LoginServlet.java example

Explorer

reinvent2013-mobile-photo-share-master
- server
  - src
    - com
      - amazonaws
        geo
        server
        GeoDynamoDBServlet.java
        util
        Utilities.java
        tvm
        AESEncryption.java
        Configuration.java
        Constants.java
        TokenVendingMachineLogger.java
        Utilities.java
        anonymous
        AnonymousTokenVendingMachine.java
        DeviceAuthentication.java
        TemporaryCredentialManagement.java
        admin
        BaseAdmin.java
        CountDevices.java
        exception
        DataAccessException.java
        MissingParameterException.java
        UnauthorizedException.java
        servlet
        GetTokenServlet.java
        RegisterDeviceServlet.java
        RootServlet.java
        identity
        DeviceAuthentication.java
        IdentityTokenVendingMachine.java
        TemporaryCredentialManagement.java
        TokenVendingMachine.java
        UserAuthentication.java
        admin
        BaseAdmin.java
        CountDevices.java
        CountUsers.java
        DeleteUser.java
        DescribeUser.java
        ListUsers.java
        exception
        DataAccessException.java
        MissingParameterException.java
        UnauthorizedException.java
        servlet
        GetTokenServlet.java
        LoginServlet.java
        RegisterUserServlet.java
        RootServlet.java

/*
 * Copyright 2010-2013 Amazon.com, Inc. or its affiliates. All Rights Reserved.
 *
 * Licensed under the Apache License, Version 2.0 (the "License").
 * You may not use this file except in compliance with the License.
 * A copy of the License is located at
 *
 *  http://aws.amazon.com/apache2.0
 *
 * or in the "license" file accompanying this file. This file is distributed
 * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
 * express or implied. See the License for the specific language governing
 * permissions and limitations under the License.
 */

package com.amazonaws.tvm.identity.servlet;

import java.io.IOException;
import java.util.logging.Level;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.amazonaws.tvm.Utilities;

import com.amazonaws.tvm.identity.exception.DataAccessException;
import com.amazonaws.tvm.identity.exception.MissingParameterException;
import com.amazonaws.tvm.identity.exception.UnauthorizedException;

/**
 * This class is used to generate encryption key (in identity use case) and send
 * back to user. This key is used to encrypt data in further communication. A
 * key is generated if the user supplied credentials are valid
 * 
 */
public class LoginServlet extends RootServlet {
    private static final long serialVersionUID = 1L;

    @Override
    public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {
        log.info("entering login request");

        try {
            log.info("Validate parameters");
            String username = getRequiredParameter(request, "username");
            String timestamp = getRequiredParameter(request, "timestamp");
            String signature = getRequiredParameter(request, "signature");
            String uid = getRequiredParameter(request, "uid");

            String endpoint = Utilities.getEndPoint(request);
            log.info(String.format("login with usename [%s], timestamp [%s], uid [%s], endpoint [%s]",
                    username, timestamp, uid, endpoint));

            log.info("Validate request");
            tvm.validateLoginRequest(username, uid, signature, timestamp);

            log.info("Get key for user: " + username);
            String data = tvm.getKey(username, uid);
            sendOKResponse(response, data);
        } catch (MissingParameterException e) {
            log.warning("Missing parameter: " + e.getMessage() + ". Setting Http status code "
                    + HttpServletResponse.SC_BAD_REQUEST);
            sendErrorResponse(HttpServletResponse.SC_BAD_REQUEST, response);
        } catch (DataAccessException e) {
            log.log(Level.SEVERE, "Failed to access data", e);
            sendErrorResponse(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, response);
        } catch (UnauthorizedException e) {
            log.warning("Unauthorized access due to: " + e.getMessage());
            sendErrorResponse(HttpServletResponse.SC_UNAUTHORIZED, response);
        }

        log.info("leaving login request");
    }
}