1 /*
2 * Copyright 2013 smartics, Kronseder & Reiner GmbH
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16 package de.smartics.properties.admin.resources.controller;
17
18 import javax.servlet.http.HttpServletRequest;
19 import javax.ws.rs.FormParam;
20 import javax.ws.rs.GET;
21 import javax.ws.rs.POST;
22 import javax.ws.rs.Path;
23 import javax.ws.rs.Produces;
24 import javax.ws.rs.core.Context;
25 import javax.ws.rs.core.MediaType;
26 import javax.ws.rs.core.UriInfo;
27
28 import org.apache.commons.lang3.StringUtils;
29
30 import de.smartics.properties.admin.domain.model.ManagedApplication;
31 import de.smartics.properties.admin.domain.model.Paths;
32 import de.smartics.properties.admin.domain.model.Security;
33 import de.smartics.properties.api.core.security.PropertyValueSecurity;
34
35 /**
36 * Provides access to en- and decrypt.
37 */
38 @Path("")
39 public class SecurityResource
40 {
41 // ********************************* Fields *********************************
42
43 // --- constants ------------------------------------------------------------
44
45 // --- members --------------------------------------------------------------
46
47 /**
48 * Provides access to the request to logout the user.
49 */
50 @Context
51 private HttpServletRequest request;
52
53 /**
54 * Helper to construct paths.
55 */
56 @Context
57 private UriInfo uriInfo;
58
59 // ****************************** Initializer *******************************
60
61 // ****************************** Constructors ******************************
62
63 // ****************************** Inner Classes *****************************
64
65 // ********************************* Methods ********************************
66
67 // --- init -----------------------------------------------------------------
68
69 // --- get&set --------------------------------------------------------------
70
71 // --- business -------------------------------------------------------------
72
73 /**
74 * Returns the encrypted or decrypted text. Provides the empty HTML form if
75 * both values are <code>null</code>.
76 *
77 * @param plainValue the optional value to be encrypted.
78 * @param encryptedValue the optional value to be decrypted. Only used if
79 * {@code plainValue} is <code>null</code>.
80 * @return the HTML representation.
81 */
82 @GET
83 @POST
84 @Path(Paths.PATH_SECURITY)
85 @Produces(MediaType.TEXT_HTML)
86 public Security getAsHtml(
87 @FormParam(Paths.PARAM_SECURITY_ENCRYPT) final String plainValue,
88 @FormParam(Paths.PARAM_SECURITY_DECRYPT) final String encryptedValue)
89 {
90 final ManagedApplication application = ManagedApplication.getApplication();
91 final PropertyValueSecurity security = application.getSecurity();
92
93 final String encrypted;
94 final String decrypted;
95 if (StringUtils.isNotBlank(plainValue))
96 {
97 encrypted = security.encrypt(null, plainValue);
98 decrypted = plainValue;
99 }
100 else if (StringUtils.isNotBlank(encryptedValue))
101 {
102 encrypted = encryptedValue;
103 decrypted = security.decrypt(null, encryptedValue);
104 }
105 else
106 {
107 encrypted = null;
108 decrypted = null;
109 }
110
111 final Security value = new Security(decrypted, encrypted);
112 return value;
113 }
114
115 // --- object basics --------------------------------------------------------
116
117 }