net.solarnetwork.node.setup.web.NodeCertificatesController.java Source code

Java tutorial

Introduction

Here is the source code for net.solarnetwork.node.setup.web.NodeCertificatesController.java

Source

/* ==================================================================
 * NodeCertificatesController.java - Dec 7, 2012 7:16:19 AM
 * 
 * Copyright 2007-2012 SolarNetwork.net Dev Team
 * 
 * This program is free software; you can redistribute it and/or 
 * modify it under the terms of the GNU General Public License as 
 * published by the Free Software Foundation; either version 2 of 
 * the License, or (at your option) any later version.
 * 
 * This program is distributed in the hope that it will be useful, 
 * but WITHOUT ANY WARRANTY; without even the implied warranty of 
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 
 * General Public License for more details.
 * 
 * You should have received a copy of the GNU General Public License 
 * along with this program; if not, write to the Free Software 
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 
 * 02111-1307 USA
 * ==================================================================
 */

package net.solarnetwork.node.setup.web;

import java.io.IOException;
import java.io.InputStreamReader;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import net.solarnetwork.node.setup.PKIService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.util.FileCopyUtils;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.multipart.MultipartFile;

/**
 * Controller for node certificate management.
 * 
 * @author matt
 * @version 1.0
 */
@Controller
@RequestMapping("/certs")
public class NodeCertificatesController extends BaseSetupController {

    @Autowired
    private PKIService pkiService;

    /**
     * View the main certs page.
     * 
     * @param model
     *        the view model
     * @return
     */
    @RequestMapping
    public String home(Model model) {
        X509Certificate nodeCert = pkiService.getNodeCertificate();
        final Date now = new Date();
        final boolean expired = (nodeCert != null && now.after(nodeCert.getNotAfter()));
        final boolean valid = (nodeCert != null && (!nodeCert.getIssuerDN().equals(nodeCert.getSubjectDN())
                && !now.before(nodeCert.getNotBefore()) && !expired));
        model.addAttribute("nodeCert", nodeCert);
        model.addAttribute("nodeCertExpired", expired);
        model.addAttribute("nodeCertValid", valid);
        return "certs/home";
    }

    /**
     * Return a node's CSR based on its current certificate.
     * 
     * @return a map with the PEM encoded certificate on key {@code csr}
     */
    @RequestMapping(value = "/nodeCSR", method = RequestMethod.GET)
    @ResponseBody
    public Map<String, Object> nodeCSR() {
        String csr = pkiService.generateNodePKCS10CertificateRequestString();
        Map<String, Object> result = new HashMap<String, Object>(1);
        result.put("csr", csr);
        return result;
    }

    /**
     * Return a node's current certificate.
     * 
     * @return a map with the PEM encoded certificate on key {@code cert} if
     *         {@code download} is not <em>true</em>, otherwise the content is
     *         returned as a file attachment
     */
    @RequestMapping(value = "/nodeCert", method = RequestMethod.GET)
    @ResponseBody
    public Object viewNodeCert(@RequestParam(value = "download", required = false) final Boolean download,
            @RequestParam(value = "chain", required = false) final Boolean asChain) {
        final String cert = (Boolean.TRUE.equals(asChain) ? pkiService.generateNodePKCS7CertificateChainString()
                : pkiService.generateNodePKCS7CertificateString());

        if (!Boolean.TRUE.equals(download)) {
            Map<String, Object> result = new HashMap<String, Object>(1);
            result.put("cert", cert);
            return result;
        }

        HttpHeaders headers = new HttpHeaders();
        headers.setContentLength(cert.length());
        headers.setContentType(MediaType.parseMediaType("application/x-pem-file"));
        headers.setLastModified(System.currentTimeMillis());
        headers.setCacheControl("no-cache");

        headers.set("Content-Disposition",
                "attachment; filename=solarnode-" + getIdentityService().getNodeId() + ".pem");

        return new ResponseEntity<String>(cert, headers, HttpStatus.OK);
    }

    /**
     * Import a certificate reply (signed certificate chain).
     * 
     * @param file
     *        the CSR file to import
     * @return the destination view
     * @throws IOException
     *         if an IO error occurs
     */
    @RequestMapping(value = "/import", method = RequestMethod.POST)
    public String importSettings(@RequestParam(value = "file", required = false) MultipartFile file,
            @RequestParam(value = "text", required = false) String text) throws IOException {
        String pem = text;
        if (file != null && !file.isEmpty()) {
            pem = FileCopyUtils.copyToString(new InputStreamReader(file.getInputStream(), "UTF-8"));
        }
        pkiService.saveNodeSignedCertificate(pem);
        return "redirect:/certs";
    }
}