Commit 69218799 authored by Viacheslav Pavlov's avatar Viacheslav Pavlov

Added api endpoint for confirming receipt of request

added @Transactional to request confirming
parent 7b7ec2f4
...@@ -37,7 +37,9 @@ import org.genesys2.server.service.TokenVerificationService; ...@@ -37,7 +37,9 @@ import org.genesys2.server.service.TokenVerificationService;
import org.genesys2.server.service.filter.MaterialRequestFilter; import org.genesys2.server.service.filter.MaterialRequestFilter;
import org.genesys2.server.service.filter.MaterialSubRequestFilter; import org.genesys2.server.service.filter.MaterialSubRequestFilter;
import org.genesys2.server.service.impl.EasySMTAException; import org.genesys2.server.service.impl.EasySMTAException;
import org.genesys2.util.ReCaptchaUtil;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.data.domain.Sort; import org.springframework.data.domain.Sort;
import org.springframework.http.MediaType; import org.springframework.http.MediaType;
import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.security.access.prepost.PreAuthorize;
...@@ -55,6 +57,8 @@ import com.fasterxml.jackson.databind.ObjectMapper; ...@@ -55,6 +57,8 @@ import com.fasterxml.jackson.databind.ObjectMapper;
import io.swagger.annotations.Api; import io.swagger.annotations.Api;
import javax.servlet.http.HttpServletRequest;
@RestController("requestsApi1") @RestController("requestsApi1")
@PreAuthorize("isAuthenticated()") @PreAuthorize("isAuthenticated()")
@RequestMapping(value = { RequestsController.CONTROLLER_URL }) @RequestMapping(value = { RequestsController.CONTROLLER_URL })
...@@ -67,6 +71,10 @@ public class RequestsController extends ApiBaseController { ...@@ -67,6 +71,10 @@ public class RequestsController extends ApiBaseController {
public static final String PARAM_KEY = "key"; public static final String PARAM_KEY = "key";
public static final String PARAM_TOKENUUID = "tokenUuid"; public static final String PARAM_TOKENUUID = "tokenUuid";
@Value("${captcha.privateKey}")
private String captchaPrivateKey;
private final ObjectMapper objectMapper = new ObjectMapper(); private final ObjectMapper objectMapper = new ObjectMapper();
@Autowired @Autowired
...@@ -184,6 +192,33 @@ public class RequestsController extends ApiBaseController { ...@@ -184,6 +192,33 @@ public class RequestsController extends ApiBaseController {
throw new InvalidApiUsageException(e.getMessage(), e); throw new InvalidApiUsageException(e.getMessage(), e);
} }
} }
/**
* Confirm receipt of request
*
* @return
* @throws InvalidApiUsageException
*/
@PostMapping(value = "/r/confirm", produces = { MediaType.APPLICATION_JSON_VALUE })
public MaterialSubRequest confirmRequest(
@RequestParam(value = "g-recaptcha-response") final String captchaResponse,
@RequestParam(PARAM_TOKENUUID) String tokenUuid,
@RequestParam(PARAM_KEY) String key,
final HttpServletRequest request) throws IOException {
// Validate the reCAPTCHA
if (!ReCaptchaUtil.isValid(captchaResponse, request.getRemoteAddr(), captchaPrivateKey)) {
LOG.warn("Invalid captcha.");
throw new InvalidApiUsageException("Captcha check failed.");
}
LOG.info("Validating request tokenUuid={}, key={}", tokenUuid, key);
try {
return requestService.validateReceipt(tokenUuid, key);
} catch (TokenVerificationService.NoSuchVerificationTokenException | TokenVerificationService.TokenExpiredException e) {
throw new InvalidApiUsageException(e.getMessage(), e);
}
}
/** /**
* Reload PID data * Reload PID data
* *
......
...@@ -438,6 +438,7 @@ public class RequestServiceImpl implements RequestService { ...@@ -438,6 +438,7 @@ public class RequestServiceImpl implements RequestService {
} }
@Override @Override
@Transactional
public MaterialSubRequest validateReceipt(String tokenUuid, String key) throws NoSuchVerificationTokenException, TokenExpiredException { public MaterialSubRequest validateReceipt(String tokenUuid, String key) throws NoSuchVerificationTokenException, TokenExpiredException {
final VerificationToken consumedToken = tokenVerificationService.consumeToken(RECEIPT_TOKENTYPE, tokenUuid, key); final VerificationToken consumedToken = tokenVerificationService.consumeToken(RECEIPT_TOKENTYPE, tokenUuid, key);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment