/**
* Copyright (C) Gadglet .
*
* This file is part of Gadglet
*
* Gadglet is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Gadglet is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Gadglet. If not, see <http://www.gnu.org/licenses/>.
*/
package com.gadglet.servlets;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.logging.Logger;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.gadglet.core.GadgletRequestWrapper;
import com.gadglet.core.GadgletResponse;
import com.gadglet.core.RequestException;
import com.gadglet.data.DomainUser;
import com.gadglet.data.DomainUserUtils;
import com.gadglet.data.Gadget;
import com.gadglet.data.GadgetUtils;
import com.gadglet.data.RegistrationToken;
import com.gadglet.data.RegistrationTokenUtils;
import com.gadglet.data.utils.DomainUserStatus;
import com.gadglet.params.GadgetType;
import com.gadglet.params.ReqErrorTypes;
import com.gadglet.params.SharedConstants;
import com.gadglet.util.UrlUtils;
import com.google.appengine.api.NamespaceManager;
import com.google.gson.Gson;
/**
* This class serve Bizlets (Google Apps Gadgets) SIGNED requests
*
*/
public class DomainSignedRequestServlet extends BasicRequestServlet {
private static final long serialVersionUID = 1758343254324324L;
Logger log = Logger.getLogger(this.getClass().getName());
@Override
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
checkUser(request, response);
}
@Override
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
checkUser(request, response);
}
/**
*
* @param httpServletRequest
* @param httpServletResponse
*/
private void checkUser(HttpServletRequest httpServletRequest,
HttpServletResponse httpServletResponse) {
GadgletResponse gadgetServerResponse = new GadgletResponse();
GadgletRequestWrapper platformRequestWrapper = new GadgletRequestWrapper(
httpServletRequest);
if (!(platformRequestWrapper.getParameter("ignoreJson") != null && UrlUtils
.isOnDevPort8888(platformRequestWrapper)))
setResponseHeaders(httpServletResponse);
boolean userIsValid = false;
try {
userIsValid = validateOpenSocialUser(platformRequestWrapper,
gadgetServerResponse);
// load gadget
Gadget g = GadgetUtils.getGadget(platformRequestWrapper.getGadgetName());
if(g==null || g.getGadgletType()==null || !g.getGadgletType().equals(GadgetType.BIZLET.getGadgetType()))
throw new RequestException(
ReqErrorTypes.UNRECOGNIZED_GADGET);
else
platformRequestWrapper.setRequestedGadget(g);
} catch (RequestException e) {
userIsValid = false;
gadgetServerResponse.setError(e);
} catch (Exception e) {
userIsValid = false;
gadgetServerResponse.setError(new RequestException(
ReqErrorTypes.REQUEST_FAILED));
printStackTrace(e);
}
if (userIsValid)
performRequest(platformRequestWrapper, gadgetServerResponse,
httpServletResponse);
else {
PrintWriter out = null;
try {
out = httpServletResponse.getWriter();
Gson gson = new Gson();
out.print(gson.toJson(new JsonEnvelope(gadgetServerResponse)));
} catch (IOException e) {
log.warning(e.getMessage());
}
}
}
protected boolean validateOpenSocialUser(
GadgletRequestWrapper platformRequestWrapper,
GadgletResponse jsonResponse) throws RequestException {
boolean userLogin = false;
if (platformRequestWrapper.getOpenSocialViewerId() == null) {
log.warning("opensocial_viewer_id is null");
throw new RequestException(ReqErrorTypes.USER_NOT_LOGGEDIN);
}
if (!validateSignedRequestWithContainer(platformRequestWrapper)) {
userLogin = false;
throw new RequestException(ReqErrorTypes.USER_NOT_LOGGEDIN);
}
DomainUser domainUser = null;
domainUser = (DomainUser) platformRequestWrapper.getSession()
.getAttribute("domainUser");
if (domainUser != null
&& domainUser.getOauthConsumerKey().equals(
platformRequestWrapper.getOpenSocialConsumerKey())
&& domainUser.getOpensocialViewerId().equals(
platformRequestWrapper.getOpenSocialViewerId())) {
NamespaceManager.set(domainUser.getAccount());
return true;
}
else
domainUser = DomainUserUtils.getDomainUserByOpenSocial(platformRequestWrapper);
if (domainUser != null){
if (domainUser.getStatus() != DomainUserStatus.ACTIVE.getUserStatus())
throw new RequestException(ReqErrorTypes.USER_NOT_ACTIVE);
// set user in session
if (platformRequestWrapper != null && domainUser != null) {
platformRequestWrapper.getSession().setAttribute("domainUser",
domainUser);
NamespaceManager.set(domainUser.getAccount());
return true;
}
}
if (domainUser == null) {
// Registration
RegistrationToken token = null;
// 5 cases:
// - token is ready with both OAUTH + SIGNED - send registration url
// - token is ready for SIGNED and only SIGNED is needed - send
// registration url
// - token is already SIGNED created - send do to OAUTH
// - token is OAUTH created and id in the session - update SIGNED and
// send registration url
// - token is null. send request failed
String tokenId = null;
if (platformRequestWrapper.getRegistrationTokenId() != null) {
tokenId = platformRequestWrapper.getRegistrationTokenId();
try {
token = RegistrationTokenUtils.updateTokenForOpenSocial(
tokenId,
platformRequestWrapper.getOpenSocialViewerId(),
platformRequestWrapper.getOpenSocialConsumerKey());
} catch (Exception e) {
printStackTrace(e);
}
}
if (token == null) {
try {
token = RegistrationTokenUtils
.createNew(platformRequestWrapper);
platformRequestWrapper.getSession().setAttribute(SharedConstants.registrationTokenParamName,token.getTokenID());
} catch (Exception e) {
log.warning(e.getMessage());
}
}
if(token ==null)
log.warning("token is null we have a problem");
else if (token.isTokenReady())
jsonResponse.addCustomFieldError(
SharedConstants.registrationTokenParamName,
token.getTokenID());
else if (token.isOpenSocialReady() && userRegistrationMethod.equalsIgnoreCase(SharedConstants.registrationMethodSigned))
jsonResponse.addCustomFieldError(
SharedConstants.registrationTokenParamName,
token.getTokenID());
else if (!token.isOauthReady()){
jsonResponse.addCustomFieldError(
SharedConstants.registrationTokenParamName,
token.getTokenID());
jsonResponse.addCustomFieldError(SharedConstants.registrationProcessParamName, SharedConstants.registrationDoOAuth);
}
else
token =null;
if (token != null)
throw new RequestException(ReqErrorTypes.USER_NOT_REGISTERED);
else
throw new RequestException(ReqErrorTypes.REQUEST_FAILED);
}
return userLogin;
}
}