diff options
Diffstat (limited to 'src/main/java/com')
35 files changed, 6975 insertions, 0 deletions
diff --git a/src/main/java/com/juick/CrosspostComponent.java b/src/main/java/com/juick/CrosspostComponent.java new file mode 100644 index 00000000..8b07583f --- /dev/null +++ b/src/main/java/com/juick/CrosspostComponent.java @@ -0,0 +1,323 @@ +/* + * Juick + * Copyright (C) 2013, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick; + +import com.juick.server.CrosspostQueries; +import com.juick.xmpp.JID; +import com.juick.xmpp.Message; +import com.juick.xmpp.Stream; +import com.juick.xmpp.StreamComponent; +import com.juick.xmpp.extensions.JuickMessage; +import org.apache.commons.codec.binary.Base64; +import org.apache.commons.lang3.tuple.Pair; +import org.springframework.jdbc.core.JdbcTemplate; +import org.springframework.jdbc.datasource.DriverManagerDataSource; + +import javax.crypto.Mac; +import javax.crypto.spec.SecretKeySpec; +import javax.net.ssl.HttpsURLConnection; +import javax.servlet.ServletContextEvent; +import javax.servlet.ServletContextListener; +import java.io.*; +import java.net.Socket; +import java.net.URL; +import java.net.URLEncoder; +import java.security.Key; +import java.util.Properties; +import java.util.UUID; +import java.util.concurrent.ExecutorService; +import java.util.concurrent.Executors; +import java.util.logging.Level; +import java.util.logging.LogManager; +import java.util.logging.Logger; + +/** + * + * @author Ugnich Anton + */ +public class CrosspostComponent implements ServletContextListener, Stream.StreamListener, Message.MessageListener { + + private static Logger logger = Logger.getLogger(CrosspostComponent.class.getName()); + + private ExecutorService executorService; + + public final static String TWITTERURL = "https://api.twitter.com/1.1/statuses/update.json"; + public final static String FBURL = "https://graph.facebook.com/me/feed"; + public final static String VKURL = "https://api.vk.com/method/wall.post"; + JdbcTemplate sql; + Stream xmpp; + String twitter_consumer_key; + String twitter_consumer_secret; + + @Override + public void contextInitialized(final ServletContextEvent sce) { + logger.info("component initialized"); + executorService = Executors.newSingleThreadExecutor(); + executorService.submit((Runnable) () -> { + try { + Properties conf = new Properties(); + conf.load(sce.getServletContext().getResourceAsStream("/WEB-INF/juick.conf")); + + LogManager.getLogManager().readConfiguration( + sce.getServletContext().getResourceAsStream("/WEB-INF/logging.properties")); + twitter_consumer_key = conf.getProperty("twitter_consumer_key", ""); + twitter_consumer_secret = conf.getProperty("twitter_consumer_secret", ""); + + setupSql(conf.getProperty("datasource_driver", "com.mysql.jdbc.Driver"), conf.getProperty("datasource_url", "")); + setupXmppComponent(conf.getProperty("xmpp_password", "")); + } catch (Exception e) { + logger.log(Level.SEVERE, e.getMessage(), e); + } + }); + } + + @Override + public void contextDestroyed(ServletContextEvent sce) { + executorService.shutdown(); + logger.info("component destroyed"); + } + + public void setupSql(String driver, String url) { + DriverManagerDataSource dataSource = new DriverManagerDataSource(); + dataSource.setDriverClassName(driver); + dataSource.setUrl(url); + sql = new JdbcTemplate(dataSource); + } + + public void setupXmppComponent(String password) { + try { + Socket socket = new Socket("localhost", 5347); + xmpp = new StreamComponent(new JID("", "crosspost.juick.com", ""), socket.getInputStream(), socket.getOutputStream(), password); + xmpp.addChildParser(new JuickMessage()); + xmpp.addListener((Stream.StreamListener) this); + xmpp.addListener((Message.MessageListener) this); + xmpp.startParsing(); + } catch (IOException e) { + logger.log(Level.SEVERE, e.getMessage(), e); + } + } + + @Override + public void onStreamReady() { + logger.info("XMPP STREAM READY"); + } + + @Override + public void onStreamFail(Exception e) {logger.log(Level.SEVERE, "XMPP STREAM FAIL", e);} + @Override + public void onMessage(com.juick.xmpp.Message msg) { + JuickMessage jmsg = (JuickMessage) msg.getChild(JuickMessage.XMLNS); + if (msg.to != null && msg.to.Username != null && jmsg != null && jmsg.getRID() == 0) { + if (msg.to.Username.equals("twitter")) { + twitterPost(jmsg); + } else if (msg.to.Username.equals("fb")) { + facebookPost(jmsg); + } else if (msg.to.Username.equals("vk")) { + vkontaktePost(jmsg); + } + } + } + + public boolean facebookPost(com.juick.Message jmsg) { + String token = CrosspostQueries.getFacebookToken(sql, jmsg.getUser().getUID()).orElse(""); + if (token.isEmpty()) { + return false; + } + + logger.info("FB: #" + jmsg.getMID()); + + String status = getMessageHashTags(jmsg) + "\n" + jmsg.getText(); + + boolean ret = false; + try { + String body = "access_token=" + URLEncoder.encode(token, "UTF-8") + "&message=" + URLEncoder.encode(status, "UTF-8") + "&link=http%3A%2F%2Fjuick.com%2F" + jmsg.getMID(); + + HttpsURLConnection conn = (HttpsURLConnection) new URL(FBURL).openConnection(); + conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded"); + conn.setRequestProperty("User-Agent", "Juick"); + conn.setRequestProperty("Content-Length", Integer.toString(body.length())); + conn.setUseCaches(false); + conn.setDoInput(true); + conn.setDoOutput(true); + conn.setRequestMethod("POST"); + conn.connect(); + + OutputStreamWriter wr = new OutputStreamWriter(conn.getOutputStream()); + wr.write(body); + wr.close(); + + ret = streamToString(conn.getInputStream()) != null; + + conn.disconnect(); + } catch (Exception e) { + logger.log(Level.SEVERE, "fbPost: " + e.getMessage(), e); + } + return ret; + } + + public boolean vkontaktePost(com.juick.Message jmsg) { + Pair<String, String> tokens = CrosspostQueries.getVKTokens(sql, jmsg.getUser().getUID()).orElse(Pair.of("", "")); + if (tokens.getLeft().isEmpty() || tokens.getRight().isEmpty()) { + return false; + } + + logger.info("VK: #" + jmsg.getMID()); + + String status = getMessageHashTags(jmsg) + "\n" + jmsg.getText() + "\nhttp://juick.com/" + jmsg.getMID(); + + boolean ret = false; + try { + String body = "owner_id=" + tokens.getLeft() + "&access_token=" + URLEncoder.encode(tokens.getRight(), "UTF-8") + "&from_group=1&message=" + URLEncoder.encode(status, "UTF-8"); + + HttpsURLConnection conn = (HttpsURLConnection) new URL(VKURL).openConnection(); + conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded"); + conn.setRequestProperty("User-Agent", "Juick"); + conn.setRequestProperty("Content-Length", Integer.toString(body.length())); + conn.setUseCaches(false); + conn.setDoInput(true); + conn.setDoOutput(true); + conn.setRequestMethod("POST"); + conn.connect(); + + OutputStreamWriter wr = new OutputStreamWriter(conn.getOutputStream()); + wr.write(body); + wr.close(); + + ret = streamToString(conn.getInputStream()) != null; + + conn.disconnect(); + } catch (Exception e) { + logger.log(Level.SEVERE, "vkPost: " + e.getMessage(), e); + } + return ret; + } + + public boolean twitterPost(com.juick.Message jmsg) { + Pair<String, String> tokens = CrosspostQueries.getTwitterTokens(sql, jmsg.getUser().getUID()).orElse(Pair.of("", "")); + if (tokens.getLeft().isEmpty() || tokens.getRight().isEmpty()) { + return false; + } + String token = percentEncode(tokens.getLeft()); + String token_secret = percentEncode(tokens.getRight()); + + logger.info("TWITTER: #" + jmsg.getMID()); + + String status = getMessageHashTags(jmsg) + jmsg.getText(); + if (status.length() > 115) { + status = status.substring(0, 114) + "…"; + } + status += " http://juick.com/" + jmsg.getMID(); + status = percentEncode(status); + + boolean ret = false; + try { + String nonce = UUID.randomUUID().toString(); + String timestamp = Long.toString(System.currentTimeMillis() / 1000L); + String signature = percentEncode(twitterSignature(status, nonce, timestamp, token, token_secret)); + String auth = "OAuth " + + "oauth_consumer_key=\"" + twitter_consumer_key + "\", " + + "oauth_nonce=\"" + nonce + "\", " + + "oauth_signature=\"" + signature + "\", " + + "oauth_signature_method=\"HMAC-SHA1\", " + + "oauth_timestamp=\"" + timestamp + "\", " + + "oauth_token=\"" + token + "\", " + + "oauth_version=\"1.0\""; + + HttpsURLConnection conn = (HttpsURLConnection) new URL(TWITTERURL).openConnection(); + conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded"); + conn.setRequestProperty("User-Agent", "Juick"); + conn.setRequestProperty("Content-Length", Integer.toString(status.length() + 7)); + conn.setRequestProperty("Authorization", auth); + conn.setUseCaches(false); + conn.setDoInput(true); + conn.setDoOutput(true); + conn.setRequestMethod("POST"); + conn.connect(); + + OutputStreamWriter wr = new OutputStreamWriter(conn.getOutputStream()); + wr.write("status=" + status); + wr.close(); + + ret = streamToString(conn.getInputStream()) != null; + + conn.disconnect(); + } catch (Exception e) { + logger.log(Level.SEVERE, "twitterPost: " + e.getMessage(), e); + } + return ret; + } + + public String twitterSignature(String status, String nonce, String timestamp, String token, String token_secret) { + try { + // ALPHABET-SORTED + String params = "oauth_consumer_key=" + twitter_consumer_key + + "&oauth_nonce=" + nonce + + "&oauth_signature_method=HMAC-SHA1" + + "&oauth_timestamp=" + timestamp + + "&oauth_token=" + token + + "&oauth_version=1.0" + + "&status=" + status; + + String base = "POST&" + percentEncode(TWITTERURL) + "&" + percentEncode(params); + String key = twitter_consumer_secret + "&" + token_secret; + + Key signingKey = new SecretKeySpec(key.getBytes(), "HmacSHA1"); + Mac mac = Mac.getInstance("HmacSHA1"); + mac.init(signingKey); + byte[] rawHmac = mac.doFinal(base.getBytes()); + return Base64.encodeBase64String(rawHmac); + + } catch (Exception e) { + logger.log(Level.SEVERE, "twitterSignature: " + e.getMessage(), e); + } + return null; + } + + public String streamToString(InputStream is) { + try { + BufferedReader buf = new BufferedReader(new InputStreamReader(is)); + StringBuilder str = new StringBuilder(); + String line; + do { + line = buf.readLine(); + str.append(line).append("\n"); + } while (line != null); + return str.toString(); + } catch (Exception e) { + logger.log(Level.SEVERE, "streamToString: " + e.getMessage(), e); + } + return null; + } + + public String getMessageHashTags(com.juick.Message jmsg) { + String hashtags = ""; + for (int i = 0; i < jmsg.Tags.size(); i++) { + hashtags += "#" + jmsg.Tags.get(i) + " "; + } + return hashtags; + } + + public static String percentEncode(String s) { + String ret = ""; + try { + ret = URLEncoder.encode(s, "UTF-8").replace("+", "%20").replace("*", "%2A").replace("%7E", "~"); + } catch (UnsupportedEncodingException e) { + } + return ret; + } +} diff --git a/src/main/java/com/juick/PushComponent.java b/src/main/java/com/juick/PushComponent.java new file mode 100644 index 00000000..3bb7cdc5 --- /dev/null +++ b/src/main/java/com/juick/PushComponent.java @@ -0,0 +1,311 @@ +/* + * Juick + * Copyright (C) 2013, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick; + +import com.google.android.gcm.server.Message; +import com.google.android.gcm.server.MulticastResult; +import com.google.android.gcm.server.Result; +import com.google.android.gcm.server.Sender; +import com.juick.json.MessageSerializer; +import com.juick.server.PushQueries; +import com.juick.server.SubscriptionsQueries; +import com.juick.xmpp.JID; +import com.juick.xmpp.Message.MessageListener; +import com.juick.xmpp.Stream; +import com.juick.xmpp.StreamComponent; +import com.juick.xmpp.extensions.JuickMessage; +import com.juick.xmpp.utils.XmlUtils; +import com.notnoop.apns.APNS; +import com.notnoop.apns.ApnsService; +import org.apache.http.Consts; +import org.apache.http.Header; +import org.apache.http.HttpResponse; +import org.apache.http.NameValuePair; +import org.apache.http.client.HttpClient; +import org.apache.http.client.entity.UrlEncodedFormEntity; +import org.apache.http.client.methods.HttpPost; +import org.apache.http.entity.StringEntity; +import org.apache.http.impl.client.HttpClientBuilder; +import org.apache.http.message.BasicNameValuePair; +import org.apache.http.util.EntityUtils; +import org.apache.http.util.TextUtils; +import org.json.JSONObject; +import org.springframework.jdbc.core.JdbcTemplate; +import org.springframework.jdbc.datasource.DriverManagerDataSource; + +import javax.servlet.ServletContextEvent; +import javax.servlet.ServletContextListener; +import java.io.IOException; +import java.net.Socket; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.List; +import java.util.Properties; +import java.util.concurrent.ExecutorService; +import java.util.concurrent.Executors; +import java.util.logging.Level; +import java.util.logging.LogManager; +import java.util.logging.Logger; +import java.util.stream.Collectors; + +/** + * + * @author Ugnich Anton + */ +public class PushComponent implements ServletContextListener, Stream.StreamListener, MessageListener { + + private static Logger logger = Logger.getLogger(PushComponent.class.getName()); + + private ExecutorService executorService; + String wns_application_sip; + String wns_client_secret; + JdbcTemplate sql; + Socket socket; + Stream xmpp; + Sender GCMSender; + + @Override + public void contextInitialized(final ServletContextEvent sce) { + logger.info("component initialized"); + executorService = Executors.newSingleThreadExecutor(); + executorService.submit((Runnable) () -> { + Properties conf = new Properties(); + try { + conf.load(sce.getServletContext().getResourceAsStream("/WEB-INF/juick.conf")); + LogManager.getLogManager().readConfiguration( + sce.getServletContext().getResourceAsStream("/WEB-INF/logging.properties")); + wns_application_sip = conf.getProperty("wns_application_sip", ""); + wns_client_secret = conf.getProperty("wns_client_secret", ""); + GCMSender = new Sender(conf.getProperty("gcm_key")); + + setupSql(conf.getProperty("datasource_driver", "com.mysql.jdbc.Driver"), conf.getProperty("datasource_url", "")); + setupXmppComponent(new JID("", conf.getProperty("push_jid"), ""), conf.getProperty("xmpp_host", "localhost"), + Integer.parseInt(conf.getProperty("xmpp_port", "5347")), conf.getProperty("push_xmpp_password", "")); + } catch (IOException e) { + logger.log(Level.SEVERE, e.getMessage(), e); + } + }); + } + + @Override + public void contextDestroyed(ServletContextEvent sce) { + executorService.shutdown(); + logger.info("component destroyed"); + } + + public void setupSql(String driver, String url) { + DriverManagerDataSource dataSource = new DriverManagerDataSource(); + dataSource.setDriverClassName(driver); + dataSource.setUrl(url); + sql = new JdbcTemplate(dataSource); + } + + public void setupXmppComponent(JID jid, String host, int port, String password) { + try { + socket = new Socket(host, port); + xmpp = new StreamComponent(jid, socket.getInputStream(), socket.getOutputStream(), password); + xmpp.addChildParser(new JuickMessage()); + xmpp.addListener((Stream.StreamListener) this); + xmpp.addListener((MessageListener) this); + xmpp.startParsing(); + } catch (IOException e) { + logger.log(Level.SEVERE, e.getMessage(), e); + } + } + + @Override + public void onStreamReady() { + logger.info("XMPP STREAM READY"); + } + + @Override + public void onStreamFail(Exception e) {logger.log(Level.SEVERE, "XMPP STREAM FAIL", e);} + + @Override + public void onMessage(com.juick.xmpp.Message msg) { + JuickMessage jmsg = (JuickMessage)msg.getChild(JuickMessage.XMLNS); + List<User> subscribedUsers = new ArrayList<>(); + boolean isPM = jmsg.getMID() == 0; + boolean isReply = jmsg.getRID() > 0; + int pmTo = 0; + if (isPM) { + pmTo = Integer.parseInt(msg.to.Username); + } else { + if (isReply) { + subscribedUsers = + SubscriptionsQueries.getUsersSubscribedToComments(sql, jmsg.getMID(), jmsg.getUser().getUID()); + } else { + // new message + subscribedUsers = SubscriptionsQueries.getSubscribedUsers(sql, jmsg.getUser().getUID(), jmsg.getMID()); + } + } + + /*** ANDROID ***/ + final List<String> regids = new ArrayList<>(); + if (isPM) { + PushQueries.getAndroidRegID(sql, pmTo).ifPresent(regids::add); + } else { + List<Integer> uids = subscribedUsers.stream().map(User::getUID).collect(Collectors.toList()); + if (uids.size() > 0) { + regids.addAll(PushQueries.getAndroidTokens(sql, uids)); + } + } + + if (!regids.isEmpty()) { + MessageSerializer messageSerializer = new MessageSerializer(); + String json = messageSerializer.serialize(jmsg).toString(); + logger.info(json); + Message message = new Message.Builder().addData("message", json).build(); + try { + MulticastResult result = GCMSender.send(message, regids, 3); + List<Result> results = result.getResults(); + for (int i = 0; i < results.size(); i++) { + logger.info("RES " + i + ": " + results.get(i).toString()); + } + } catch (IOException e) { + logger.log(Level.SEVERE, e.getMessage(), e); + } catch (IllegalArgumentException err) { + logger.warning("Android: Invalid API Key"); + } + } else { + logger.info("GMS: no recipients"); + } + + /*** WinPhone ***/ + final List<String> urls = new ArrayList<>(); + if (isPM) { + PushQueries.getWinPhoneURL(sql, pmTo).ifPresent(urls::add); + } else { + List<Integer> uids = subscribedUsers.stream().map(User::getUID).collect(Collectors.toList()); + if (uids.size() > 0) { + urls.addAll(PushQueries.getWindowsTokens(sql, uids)); + } + } + + + if (urls.isEmpty()) { + logger.info("WNS: no recipients"); + } else { + try { + String wnsToken = getWnsAccessToken(); + String text1 = "@" + jmsg.getUser().getUName(); + if (!jmsg.Tags.isEmpty()) { + text1 += ":" + XmlUtils.escape(jmsg.getTagsString()); + } + String text2 = XmlUtils.escape(jmsg.getText()); + String xml = "<?xml version=\"1.0\" encoding=\"utf-8\"?>" + + "<toast>" + + "<visual>" + + "<binding template=\"ToastImageAndText02\">" + + "<image id=\"1\" src=\"http://i.juick.com/as/" + jmsg.getUser().getUID() + ".png\" />" + + "<text id=\"1\">" + text1 + "</text>" + + "<text id=\"2\">" + text2 + "</text>" + + "</binding>" + + "</visual>" + + "<commands>" + + "<command arguments=\"?mid=" + jmsg.getMID() + "\" />" + + "</commands>" + + "</toast>"; + logger.fine(xml); + for (String url : urls) { + logger.info("WNS: " + url); + sendWNS(wnsToken, url, xml); + } + } catch (IOException | IllegalStateException e) { + logger.log(Level.SEVERE, "WNS: ", e); + } + } + + /*** iOS ***/ + final List<String> tokens = new ArrayList<>(); + if (isPM) { + PushQueries.getAPNSToken(sql, pmTo).ifPresent(tokens::add); + } else { + List<Integer> uids = subscribedUsers.stream().map(User::getUID).collect(Collectors.toList()); + if (uids.size() > 0) { + tokens.addAll(PushQueries.getAPNSTokens(sql, uids)); + } + } + if (!tokens.isEmpty()) { + ApnsService service = APNS.newService().withCert("/etc/juick/ios.p12", "juick") + .withSandboxDestination().build(); + for (String token : tokens) { + String payload = APNS.newPayload().alertTitle("@" + jmsg.getUser().getUName()).alertBody(jmsg.getText()).build(); + logger.info("APNS: " + token); + service.push(token, payload); + } + } else { + logger.info("APNS: no recipients"); + } + } + + String getWnsAccessToken() throws IOException, IllegalStateException { + if(TextUtils.isEmpty(wns_application_sip)) { + throw new IllegalStateException("'wns_application_sip' is not initialized"); + } + if(TextUtils.isEmpty(wns_client_secret)) { + throw new IllegalStateException("'wns_client_secret' is not initialized"); + } + HttpClient client = HttpClientBuilder.create().build(); + String url = "https://login.live.com/accesstoken.srf"; + List<NameValuePair> formParams = new ArrayList<>(); + formParams.add(new BasicNameValuePair("grant_type", "client_credentials")); + formParams.add(new BasicNameValuePair("client_id", wns_application_sip)); + formParams.add(new BasicNameValuePair("client_secret", wns_client_secret)); + formParams.add(new BasicNameValuePair("scope", "notify.windows.com")); + UrlEncodedFormEntity entity = new UrlEncodedFormEntity(formParams, Consts.UTF_8); + HttpPost httppost = new HttpPost(url); + httppost.setEntity(entity); + HttpResponse response = client.execute(httppost); + int statusCode = response.getStatusLine().getStatusCode(); + String responseContent = EntityUtils.toString(response.getEntity(), Consts.UTF_8); + JSONObject json = new JSONObject(responseContent); + if(statusCode != 200) { + throw new IOException(json.opt("error") + ": " + json.opt("error_description")); + } + String tokenType = (String)json.get("token_type"); + if(tokenType.length() >= 1) { + tokenType = Character.toUpperCase(tokenType.charAt(0)) + tokenType.substring(1); + } + return tokenType + " " + json.get("access_token"); + } + + void sendWNS(String wnsToken, String url, String xml) throws IOException { + HttpClient client = HttpClientBuilder.create().build(); + StringEntity entity = new StringEntity(xml, Consts.UTF_8); + HttpPost httpPost = new HttpPost(url); + httpPost.setHeader("Content-Type", "text/xml"); + httpPost.setHeader("Authorization", wnsToken); + httpPost.setHeader("X-WNS-Type", "wns/toast"); + httpPost.setEntity(entity); + HttpResponse response = client.execute(httpPost); + int statusCode = response.getStatusLine().getStatusCode(); + if(statusCode != 200) { + String headersContent = stringifyWnsHttpHeaders(response.getAllHeaders()); + throw new IOException(headersContent); + } + } + + static String stringifyWnsHttpHeaders(Header[] allHeaders) { + String[] wnsHeaders = Arrays.stream(allHeaders) + .filter(x -> x.getName().startsWith("X-WNS-") || x.getName().startsWith("WWW-")) + .map(x -> x.getName() + ": " + x.getValue()) + .toArray(String[]::new); + return String.join("\n", wnsHeaders); + } +} diff --git a/src/main/java/com/juick/http/www/Discover.java b/src/main/java/com/juick/http/www/Discover.java new file mode 100644 index 00000000..bdb86380 --- /dev/null +++ b/src/main/java/com/juick/http/www/Discover.java @@ -0,0 +1,120 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.http.www; + +import com.juick.server.AdsQueries; +import com.juick.server.MessagesQueries; +import com.juick.server.TagQueries; +import org.springframework.jdbc.core.JdbcTemplate; + +import java.io.IOException; +import java.io.PrintWriter; +import java.net.URLDecoder; +import java.net.URLEncoder; +import java.sql.Connection; +import java.util.ArrayList; +import java.util.List; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * + * @author Ugnich Anton + */ +public class Discover { + + protected void doGet(JdbcTemplate sql, JdbcTemplate sqlSearch, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + + String paramTagStr = URLDecoder.decode(request.getRequestURI().substring(5), "UTF-8"); + com.juick.Tag paramTag = TagQueries.getTag(sql, paramTagStr, false); + if (paramTag == null) { + Errors.doGet404(sql, request, response); + return; + } else if (paramTag.SynonymID > 0 && paramTag.TID != paramTag.SynonymID) { + com.juick.Tag synTag = TagQueries.getTag(sql, paramTag.SynonymID); + String url = "/tag/" + URLEncoder.encode(synTag.Name, "UTF-8"); + if (request.getQueryString() != null) { + url += "?" + request.getQueryString(); + } + Utils.sendPermanentRedirect(response, url); + return; + } else if (!paramTag.Name.equals(paramTagStr)) { + String url = "/tag/" + URLEncoder.encode(paramTag.Name, "UTF-8"); + if (request.getQueryString() != null) { + url += "?" + request.getQueryString(); + } + Utils.sendPermanentRedirect(response, url); + return; + } + + int paramBefore = 0; + String paramBeforeStr = request.getParameter("before"); + if (paramBeforeStr != null) { + try { + paramBefore = Integer.parseInt(paramBeforeStr); + } catch (NumberFormatException e) { + } + } + + int visitor_uid = visitor != null ? visitor.getUID() : 0; + + String title = "*" + Utils.encodeHTML(paramTag.Name); + List<Integer> mids = MessagesQueries.getTag(sql, paramTag.TID, visitor_uid, paramBefore, (visitor == null) ? 40 : 20); + + response.setContentType("text/html; charset=UTF-8"); + try (PrintWriter out = response.getWriter()) { + String head = ""; + if (TagQueries.getTagNoIndex(sql, paramTag.TID)) { + head = "<meta name=\"robots\" content=\"noindex,nofollow\"/>"; + } else if (paramBefore > 0 || mids.size() < 5) { + head = "<meta name=\"robots\" content=\"noindex\"/>"; + } + PageTemplates.pageHead(out, title, head); + PageTemplates.pageNavigation(out, visitor, null); + PageTemplates.pageHomeColumn(out, sql, visitor); + + out.println("<section id=\"content\">"); + + if (mids.size() > 0) { + int vuid = visitor != null ? visitor.getUID() : 0; + int ad_mid = AdsQueries.getAdMID(sql, vuid); + if (ad_mid > 0 && mids.indexOf(ad_mid) == -1) { + mids.add(0, ad_mid); + AdsQueries.logAdMID(sql, vuid, ad_mid); + } else { + ad_mid = 0; + } + + PageTemplates.printMessages(out, sql, null, mids, visitor, visitor == null ? 2 : 3, ad_mid); + } + + if (mids.size() >= 20) { + String nextpage = "/tag/" + URLEncoder.encode(paramTag.Name, "UTF-8") + "?before=" + mids.get(mids.size() - 1); + out.println("<p class=\"page\"><a href=\"" + nextpage + "\" rel=\"prev\">Читать дальше →</a></p>"); + } + + out.println("</section>"); + + PageTemplates.pageFooter(request, out, visitor, true); + + PageTemplates.pageEnd(out); + } + } +} diff --git a/src/main/java/com/juick/http/www/Errors.java b/src/main/java/com/juick/http/www/Errors.java new file mode 100644 index 00000000..0044c209 --- /dev/null +++ b/src/main/java/com/juick/http/www/Errors.java @@ -0,0 +1,42 @@ +package com.juick.http.www; + +import org.springframework.jdbc.core.JdbcTemplate; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.io.PrintWriter; + +/** + * + * @author ugnich + */ +public class Errors { + + public static String tagsHTML = null; + + public static void doGet404(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + + if (tagsHTML == null) { + tagsHTML = PageTemplates.formatPopularTags(sql, 80); + } + + response.setStatus(404); + response.setContentType("text/html; charset=UTF-8"); + try (PrintWriter out = response.getWriter()) { + PageTemplates.pageHead(out, "404 Страница не найдена", null); + PageTemplates.pageNavigation(out, visitor, null); + PageTemplates.pageHomeColumn(out, sql, visitor); + + out.println("<section id=\"content\">"); + out.println("<h1>Страница не найдена</h1>"); + out.println("<p>Сожалеем, но страницу с этим адресом удалил её автор, либо её никогда не существовало.