlet response we are processing
  52      * @throws IOException if an input/output error occurs
  53          */
  54         void newToken(HttpServletRequest req, HttpServletResponse resp) throws IOException {
  55         String path = getInnerPath(req, PATH_TOKEN);
  56                 if (path.equals(""))
  57                         path = "/";
  58                 if (!"/".equals(path)) {
  59                         String error = "Invalid request for new token";
  60                         logger.info(error);
  61                         resp.setContentType("text/html");
  62                         resp.sendError(HttpServletResponse.SC_FORBIDDEN, error);
  63                         return;
  64                 }
  65
  66                 try {
  67                 User user = getUser(req);
  68                 // The following can't happen, but it's better to be safe than sorry.
  69                 if (user == null)
  70                         throw new ObjectNotFoundException();
  71                 user = getService().updateUserToken(user.getId());
  72                         String tokenEncoded = new String(Base64.encodeBase64(user.getAuthToken()), "US-ASCII");
  73                         resp.setContentType("text/plain");
  74                     PrintWriter out = resp.getWriter();
  75                     out.println(tokenEncoded);
  76                 } catch (ObjectNotFoundException e) {
  77                         logger.error("User not found", e);
  78                         resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
  79                         return;
  80                 } catch (RpcException e) {
  81                         logger.error("", e);
  82                         resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
  83                         return;
  84                 }
  85         }
  86
  87 }