Andrej Cimperšek - diploma

package org.lidar.api;

import java.util.Date;

import javax.annotation.Resource;

import javax.jws.WebMethod;

import javax.jws.WebService;

import javax.xml.ws.WebServiceContext;

import javax.xml.ws.handler.MessageContext;

import net.sf.jpam.Pam;

import org.hibernate.Query;

import org.hibernate.Session;

import org.hibernate.Transaction;

import org.lidar.HibernateUtil;

import org.lidar.db.Client;

/**

 * Management service

 * @author Andrej Cimpersek

 */

@WebService()

public class Management {

    private final Object lock = new Object();

    public static Boolean locked = false;

    public static String lockToken;

    public static Date lockAccess;

    @Resource

    private WebServiceContext wsContext;

    /**

     * Web service operation

     */

    @WebMethod()

    public boolean getLockStatus(String authToken) {

        Client c = getClient(String.format("token = '%s'", authToken));

        if (c == null) {

            return true;

        }

        return Management.locked;

    }

    /**

     * Client helper

     * @param where

     * @return Client

     */

    private Client getClient(String where) {

        Client c = null;

        Session session = HibernateUtil.getSessionFactory().getCurrentSession();

        Transaction tx = null;

        try {

            // TODO: check if api_key exists in DB

            // TODO: generate new auth token and save it to DB

            tx = session.beginTransaction();

            Query query = session.createQuery(String.format("from Client as client where %s", where));

            c = (Client) query.list().get(0);

            tx.commit();

        } catch (Exception e) {

            tx.rollback();

        }

        return c;

    }

    /**

     * Get authentication token

     * @param api_key

     * @param username

     * @param password

     * @return null | authentication token

     */

    @WebMethod()

    public String getAuthenticationToken(String api_key, String username, String password) {

        String token = null;

        MessageContext mc = wsContext.getMessageContext();

        Pam pam = new Pam();

        boolean auth = pam.authenticateSuccessful(username, password);

        if (auth) {

            Session session = HibernateUtil.getSessionFactory().getCurrentSession();

            Transaction tx = null;

            try {

                // TODO: check if api_key exists in DB

                // TODO: generate new auth token and save it to DB

                Client c = getClient(String.format("apikey = '%s'", api_key));

                if (c != null) {

                    token = c.getToken();

                }

            } catch (Exception e) {

                tx.rollback();

            }

        }

        return token;

    }

    @WebMethod()

    public String getLockToken(String authToken) {

        synchronized (lock) {

            Client c = getClient(String.format("token = '%s'", authToken));

            if (Management.locked || c == null) {

                return null;

            }

            Management.locked = true;

            Management.lockToken = authToken; // TODO: generate token

            Management.lockAccess = new Date();

        }

        return Management.lockToken;

    }

    @WebMethod

    public boolean unlock(String lockToken) {

        synchronized (lock) {

            if (!Management.locked || !Management.lockToken.equals(lockToken)) {

                return false;

            }

            Management.locked = false;

            Management.lockToken = null;

        }

        return true;

    }

}