</p>"); + out.println("</section>"); + + PageTemplates.pageFooter(request, out, visitor, false); + PageTemplates.pageEnd(out); + } + } +} diff --git a/src/main/java/com/juick/http/www/FacebookLogin.java b/src/main/java/com/juick/http/www/FacebookLogin.java new file mode 100644 index 00000000..cf444abc --- /dev/null +++ b/src/main/java/com/juick/http/www/FacebookLogin.java @@ -0,0 +1,152 @@ +/* + * Juick + * Copyright (C) 2008-2013, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.http.www; + +import com.juick.server.UserQueries; +import org.json.JSONObject; +import org.springframework.dao.EmptyResultDataAccessException; +import org.springframework.jdbc.core.JdbcTemplate; + +import javax.servlet.ServletException; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.net.URLEncoder; +import java.util.UUID; +import java.util.logging.Level; +import java.util.logging.Logger; + +/** + * + * @author Ugnich Anton + */ +public class FacebookLogin { + + private static final Logger logger = Logger.getLogger(FacebookLogin.class.getName()); + + private static final String FACEBOOK_APPID = "130568668304"; + private static final String FACEBOOK_SECRET = "95813bfb6ab8f473410c50d4f971649e"; + private static final String FACEBOOK_REDIRECT = "http://juick.com/_fblogin"; + + protected void doGet(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + String fbstate; + + String code = request.getParameter("code"); + if (code == null || code.equals("")) { + fbstate = UUID.randomUUID().toString(); + + Cookie c = new Cookie("fbstate", fbstate); + response.addCookie(c); + + response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); + response.setHeader("Location", "https://www.facebook.com/dialog/oauth?scope=publish_stream&client_id=" + FACEBOOK_APPID + "&redirect_uri=" + URLEncoder.encode(FACEBOOK_REDIRECT, "utf-8") + "&state=" + fbstate); + return; + } + + fbstate = Utils.getCookie(request, "fbstate"); + if (fbstate == null || fbstate.isEmpty() || !fbstate.equals(request.getParameter("state"))) { + response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + return; + } else { + Cookie c = new Cookie("fbstate", "-"); + c.setMaxAge(0); + response.addCookie(c); + } + + String token = Utils.fetchURL("https://graph.facebook.com/oauth/access_token?client_id=" + FACEBOOK_APPID + "&redirect_uri=" + URLEncoder.encode(FACEBOOK_REDIRECT, "utf-8") + "&client_secret=" + FACEBOOK_SECRET + "&code=" + URLEncoder.encode(code, "utf-8")); + if (token == null || token.isEmpty() || !token.startsWith("access_token=")) { + logger.log(Level.SEVERE, "FACEBOOK TOKEN ERROR: " + token); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + token = token.substring(13); // access_token=... + int tokenamp = token.indexOf('&'); // &expires= + if (tokenamp > 0) { + token = token.substring(0, tokenamp); + } + + String graph = Utils.fetchURL("https://graph.facebook.com/me?access_token=" + token); + if (graph == null || graph.isEmpty()) { + System.err.println("FACEBOOK GRAPH ERROR"); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + + try { + JSONObject json = new JSONObject(graph); + String fbIDStr = json.getString("id"); + String fbName = json.getString("name"); + String fbLink = json.getString("link"); + boolean fbVerified = json.getBoolean("verified"); + + long fbID = 0; + if (fbIDStr != null && !fbIDStr.isEmpty()) { + fbID = Long.parseLong(fbIDStr); + } + + if (fbID == 0 || fbName == null || fbLink == null || fbName.isEmpty() || fbLink.isEmpty()) { + throw new Exception(); + } + + int uid = getUIDbyFBID(sql, fbID); + if (uid > 0) { + if (!updateDB(sql, fbID, token, fbName, fbLink)) { + throw new Exception(); + } + Cookie c = new Cookie("hash", UserQueries.getHashByUID(sql, uid)); + c.setMaxAge(50 * 24 * 60 * 60); + response.addCookie(c); + response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); + response.setHeader("Location", "/"); + } else if (fbVerified) { + String loginhash = UUID.randomUUID().toString(); + if (!insertDB(sql, fbID, loginhash, token, fbName, fbLink)) { + throw new Exception(); + } + response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); + response.setHeader("Location", "/signup?type=fb&hash=" + loginhash); + } else { + throw new Exception(); + } + } catch (Exception e) { + logger.log(Level.WARNING, "fb error", e); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + } + + private int getUIDbyFBID(JdbcTemplate sql, long fbID) { + try { + return sql.queryForObject("SELECT user_id FROM facebook WHERE fb_id=? AND user_id IS NOT NULL", + Integer.class, fbID); + } catch (EmptyResultDataAccessException e) { + return 0; + } + } + + private boolean insertDB(JdbcTemplate sql, long fbID, String loginhash, String token, String fbName, String fbLink) { + return sql.update("INSERT INTO facebook(fb_id,loginhash,access_token,fb_name,fb_link) VALUES (?,?,?,?,?)", + fbID, loginhash, token, fbName, fbLink) > 0; + } + + private boolean updateDB(JdbcTemplate sql, long fbID, String token, String fbName, String fbLink) { + return sql.update("UPDATE facebook SET access_token=?,fb_name=?,fb_link=? WHERE fb_id=?", + token, fbName, fbLink, fbID) > 0; + } +} diff --git a/src/main/java/com/juick/http/www/Help.java b/src/main/java/com/juick/http/www/Help.java new file mode 100644 index 00000000..503044e6 --- /dev/null +++ b/src/main/java/com/juick/http/www/Help.java @@ -0,0 +1,90 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.http.www; + +import org.springframework.jdbc.core.JdbcTemplate; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.*; + +/** + * + * @author Ugnich Anton + */ +public class Help { + + protected void doRedirectToHelpIndex(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + Utils.sendTemporaryRedirect(response, "/help/ru/"); + } + + protected void doGetHelp(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + + String path[] = request.getRequestURI().split("/"); + String page; + if (path.length < 3 || path.length > 4 || path[2].length() != 2 || !path[2].matches("^[a-z]+$")) { + Errors.doGet404(sql, request, response); + return; + } + + if (path.length == 4) { + page = path[3]; + if (!page.matches("^[a-zA-Z0-9\\-]*$") || page.equals("navigation") || page.equals("index")) { + Errors.doGet404(sql, request, response); + return; + } + } else { + page = "index"; + } + + File f = new File("/var/www/juick.com/help/" + path[2] + "/" + page); + if (!f.isFile()) { + Errors.doGet404(sql, request, response); + return; + } + + response.setContentType("text/html; charset=UTF-8"); + try (PrintWriter out = response.getWriter()) { + PageTemplates.pageHead(out, "Помощь", null); + PageTemplates.pageNavigation(out, visitor, null); + + out.println("<aside id=\"column\">"); + printFile(out, new File("/var/www/juick.com/help/" + path[2] + "/navigation")); + out.println("</aside>"); + + out.println("<section id=\"content\">"); + out.println("<article>"); + printFile(out, f); + out.println("</article>"); + out.println("</section>"); + + PageTemplates.pageFooter(request, out, visitor, false); + PageTemplates.pageEnd(out); + } + } + + private void printFile(PrintWriter out, File f) throws IOException { + BufferedReader br = new BufferedReader(new FileReader(f)); + String str; + while ((str = br.readLine()) != null) { + out.println(str); + } + } +} diff --git a/src/main/java/com/juick/http/www/Home.java b/src/main/java/com/juick/http/www/Home.java new file mode 100644 index 00000000..d5c1bb7b --- /dev/null +++ b/src/main/java/com/juick/http/www/Home.java @@ -0,0 +1,175 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.http.www; + +import com.juick.server.AdsQueries; +import com.juick.server.MessagesQueries; +import org.springframework.jdbc.core.JdbcTemplate; + +import java.io.IOException; +import java.io.PrintWriter; +import java.net.URLEncoder; +import java.sql.Connection; +import java.util.ArrayList; +import java.util.List; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * + * @author Ugnich Anton + */ +public class Home { + + protected void doGet(JdbcTemplate sql, JdbcTemplate sqlSearch, HttpServletRequest request, HttpServletResponse response, com.juick.User visitor) throws ServletException, IOException { + int paramBefore = 0; + String paramBeforeStr = request.getParameter("before"); + if (paramBeforeStr != null) { + try { + paramBefore = Integer.parseInt(paramBeforeStr); + } catch (NumberFormatException e) { + } + } + + String paramSearch = request.getParameter("search"); + if (paramSearch != null && paramSearch.length() > 64) { + paramSearch = null; + } + + String title; + List<Integer> mids; + + String paramShow = request.getParameter("show"); + if (paramSearch != null) { + title = "Поиск: " + Utils.encodeHTML(paramSearch); + mids = MessagesQueries.getSearch(sql, sqlSearch, Utils.encodeSphinx(paramSearch), paramBefore); + } else if (paramShow == null) { + if (visitor != null) { + title = "Популярные"; + mids = MessagesQueries.getPopular(sql, visitor.getUID(), paramBefore); + } else { + title = "Микроблоги Juick: популярные записи"; + mids = MessagesQueries.getPopular(sql, 0, paramBefore); + } + + } else if (paramShow.equals("top")) { + Utils.sendPermanentRedirect(response, "/"); + return; + } else if (paramShow.equals("my") && visitor != null) { + title = "Моя лента"; + mids = MessagesQueries.getMyFeed(sql, visitor.getUID(), paramBefore); + } else if (paramShow.equals("private") && visitor != null) { + title = "Приватные"; + mids = MessagesQueries.getPrivate(sql, visitor.getUID(), paramBefore); + } else if (paramShow.equals("discuss") && visitor != null) { + title = "Обсуждения"; + mids = MessagesQueries.getDiscussions(sql, visitor.getUID(), paramBefore); + } else if (paramShow.equals("recommended") && visitor != null) { + title = "Рекомендации"; + mids = MessagesQueries.getRecommended(sql, visitor.getUID(), paramBefore); + } else if (paramShow.equals("photos")) { + title = "Фотографии"; + if (visitor != null) { + mids = MessagesQueries.getPhotos(sql, visitor.getUID(), paramBefore); + } else { + mids = MessagesQueries.getPhotos(sql, 0, paramBefore); + } + } else if (paramShow.equals("all")) { + title = "Все сообщения"; + if (visitor != null) { + mids = MessagesQueries.getAll(sql, visitor.getUID(), paramBefore); + } else { + mids = MessagesQueries.getAll(sql, 0, paramBefore); + } + } else { + Errors.doGet404(sql, request, response); + return; + } + + response.setContentType("text/html; charset=UTF-8"); + PrintWriter out = response.getWriter(); + try { + String head = ""; + if (paramBefore > 0 || paramShow != null) { + head = "<meta name=\"robots\" content=\"noindex\"/>"; + } + PageTemplates.pageHead(out, title, head); + PageTemplates.pageNavigation(out, visitor, paramSearch); + PageTemplates.pageHomeColumn(out, sql, visitor, paramShow == null && paramBefore == 0 && paramSearch == null && visitor == null); + + out.println("<section id=\"content\">"); + + if (paramShow == null && paramBefore == 0) { + out.println("<!--noindex-->"); + } + + if (visitor != null) { + out.println("<form action=\"/post\" method=\"post\" enctype=\"multipart/form-data\" onsubmit=\"return onsubmitNewMessage()\">"); + out.println("<section id=\"newmessage\">"); + out.println(" <textarea name=\"body\" placeholder=\"Новое сообщение...\" onclick=\"$('#newmessage>div').css('display','block');$('#newmessage textarea').css('min-height','70px');\" onkeypress=\"postformListener(this.form,event)\"></textarea>"); + out.println(" <div>"); + out.println(" <input type=\"text\" class=\"img\" name=\"img\" placeholder=\"Ссылка на изображение (JPG/PNG, до 10Мб)\"/> или <a href=\"#\" onclick=\"return attachMessagePhoto(this)\">загрузить</a><br/>"); + out.println(" <input type=\"text\" class=\"tags\" name=\"tags\" placeholder=\"Теги (через пробел)\"/><br/>"); + out.println(" <input type=\"submit\" class=\"subm\" value=\"Отправить\"/>"); + out.println(" </div>"); + out.println("</section>"); + out.println("</form>"); + } + + if (mids.size() > 0) { + int ad_mid = 0; + if (paramShow == null || paramShow.equals("top") || paramShow.equals("all")) { + int vuid = visitor != null ? visitor.getUID() : 0; + ad_mid = AdsQueries.getAdMID(sql, vuid); + if (ad_mid > 0 && mids.indexOf(ad_mid) == -1) { + mids.add(0, ad_mid); + AdsQueries.logAdMID(sql, vuid, ad_mid); + } else { + ad_mid = 0; + } + } + + PageTemplates.printMessages(out, sql, null, mids, visitor, visitor == null ? 2 : 3, ad_mid); + } + + if (mids.size() >= 20) { + String nextpage = "?before=" + mids.get(mids.size() - 1); + if (paramShow != null) { + nextpage += "&show=" + paramShow; + } + if (paramSearch != null) { + nextpage += "&search=" + URLEncoder.encode(paramSearch, "UTF-8"); + } + + out.println("<p class=\"page\"><a href=\"" + nextpage + "\" rel=\"prev\">Читать дальше →</a></p>"); + } + + if (paramShow == null && paramBefore == 0) { + out.println("<!