diff options
Diffstat (limited to 'src/java/com/juick/http/www/VKontakteLogin.java')
-rw-r--r-- | src/java/com/juick/http/www/VKontakteLogin.java | 154 |
1 files changed, 154 insertions, 0 deletions
diff --git a/src/java/com/juick/http/www/VKontakteLogin.java b/src/java/com/juick/http/www/VKontakteLogin.java new file mode 100644 index 00000000..e7252b57 --- /dev/null +++ b/src/java/com/juick/http/www/VKontakteLogin.java @@ -0,0 +1,154 @@ +/* + * Juick + * Copyright (C) 2008-2013, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.http.www; + +import com.juick.server.UserQueries; +import java.io.IOException; +import java.net.URLEncoder; +import java.sql.Connection; +import java.sql.PreparedStatement; +import java.sql.ResultSet; +import java.sql.SQLException; +import java.util.UUID; +import javax.servlet.ServletException; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import org.json.JSONException; +import org.json.JSONObject; + +/** + * + * @author Ugnich Anton + */ +public class VKontakteLogin { + + private static final String VK_APPID = "3531222"; + private static final String VK_SECRET = "EhgW6VJrl02oFPO0buiJ"; + private static final String VK_REDIRECT = "http://juick.com/_vklogin"; + + protected void doGet(Connection sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + String code = request.getParameter("code"); + if (code == null || code.equals("")) { + response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); + response.setHeader("Location", "https://oauth.vk.com/authorize?client_id=" + VK_APPID + "&redirect_uri=" + URLEncoder.encode(VK_REDIRECT, "utf-8") + "&scope=friends,wall,offline&response_type=code"); + return; + } + + + String tokenjson = Utils.fetchURL("https://oauth.vk.com/access_token?client_id=" + VK_APPID + "&redirect_uri=" + URLEncoder.encode(VK_REDIRECT, "utf-8") + "&client_secret=" + VK_SECRET + "&code=" + URLEncoder.encode(code, "utf-8")); + if (tokenjson == null || tokenjson.isEmpty()) { + System.err.println("VK TOKEN EMPTY"); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + String token = null; + long vkID = 0; + try { + JSONObject json = new JSONObject(tokenjson); + token = json.getString("access_token"); + vkID = json.getLong("user_id"); + } catch (JSONException e) { + System.err.println("VK TOKEN EXCEPTION: " + e); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + if (token == null || vkID == 0) { + System.err.println("VK TOKEN EMPTY: " + tokenjson); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + + + + String graph = Utils.fetchURL("https://api.vk.com/method/users.get?uids=" + vkID + "&fields=screen_name&access_token=" + token); + if (graph == null || graph.isEmpty()) { + System.err.println("VK GRAPH ERROR"); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + + try { + JSONObject json = new JSONObject(graph); + String vkName = json.getString("first_name") + " " + json.getString("last_name"); + String vkLink = json.getString("screen_name"); + + if (vkName == null || vkLink == null || vkName.isEmpty() || vkName.length() == 1 || vkLink.isEmpty()) { + throw new Exception(); + } + + int uid = getUIDbyVKID(sql, vkID); + if (uid > 0) { + Cookie c = new Cookie("hash", UserQueries.getHashByUID(sql, uid)); + c.setMaxAge(50 * 24 * 60 * 60); + response.addCookie(c); + response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); + response.setHeader("Location", "/"); + } else { + String loginhash = UUID.randomUUID().toString(); + if (!insertDB(sql, vkID, loginhash, token, vkName, vkLink)) { + throw new Exception(); + } + response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); + response.setHeader("Location", "/signup?type=vk&hash=" + loginhash); + } + } catch (Exception e) { + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + } + + private int getUIDbyVKID(Connection sql, long vkID) { + int uid = 0; + PreparedStatement stmt = null; + ResultSet rs = null; + try { + stmt = sql.prepareStatement("SELECT user_id FROM vk WHERE vk_id=? AND user_id IS NOT NULL"); + stmt.setLong(1, vkID); + rs = stmt.executeQuery(); + if (rs.first()) { + uid = rs.getInt(1); + } + } catch (SQLException e) { + System.err.println(e); + } finally { + Utils.finishSQL(rs, stmt); + } + return uid; + } + + private boolean insertDB(Connection sql, long vkID, String loginhash, String token, String vkName, String vkLink) { + boolean ret = false; + PreparedStatement stmt = null; + try { + stmt = sql.prepareStatement("INSERT INTO vk(vk_id,loginhash,access_token,vk_name,vk_link) VALUES (?,?,?,?,?)"); + stmt.setLong(1, vkID); + stmt.setString(2, loginhash); + stmt.setString(3, token); + stmt.setString(4, vkName); + stmt.setString(5, vkLink); + stmt.executeUpdate(); + ret = true; + } catch (SQLException e) { + System.err.println(e); + } finally { + Utils.finishSQL(null, stmt); + } + return ret; + } +} |