HvA
/
Implementation
mirror of https://github.com/DebenOldert/Implementation.git


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294
							/*
 * To change this license header, choose License Headers in Project Properties.
 * To change this template file, choose Tools | Templates
 * and open the template in the editor.
 */

import java.io.IOException;
import java.io.PrintWriter;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.HashMap;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.naming.NamingException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.json.simple.JSONObject;
import org.json.simple.parser.ParseException;

/**
 *
 * @author Deben
 */
@WebServlet(urlPatterns = {"/SAS"})
public class SAS extends HttpServlet {

    Function function = new Function();
    ErrorCode code = new ErrorCode();
    int ldapError;
    SQL sql;
    ResultSet result;
    final Object T3 = new Object();
    final Object T2 = new Object();
    final Object T1 = new Object();
    String req;
    String reqBody;
    int i;
    int timeout = 60;
    boolean finished = false;

    public SAS() throws ClassNotFoundException, SQLException, InstantiationException, IllegalAccessException {
        this.sql = (new SQL());
    }
    
    
    /**
     * Processes requests for both HTTP <code>GET</code> and <code>POST</code>
     * methods.
     *
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     * @throws java.sql.SQLException
     * @throws java.lang.InstantiationException
     * @throws java.lang.IllegalAccessException
     * @throws java.lang.ClassNotFoundException
     */
    protected void processRequest(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException, SQLException, InstantiationException, IllegalAccessException, ClassNotFoundException {
        response.setContentType("application/json;charset=UTF-8");
        
        
    }

    // <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
    /**
     * Handles the HTTP <code>GET</code> method.
     *
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
            response.setContentType("application/json;charset=UTF-8");
            
            JSONObject json = new JSONObject();
            json.put("result", 900);
            json.put("resultText", code.getCodeText(900));
            try (PrintWriter out = response.getWriter()) {
                out.println(json);
            } 
            
    }
    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
            response.setContentType("application/json;charset=UTF-8");
            
            
            
        try {
            reqBody = function.getBody(request.getReader());
            HashMap json = function.defragJSON(reqBody);
            LDAP ldap = new LDAP((String) json.get("username"), (String) json.get("password"));
            String requestId = (String) json.get("requestId");
            String answer;
            req = requestId;
            
            
            
            
            System.out.println("============= "+req+" ============= << SAS");
        System.out.print(json);
        System.out.println("********************************************************");
            
            switch((String) json.get("function")) {
                case "authenticate":
                    sql.threadUpdate(requestId, "birth", null);
                    System.out.println("##### SAS >> AUTHENTICATE");
                    String tmpBody;
                    JSONObject tmpJSON = new JSONObject();
                        tmpJSON.put("function", "authenticate");
                        tmpJSON.put("requestId", requestId);
                        tmpJSON.put("username", (String) json.get("username"));
                        tmpJSON.put("password", (String) json.get("password"));
                    tmpBody = tmpJSON.toJSONString();

                    HashMap jsonAnswer = function.defragJSON(function.makeRequest("POST", function.getURL("APS"), tmpBody));
                    //System.out.print(jsonAnswer);
                    if(jsonAnswer.get("result").equals("0")) {
                        if(jsonAnswer.containsKey("serviceType")) {
                            System.out.println("SENDING PUSH NOTIFICATION");
                            tmpJSON = new JSONObject();
                                tmpJSON.put("function", "notify");
                                tmpJSON.put("requestId", requestId);
                                tmpJSON.put("serviceType", (String) jsonAnswer.get("serviceType"));
                                tmpJSON.put("serviceNumber", (String) jsonAnswer.get("serviceNumber"));
                                tmpJSON.put("apiKey", (String) jsonAnswer.get("apiKey"));
                                tmpJSON.put("deviceId", (String) jsonAnswer.get("deviceId"));
                            tmpBody = tmpJSON.toJSONString();
                            System.out.println("%%%%%%%%%%%%%%%");
                            System.out.println((String) jsonAnswer.get("serviceType"));
                            //function.defragJSON(function.makeRequest("POST", function.getURL((String) jsonAnswer.get("serviceType")), tmpBody));
                            sql.threadUpdate(requestId, "request", null);
                            for(i = 1; i<=timeout && !finished; i++) {
                                result = sql.stmt.executeQuery("SELECT `state`, `data` FROM `thread` WHERE `threadId`='"+requestId+"'");
                                //System.out.println("GOT RESULT");
                                if(result.first()) {
                                    //System.out.println("GOT VALID RESULT state: "+result.getString("state")+" || data: "+result.getString("data"));
                                    if(result.getString("state").equals("repley")) {
                                        //System.out.println("GOT REPLEY");
                                        
                                        if(result.getString("data") == null || result.getString("data").equals("") || result.getString("data").equals("null")) {
                                            outputResult(response, 601, requestId, null, true);
                                            finished = true;
                                        } else {
                                            outputResult(response, Integer.parseInt((String) jsonAnswer.get("result")), requestId, function.defragJSON(result.getString("data")), true);
                                            finished = true;
                                            break;
                                        }
                                    }
                                    else {
                                        System.out.println("WAITING "+i+" SECONDS");
                                        Thread.sleep(1000);
                                    }
                                }
                                else {
                                    //System.out.println("GOT INVALID RESULT");
                                    outputResult(response, 602, requestId, null, true);
                                    finished = true;
                                    break;
                                }
                                result = null;
                            }
                            System.out.println("WAITED "+i+" SECONDS");
                            if(i > timeout) {
                                outputResult(response, 950, requestId, null, true);
                            }
                            