--/noindex-->"); + } + + out.println("</section>"); + + PageTemplates.pageFooter(request, out, visitor, true); + PageTemplates.pageEnd(out); + } finally { + out.close(); + } + } +} diff --git a/src/main/java/com/juick/http/www/Login.java b/src/main/java/com/juick/http/www/Login.java new file mode 100644 index 00000000..f12c7096 --- /dev/null +++ b/src/main/java/com/juick/http/www/Login.java @@ -0,0 +1,246 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.http.www; + +import org.springframework.jdbc.core.JdbcTemplate; + +import java.io.IOException; +import java.io.PrintWriter; +import javax.servlet.ServletException; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * + * @author Ugnich Anton + */ +public class Login { + + protected void doGetLoginForm(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + if (visitor != null) { + Utils.sendTemporaryRedirect(response, "/"); + return; + } + + response.setContentType("text/html; charset=UTF-8"); + try (PrintWriter out = response.getWriter()) { + out.println("<!DOCTYPE html>"); + out.println("<html>"); + out.println("<head>"); + out.println("<title>Juick</title>"); + out.println("<script type=\"text/javascript\" src=\"http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js\" defer=\"defer\"></script>"); + out.println("<style>"); + out.println("* { margin: 0; padding: 0; }"); + out.println("html { font-family: sans-serif; font-size: 12pt; }"); + out.println("html { background: #eeeee5; }"); + out.println("body { margin: 100px auto 0 auto; width: 1000px; }"); + out.println("a { color: #069; }"); + out.println("ul { float: left; width: 700px; height: 350px; list-style-type: none; background: url(/tagscloud.png) no-repeat; position: relative; }"); + out.println("ul a { position: absolute; display: block; text-indent: 100%; white-space: nowrap; overflow: hidden; }"); + + out.println("#bottom1 { position: absolute; left: 0px; bottom: 10px; width: 100%; text-align: center; color: #555; }"); + out.println("#bottom2 { position: absolute; left: 0px; bottom: -50px; width: 100%; padding-bottom: 20px; text-align: center; font-size: small; color: #777; }"); + + out.println("#signup,#signin { margin-left: 730px; width: 250px; }"); + out.println("#signup { padding-top: 25px; }"); + out.println("#signup>div { width: 100%; margin: 15px 0; }"); + out.println("#signup>div>a { display: block; width: 100%; height: 32px; line-height: 32px; text-indent: 37px; text-decoration: none; overflow: hidden; }"); + + out.println("#facebook a { color: #FFF; background: url(\"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAMAAABEpIrGAAAAAXNSR0IArs4c6QAAADNQTFRFO1edX3ewl6bLnKrOoK3QrrrYvMXe2N7r3OLu3+Tv5urz7O/29vf6+Pn7+vv9/Pz9////ykQjsQAAAEZJREFUOMtjYBgFuAATO68ADxdOaUYuATDAqYBbAL8CFgECCjiBcqz4XMiPz3oQEKCtAgEkwEdIAQchBWyEFDAPkDdHsAIAhZkIwz/VK/UAAAAASUVORK5CYII=\") no-repeat #3A569C; }"); + out.println("#vk a { color: #FFF; background: url(\"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAMAAABEpIrGAAAAAXNSR0IArs4c6QAAAHJQTFRFbY+zbo+zbpCzb5C0cpO1c5O2dZW3dpa4e5m6gJ29gZ69lq/In7bNo7jPrcDUs8XXvs3dv87dy9fkztnlz9rm0Nrm093o1N7o1+Dq3OTt3ubu4Ofv5Orw7fH27vL28PP38vX49Pb5+vv8+/z9/Pz9////2jSYlQAAAG5JREFUOMvtkEcOgDAMBE3vvXdIyP+/iMMRKfYHmMtcRtE6AD8f1Is8pyKgAs0RGYO2HSWqMQaoBHVRgYsS3AsrtyFlrqgdJlCLb95gxQO6IkZCqL+KCjz0TQU5ejOf2a3aJXPF7BOB2PvMhp8PDzGRFgEe7xvEAAAAAElFTkSuQmCC\") no-repeat #6d8fb3; }"); + out.println("#xmpp>a { color: #333; background: url(\"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAMAAABEpIrGAAAAAXNSR0IArs4c6QAAAt9QTFRFBj5rCUFoFz5mDEFuDUNqGUJkGUNgAEprEkVtGkRhHURnHEZjAE+BIElmEEx/HEx0PUdTHE5wMEtfO0laJk5sFlN6Nk1cKFBuIlJ1R0pYRExTGF2KMVh1OFhxDGSQT1deNlx6TVhkIGKPUlphKWOFU1tiOmB+Vl1kmlAuNmaDQGpaIG6ba2Q2SGeBN2uUNW+LF3mGRmyLV3BAL3xWgmVJ2VAa2lEb0VYX11UafWlmam9mam5xy1km3lUea29y2VccvF8obHBz21gd4VcXS3ebPoVG1lwl5FkaU3iYYHaH2F0ejHFIx2Iv4V0aP4o+02As218g4l4bPYtFX351KZFaymU43mIrVYoz5mEfT4w0xGsrSo82eXqDw2s+z2k1OZVAT4SoPZU5RZM4NJVYbYc8VoSiWY43WItbuXBK52gYOI20TpM6YYSYfX98T5Q7foB9aYSZSZc8Ro21cYxH7GwdT46e0HFGeopO2HA8V5ZEf4s8528l1HM7UJs5UI+xXoyrWZhGY4ylyHdMwXhXQZS7XpdNU5tH4XJBYJZZcIuhbpJk0HdPU588kohqOZ2pVZS30XpX6XcxSaFrz4FIUqVWWqVCYZm23YBGxYRrZZ2QXpy/5YFC7IA+6oBRb6ZUcKZn44ZSgKJu54hHmJqXbbBNfKh3cq5nYqrMpJyVdrBjx5WCo56diamAjaWdyZeE8JFV8ZJWnqOlaK/Sd7Zh7pVdgbN6x52N8JdfwqCU8ZhgZLbXb7a5grtTmK+UxKKWtqahq6qhd7bHqauop6yvqqyp755pbbzRrK6rwamgib53qq+xra+sobSg86Jza8PJsLKujMVctrGwqLapv7Crr7Wr8ad1srSxj8R9uLOys7WyubSztLazkcZ/sre6tbe0r7m0tri1t7m2vri3uLq3v7m4ubu4nc9mpNBvos2UptJxtNWXtteFuNmbuNyQud2Rut6SwN+aweCbwuGdw+KeweKkF4OfHQAAAadJREFUOMtjeEoAMAwfBQ9vYJO68RCu4BYDq1bXmr2XHoMlnlzet2qGpTgX8y2EFWwensEdrW2FbUAlJ2zDKsqaYwo6eZHcIGzoor/s5IdPSfefPt3nf3Xn3HZpPU8xJAXWIvU88VOffcm78vTptrijJe4OfAmy1kgKzjMlaIfUPvvQcObp03U120ucTZQaGc8je1NZrd8g8cL7eUufPp0wfX2mvVydripKONzkTG1JXvL6TuXTR/Zb5gR6F+Vw30QNqNUss/pqn3/MvrTD7Wy1V9Y0jtXoIZnLv2nSnrfzF3bP3hDRu1wwHzOo1VWOTXn5yi/q7MTJuxTUscTFQyHNc5vfbU1btOCgjNBDbJH1UF5i9/XP6VVrJRUfYo/Nx3YcpS/euOo4Pn6MqeDx44f3LoY2SYnOXBlUfPPug8cwRQxQ6Qf39sda+HqZaQiwGydFlx+4eQ+qAqrg4b3bPqbmNhkrNm5cbGUUHply7d6Dh8hWPH744Oa186eOHDl06NDh46fP33zwEMUEiCMe3L13GwjuPbj38PHTx9jT5OPHj5G9MFQyDgA8riWAv9eLFAAAAABJRU5ErkJggg==\") no-repeat #BBB; }"); + out.println("#xmppinfo { background: #FFF; padding: 10px; display: none; }"); + + out.println("#signin { text-align: center; font-size: small; }"); + out.println("#signinform { background: #FFF; padding: 10px 15px; margin-top: 15px; display: none; }"); + out.println("input.txt { width: 212px; border: 1px solid #CCC; margin: 3px 0; padding: 3px; }"); + out.println("input.submit { width: 70px; border: 1px solid #CCC; margin: 3px 0; padding: 3px; }"); + out.println("</style>"); + out.println("<link rel=\"icon\" href=\"//i.juick.com/favicon.png\"/>"); + out.println("</head>"); + + out.println("<body>"); + + out.println("<ul id=\"tags\">"); + out.println(" <li><a href=\"/tag/juick\" style=\"left: 359px; top: 120px; width: 311px; height: 99px\">juick</a></li>"); + out.println(" <li><a href=\"/tag/linux\" style=\"left: 201px; top: 100px; width: 98px; height: 35px\">linux</a></li>"); + out.println(" <li><a href=\"/tag/android\" style=\"left: 314px; top: 42px; width: 45px; height: 158px\">android</a></li>"); + out.println(" <li><a href=\"/tag/работа\" style=\"left: 149px; top: 138px; width: 165px; height: 41px\">работа</a></li>"); + out.println(" <li><a href=\"/tag/music\" style=\"left: 119px; top: 249px; width: 124px; height: 32px\">music</a></li>"); + out.println(" <li><a href=\"/tag/windows\" style=\"left: 448px; top: 234px; width: 186px; height: 32px\">windows</a></li>"); + out.println(" <li><a href=\"/tag/google\" style=\"left: 244px; top: 252px; width: 134px; height: 41px\">google</a></li>"); + out.println(" <li><a href=\"/tag/кино\" style=\"left: 68px; top: 83px; width: 97px; height: 28px\">кино</a></li>"); + out.println(" <li><a href=\"/tag/фото\" style=\"left: 400px; top: 266px; width: 101px; height: 29px\">фото</a></li>"); + out.println(" <li><a href=\"/tag/жизнь\" style=\"left: 554px; top: 266px; width: 125px; height: 27px\">жизнь</a></li>"); + out.println(" <li><a href=\"/tag/еда\" style=\"left: 46px; top: 196px; width: 71px; height: 32px\">еда</a></li>"); + out.println(" <li><a href=\"/tag/музыка\" style=\"left: 61px; top: 111px; width: 139px; height: 27px\">музыка</a></li>"); + out.println(" <li><a href=\"/tag/прекрасное\" style=\"left: 152px; top: 200px; width: 205px; height: 32px\">прекрасное</a></li>"); + out.println(" <li><a href=\"/tag/книги\" style=\"left: 148px; top: 293px; width: 103px; height: 25px\">книги</a></li>"); + out.println(" <li><a href=\"/tag/цитата\" style=\"left: 325px; top: 301px; width: 126px; height: 27px\">цитата</a></li> <li><a href=\"/tag/games\" style=\"left: 117px; top: 142px; width: 30px; height: 104px\">games</a></li>"); + out.println(" <li><a href=\"/tag/ubuntu\" style=\"left: 503px; top: 2px; width: 28px; height: 102px\">ubuntu</a></li>"); + out.println(" <li><a href=\"/tag/котэ\" style=\"left: 534px; top: 27px; width: 76px; height: 28px\">котэ</a></li>"); + out.println(" <li><a href=\"/tag/ВНЕЗАПНО\" style=\"left: 501px; top: 293px; width: 146px; height: 23px\">ВНЕЗАПНО</a></li>"); + out.println(" <li><a href=\"/tag/юмор\" style=\"left: 73px; top: 53px; width: 84px; height: 28px\">юмор</a></li>"); + out.println(" <li><a href=\"/tag/мысли\" style=\"left: 202px; top: 179px; width: 102px; height: 21px\">мысли</a></li>"); + out.println(" <li><a href=\"/tag/pic\" style=\"left: 400px; top: 78px; width: 33px; height: 38px\">pic</a></li>"); + out.println(" <li><a href=\"/tag/политота\" style=\"left: 531px; top: 60px; width: 130px; height: 24px\">политота</a></li>"); + out.println(" <li><a href=\"/tag/WOT\" style=\"left: 159px; top: 63px; width: 48px; height: 20px\">WOT</a></li>"); + out.println(" <li><a href=\"/tag/fail\" style=\"left: 8px; top: 170px; width: 34px; height: 27px\">fail</a></li>"); + out.println(" <li><a href=\"/tag/погода\" style=\"left: 670px; top: 126px; width: 24px; height: 93px\">погода</a></li>"); + out.println(" <li><a href=\"/tag/apple\" style=\"left: 42px; top: 167px; width: 64px; height: 29px\">apple</a></li>"); + out.println(" <li><a href=\"/tag/jabber\" style=\"left: 436px; top: 43px; width: 25px; height: 75px\">jabber</a></li>"); + out.println(" <li><a href=\"/tag/тян\" style=\"left: 532px; top: 94px; width: 47px; height: 21px\">тян</a></li>"); + out.println(" <li><a href=\"/tag/work\" style=\"left: 359px; top: 55px; width: 58px; height: 23px\">work</a></li>"); + out.println(" <li><a href=\"/tag/Python\" style=\"left: 240px; top: 63px; width: 74px; height: 23px\">Python</a></li>"); + out.println(" <li><a href=\"/tag/Видео\" style=\"left: 266px; top: 232px; width: 76px; height: 20px\">Видео</a></li>"); + out.println(" <li><a href=\"/tag/авто\" style=\"left: 359px; top: 30px; width: 58px; height: 24px\">авто</a></li>"); + out.println(" <li><a href=\"/tag/Anime\" style=\"left: 360px; top: 328px; width: 66px; height: 21px\">Anime</a></li>"); + out.println(" <li><a href=\"/tag/игры\" style=\"left: 378px; top: 242px; width: 22px; height: 58px\">игры</a></li>"); + out.println(" <li><a href=\"/tag/вело\" style=\"left: 176px; top: 9px; width: 18px; height: 54px\">вело</a></li>"); + out.println(" <li><a href=\"/tag/web\" style=\"left: 661px; top: 219px; width: 22px; height: 47px\">web</a></li>"); + out.println(" <li><a href=\"/tag/YouTube\" style=\"left: 498px; top: 316px; width: 81px; height: 24px\">YouTube</a></li>"); + out.println(" <li><a href=\"/tag/Вопрос\" style=\"left: 208px; top: 18px; width: 22px; height: 72px\">Вопрос</a></li>"); + out.println(" <li><a href=\"/tag/железо\" style=\"left: 159px; top: 318px; width: 75px; height: 16px\">железо</a></li>"); + out.println(" <li><a href=\"/tag/Microsoft\" style=\"left: 20px; top: 146px; width: 86px; height: 21px\">Microsoft</a></li>"); + out.println(" <li><a href=\"/tag/video\" style=\"left: 616px; top: 101px; width: 51px; height: 19px\">video</a></li>"); + out.println(" <li><a href=\"/tag/Россия\" style=\"left: 32px; top: 242px; width: 68px; height: 16px\">Россия</a></li>"); + out.println(" <li><a href=\"/tag/java\" style=\"left: 409px; top: 226px; width: 39px; height: 22px\">java</a></li>"); + out.println(" <li><a href=\"/tag/новости\" style=\"left: 39px; top: 67px; width: 21px; height: 79px\">новости</a></li>"); + out.println(" <li><a href=\"/tag/интернет\" style=\"left: 100px; top: 233px; width: 17px; height: 85px\">интернет</a></li>"); + out.println(" <li><a href=\"/tag/steam\" style=\"left: 14px; top: 228px; width: 52px; height: 13px\">steam</a></li>"); + out.println(" <li><a href=\"/tag/слова\" style=\"left: 501px; top: 272px; width: 51px; height: 18px\">слова</a></li>"); + out.println(" <li><a href=\"/tag/почта\" style=\"left: 477px; top: 27px; width: 17px; height: 56px\">почта</a></li>"); + out.println(" <li><a href=\"/tag/help\" style=\"left: 123px; top: 281px; width: 21px; height: 35px\">help</a></li>"); + out.println(" <li><a href=\"/tag/skype\" style=\"left: 110px; top: 320px; width: 49px; height: 20px\">skype</a></li>"); + out.println(" <li><a href=\"/tag/debian\" style=\"left: 461px; top: 47px; width: 16px; height: 51px\">debian</a></li>"); + out.println(" <li><a href=\"/tag/win\" style=\"left: 505px; top: 104px; width: 27px; height: 16px\">win</a></li>"); + out.println(" <li><a href=\"/tag/Религия\" style=\"left: 33px; top: 281px; width: 67px; height: 17px\">Религия</a></li>"); + out.println(" <li><a href=\"/tag/soft\" style=\"left: 286px; top: 86px; width: 28px; height: 14px\">soft</a></li>"); + out.println(" <li><a href=\"/tag/Политика\" style=\"left: 144px; top: 281px; width: 75px; height: 12px\">Политика</a></li>"); + out.println(" <li><a href=\"/tag/сны\" style=\"left: 426px; top: 328px; width: 33px; height: 13px\">сны</a></li>"); + out.println(" <li><a href=\"/tag/Питер\" style=\"left: 146px; top: 233px; width: 50px; height: 16px\">Питер</a></li>"); + out.println(" <li><a href=\"/tag/bash\" style=\"left: 451px; top: 311px; width: 38px; height: 16px\">bash</a></li>"); + out.println(" <li><a href=\"/tag/code\" style=\"left: 279px; top: 310px; width: 39px; height: 16px\">code</a></li>"); + out.println(" <li><a href=\"/tag/yandex\" style=\"left: 19px; top: 263px; width: 56px; height: 18px\">yandex</a></li>"); + out.println(" <li><a href=\"/tag/firefox\" style=\"left: 452px; top: 295px; width: 48px; height: 16px\">firefox</a></li>"); + out.println(" <li><a href=\"/tag/hardware\" style=\"left: 230px; top: 40px; width: 67px; height: 18px\">hardware</a></li>"); + out.println(" <li><a href=\"/tag/git\" style=\"left: 78px; top: 258px; width: 20px; height: 19px\">git</a></li>"); + out.println(" <li><a href=\"/tag/dev\" style=\"left: 165px; top: 88px; width: 31px; height: 19px\">dev</a></li>"); + out.println(" <li><a href=\"/tag/mobile\" style=\"left: 421px; top: 24px; width: 15px; height: 47px\">mobile</a></li>"); + out.println(" <li><a href=\"/tag/люди\" style=\"left: 151px; top: 184px; width: 43px; height: 15px\">люди</a></li>"); + out.println(" <li><a href=\"/tag/php\" style=\"left: 149px; top: 24px; width: 27px; height: 18px\">php</a></li>"); + out.println(" <li><a href=\"/tag/haskell\" style=\"left: 271px; top: 293px; width: 48px; height: 16px\">haskell</a></li>"); + out.println(" <li><a href=\"/tag/стихи\" style=\"left: 135px; top: 42px; width: 41px; height: 11px\">стихи</a></li>"); + out.println(" <li><a href=\"/tag/photo\" style=\"left: 639px; top: 219px; width: 20px; height: 39px\">photo</a></li>"); + out.println(" <li><a href=\"/tag/чай\" style=\"left: 448px; top: 220px; width: 27px; height: 14px\">чай</a></li>"); + out.println(" <li><a href=\"/tag/Опрос\" style=\"left: 297px; top: 22px; width: 14px; height: 41px\">Опрос</a></li>"); + out.println(" <li><a href=\"/tag/Chrome\" style=\"left: 311px; top: 25px; width: 48px; height: 17px\">Chrome</a></li>"); + out.println(" <li><a href=\"/tag/life\" style=\"left: 255px; top: 311px; width: 23px; height: 16px\">life</a></li>"); + out.println(" <li><a href=\"/tag/opera\" style=\"left: 226px; top: 232px; width: 38px; height: 14px\">opera</a></li>"); + out.println(" <li><a href=\"/tag/programming\" style=\"left: 234px; top: 327px; width: 81px; height: 14px\">programming</a></li>"); + out.println(" <li><a href=\"/tag/дети\" style=\"left: 15px; top: 197px; width: 31px; height: 13px\">дети</a></li>"); + out.println(" <li><a href=\"/tag/сериалы\" style=\"left: 575px; top: 219px; width: 61px; height: 13px\">сериалы</a></li>"); + out.println(" <li><a href=\"/tag/учеба\" style=\"left: 616px; top: 84px; width: 43px; height: 17px\">учеба</a></li>"); + out.println("</ul>"); + + out.println("<div id=\"bottom1\">juick.com © 2008-2014 <a href=\"/help/ru/contacts\" rel=\"nofollow\">Контакты</a> · <a href=\"/help/\" rel=\"nofollow\">Помощь</a></div>"); + + out.println("<div id=\"signup\">"); + out.println(" Зарегистрироваться:"); + out.println(" <div id=\"facebook\"><a href=\"/_fblogin\" rel=\"nofollow\">Facebook</a></div>"); + out.println(" <div id=\"vk\"><a href=\"/_vklogin\" rel=\"nofollow\">ВКонтакте</a></div>"); + out.println(" <div id=\"xmpp\"><a href=\"#\" onclick=\"$('#xmppinfo').toggle(); return false\">XMPP</a>"); + out.println(" <div id=\"xmppinfo\">Отправьте <b>LOGIN</b> на <a href=\"xmpp:juick@juick.com?message;body=LOGIN\">juick@juick.com</a></div>"); + out.println(" </div>"); + out.println("</div>"); + out.println("<div id=\"signin\"><a href=\"#\" onclick=\"$('#signinform').toggle(); $('#nickinput').focus(); return false\">Уже зарегистрированы?