X-Git-Url: http://git.nikiroo.be/?a=blobdiff_plain;f=src%2Fbe%2Fnikiroo%2Ffanfix%2Flibrary%2FWebLibraryServer.java;h=c4be6633dc563949a5f146a86225017d43b987c4;hb=d11fb35b34e44744c8b1f9226321f133af4eb151;hp=7c5cf425bd0dd21394c9e4e881c33c5657530ae2;hpb=4bd7d202930dd0ba9129c7bd6af7dd83bc294c24;p=nikiroo-utils.git diff --git a/src/be/nikiroo/fanfix/library/WebLibraryServer.java b/src/be/nikiroo/fanfix/library/WebLibraryServer.java index 7c5cf42..c4be663 100644 --- a/src/be/nikiroo/fanfix/library/WebLibraryServer.java +++ b/src/be/nikiroo/fanfix/library/WebLibraryServer.java @@ -51,16 +51,18 @@ public class WebLibraryServer implements Runnable { private boolean success; private boolean rw; private boolean wl; + private boolean bl; private String wookie; private String token; private boolean badLogin; private boolean badToken; public LoginResult(String who, String key, String subkey, - boolean success, boolean rw, boolean wl) { + boolean success, boolean rw, boolean wl, boolean bl) { this.success = success; this.rw = rw; this.wl = wl; + this.bl = bl; this.wookie = CookieUtils.generateCookie(who + key, 0); String opts = ""; @@ -68,6 +70,8 @@ public class WebLibraryServer implements Runnable { opts += "|rw"; if (!wl) opts += "|wl"; + if (!bl) + opts += "|bl"; this.token = wookie + "~" + CookieUtils.generateCookie(wookie + subkey + opts, 0) @@ -93,14 +97,15 @@ public class WebLibraryServer implements Runnable { subkeys.add(""); for (String subkey : subkeys) { - if (CookieUtils.validateCookie(wookie + subkey - + opts, rehashed)) { + if (CookieUtils.validateCookie( + wookie + subkey + opts, rehashed)) { this.wookie = wookie; this.token = token; this.success = true; this.rw = opts.contains("|rw"); this.wl = !opts.contains("|wl"); + this.bl = !opts.contains("|bl"); } } } @@ -124,6 +129,10 @@ public class WebLibraryServer implements Runnable { return wl; } + public boolean isBl() { + return bl; + } + public String getToken() { return token; } @@ -144,11 +153,15 @@ public class WebLibraryServer implements Runnable { private long maxStoryCacheSize; private TraceHandler tracer = new TraceHandler(); + private List whitelist; + private List blacklist; + public WebLibraryServer(boolean secure) throws IOException { Integer port = Instance.getInstance().getConfig() .getInteger(Config.SERVER_PORT); if (port == null) { - throw new IOException("Cannot start web server: port not specified"); + throw new IOException( + "Cannot start web server: port not specified"); } int cacheMb = Instance.getInstance().getConfig() @@ -157,6 +170,11 @@ public class WebLibraryServer implements Runnable { setTraceHandler(Instance.getInstance().getTraceHandler()); + whitelist = Instance.getInstance().getConfig() + .getList(Config.SERVER_WHITELIST, new ArrayList()); + blacklist = Instance.getInstance().getConfig() + .getList(Config.SERVER_BLACKLIST, new ArrayList()); + SSLServerSocketFactory ssf = null; if (secure) { String keystorePath = Instance.getInstance().getConfig() @@ -172,8 +190,8 @@ public class WebLibraryServer implements Runnable { if (!keystorePath.isEmpty()) { File keystoreFile = new File(keystorePath); try { - KeyStore keystore = KeyStore.getInstance(KeyStore - .getDefaultType()); + KeyStore keystore = KeyStore + .getInstance(KeyStore.getDefaultType()); InputStream keystoreStream = new FileInputStream( keystoreFile); try { @@ -210,46 +228,35 @@ public class WebLibraryServer implements Runnable { cookies.put(cookie, session.getCookies().read(cookie)); } - List whitelist = Instance.getInstance().getConfig() - .getList(Config.SERVER_WHITELIST); - if (whitelist == null) { - whitelist = new ArrayList(); - } - LoginResult login = null; Map params = session.getParms(); String who = session.getRemoteHostName() + session.getRemoteIpAddress(); if (params.get("login") != null) { login = login(who, params.get("password"), - params.get("login"), whitelist); + params.get("login")); } else { String token = cookies.get("token"); - login = login(who, token, Instance.getInstance() - .getConfig().getList(Config.SERVER_ALLOWED_SUBKEYS)); + login = login(who, token); } if (login.isSuccess()) { - if (!login.isWl()) { - whitelist.clear(); - } - // refresh token - session.getCookies() - .set(new Cookie("token", login.getToken(), - "30; path=/")); + session.getCookies().set(new Cookie("token", + login.getToken(), "30; path=/")); // set options String optionName = params.get("optionName"); if (optionName != null && !optionName.isEmpty()) { + String optionNo = params.get("optionNo"); String optionValue = params.get("optionValue"); - if (optionValue == null || optionValue.isEmpty()) { + if (optionNo != null || optionValue == null + || optionValue.isEmpty()) { session.getCookies().delete(optionName); cookies.remove(optionName); } else { - session.getCookies().set( - new Cookie(optionName, optionValue, - "; path=/")); + session.getCookies().set(new Cookie(optionName, + optionValue, "; path=/")); cookies.put(optionName, optionValue); } } @@ -259,20 +266,20 @@ public class WebLibraryServer implements Runnable { if (!login.isSuccess() && (uri.equals("/") // || uri.startsWith(STORY_URL_BASE) // || uri.startsWith(VIEWER_URL_BASE) // - || uri.startsWith(LIST_URL))) { + || uri.startsWith(LIST_URL))) { rep = loginPage(login, uri); } if (rep == null) { try { if (uri.equals("/")) { - rep = root(session, cookies, whitelist); + rep = root(session, cookies, login); } else if (uri.startsWith(LIST_URL)) { - rep = getList(uri, whitelist); + rep = getList(uri, login); } else if (uri.startsWith(STORY_URL_BASE)) { - rep = getStoryPart(uri, whitelist); + rep = getStoryPart(uri, login); } else if (uri.startsWith(VIEWER_URL_BASE)) { - rep = getViewer(cookies, uri, whitelist); + rep = getViewer(cookies, uri, login); } else if (uri.equals("/logout")) { session.getCookies().delete("token"); cookies.remove("token"); @@ -303,34 +310,15 @@ public class WebLibraryServer implements Runnable { NanoHTTPD.MIME_PLAINTEXT, "Not Found"); } } catch (Exception e) { - Instance.getInstance() - .getTraceHandler() - .error(new IOException( - "Cannot process web request", e)); + Instance.getInstance().getTraceHandler().error( + new IOException("Cannot process web request", + e)); rep = newFixedLengthResponse(Status.INTERNAL_ERROR, NanoHTTPD.MIME_PLAINTEXT, "An error occured"); } } return rep; - - // Get status: for story, use "luid" + active map of current - // luids - // map must use a addRef/removeRef and delete at 0 - - // http://localhost:2000/?token=ok - - // - // MetaData meta = new MetaData(); - // meta.setTitle("Title"); - // meta.setLuid("000"); - // - // JSONObject json = new JSONObject(); - // json.put("", MetaData.class.getName()); - // json.put("title", meta.getTitle()); - // json.put("luid", meta.getLuid()); - // - // return newFixedLengthResponse(json.toString()); } }; @@ -385,38 +373,36 @@ public class WebLibraryServer implements Runnable { this.tracer = tracer; } - private LoginResult login(String who, String token, List subkeys) { + private LoginResult login(String who, String token) { + List subkeys = Instance.getInstance().getConfig().getList( + Config.SERVER_ALLOWED_SUBKEYS, new ArrayList()); String realKey = Instance.getInstance().getConfig() - .getString(Config.SERVER_KEY); - realKey = realKey == null ? "" : realKey; + .getString(Config.SERVER_KEY, ""); + return new LoginResult(token, who, realKey, subkeys); } // allow rw/wl - private LoginResult login(String who, String key, String subkey, - List whitelist) { + private LoginResult login(String who, String key, String subkey) { String realKey = Instance.getInstance().getConfig() - .getString(Config.SERVER_KEY); + .getString(Config.SERVER_KEY, ""); // I don't like NULLs... - realKey = realKey == null ? "" : realKey; key = key == null ? "" : key; subkey = subkey == null ? "" : subkey; if (!realKey.equals(key)) { - return new LoginResult(null, null, null, false, false, false); + return new LoginResult(null, null, null, false, false, false, + false); } - // defaults are positive (as previous versions without the feature) + // defaults are true (as previous versions without the feature) boolean rw = true; boolean wl = true; + boolean bl = true; - if (whitelist.isEmpty()) { - wl = false; - } - - rw = Instance.getInstance().getConfig() - .getBoolean(Config.SERVER_RW, rw); + rw = Instance.getInstance().getConfig().getBoolean(Config.SERVER_RW, + rw); if (!subkey.isEmpty()) { List allowed = Instance.getInstance().getConfig() .getList(Config.SERVER_ALLOWED_SUBKEYS); @@ -427,12 +413,16 @@ public class WebLibraryServer implements Runnable { if ((subkey + "|").contains("|wl|")) { wl = false; // |wl| = bypass whitelist } + if ((subkey + "|").contains("|bl|")) { + bl = false; // |bl| = bypass blacklist + } } else { - return new LoginResult(null, null, null, false, false, false); + return new LoginResult(null, null, null, false, false, false, + false); } } - return new LoginResult(who, key, subkey, true, rw, wl); + return new LoginResult(who, key, subkey, true, rw, wl, bl); } private Response loginPage(LoginResult login, String uri) { @@ -450,9 +440,10 @@ public class WebLibraryServer implements Runnable { uri = "/"; } - builder.append("