Implement dvice revocation workflow

f8bdbdba · William Enright · 2e063ee2 · f8bdbdba · f8bdbdba · f8bdbdba
Commit f8bdbdba authored 4 years ago by William Enright
--- a/jams-common/src/main/java/net/jami/jams/common/objects/requests/DeviceRevocationRequest.java
+++ b/jams-common/src/main/java/net/jami/jams/common/objects/requests/DeviceRevocationRequest.java
+package net.jami.jams.common.objects.requests;
+
+import lombok.Getter;
+import lombok.Setter;
+
+@Getter
+@Setter
+public class DeviceRevocationRequest {
+
+    private String owner;
+    private String deviceId;
+
+    public DeviceRevocationRequest(String username, String deviceId) {
+        this.owner = owner;
+        this.deviceId = deviceId;
+    }
+}
--- a/jams-common/src/main/java/net/jami/jams/common/objects/responses/DeviceRevocationResponse.java
+++ b/jams-common/src/main/java/net/jami/jams/common/objects/responses/DeviceRevocationResponse.java
+package net.jami.jams.common.objects.responses;
+
+import lombok.Getter;
+import lombok.Setter;
+
+import java.text.SimpleDateFormat;
+import java.util.Date;
+
+@Getter
+@Setter
+public class DeviceRevocationResponse {
+
+
+    private boolean success;
+    private String errorDetails;
+    private static final SimpleDateFormat dateFormatter = new SimpleDateFormat("yyyy-MM-dd hh:mm:ss'Z'X");
+    private String  timestamp = dateFormatter.format(new Date());
+
+}
--- a/jams-server/src/main/java/module-info.java
+++ b/jams-server/src/main/java/module-info.java
@@ -10,6 +10,8 @@ module jams.server {
    requires javassist;
    requires datastore;
    requires org.apache.xbean.classloader;
+    requires org.bouncycastle.pkix;
+    requires org.bouncycastle.provider;
    requires jami.nameserver;
    requires jami.dht;
    requires nimbus.jose.jwt;

--- a/jams-server/src/main/java/net/jami/jams/server/core/workflows/RegisterDeviceFlow.java
+++ b/jams-server/src/main/java/net/jami/jams/server/core/workflows/RegisterDeviceFlow.java
@@ -60,7 +60,4 @@ public class RegisterDeviceFlow {
            return null;
        }
    }
-
-
-
 }
--- a/jams-server/src/main/java/net/jami/jams/server/core/workflows/RevokeDeviceFlow.java
+++ b/jams-server/src/main/java/net/jami/jams/server/core/workflows/RevokeDeviceFlow.java
 package net.jami.jams.server.core.workflows;

+import lombok.extern.slf4j.Slf4j;
+import net.jami.jams.common.dao.StatementElement;
+import net.jami.jams.common.dao.StatementList;
+import net.jami.jams.common.objects.devices.Device;
+import net.jami.jams.common.objects.requests.DeviceRevocationRequest;
+import net.jami.jams.common.objects.requests.RevocationRequest;
+import net.jami.jams.common.objects.requests.RevocationType;
+import net.jami.jams.common.objects.responses.DeviceRevocationResponse;
+
+import java.math.BigInteger;
+
+import static net.jami.jams.server.Server.*;
+import static net.jami.jams.server.Server.certificateAuthority;
+
+@Slf4j
 public class RevokeDeviceFlow {
+
+    public static DeviceRevocationResponse revokeDevice(String username, RevocationRequest request){
+        DeviceRevocationResponse response = new DeviceRevocationResponse();
+        try {
+
+            StatementList statementList = new StatementList();
+            StatementElement st1 = new StatementElement("owner","=",username,"AND");
+            StatementElement st2 = new StatementElement("deviceId","=",request.getIdentifier().toString(),"");
+            statementList.addStatement(st1);
+            statementList.addStatement(st2);
+            Device device = dataStore.getDeviceDao().getObjects(statementList).get(0);
+            if (device == null) {
+                log.error("Could not find device!");
+                return null;
+            }
+
+            certificateAuthority.revokeCertificate(request);
+            if (certificateAuthority.getLatestCRL().get().getRevokedCertificates().toArray().length != 0) {
+                response.setSuccess(true);
+            }
+
+            //Finally we return the successful response
+            return response;
+        }
+        catch (Exception e){
+            log.error("An exception has occurred while trying to revoke a device with error {}", e.getMessage());
+            response.setSuccess(false);
+            response.setErrorDetails(e.getMessage());
+            return response;
+        }
+    }
 }
--- a/jams-server/src/main/java/net/jami/jams/server/servlets/api/auth/device/DeviceServlet.java
+++ b/jams-server/src/main/java/net/jami/jams/server/servlets/api/auth/device/DeviceServlet.java
@@ -10,10 +10,15 @@ import jakarta.servlet.http.HttpServletResponse;
 import net.jami.jams.common.dao.StatementElement;
 import net.jami.jams.common.dao.StatementList;
 import net.jami.jams.common.objects.requests.DeviceRegistrationRequest;
+import net.jami.jams.common.objects.requests.RevocationRequest;
+import net.jami.jams.common.objects.requests.RevocationType;
 import net.jami.jams.common.objects.responses.DeviceRegistrationResponse;
+import net.jami.jams.common.objects.responses.DeviceRevocationResponse;
 import net.jami.jams.server.core.workflows.RegisterDeviceFlow;
+import net.jami.jams.server.core.workflows.RevokeDeviceFlow;

 import java.io.IOException;
+import java.math.BigInteger;

 import static net.jami.jams.server.Server.dataStore;

@@ -48,5 +53,11 @@ public class DeviceServlet extends HttpServlet {
    @Override
    protected void doDelete(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        super.doDelete(req, resp);
+        RevocationRequest request = new RevocationRequest();
+        request.setIdentifier(new BigInteger(req.getAttribute("deviceId").toString()));
+        request.setRevocationType(RevocationType.DEVICE);
+        DeviceRevocationResponse devResponse = RevokeDeviceFlow.revokeDevice(req.getAttribute("username").toString(), request);
+        if(devResponse != null) resp.getOutputStream().write(JsonStream.serialize(devResponse).getBytes());
+        else resp.sendError(500,"An exception has occurred while trying to revoke a device!");
    }
 }