</a>"); + out.println("<div id=\"signinform\"><form action=\"/login\" method=\"POST\">"); + out.println("<input class=\"txt\" type=\"text\" name=\"username\" placeholder=\"Имя пользователя\" id=\"nickinput\"/>"); + out.println("<input class=\"txt\" type=\"password\" name=\"password\" placeholder=\"Пароль\"/>"); + out.println("<input class=\"submit\" type=\"submit\" value=\"OK\"/>"); + out.println("</form></div>"); + out.println("</div>"); + + out.println("</body>"); + out.println("</html>"); + } + } + + protected void doGetLogin(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + String hash = request.getQueryString(); + if (hash.length() > 32) { + response.sendError(400); + return; + } + + if (com.juick.server.UserQueries.getUIDbyHash(sql, hash) > 0) { + Cookie c = new Cookie("hash", hash); + c.setMaxAge(365 * 24 * 60 * 60); + response.addCookie(c); + response.sendRedirect("/"); + } else { + response.sendError(403); + } + } + + protected void doPostLogin(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + String username = request.getParameter("username"); + String password = request.getParameter("password"); + if (username == null || password == null || username.length() > 32 || password.isEmpty()) { + response.sendError(400); + return; + } + + int uid = com.juick.server.UserQueries.checkPassword(sql, username, password); + if (uid > 0) { + String hash = com.juick.server.UserQueries.getHashByUID(sql, uid); + Cookie c = new Cookie("hash", hash); + c.setMaxAge(365 * 24 * 60 * 60); + response.addCookie(c); + + String referer = request.getHeader("Referer"); + if (referer != null && referer.startsWith("http://juick.com/") && !referer.equals("http://juick.com/login")) { + response.sendRedirect(referer); + } else { + response.sendRedirect("/"); + } + } else { + response.sendError(403); + } + } + + protected void doGetLogout(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + if (visitor != null) { + sql.update("DELETE FROM logins WHERE user_id=?", visitor.getUID()); + } + + Cookie c = new Cookie("hash", "-"); + c.setDomain(".juick.com"); + c.setMaxAge(0); + response.addCookie(c); + + Cookie c2 = new Cookie("hash", "-"); + c2.setMaxAge(0); + response.addCookie(c2); + + response.sendRedirect("/"); + } +} diff --git a/src/main/java/com/juick/http/www/Main.java b/src/main/java/com/juick/http/www/Main.java new file mode 100644 index 00000000..63bf1c1f --- /dev/null +++ b/src/main/java/com/juick/http/www/Main.java @@ -0,0 +1,310 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.http.www; + +import com.juick.server.UserQueries; +import com.juick.xmpp.JID; +import com.juick.xmpp.Stream; +import com.juick.xmpp.StreamComponent; +import org.springframework.jdbc.core.JdbcTemplate; +import org.springframework.jdbc.datasource.DriverManagerDataSource; +import ru.sape.Sape; + +import javax.servlet.ServletException; +import javax.servlet.annotation.MultipartConfig; +import javax.servlet.annotation.WebServlet; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.net.Socket; +import java.net.URLEncoder; +import java.util.Properties; + +/** + * + * @author Ugnich Anton + */ +@WebServlet(name = "Main", urlPatterns = {"/"}) +@MultipartConfig(fileSizeThreshold = 1024 * 1024, maxRequestSize = 1024 * 1024 * 10) +public class Main extends HttpServlet implements Stream.StreamListener { + + JdbcTemplate sql; + JdbcTemplate sqlSearch; + String sqlSearchConnStr = "jdbc:mysql://127.0.0.1:9306?autoReconnect=true&useUnicode=yes&characterEncoding=utf8&maxAllowedPacket=512000"; + Stream xmpp; + Home home = new Home(); + Discover discover = new Discover(); + PM pm = new PM(); + Login login = new Login(); + Help help = new Help(); + User pagesUser = new User(); + UserThread pagesUserThread = new UserThread(); + NewMessage pagesNewMessage = new NewMessage(); + FacebookLogin loginFacebook = new FacebookLogin(); + VKontakteLogin loginVK = new VKontakteLogin(); + TwitterAuth twitterAuth; + SignUp signup = new SignUp(); + Settings settings = new Settings(); + RSS rss = new RSS(); + + @Override + public void init() throws ServletException { + + super.init(); + try { + Properties conf = new Properties(); + conf.load(getServletContext().getResourceAsStream("/WEB-INF/juick.conf")); + + DriverManagerDataSource dataSource = new DriverManagerDataSource(); + dataSource.setDriverClassName(conf.getProperty("datasource_driver", "com.mysql.jdbc.Driver")); + dataSource.setUrl(conf.getProperty("datasource_url")); + DriverManagerDataSource dataSourceSearch = new DriverManagerDataSource(); + dataSourceSearch.setDriverClassName(conf.getProperty("datasource_driver", "com.mysql.jdbc.Driver")); + dataSourceSearch.setUrl(sqlSearchConnStr); + sql = new JdbcTemplate(dataSource); + sqlSearch = new JdbcTemplate(dataSourceSearch); + + setupXmppComponent(conf.getProperty("xmpp_password")); + twitterAuth = new TwitterAuth(conf.getProperty("twitter_consumer_key"), + conf.getProperty("twitter_consumer_secret")); + PageTemplates.sape = new Sape(conf.getProperty("sape_user"), "juick.com", 2000, 3600); + } catch (Exception e) { + log(null, e); + } + } + + public void setupXmppComponent(final String password) { + Thread thr = new Thread(() -> { + try { + Socket socket = new Socket("localhost", 5347); + xmpp = new StreamComponent(new JID("", "www.juick.com", ""), socket.getInputStream(), socket.getOutputStream(), password); + xmpp.addListener(Main.this); + xmpp.startParsing(); + } catch (IOException e) { + log("xmpp exception", e); + } + }); + thr.start(); + } + + @Override + public void onStreamFail(Exception e) {log("XMPP STREAM FAIL:" + e);} + + @Override + public void onStreamReady() { + log("XMPP STREAM READY"); + } + + + /** + * Handles the HTTP <code>GET</code> method. + * @param request servlet request + * @param response servlet response + * @throws ServletException if a servlet-specific error occurs + * @throws IOException if an I/O error occurs + */ + @Override + protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + if (request.getCharacterEncoding() == null) { + request.setCharacterEncoding("UTF-8"); + } + String uri = request.getRequestURI(); + + if (uri.equals("/")) { + String tag = request.getParameter("tag"); + if (tag != null) { + Utils.sendPermanentRedirect(response, "/tag/" + URLEncoder.encode(tag, "UTF-8")); + } else { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + home.doGet(sql, sqlSearch, request, response, visitor); + } + } else if (uri.equals("/post")) { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + if (visitor != null) { + pagesNewMessage.doGetNewMessage(sql, request, response, visitor); + } else { + Utils.sendTemporaryRedirect(response, "/login"); + } + } else if (uri.equals("/login")) { + if (request.getQueryString() == null) { + login.doGetLoginForm(sql, request, response); + } else { + login.doGetLogin(sql, request, response); + } + } else if (uri.startsWith("/pm/")) { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + if (visitor == null) { + Utils.sendTemporaryRedirect(response, "/login"); + } else { + switch (uri) { + case "/pm/inbox": + pm.doGetInbox(sql, request, response, visitor); + break; + case "/pm/sent": + pm.doGetSent(sql, request, response, visitor); + break; + default: + Errors.doGet404(sql, request, response); + break; + } + } + } else if (uri.startsWith("/rss/")) { + String uname = uri.substring(5); + int uid = UserQueries.getUIDbyName(sql, uname); + if (uid > 0) { + rss.doGet(sql, request, response, uid, uname); + } else { + response.sendError(404); + } + } else if (uri.equals("/logout")) { + login.doGetLogout(sql, request, response); + } else if (uri.equals("/settings")) { + settings.doGet(sql, request, response); + } else if (uri.equals("/_fblogin")) { + loginFacebook.doGet(sql, request, response); + } else if (uri.equals("/_vklogin")) { + loginVK.doGet(sql, request, response); + } else if (uri.startsWith("/_twitter")) { + twitterAuth.doGet(sql, request, response); + } else if (uri.equals("/signup")) { + signup.doGet(sql, request, response); + } else if (uri.equals("/help") || uri.equals("/help/")) { + help.doRedirectToHelpIndex(sql, request, response); + } else if (uri.startsWith("/help/")) { + help.doGetHelp(sql, request, response); + } else if (uri.startsWith("/tag/")) { + discover.doGet(sql, sqlSearch, request, response); + } else if (uri.matches("^/\\d+$")) { + String strID = request.getRequestURI().substring(1); + int mid = 0; + try { + mid = Integer.parseInt(strID); + } catch (NumberFormatException e) { + } + if (mid > 0) { + com.juick.User author = com.juick.server.MessagesQueries.getMessageAuthor(sql, mid); + if (author != null) { + Utils.sendPermanentRedirect(response, "/" + author.getUName() + "/" + mid); + return; + } + } + Errors.doGet404(sql, request, response); + } else if (uri.matches("^/[^/]+$")) { + com.juick.User user = com.juick.server.UserQueries.getUserByName(sql, request.getRequestURI().substring(1)); + if (user != null) { + Utils.sendPermanentRedirect(response, "/" + user.getUName() + "/"); + } else { + Errors.doGet404(sql, request, response); + } + } else if (uri.matches("^/.+/.*")) { + String uriparts[] = uri.split("/"); + com.juick.User user = com.juick.server.UserQueries.getUserByName(sql, uriparts[1]); + if (user != null && user.getUName().equals(uriparts[1]) && !user.Banned) { + if (uriparts.length == 2) { // http://juick.com/username/ + pagesUser.doGetBlog(sql, sqlSearch, request, response, user); + } else if (uriparts[2].equals("tags")) { + pagesUser.doGetTags(sql, request, response, user); + } else if (uriparts[2].equals("friends")) { + pagesUser.doGetFriends(sql, request, response, user); + } else if (uriparts[2].equals("readers")) { + pagesUser.doGetReaders(sql, request, response, user); + } else { + int mid = 0; + try { + mid = Integer.parseInt(uriparts[2]); + } catch (NumberFormatException e) { + } + if (mid > 0) { + com.juick.User author = com.juick.server.MessagesQueries.getMessageAuthor(sql, mid); + if (author != null) { + if (!author.getUName().equals(user.getUName())) { + Utils.sendPermanentRedirect(response, "/" + author.getUName() + "/" + mid); + } else { + pagesUserThread.doGetThread(sql, request, response, mid); + } + } else { + Errors.doGet404(sql, request, response); + } + } else { + Errors.doGet404(sql, request, response); + } + } + } else if (user != null && !user.Banned) { + Utils.sendPermanentRedirect(response, "/" + user.getUName() + "/" + (uriparts.length > 2 ? uriparts[2] : "")); + } else { + Errors.doGet404(sql, request, response); + } + } else { + Errors.doGet404(sql, request, response); + } + } + + /** + * Handles the HTTP <code>POST</code> method. + * @param request servlet request + * @param response servlet response + * @throws ServletException if a servlet-specific error occurs + * @throws IOException if an I/O error occurs + */ + @Override + protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + if (request.getCharacterEncoding() == null) { + request.setCharacterEncoding("UTF-8"); + } + + String uri = request.getRequestURI(); + if (uri.equals("/post")) { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + if (visitor != null && !visitor.Banned) { + pagesNewMessage.doPostMessage(sql, request, response, xmpp, visitor); + } else { + response.sendError(403); + } + } else if (uri.equals("/comment")) { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + if (visitor != null && !visitor.Banned) { + pagesNewMessage.doPostComment(sql, request, response, xmpp, visitor); + } else { + response.sendError(403); + } + } else if (uri.equals("/like")) { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + if (visitor != null && !visitor.Banned) { + pagesNewMessage.doPostRecomm(sql, request, response, xmpp, visitor); + } else { + response.sendError(403); + } + } else if (uri.equals("/pm/send")) { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + if (visitor != null && !visitor.Banned) { + pm.doPostPM(sql, request, response, xmpp, visitor); + } else { + response.sendError(403); + } + } else if (uri.equals("/login")) { + login.doPostLogin(sql, request, response); + } else if (uri.equals("/signup")) { + signup.doPost(sql, request, response); + } else if (uri.equals("/settings")) { + settings.doPost(sql, request, response); + } else { + response.sendError(405); + } + } +} diff --git a/src/main/java/com/juick/http/www/NewMessage.java b/src/main/java/com/juick/http/www/NewMessage.java new file mode 100644 index 00000000..642bd794 --- /dev/null +++ b/src/main/java/com/juick/http/www/NewMessage.java @@ -0,0 +1,413 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.http.www; + +import com.juick.Tag; +import com.juick.server.