Source code: com/xpn/xwiki/atom/lifeblog/LifeblogServices.java
1 /**
2 *
3 */
4 package com.xpn.xwiki.atom.lifeblog;
5
6 import java.io.IOException;
7 import java.io.PrintWriter;
8 import java.io.StringWriter;
9 import java.util.Calendar;
10 import java.util.Iterator;
11 import java.util.List;
12
13 import javax.servlet.http.HttpServletResponse;
14 import javax.servlet.http.HttpSession;
15
16 import com.xpn.xwiki.XWikiContext;
17 import com.xpn.xwiki.XWikiException;
18 import com.xpn.xwiki.atom.WSSEHttpHeader;
19 import com.xpn.xwiki.atom.XWikiHelper;
20
21
22 /**
23 * @author Luis Arias <luis.arias@xwiki.com>
24 *
25 */
26 public class LifeblogServices {
27
28 private String userName;
29 private static final long NONCE_TIMEOUT = 1200000L;
30 private XWikiHelper xwikiHelper;
31
32 public LifeblogServices(XWikiContext context) {
33 xwikiHelper = new XWikiHelper(context);
34 }
35
36 public boolean isAuthenticated() throws XWikiException, IOException {
37 return isAuthenticated(xwikiHelper.getWSSEHeader());
38 }
39
40 public boolean isAuthenticated(String header) throws XWikiException, IOException {
41 if (header != null) {
42 // Interpret WSSE Header and Authenticate User
43 WSSEHttpHeader wsseHeader = WSSEHttpHeader.parseHttpHeader(header);
44
45 if (nonceIsNotTooOld(wsseHeader.parseCreated())
46 && !nonceAlreadyUsedByUser(wsseHeader.getNonce())) {
47 userName = "XWiki." + wsseHeader.getUserName();
48
49 String authenticationToken = xwikiHelper.getAtomAuthenticationToken(userName);
50
51 if (authenticationToken !=null ) {
52 if (wsseHeader.isAuthenticated(authenticationToken)) {
53 return true;
54 }
55 }
56 }
57 }
58 return false;
59 }
60
61 public void listUserBlogs() throws IOException, XWikiException {
62 List userBlogs = xwikiHelper.listUserBlogs(userName);
63 HttpServletResponse response = xwikiHelper.getResponse();
64 response.setContentType("application/x.atom+xml");
65 PrintWriter writer = new PrintWriter(response.getOutputStream());
66 writer.write(getAtomListUserBlogs(userBlogs));
67 }
68
69 public String getAtomListUserBlogs(List userBlogs) {
70 StringWriter stringWriter = new StringWriter();
71 PrintWriter writer = new PrintWriter(stringWriter);
72 writer.println("<?xml version=\"1.0\"?>");
73 writer.println("<feed xmlns=\"http://purl.org/atom/ns#\">");
74 Iterator it = userBlogs.iterator();
75 while (it.hasNext()) {
76 UserBlog userBlog = (UserBlog)it.next();
77 writer.print("<link type=\"application/atom+xml\" rel=\"service.post\" href=\"");
78 writer.print(userBlog.getPostHref());
79 writer.print("\" title=\"");
80 writer.print(userBlog.getTitle());
81 writer.println("\"/>");
82 writer.print("<link type=\"application/atom+xml\" rel=\"service.feed\" href=\"");
83 writer.print(userBlog.getFeedHref());
84 writer.print("\" title=\"");
85 writer.print(userBlog.getTitle());
86 writer.println("\"/>");
87 writer.print("<link type=\"application/atom+xml\" rel=\"service.alternate\" href=\"");
88 writer.print(userBlog.getAlternateHref());
89 writer.print("\" title=\"");
90 writer.print(userBlog.getTitle());
91 writer.println("\"/>");
92 }
93 writer.print("</feed>");
94 writer.flush();
95 return stringWriter.toString();
96 }
97
98 private boolean nonceAlreadyUsedByUser(String nonce) {
99 boolean alreadyUsed = false;
100 HttpSession session = xwikiHelper.getSession();
101 String lastNonce = (String) session.getAttribute("lastNonce");
102 if (lastNonce != null) {
103 alreadyUsed = lastNonce.equals(nonce);
104 }
105 if (!alreadyUsed) {
106 session.setAttribute("lastNonce", nonce);
107 }
108 return alreadyUsed;
109 }
110
111 private boolean nonceIsNotTooOld(Calendar createdDate) {
112 return Calendar.getInstance().getTimeInMillis() - createdDate.getTimeInMillis() <= NONCE_TIMEOUT;
113 }
114 }