From eb054d7179cb726d375fcf2711ca8950af172119 Mon Sep 17 00:00:00 2001 From: Trever Fischer Date: Mon, 2 Apr 2012 15:45:13 -0400 Subject: [PATCH] Implement server authentication methods --- src/main/java/us/camin/api/Server.java | 160 +++++++++++++++++++++---- 1 file changed, 138 insertions(+), 22 deletions(-) diff --git a/src/main/java/us/camin/api/Server.java b/src/main/java/us/camin/api/Server.java index 2856c21..6c0b75a 100644 --- a/src/main/java/us/camin/api/Server.java +++ b/src/main/java/us/camin/api/Server.java @@ -20,27 +20,87 @@ package us.camin.api; import java.io.BufferedReader; import java.io.BufferedInputStream; +import java.io.DataOutputStream; import java.io.InputStreamReader; import java.io.IOException; -import java.net.MalformedURLException; -import java.net.URL; import java.net.HttpURLConnection; +import java.net.MalformedURLException; +import java.net.ProtocolException; +import java.net.URL; +import java.net.URLEncoder; import java.util.logging.Logger; +import java.util.logging.Level; import java.util.Scanner; +import java.util.Set; +import java.util.HashMap; +import java.util.Map; +import java.util.Iterator; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; import org.json.JSONArray; import org.json.JSONObject; import org.json.JSONException; +import java.util.Random; +import org.apache.commons.codec.binary.Hex; + public class Server { Logger log = Logger.getLogger("Caminus.API"); private String m_url; + private String m_name; + private String m_secret; - public ValidationResponse validatePlayer(String name) throws IOException { - ValidationResponse resp = new ValidationResponse(); - URL authServer = new URL(m_url+"validate/"+name); - log.info("Authing "+name+" against "+authServer); + private String genToken() { + Random r = new Random(); + int salt = r.nextInt(); + MessageDigest crypt; + try { + crypt = MessageDigest.getInstance("SHA-1"); + } catch (NoSuchAlgorithmException e) { + log.warning("Could not find SHA-1 algorithm"); + return ""; + } + crypt.reset(); + String token = m_name+salt+m_secret; + crypt.update(token.getBytes()); + token = m_name+"$"+salt+"$"+Hex.encodeHexString(crypt.digest()); + log.info("Generated token "+token+" from "+m_name+salt+m_secret); + return token; + } + + public JSONObject exec(String path, String method, HashMap params) throws MalformedURLException, ProtocolException, IOException { + HttpURLConnection conn = open(path); + conn.setRequestMethod(method); + if (params.size() > 0) { + conn.setDoOutput(true); + DataOutputStream out = new DataOutputStream(conn.getOutputStream()); + Set> values = params.entrySet(); + Iterator> it = values.iterator(); + StringBuilder sb = new StringBuilder(); + while(it.hasNext()) { + Map.Entry param = it.next(); + sb.append(URLEncoder.encode(param.getKey(), "UTF-8")); + sb.append("="); + sb.append(URLEncoder.encode(param.getValue(), "UTF-8")); + sb.append("&"); + } + String postData = sb.substring(0, sb.length()-1); + conn.setFixedLengthStreamingMode(postData.length()); + conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded"); + out.writeBytes(postData); + } + return readJSON(conn); + } + + public HttpURLConnection open(String path) throws MalformedURLException, IOException { + URL authServer = new URL(m_url+path); HttpURLConnection conn = (HttpURLConnection)authServer.openConnection(); + conn.setRequestProperty("Authorization", "X-Caminus "+genToken()); + return conn; + } + + public JSONObject readJSON(HttpURLConnection conn) throws IOException { BufferedInputStream in = new BufferedInputStream(conn.getInputStream()); String jsonStr; try { @@ -51,9 +111,38 @@ public class Server { in.close(); try { JSONObject jsonObj = new JSONObject(jsonStr); - resp.valid = jsonObj.optBoolean("valid"); - if (!resp.valid) - return resp; + return jsonObj; + } catch (JSONException e) { + throw new IOException("JSON parse error", e); + } + } + + // Convienence methods + public JSONObject exec(String path, String method) throws MalformedURLException, ProtocolException, IOException { + return exec(path, method, new HashMap()); + } + + public JSONObject get(String path) throws IOException { + return exec(path, "GET"); + } + + public JSONObject put(String path, HashMap params) throws MalformedURLException, IOException { + try { + return exec(path, "PUT", params); + } catch (ProtocolException e) { + return null; + } + } + + public ValidationResponse validatePlayer(String name) throws IOException { + log.info("Validating "+name+" against "+m_url); + ValidationResponse resp = new ValidationResponse(); + JSONObject jsonObj = get("validate/"+name); + resp.valid = jsonObj.optBoolean("valid"); + if (!resp.valid) + return resp; + + try { JSONArray perms = jsonObj.getJSONArray("permissions"); resp.permissions = new String[perms.length()]; for (int i = 0;i params = new HashMap(); + params.put("delta", ""+delta); + JSONObject jsonObj = put("server/economy/"+player, params); + BalanceAdjustResponse resp = new BalanceAdjustResponse(); + resp.success = jsonObj.optBoolean("success", false); + resp.newBalance = jsonObj.optDouble("balance", 0); + resp.message = jsonObj.optString("message", ""); + return resp; + } + + public boolean pingAPI() { + log.info("Pinging API server to verify credentials"); + try { + get("server/whoami"); + } catch (IOException e) { + log.log(Level.SEVERE, "Could not ping API server.", e); + return false; + } + return true; + } }