*; +import com.juick.xmpp.JID; +import com.juick.xmpp.Message; +import com.juick.xmpp.Stream; +import com.juick.xmpp.extensions.JuickMessage; +import com.juick.xmpp.extensions.JuickUser; +import com.juick.xmpp.extensions.Nickname; +import com.juick.xmpp.extensions.XOOB; +import org.springframework.jdbc.core.JdbcTemplate; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.io.PrintWriter; +import java.io.UnsupportedEncodingException; +import java.net.URL; +import java.net.URLEncoder; +import java.util.ArrayList; +import java.util.List; + +/** + * + * @author Ugnich Anton + */ +public class NewMessage { + + protected void doGetNewMessage(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response, com.juick.User visitor) throws ServletException, IOException { + response.setContentType("text/html; charset=UTF-8"); + try (PrintWriter out = response.getWriter()) { + PageTemplates.pageHead(out, "Написать", "<script src=\"//maps.google.com/maps?file=api&v=2&sensor=false&key=ABQIAAAAVVtPtxkw4soCEHg44FsNChRB4OFYjAXt73He16Zkp6a_0tPs2RTU6i6UlcMs4QvPBYvIY8rWvcxqOg\" type=\"text/javascript\"></script>" + + "<script src=\"//static.juick.com/mc.js\" type=\"text/javascript\" defer=\"defer\"></script>" + + "<script src=\"//static.juick.com/maps.js?2010111500\" type=\"text/javascript\" defer=\"defer\"></script>" + + "<script src=\"//static.juick.com/post3.js\" type=\"text/javascript\" defer=\"defer\"></script>"); + PageTemplates.pageNavigation(out, visitor, null); + + out.println("<section id=\"content\" class=\"pagetext\">"); + out.println("<form action=\"/post2\" method=\"post\" id=\"postmsg\" enctype=\"multipart/form-data\">"); + out.println("<p style=\"text-align: left\"><b>Место: <span id=\"location\"></span></b> <span id=\"locationclear\">— <a href=\"#\" onclick=\"clearLocation()\">Отменить</a></span></p>"); + out.println("<p style=\"text-align: left\"><b>Фото:</b> <span id=\"attachmentfile\"><input type=\"file\" name=\"attach\"/> <i>(JPG, PNG, до 10Мб)</i></span></p>"); + + String body = request.getParameter("body"); + if (body == null) { + body = ""; + } else { + if (body.length() > 4096) { + body = body.substring(0, 4096); + } + body = Utils.encodeHTML(body); + } + out.println("<p><textarea name=\"body\" class=\"newmessage\" rows=\"7\" cols=\"10\">" + body + "</textarea><br/>"); + + out.println("<input type=\"hidden\" name=\"place_id\"/>" + "" + "<input type=\"submit\" class=\"subm\" value=\" Отправить \"/></p>"); + out.println("</form>"); + out.println("<div id=\"geomap\"></div>"); + out.println("<p style=\"text-align: left\"><b>Теги:</b></p>"); + printUserTags(sql, out, visitor); + out.println("</section>"); + + PageTemplates.pageFooter(request, out, visitor, false); + PageTemplates.pageEnd(out); + } + } + + void printUserTags(JdbcTemplate sql, PrintWriter out, com.juick.User visitor) { + List<Tag> tags = TagQueries.getUserTagsAll(sql, visitor.getUID()); + + if (tags.isEmpty()) { + return; + } + + int min = tags.get(0).UsageCnt; + int max = tags.get(0).UsageCnt; + for (int i = 1; i < tags.size(); i++) { + int usagecnt = tags.get(i).UsageCnt; + if (usagecnt < min) { + min = usagecnt; + } + if (usagecnt > max) { + max = usagecnt; + } + } + max -= min; + + out.print("<p style=\"text-align: justify\">"); + for (int i = 0; i < tags.size(); i++) { + if (i > 0) { + out.print(" "); + } + String taglink = ""; + try { + taglink = "<a onclick=\"return addTag('" + Utils.encodeHTML(tags.get(i).Name) + "')\" href=\"/" + visitor.getUName() + "/?tag=" + URLEncoder.encode(tags.get(i).Name, "utf-8") + "\" title=\"" + tags.get(i).UsageCnt + "\">" + Utils.encodeHTML(tags.get(i).Name) + "</a>"; + } catch (UnsupportedEncodingException e) { + } + int usagecnt = tags.get(i).UsageCnt; + if (usagecnt <= max / 5 + min) { + out.print("<span style=\"font-size: small\">" + taglink + "</span>"); + } else if (usagecnt <= max / 5 * 2 + min) { + out.print(taglink); + } else if (usagecnt <= max / 5 * 3 + min) { + out.print("<span style=\"font-size: large\">" + taglink + "</span>"); + } else if (usagecnt <= max / 5 * 4 + min) { + out.print("<span style=\"font-size: x-large\">" + taglink + "</span>"); + } else { + out.print("<span style=\"font-size: xx-large\">" + taglink + "</span>"); + } + } + out.println("</p>"); + } + + public void doPostMessage(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response, Stream xmpp, com.juick.User visitor) throws ServletException, IOException { + String body = request.getParameter("body"); + if (body == null || body.length() < 1 || body.length() > 4096) { + response.sendError(400); + return; + } + body = body.replace("\r", ""); + + String tagsStr = request.getParameter("tags"); + List<com.juick.Tag> tags = new ArrayList<Tag>(); + String tagsArr[] = new String[1]; + if (tagsStr != null && !tagsStr.isEmpty()) { + tagsArr = tagsStr.split("[ \\,]"); + for (int i = 0; i < tagsArr.length; i++) { + if (tagsArr[i].startsWith("*")) { + tagsArr[i] = tagsArr[i].substring(1); + } + if (tagsArr[i].length() > 64) { + tagsArr[i] = tagsArr[i].substring(0, 64); + } + } + tags = TagQueries.getTags(sql, tagsArr, true); + while (tags.size() > 5) { + tags.remove(5); + } + } + + String attachmentFName = null; + try { + attachmentFName = Utils.receiveMultiPartFile(request, "attach"); + } catch (Exception e) { + System.out.println("MULTIPART ERROR: " + e.toString()); + response.sendError(400); + return; + } + + String paramImg = request.getParameter("img"); + if (attachmentFName == null && paramImg != null && paramImg.length() > 10 ) { + try { + URL imgUrl = new URL(paramImg); + attachmentFName = Utils.downloadImage(imgUrl); + } catch (Exception e) { + System.out.println("DOWNLOAD ERROR: " + e.toString()); + response.sendError(500); + return; + } + } + + String attachmentType = attachmentFName != null ? attachmentFName.substring(attachmentFName.length() - 3) : null; + int mid = MessagesQueries.createMessage(sql, visitor.getUID(), body, attachmentType, tags); + SubscriptionsQueries.subscribeMessage(sql, mid, visitor.getUID()); + + Message xmsg = new Message(); + xmsg.from = new JID("juick", "juick.com", null); + xmsg.type = Message.Type.chat; + xmsg.thread = "juick-" + mid; + + JuickMessage jmsg = new JuickMessage(MessagesQueries.getMessage(sql, mid)); + xmsg.addChild(jmsg); + + Nickname nick = new Nickname(); + nick.Nickname = "@" + jmsg.getUser().getUName(); + xmsg.addChild(nick); + + if (attachmentFName != null) { + String fname = mid + "." + attachmentType; + String attachmentURL = "http://i.juick.com/photos-1024/" + fname; + + Runtime.getRuntime().exec("/var/www/juick.com/cgi/p-convert.sh /var/www/juick.com/i/tmp/" + attachmentFName + " " + fname); + + body = attachmentURL + "\n" + body; + XOOB xoob = new XOOB(); + xoob.URL = attachmentURL; + xmsg.addChild(xoob); + } + + String tagsStr2 = ""; + for (String tag : tagsArr) { + tagsStr2 += " *" + tag; + } + xmsg.body = "@" + jmsg.getUser().getUName() + ":" + tagsStr2 + "\n" + body + "\n\n#" + mid + " http://juick.com/" + mid; + + xmsg.to = new JID("juick", "s2s.juick.com", null); + xmpp.send(xmsg); + + xmsg.to.Host = "ws.juick.com"; + xmpp.send(xmsg); + + xmsg.to.Host = "push.juick.com"; + xmpp.send(xmsg); + + xmsg.to.Host = "crosspost.juick.com"; + xmsg.to.Username = "twitter"; + xmpp.send(xmsg); + xmsg.to.Username = "fb"; + xmpp.send(xmsg); + + xmsg.to.Host = "nologin.ru"; + xmsg.to.Username = "jubo"; + xmpp.send(xmsg); + + // + + response.setContentType("text/html; charset=UTF-8"); + try (PrintWriter out = response.getWriter()) { + PageTemplates.pageHead(out, "Сообщение опубликовано", null); + PageTemplates.pageNavigation(out, visitor, null); + PageTemplates.pageHomeColumn(out, sql, visitor); + + String hashtags = ""; + String tagscomma = ""; + for (int i = 0; i < tagsArr.length; i++) { + if (i > 0) { + hashtags += " "; + tagscomma += ","; + } + hashtags += "#" + tagsArr[i]; + tagscomma += tagsArr[i]; + } + + String url = URLEncoder.encode("http://juick.com/" + mid, "utf-8"); + String sharetwi = hashtags + " " + body; + if (sharetwi.length() > 115) { + sharetwi = sharetwi.substring(0, 114) + "…"; + } + sharetwi += " http://juick.com/" + mid; + String sharelj = URLEncoder.encode(body + "\n", "utf-8") + url; + + out.println("<section id=\"content\">"); + out.println("<h1>Сообщение опубликовано</h1>"); + out.println("<p>Поделитесь своим новым постом в социальных сетях:</p>"); + if (CrosspostQueries.getTwitterTokens(sql, visitor.getUID()).isPresent()) { + out.println("<p><a href=\"https://twitter.com/intent/tweet?text=" + URLEncoder.encode(sharetwi, "utf-8") + "\" onclick=\"return openSocialWindow(this)\" class=\"ico32-twi sharenew\">Отправить в Twitter</a></p>"); + } + out.println("<p><a href=\"http://www.livejournal.com/update.bml?subject=" + URLEncoder.encode(hashtags, "utf-8") + "&event=" + sharelj + "&prop_taglist=" + URLEncoder.encode(tagscomma, "utf-8") + "\" target=\"_blank\" class=\"ico32-lj sharenew\">Отправить в LiveJournal</a></p>"); + out.println("<p><a href=\"https://vk.com/share.php?url=" + url + "\" onclick=\"return openSocialWindow(this)\" class=\"ico32-vk sharenew\">Отправить в ВКонтакте</a></p>"); + if (CrosspostQueries.getFacebookToken(sql, visitor.getUID()).isPresent()) { + out.println("<p><a href=\"https://www.facebook.com/sharer/sharer.php?u=" + url + "\" onclick=\"return openSocialWindow(this)\" class=\"ico32-fb sharenew\">Отправить в Facebook</a></p>"); + } + out.println("<p><a href=\"https://plus.google.com/share?url=" + url + "\" onclick=\"return openSocialWindow(this)\" class=\"ico32-gp sharenew\">Отправить в Google+</a></p>"); + out.println("<p>Ссылка на сообщение: <a href=\"http://juick.com/" + mid + "\">http://juick.com/" + mid + "</a></p>"); + out.println("</section>"); + + PageTemplates.pageFooter(request, out, visitor, false); + PageTemplates.pageEnd(out); + } + } + + public void doPostComment(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response, Stream xmpp, com.juick.User visitor) throws ServletException, IOException { + int mid = Utils.parseInt(request.getParameter("mid"), 0); + if (mid == 0) { + response.sendError(400); + return; + } + com.juick.Message msg = MessagesQueries.getMessage(sql, mid); + if (msg == null) { + response.sendError(404); + return; + } + + int rid = Utils.parseInt(request.getParameter("rid"), 0); + com.juick.Message reply = null; + if (rid > 0) { + reply = MessagesQueries.getReply(sql, mid, rid); + if (reply == null) { + response.sendError(404); + return; + } + } + + String body = request.getParameter("body"); + if (body == null || body.length() < 1 || body.length() > 4096) { + response.sendError(400); + return; + } + body = body.replace("\r", ""); + + if ((msg.ReadOnly && msg.getUser().getUID() != visitor.getUID()) || UserQueries.isInBLAny(sql, msg.getUser().getUID(), visitor.getUID()) || (reply != null && UserQueries.isInBLAny(sql, reply.getUser().getUID(), visitor.getUID()))) { + response.sendError(403); + return; + } + + String attachmentFName = null; + try { + attachmentFName = Utils.receiveMultiPartFile(request, "attach"); + } catch (Exception e) { + System.out.println("MULTIPART ERROR: " + e.toString()); + response.sendError(400); + return; + } + + String paramImg = request.getParameter("img"); + if (attachmentFName == null && paramImg != null && paramImg.length() > 10) { + try { + attachmentFName = Utils.downloadImage(new URL(paramImg)); + } catch (Exception e) { + System.out.println("DOWNLOAD ERROR: " + e.toString()); + response.sendError(500); + return; + } + } + + String attachmentType = attachmentFName != null ? attachmentFName.substring(attachmentFName.length() - 3) : null; + int ridnew = MessagesQueries.createReply(sql, mid, rid, visitor.getUID(), body, attachmentType); + SubscriptionsQueries.subscribeMessage(sql, mid, visitor.getUID()); + + Message xmsg = new Message(); + xmsg.from = new JID("juick", "juick.com", null); + xmsg.type = Message.Type.chat; + xmsg.thread = "juick-" + mid; + + JuickMessage jmsg = new JuickMessage(MessagesQueries.getReply(sql, mid, ridnew)); + xmsg.addChild(jmsg); + + String quote = reply != null ? reply.getText() : msg.getText(); + if (quote.length() >= 50) { + quote = quote.substring(0, 47) + "..."; + } + + Nickname nick = new Nickname(); + nick.Nickname = "@" + jmsg.getUser().getUName(); + xmsg.addChild(nick); + + if (attachmentFName != null) { + String fname = mid + "-" + ridnew + "." + attachmentType; + String attachmentURL = "http://i.juick.com/photos-1024/" + fname; + + Runtime.getRuntime().exec("/var/www/juick.com/cgi/p-convert.sh /var/www/juick.com/i/tmp/" + attachmentFName + " " + fname); + + body = attachmentURL + "\n" + body; + XOOB xoob = new XOOB(); + xoob.URL = attachmentURL; + xmsg.addChild(xoob); + } + + xmsg.body = "Reply by @" + jmsg.getUser().getUName() + ":\n>" + quote + "\n" + body + "\n\n#" + mid + "/" + ridnew + " http://juick.com/" + mid + "#" + ridnew; + + xmsg.to = new JID("juick", "s2s.juick.com", null); + xmpp.send(xmsg); + + xmsg.to.Host = "ws.juick.com"; + xmpp.send(xmsg); + + xmsg.to.Host = "push.juick.com"; + xmpp.send(xmsg); + + Utils.sendTemporaryRedirect(response, "/" + msg.getUser().getUName() + "/" + mid + "#" + ridnew); + } + + public void doPostRecomm(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response, Stream