                        } else {
                            System.out.println("SENDING EMAIL");
                            tmpJSON = new JSONObject();
                                tmpJSON.put("function", "sendmail");
                                tmpJSON.put("requestId", requestId);
                                tmpJSON.put("username", (String) json.get("username"));
                                tmpJSON.put("password", (String) json.get("password"));
                                tmpJSON.put("subject", "Enrollment for TFA");
                                tmpJSON.put("text", "Dear Employee,<br><br>"
                                    + "In order to login to our VPN server you need to download our app to verify your connection request.<br><br>"
                                    + "For Android:<br><ol>"
                                    + "<li>Download and install our app at: "+function.getURL("STORE")+"</li>"
                                    + "<li>Start it: "+function.getURL("APP")+"</li></ol>"
                                    + "We currently don't support iPhone. Sorry for the inconvience.<br><br>"
                                    + "Regards,<br>"
                                    + "The IT Security department");
                            tmpBody = tmpJSON.toJSONString();
                            jsonAnswer = function.defragJSON(function.makeRequest("POST", function.getURL("APS"), tmpBody));
                            if(jsonAnswer.get("result").equals("0")) {
                                    String state;
                                    String data;
                                    
                                    for(i=1; i<=timeout && !finished; i++) {
                                        result = sql.stmt.executeQuery("SELECT state,data FROM thread WHERE threadId='"+requestId+"'");
                                        if(result.first()) {
                                            state = result.getString("state");
                                            data = result.getString("data");
                                            if(state.equals("repley")) {
                                                answer = function.makeRequest("POST", function.getURL("APS"), data);
                                                outputResult(response, 0, requestId, null, true);
                                                finished = true;
                                            } else {
                                                System.out.println("WAITING "+i+" SECONDS");
                                                Thread.sleep(1000);
                                            }
                                            
                                        } else {
                                            outputResult(response, 602, requestId, null, true);
                                            finished = true;
                                        }
                                    }
                                    System.out.println("WAITED "+i+" SECONDS");
                                    if(i > timeout) {
                                        outputResult(response, 950, requestId, null, true);
                                    }
                            } else {
                                outputResult(response, (int) jsonAnswer.get("result"), requestId, null, true);
                                
                            }
                        }
                    } else {
                        outputResult(response, 1, requestId, null, true);
                    }
                    
                    break;
                case "register":
                    System.out.println("##### SAS >> REGISTER");
                    if((ldapError = ldap.userCheck()) == 0) {
                        sql.threadUpdate(requestId, "repley", reqBody);
                        outputResult(response, 0, requestId, null, false);
                        /*result = sql.stmt.executeQuery("SELECT state,data FROM thread WHERE threadId='"+requestId+"'");
                            if(result.first()) {
                                int resultCode = result.getInt("result");
                                outputResult(response, resultCode, requestId, null, false); 
                            }
                            else {
                                outputResult(response, 602, requestId, null, true);
                            }*/
                    } else {
                        outputResult(response, ldapError, requestId, null, true);
                    }
                    break;
                case "confirm":
                    System.out.println("##### SAS >> CONFIRM");
                    //System.out.println("Body: "+reqBody);
                    sql.threadUpdate(requestId, "repley", reqBody);
                    //sql.stmt.execute("UPDATE thread set `state`='repley',`data`="+function.getBody(request.getReader())+" WHERE `threadId`='"+requestId+"'");
                    outputResult(response, 0, requestId, null, false);
                    break;
            }
        
            
            
        } catch (ParseException | NamingException | SQLException | ClassNotFoundException | InterruptedException ex) {
            Logger.getLogger(SAS.class.getName()).log(Level.SEVERE, null, ex);
        }
        
    }
    private void outputResult(HttpServletResponse response, int errorCode, String requestId, HashMap extra, boolean terminate) throws IOException, SQLException, ClassNotFoundException {
        JSONObject array = new JSONObject();
        
        array.put("result", errorCode);
        array.put("resultText", code.getCodeText(errorCode));
        array.put("requestId", requestId);
        

        //extra.forEach((k, v) -> System.out.println("key: "+k+" value:"+v));
        if(extra != null) {
            if(extra.containsKey("confirmation")) {
                array.put("confirmation", extra.get("confirmation"));
            } else {
                JSONObject userinfo = new JSONObject();
                extra.forEach((k, v) -> userinfo.put(k, v));
                array.put("userInfo", userinfo);  
            }
        }
        System.out.println("============= "+req+" ============= >> SAS");
        System.out.print(array);
        System.out.println("********************************************************");
        if(terminate) {
            sql.threadUpdate(requestId, "terminate", null);
        }
         try (PrintWriter out = response.getWriter()) {
            /* TODO output your page here. You may use following sample code. */
            out.println(array);
        } 
    }
}