ClientTicketRequest.java

/*******************************************************************************
 * Copyright (c) 2005, 2007 Remy Suen
 * All rights reserved. This program and the accompanying materials
 * are made available under the terms of the Eclipse Public License v1.0
 * which accompanies this distribution, and is available at
 * http://www.eclipse.org/legal/epl-v10.html
 *
 * Contributors:
 *    Remy Suen <remy.suen@gmail.com> - initial API and implementation
 *    Cagatay Calli <ccalli@gmail.com> - https://bugs.eclipse.org/bugs/show_bug.cgi?id=196812
 ******************************************************************************/
package org.eclipse.ecf.protocol.msn.internal.net;

import java.io.IOException;
import java.net.*;
import org.eclipse.ecf.protocol.msn.internal.encode.StringUtils;

/**
 * The ClientTicketRequest class authenticates the user through Passport. This
 * is a necessary procedure during the NotificationSession authentication
 * process.
 */
public final class ClientTicketRequest {

	/**
	 * This String value holds the URL of the Passport Nexus page -
	 * https://nexus.passport.com/rdr/pprdr.asp
	 */
	private static final String PASSPORT_NEXUS = "https://nexus.passport.com/rdr/pprdr.asp"; //$NON-NLS-1$

	/**
	 * The connection that will be used to perform all http requests.
	 */
	private HttpURLConnection request;

	/**
	 * TODO: documentation
	 */
	private String daLoginURL;

	private boolean cancelled = false;

	/**
	 * Creates a new ClientTicketRequest object with http redirects set to true.
	 */
	public ClientTicketRequest() {
		HttpURLConnection.setFollowRedirects(true);
	}

	public void setCancelled(boolean cancelled) {
		this.cancelled = cancelled;
	}

	/**
	 * Retrieves information from {@link #PASSPORT_NEXUS} and stores it in
	 * {@link #daLoginURL}.
	 * 
	 * @return <code>true</code> if the retrieval process completed
	 *         successfully
	 * @throws IOException
	 *             If an I/O error occurs while attempting to connect to the
	 *             Passport Nexus page
	 */
	private boolean getLoginServerAddress() throws IOException {
		request = (HttpURLConnection) new URL(PASSPORT_NEXUS).openConnection();
		if (request.getResponseCode() == HttpURLConnection.HTTP_OK) {
			daLoginURL = StringUtils.splitSubstring(request.getHeaderField("PassportURLs"), ",", 1); //$NON-NLS-1$ //$NON-NLS-2$
			daLoginURL = "https://" //$NON-NLS-1$
					+ daLoginURL.substring(daLoginURL.indexOf('=') + 1);
			request.disconnect();
			return true;
		}
		request.disconnect();
		return false;
	}

	/**
	 * Retrieves the client ticket that is associated with the given username,
	 * password, and challenge string.
	 * 
	 * @param username
	 *            the user's email address
	 * @param password
	 *            the user's password
	 * @param challengeString
	 *            the challenge string received from the notification session
	 * @return the client ticket if login info is correct, <code>null</code> otherwise
	 * @throws IOException
	 *             If an I/O error occurs while connecting to the Passport Nexus
	 *             page or when getting the response codes from the connection
	 */
	public synchronized String getTicket(String username, String password, String challengeString) throws IOException {
		if (getLoginServerAddress()) {
			username = URLEncoder.encode(username);
			password = URLEncoder.encode(password);
			try {
				while (!cancelled) {
					request = (HttpURLConnection) new URL(daLoginURL).openConnection();
					request.setRequestProperty("Authorization", //$NON-NLS-1$
							"Passport1.4 OrgVerb=GET,OrgURL=http%3A%2F%2Fmessenger%2Emsn%2Ecom,sign-in=" //$NON-NLS-1$
									+ username + ",pwd=" + password + ',' //$NON-NLS-1$
									+ challengeString);
					if (request.getResponseCode() == HttpURLConnection.HTTP_OK) {
						password = null;
						String authenticationInfo = request.getHeaderField("Authentication-Info"); //$NON-NLS-1$
						int start = authenticationInfo.indexOf('\'');
						int end = authenticationInfo.lastIndexOf('\'');
						request.disconnect();
						return authenticationInfo.substring(start + 1, end);
					} else if (request.getResponseCode() == HttpURLConnection.HTTP_MOVED_TEMP) {
						daLoginURL = request.getHeaderField("Location"); //$NON-NLS-1$
						// truncate the uri as the received string is of the
						// form [http://www.msn.com/]
						daLoginURL = daLoginURL.substring(1, daLoginURL.length() - 1);
					} else if (request.getResponseCode() == HttpURLConnection.HTTP_UNAUTHORIZED) {
						request.disconnect();
						return null;
					}
				}
			} catch (Exception e) {
				if (request.getResponseCode() == HttpURLConnection.HTTP_UNAUTHORIZED) {
					return "401"; //$NON-NLS-1$
				}
				e.printStackTrace();
			} finally {
				request.disconnect();
			}
		}
		return "0"; //$NON-NLS-1$
	}
}