xmpp, com.juick.User visitor) throws ServletException, IOException { + int mid = Utils.parseInt(request.getParameter("mid"), 0); + if (mid == 0) { + response.sendError(400); + return; + } + com.juick.Message msg = MessagesQueries.getMessage(sql, mid); + if (msg == null) { + response.sendError(404); + return; + } + if (msg.getUser().getUID() == visitor.getUID()) { + response.sendError(403); + return; + } + + boolean res = MessagesQueries.recommendMessage(sql, mid, visitor.getUID()); + + if (res) { + Message xmsg = new Message(); + xmsg.from = new JID("juick", "juick.com", null); + xmsg.to = new JID("recomm", "s2s.juick.com", null); + JuickMessage jmsg = new JuickMessage(); + jmsg.setMID(mid); + jmsg.setUser(new JuickUser(visitor)); + xmsg.addChild(jmsg); + xmpp.send(xmsg); + + Utils.replyJSON(request, response, "{\"status\":\"ok\"}"); + } else { + response.sendError(500); + } + } +} diff --git a/src/main/java/com/juick/http/www/PM.java b/src/main/java/com/juick/http/www/PM.java new file mode 100644 index 00000000..932d1baf --- /dev/null +++ b/src/main/java/com/juick/http/www/PM.java @@ -0,0 +1,224 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.http.www; + +import com.juick.server.PMQueries; +import com.juick.server.UserQueries; +import com.juick.xmpp.JID; +import com.juick.xmpp.Message; +import com.juick.xmpp.Stream; +import com.juick.xmpp.extensions.JuickMessage; +import org.springframework.jdbc.core.JdbcTemplate; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.io.PrintWriter; +import java.util.List; + +/** + * + * @author Ugnich Anton + */ +public class PM { + + protected void doGetInbox(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response, com.juick.User visitor) throws ServletException, IOException { + /* + int paramBefore = 0; + String paramBeforeStr = request.getParameter("before"); + if (paramBeforeStr != null) { + try { + paramBefore = Integer.parseInt(paramBeforeStr); + } catch (NumberFormatException e) { + } + } + */ + + String title = "PM: Inbox"; + List<com.juick.Message> msgs = PMQueries.getLastPMInbox(sql, visitor.getUID()); + + response.setContentType("text/html; charset=UTF-8"); + try (PrintWriter out = response.getWriter()) { + PageTemplates.pageHead(out, title, null); + PageTemplates.pageNavigation(out, visitor, null); + PageTemplates.pageHomeColumn(out, sql, visitor); + + out.println("<section id=\"content\">"); + + if (!msgs.isEmpty()) { + out.println("<ul>"); + for (com.juick.Message msg : msgs) { + + String txt = PageTemplates.formatMessage(msg.getText()); + + out.println(" <li class=\"msg\">"); + out.println(" <div class=\"msg-avatar\"><a href=\"/" + msg.getUser().getUName() + "/\"><img src=\"//i.juick.com/a/" + msg.getUser().getUID() + ".png\" alt=\"" + msg.getUser().getUName() + "\"/></a></div>"); + out.println(" <div class=\"msg-cont\">"); + out.println(" <div class=\"msg-header\"><a href=\"/" + msg.getUser().getUName() + "/\">@" + msg.getUser().getUName() + "</a>:</div>"); + out.println(" <div class=\"msg-ts\"><a href=\"#\" onclick=\"return false\" title=\"" + PageTemplates.sdfSQL.format(msg.getDate()) + " GMT\">" + PageTemplates.formatDate(msg.TimeAgo, msg.getDate()) + "</a></div>"); + out.println(" <div class=\"msg-txt\">" + txt + "</div>"); + + out.println(" <form action=\"/pm/send\" method=\"POST\" enctype=\"multipart/form-data\"><input type=\"hidden\" name=\"uname\" value=\"" + msg.getUser().getUName() + "\"/>"); + out.println(" <div class=\"msg-comment\"><div class=\"ta-wrapper\"><textarea name=\"body\" rows=\"1\" class=\"replypm\" placeholder=\"Написать ответ\" onkeypress=\"postformListener(this.form,event)\"></textarea></div></div>"); + out.println(" </form>"); + + out.println(" </div>"); + out.println(" </li>"); + } + out.println("</ul>"); + } + + /* + if (msgs.size() >= 20) { + String nextpage = "?before=" + msgs.get(msgs.size() - 1); + out.println("<p class=\"page\"><a href=\"" + nextpage + "\">Читать дальше →</a></p>"); + } + */ + + out.println("</section>"); + + PageTemplates.pageFooter(request, out, visitor, false); + PageTemplates.pageEnd(out); + } + } + + protected void doGetSent(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response, com.juick.User visitor) throws ServletException, IOException { + /* + int paramBefore = 0; + String paramBeforeStr = request.getParameter("before"); + if (paramBeforeStr != null) { + try { + paramBefore = Integer.parseInt(paramBeforeStr); + } catch (NumberFormatException e) { + } + } + */ + + String title = "PM: Sent"; + List<com.juick.Message> msgs = PMQueries.getLastPMSent(sql, visitor.getUID()); + + String uname = request.getParameter("uname"); + if (!UserQueries.checkUserNameValid(uname)) { + uname = ""; + } + + response.setContentType("text/html; charset=UTF-8"); + try (PrintWriter out = response.getWriter()) { + PageTemplates.pageHead(out, title, null); + PageTemplates.pageNavigation(out, visitor, null); + PageTemplates.pageHomeColumn(out, sql, visitor); + + out.println("<section id=\"content\">"); + + out.println("<form action=\"/pm/send\" method=\"POST\" enctype=\"multipart/form-data\">"); + out.println("<div class=\"newpm\">"); + out.println(" <div class=\"newpm-to\">To: <input type=\"text\" name=\"uname\" placeholder=\"username\" value=\"" + uname + "\"/></div>"); + out.println(" <div class=\"newpm-body\"><textarea name=\"body\" rows=\"2\" onkeypress=\"postformListener(this.form,event)\"></textarea></div>"); + out.println(" <div class=\"newpm-send\"><input type=\"submit\" value=\"OK\"/></div>"); + out.println("</div>"); + out.println("</form>"); + + if (!msgs.isEmpty()) { + out.println("<ul>"); + for (com.juick.Message msg : msgs) { + + String txt = PageTemplates.formatMessage(msg.getText()); + + out.println(" <li class=\"msg\">"); + out.println(" <div class=\"msg-avatar\"><img src=\"//i.juick.com/a/" + visitor.getUID() + ".png\"/></div>"); + out.println(" <div class=\"msg-cont\">"); + out.println(" <div class=\"msg-header\">→ <a href=\"/" + msg.getUser().getUName() + "/\">@" + msg.getUser().getUName() + "</a>:</div>"); + out.println(" <div class=\"msg-ts\"><a href=\"#\" onclick=\"return false\" title=\"" + PageTemplates.sdfSQL.format(msg.getDate()) + " GMT\">" + PageTemplates.formatDate(msg.TimeAgo, msg.getDate()) + "</a></div>"); + out.println(" <div class=\"msg-txt\">" + txt + "</div>"); + out.println(" </div>"); + out.println(" </li>"); + } + out.println("</ul>"); + } + + /* + if (msgs.size() >= 20) { + String nextpage = "?before=" + msgs.get(msgs.size() - 1); + out.println("<p class=\"page\"><a href=\"" + nextpage + "\">Читать дальше →</a></p>"); + } + */ + + out.println("</section>"); + + PageTemplates.pageFooter(request, out, visitor, false); + PageTemplates.pageEnd(out); + } + } + + public void doPostPM(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response, Stream xmpp, com.juick.User visitor) throws ServletException, IOException { + String uname = request.getParameter("uname"); + if (uname.startsWith("@")) { + uname = uname.substring(1); + } + int uid = 0; + if (UserQueries.checkUserNameValid(uname)) { + uid = UserQueries.getUIDbyName(sql, uname); + } + + String body = request.getParameter("body"); + if (uid == 0 || body == null || body.length() < 1 || body.length() > 10240) { + response.sendError(400); + return; + } + + if (UserQueries.isInBLAny(sql, uid, visitor.getUID())) { + response.sendError(403); + return; + } + + if (PMQueries.createPM(sql, visitor.getUID(), uid, body)) { + Message msg = new Message(); + msg.from = new JID("juick", "juick.com", null); + msg.to = new JID(Integer.toString(uid), "push.juick.com", null); + JuickMessage jmsg = new JuickMessage(); + jmsg.setUser(visitor); + jmsg.setText(body); + msg.childs.add(jmsg); + xmpp.send(msg); + + msg.to.Host = "ws.juick.com"; + xmpp.send(msg); + + List<String> jids = UserQueries.getJIDsbyUID(sql, uid); + for (String jid : jids) { + Message mm = new Message(); + mm.to = new JID(jid); + mm.type = Message.Type.chat; + if (PMQueries.havePMinRoster(sql, visitor.getUID(), jid)) { + mm.from = new JID(jmsg.getUser().getUName(), "juick.com", "Juick"); + mm.body = body; + } else { + mm.from = new JID("juick", "juick.com", "Juick"); + mm.body = "Private message from @" + jmsg.getUser().getUName() + ":\n" + body; + } + xmpp.send(mm); + } + + Utils.sendTemporaryRedirect(response, "/pm/sent"); + + } else { + response.sendError(500); + } + } +} diff --git a/src/main/java/com/juick/http/www/PageTemplates.java b/src/main/java/com/juick/http/www/PageTemplates.java new file mode 100644 index 00000000..7021ccba --- /dev/null +++ b/src/main/java/com/juick/http/www/PageTemplates.java @@ -0,0 +1,483 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.http.www; + +import com.juick.Message; +import com.juick.Tag; +import com.juick.server.MessagesQueries; +import com.juick.server.TagQueries; +import com.juick.server.UserQueries; +import java.io.PrintWriter; +import java.io.UnsupportedEncodingException; +import java.net.URLEncoder; +import java.sql.Connection; +import java.sql.PreparedStatement; +import java.sql.ResultSet; +import java.sql.SQLException; +import java.text.SimpleDateFormat; +import java.util.ArrayList; +import java.util.Calendar; +import java.util.Date; +import java.util.List; +import java.util.regex.Matcher; +import java.util.regex.Pattern; +import java.util.stream.Collectors; +import javax.servlet.http.HttpServletRequest; + +import org.springframework.jdbc.core.JdbcTemplate; +import org.springframework.util.StringUtils; +import ru.sape.Sape; + +/** + * + * @author Ugnich Anton + */ +public class PageTemplates { + + public static Sape sape = null; + protected static final SimpleDateFormat sdfSQL = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss"); + private static SimpleDateFormat sdfSimple = new SimpleDateFormat("d MMM"); + private static SimpleDateFormat sdfFull = new SimpleDateFormat("d MMM yyyy"); + private static String tagsHTML = null; + + public static void pageHead(PrintWriter out, String title, String headers) { + out.println("<!DOCTYPE html>"); + out.print("<html>"); + out.print("<head>"); + out.println("<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">"); + out.print("<link rel=\"stylesheet\" href=\"/style.css\"/>"); + out.print("<script type=\"text/javascript\" src=\"//cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js\"></script>"); + out.print("<script type=\"text/javascript\" src=\"/scripts.js\"></script>"); + if (headers != null) { + out.print(headers); + } + out.print("<title>" + title + "</title>"); + out.println("<meta name=\"viewport\" content=\"width=device-width,initial-scale=1,user-scalable=no\"/>"); + out.println("<link rel=\"icon\" href=\"//i.juick.com/favicon.png\"/>"); + out.println("<!--[if lt IE 9 & (!IEMobile 7)]>"); + out.println("<script src=\"//cdnjs.cloudflare.com/ajax/libs/html5shiv/3.7.3/html5shiv.min.js\"></script>"); + out.println("<![endif]-->"); + out.println("</head>"); + out.flush(); + out.println("<body>"); + } + + public static void pageNavigation(PrintWriter out, com.juick.User visitor, String search) { + out.println("<header>"); + out.println(" <div id=\"logo\"><a href=\"/\">Juick</a></div>"); + out.print(" <nav id=\"global\"><ul>"); + out.print("<li><a href=\"/\">Популярные</a></li>"); + out.print("<li><a href=\"/?show=all\" rel=\"nofollow\">Все сообщения</a></li>"); + out.print("<li><a href=\"/?show=photos\" rel=\"nofollow\">Фотографии</a></li>"); + out.println("</ul></nav>"); + out.print(" <div id=\"search\"><form action=\"/\"><input type=\"text\" name=\"search\" class=\"text\" placeholder=\"Поиск\""); + if (search != null) { + out.print(" value=\"" + Utils.encodeHTML(search) + "\""); + } + out.println("/></form></div>"); + out.println(" <section id=\"headdiv\">"); + if (visitor != null) { + out.print(" <nav id=\"user\"><ul>"); + out.print("<li><a href=\"/?show=my\">Моя лента</a></li>"); + out.print("<li><a href=\"/pm/inbox\">Приватные</a></li>"); + out.print("<li><a href=\"/?show=discuss\">Обсуждения</a></li>"); + out.print("<li><a href=\"/?show=recommended\">Рекомендации</a></li>"); + out.println("</ul></nav>"); + out.print(" <nav id=\"actions\"><ul>"); + out.print("<li><a href=\"/#post\">Написать</a></li>"); + out.print("<li><a href=\"/" + visitor.getUName() + "\">@" + visitor.getUName() + "</a></li>"); + out.print("<li><a href=\"/logout\">Выйти</a></li>"); + out.println("</ul></nav>"); + } else { + out.println("<p>Чтобы добавлять сообщения и комментарии, <a href=\"#\" onclick=\"return openDialogLogin()\">представьтесь</a>.</p>"); + } + out.println(" </section>"); + out.println("</header>"); + } + + public static void pageHomeColumn(PrintWriter out, JdbcTemplate sql, com.juick.User visitor) { + pageHomeColumn(out, sql, visitor, false); + } + + public static void pageHomeColumn(PrintWriter out, JdbcTemplate sql, com.juick.User visitor, boolean showAdv) { + if (tagsHTML == null) { + tagsHTML = PageTemplates.formatPopularTags(sql, 80); + } + + out.println("<aside id=\"column\">"); + out.print(" <p class=\"tags\">" + tagsHTML); + if (showAdv) { + out.print(" <a href=\"http://ru.wix.com/\">конструктор сайтов</a>"); + } + out.println("</p>"); +// if (visitor != null) { +// printContestRating(out, sql); +// } + out.println("</aside>"); + } + + public static String formatPopularTags(JdbcTemplate sql, int cnt) { + List<String> popularTags = TagQueries.getPopularTags(sql).stream() + .map(t -> "<a href=\"/tag/" + URLEncoder.encode(t) + "\">" + Utils.encodeHTML(t) + "</a>").collect(Collectors.toList()); + return StringUtils.collectionToDelimitedString(popularTags, " "); + } + + public static void pageFooter(HttpServletRequest request, PrintWriter out, com.juick.User visitor, boolean sapeon) { + out.println("<div id=\"footer\">"); + out.println(" <div id=\"footer-right\"><a href=\"/settings\" rel=\"nofollow\">Настройки</a> · <a href=\"/help/ru/contacts\" rel=\"nofollow\">Контакты</a> · <a href=\"/help/\" rel=\"nofollow\">Справка</a> · <a href=\"/help/ru/adv\" rel=\"nofollow\">Реклама</a></div>"); + out.print(" <div id=\"footer-social\">"); + out.print("<a href=\"https://twitter.com/Juick\" rel=\"nofollow\" class=\"ico32-twi\">Twitter</a>"); + out.print("<a href=\"https://vk.com/juick\" rel=\"nofollow\" class=\"ico32-vk\">ВКонтакте</a>"); + out.print("<a href=\"https://www.facebook.com/JuickCom\" rel=\"nofollow\" class=\"ico32-fb\">Facebook</a>"); + out.println("</div>"); + out.print(" <div id=\"footer-left\">juick.com © 2008-2016"); + + String queryString = request.getQueryString(); + String requestURI = request.getRequestURI(); + if (sapeon && sape != null && (visitor == null || visitor.getUID() == 1) && queryString == null) { + String links = sape.getPageLinks(requestURI, request.getCookies()).render(); + if (links != null && !links.isEmpty()) { + out.print("<br/>Спонсоры: " + links); + } + } + + out.println("</div>"); + out.println("</div>"); + + if (visitor != null) { + out.println("<script type=\"text/javascript\">"); + out.println("var hash=\"" + visitor.getAuthHash() + "\";"); + out.println("</script>"); + } + + out.println("<script>"); + out.println("(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){"); + out.println("(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),"); + out.println("m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)"); + out.println("})(window,document,'script','//www.google-analytics.com/analytics.js','ga');"); + out.println("ga('create','UA-385578-4','juick.com');"); + out.println("ga('require','displayfeatures');"); + out.println("ga('send','pageview');"); + + if (sapeon) { + out.println("var _acic={dataProvider:10};"); + out.println("(function(){"); + out.println("var e=document.createElement('script');e.type='text/javascript';e.async=true;e.src='//www2.aci'+'nt.net/aci.js';"); + out.println("var t=document.getElementsByTagName('script')[0];t.parentNode.insertBefore(e,t);"); + out.println("})();"); + } + + out.println("</script>"); + } + + public static void pageEnd(PrintWriter out) { + out.println("</body></html>"); + } + + public static String formatTags(List<Tag> tags) { + String ret = ""; + for (Tag tag : tags) { + String tagName = tag.Name.replaceAll("<", "<").replaceAll(">", ">"); + try { + ret += " *<a href=\"/tag/" + URLEncoder.encode(tag.Name, "utf-8") + "\""; + if (tag.UsageCnt < 2) { + ret += " rel=\"nofollow\""; + } + ret += ">" + tagName + "</a>"; + } catch (UnsupportedEncodingException e) { + } + } + + return ret; + } + + public static String formatTags(List<String> tags, com.juick.User user) { + String ret = ""; + for (String tag : tags) { + tag = tag.replaceAll("<", "<"); + tag = tag.replaceAll(">", ">"); + try { + ret += " *<a href=\""; + if (user == null) { + ret += "/tag/"; + } else { + ret += "/" + user.getUName() + "/?tag="; + } + ret += URLEncoder.encode(tag, "utf-8") + "\">" + tag + "</a>"; + } catch (UnsupportedEncodingException e) { + } + } + + return ret; + } + + public static String formatDate(int minutes, Date fulldate) { + if (minutes < 1) { + return "сейчас"; + } else if (minutes < 60) { + String unit; + int ld = minutes % 10; + if ((minutes < 10 || minutes > 20) && ld == 1) { + unit = "минуту"; + } else if ((minutes < 10 || minutes > 20) && ld > 1 && ld < 5) { + unit = "минуты"; + } else { + unit = "минут"; + } + return minutes + " " + unit + " назад"; + } else if (minutes < 1440) { + int hours = (minutes / 60); + String unit; + int ld = hours % 10; + if ((hours < 10 || hours > 20) && ld == 1) { + unit = "час"; + } else if ((hours < 10 || hours > 20) && ld > 1 && ld < 5) { + unit = "часа"; + } else { + unit = "часов"; + } + return hours + " " + unit + " назад"; + } else if (minutes < 20160) { + int days = (minutes / 1440); + String unit; + int ld = days % 10; + if ((days < 10 || days > 20) && ld == 1) { + unit = "день"; + } else if ((days < 10 || days > 20) && ld > 1 && ld < 5) { + unit = "дня"; + } else { + unit = "дней"; + } + return days + " " + unit + " назад"; + } else { + String ret = sdfFull.format(fulldate); + synchronized (sdfSQL) { + try { + Calendar c = Calendar.getInstance(); + int curyear = c.get(Calendar.YEAR); + c.setTime(fulldate); + if (c.get(Calendar.YEAR) == curyear) { + ret = sdfSimple.format(fulldate); + } else { + ret = sdfFull.format(fulldate); + } + } catch (Exception e) { + System.err.println("PARSE EXCEPTION: " + fulldate); + } + } + return ret; + } + } + + public static String formatJSLocalTime(Date ts) { + return "<script type=\"text/javascript\">" + + "var d=new Date(" + ts.getTime() + ");" + + "document.write((d.getDate()<10?'0':'')+d.getDate()+'.'+(d.getMonth()<9?'0':'')+(d.getMonth()+1)+'.'+d.getFullYear()+' '+(d.getHours()<10?'0':'')+d.getHours()+':'+(d.getMinutes()<10?'0':'')+d.getMinutes());" + + "</script>"; + } + + public static String formatReplies(int replies) { + int ld = replies % 10; + int lh = replies % 100; + if ((lh < 10 || lh > 20) && ld == 1) { + return replies + " ответ"; + } else if ((lh < 10 || lh > 20) && ld > 1 && ld < 5) { + return replies + " ответа"; + } else { + return replies + " ответов"; + } + } + private static Pattern regexLinks2 = Pattern.compile("((?<=\\s)|(?<=\\A))([\\[\\{]|<)((?:ht|f)tps?://(?:www\\.)?([^\\/\\s\\\"\\)\\!]+)/?(?:[^\\]\\}](?<!>))*)([\\]\\}]|>)"); + + public static String formatMessageCode(String msg) { + msg = msg.replaceAll("&", "&"); + msg = msg.replaceAll("<", "<"); + msg = msg.replaceAll(">", ">"); + + // http://juick.com/last?page=2 + // <a href="http://juick.com/last?page=2" rel="nofollow">http://juick.com/last?page=2</a> + msg = msg.replaceAll("((?<=\\s)|(?<=\\A))((?:ht|f)tps?://(?:www\\.)?([^\\/\\s\\n\\\"]+)/?[^\\s\\n\\\"]*)", "$1<a href=\"$2\" rel=\"nofollow\">$2</a>"); + + // (http://juick.com/last?page=2) + // (<a href="http://juick.com/last?page=2" rel="nofollow">http://juick.com/last?page=2</a>) + Matcher m = regexLinks2.matcher(msg); + StringBuffer sb = new StringBuffer(); + while (m.find()) { + String url = m.group(3).replace(" ", "%20").replaceAll("\\s+", ""); + m.appendReplacement(sb, "$1$2<a href=\"" + url + "\" rel=\"nofollow\">" + url + "</a>$5"); + } + m.appendTail(sb); + msg = sb.toString(); + + return "<pre>" + msg + "</pre>"; + } + + public static String formatMessage(String msg) { + msg = msg.replaceAll("&", "&"); + msg = msg.replaceAll("<", "<"); + msg = msg.replaceAll(">", ">"); + + // -- + // — + msg = msg.replaceAll("((?<=\\s)|(?<=\\A))\\-\\-?((?=\\s)|(?=\\Z))", "$1—$2"); + + // http://juick.com/last?page=2 + // <a href="http://juick.com/last?page=2" rel="nofollow">juick.com</a> + msg = msg.replaceAll("((?<=\\s)|(?<=\\A))((?:ht|f)tps?://(?:www\\.)?([^\\/\\s\\n\\\"]+)/?[^\\s\\n\\\"]*)", "$1<a href=\"$2\" rel=\"nofollow\">$3</a>"); + + // [link text][http://juick.com/last?page=2] + // <a href="http://juick.com/last?page=2" rel="nofollow">link text</a> + msg = msg.replaceAll("\\[([^\\]]+)\\]\\[((?:ht|f)tps?://[^\\]]+)\\]", "<a href=\"$2\" rel=\"nofollow\">$1</a>"); + msg = msg.replaceAll("\\[([^\\]]+)\\]\\(((?:ht|f)tps?://[^\\)]+)\\)", "<a href=\"$2\" rel=\"nofollow\">$1</a>"); + + // #12345 + // <a href="http://juick.com/12345">#12345</a> + msg = msg.replaceAll("((?<=\\s)|(?<=\\A)|(?<=\\p{Punct}))#(\\d+)((?=\\s)|(?=\\Z)|(?=\\))|(?=\\.)|(?=\\,))", "$1<a href=\"http://juick.com/$2\">#$2</a>$3"); + + // #12345/65 + // <a href="http://juick.com/12345#65">#12345/65</a> + msg = msg.replaceAll("((?<=\\s)|(?<=\\A)|(?<=\\p{Punct}))#(\\d+)/(\\d+)((?=\\s)|(?=\\Z)|(?=\\p{Punct}))", "$1<a href=\"http://juick.com/$2#$3\">#$2/$3</a>$4"); + + // *bold* + // <b>bold</b> + msg = msg.replaceAll("((?<=\\s)|(?<=\\A)|(?<=\\p{Punct}))\\*([^\\*\\n<>]+)\\*((?=\\s)|(?=\\Z)|(?=\\p{Punct}))", "$1<b>$2</b>$3"); + + // /italic/ + // <i>italic</i> + msg = msg.replaceAll("((?<=\\s)|(?<=\\A))/([^\\/\\n<>]+)/((?=\\s)|(?=\\Z)|(?=\\p{Punct}))", "$1<i>$2</i>$3"); + + // _underline_ + // <span class="u">underline</span> + msg = msg.replaceAll("((?<=\\s)|(?<=\\A))_([^\\_\\n<>]+)_((?=\\s)|(?=\\Z)|(?=\\p{Punct}))", "$1<span class=\"u\">$2</span>$3"); + + // /12 + // <a href="#12">/12</a> + msg = msg.replaceAll("((?<=\\s)|(?<=\\A))\\/(\\d+)((?=\\s)|(?=\\Z)|(?=\\p{Punct}))", "$1<a href=\"#$2\">/$2</a>$3"); + + // @username@jabber.org + // <a href="http://juick.com/username@jabber.org/">@username@jabber.org</a> + msg = msg.replaceAll("((?<=\\s)|(?<=\\A))@([\\w\\-\\.]+@[\\w\\-\\.]+)((?=\\s)|(?=\\Z)|(?=\\p{Punct}))", "$1<a href=\"http://juick.com/$2/\">@$2</a>$3"); + + // @username + // <a href="http://juick.com/username/">@username</a> + msg = msg.replaceAll("((?<=\\s)|(?<=\\A))@([\\w\\-]{2,16})((?=\\s)|(?=\\Z)|(?=\\p{Punct}))", "$1<a href=\"http://juick.com/$2/\">@$2</a>$3"); + + // (http://juick.com/last?page=2) + // (<a href="http://juick.com/last?page=2" rel="nofollow">juick.com</a>) + Matcher m = regexLinks2.matcher(msg); + StringBuffer sb = new StringBuffer(); + while (m.find()) { + String url = m.group(3).replace(" ", "%20").replaceAll("\\s+", ""); + m.appendReplacement(sb, "$1$2<a href=\"" + url + "\" rel=\"nofollow\">$4</a>$5"); + } + m.appendTail(sb); + msg = sb.toString(); + + // > citate + msg = msg.replaceAll("(?:(?<=\\n)|(?<=\\A))> *(.*)?(\\n|(?=\\Z))", "<q>$1</q>"); + msg = msg.replaceAll("</q><q>", "\n"); + + msg = msg.replaceAll("\n", "<br/>\n"); + return msg; + } + + public static void printMessages(PrintWriter out, JdbcTemplate sql, com.juick.User user, List<Integer> mids, com.juick.User visitor, int YandexID, int ad_mid) { + List<com.juick.Message> msgs = MessagesQueries.getMessages(sql, mids); + + for (int i = 0; i < msgs.size(); i++) { + com.juick.Message msg = msgs.get(i); + if (msg.getMID() == ad_mid) { + msgs.remove(i); + msgs.add(0, msg); + break; + } + } + + List<Integer> blUIDs = new ArrayList<Integer>(20); + if (visitor != null) { + for (Message msg : msgs) { + blUIDs.add(msg.getUser().getUID()); + } + blUIDs = UserQueries.checkBL(sql, visitor.getUID(), blUIDs); + } + + for (int i = 0; i < msgs.size(); i++) { + + com.juick.Message msg = msgs.get(i); + + List<com.juick.Tag> tags = MessagesQueries.getMessageTags(sql, msg.getMID()); + String tagsStr = formatTags(tags); + if (msg.ReadOnly) { + tagsStr += " *readonly"; + } + if (msg.Privacy < 0) { + tagsStr += " *friends"; + } + if (msg.getMID() == ad_mid) { + tagsStr += " *реклама"; + } + + String txt; + if (!msg.Tags.isEmpty() && msg.Tags.contains("code")) { + txt = formatMessageCode(msg.getText()); + } else { + txt = formatMessage(msg.getText()); + } + + out.println("<article data-mid=\"" + msg.getMID() + "\">"); + out.println(" <aside><a href=\"/" + msg.getUser().getUName() + "/\"><img src=\"//i.juick.com/a/" + msg.getUser().getUID() + ".png\" alt=\"" + msg.getUser().getUName() + "\"/></a></aside>"); + out.println(" <header class=\"u\">@<a href=\"/" + msg.getUser().getUName() + "/\">" + msg.getUser().getUName() + "</a>:" + tagsStr + "</header>"); + out.println(" <header class=\"t\"><a href=\"/" + msg.getUser().getUName() + "/" + msg.getMID() + "\"><time datetime=\"" + sdfSQL.format(msg.getDate()) + "Z\" title=\"" + sdfSQL.format(msg.getDate()) + " GMT\">" + formatDate(msg.TimeAgo, msg.getDate()) + "</time></a></header>"); + if (msg.AttachmentType != null) { + String fname = msg.getMID() + "." + msg.AttachmentType; + out.println(" <p class=\"ir\"><a href=\"//i.juick.com/photos-512/" + fname + "\" onclick=\"return showPhotoDialog('" + fname + "')\"><img src=\"//i.juick.com/photos-512/" + fname + "\" alt=\"\"/></a></p>"); + } + out.println(" <p>" + txt + "</p>"); + if (msg.AttachmentType != null) { + out.println(" <div class=\"irbr\"></div>"); + } + out.print(" <nav class=\"l\">"); + msg.ReadOnly |= blUIDs.contains(msg.getUser().getUID()); + out.print("<a href=\"#\" onclick=\"return likeMessage(this," + msg.getMID() + ")\">Мне нравится</a>"); + if (visitor == null && !msg.ReadOnly) { + out.print("<a href=\"#\" onclick=\"return openDialogLogin()\">Комментировать</a> "); + } else if (visitor != null && (!msg.ReadOnly || visitor.getUID() == msg.getUser().getUID())) { + out.print("<a href=\"#\" onclick=\"return showCommentFooter(this)\">Комментировать</a> "); + } + if (visitor != null && msg.Privacy < 0 && msg.getUser().getUID() == visitor.getUID()) { + out.print(" <a href=\"#\" onclick=\"return setPrivacy(this," + msg.getMID() + ")\">Открыть доступ</a>"); + } + if (visitor != null && visitor.getUID() == 3694) { + out.print(" <a href=\"#\" onclick=\"return setPopular(this," + msg.getMID() + ",2)\">+</a>"); + out.print(" <a href=\"#\" onclick=\"return setPopular(this," + msg.getMID() + ",-1)\">-</a>"); + out.print(" <a href=\"#\" onclick=\"return setPopular(this," + msg.getMID() + ",-2)\">x</a>"); + } + out.println("</nav>"); + + out.print(" <nav class=\"s\">"); + if (msg.Likes > 0) { + out.print("<a href=\"/" + msg.getUser().getUName() + "/" + msg.getMID() + "\" class=\"likes\">" + msg.Likes + "</a>"); + } + if (msg.Replies > 0) { + out.print("<a href=\"/" + msg.getUser().getUName() + "/" + msg.getMID() + "\" class=\"replies\">" + msg.Replies + "</a>"); + } + out.println("</nav>"); + out.print("</article>"); + } + } +} diff --git a/src/main/java/com/juick/http/www/RSS.java b/src/main/java/com/juick/http/www/RSS.java new file mode 100644 index 00000000..349743b5 --- /dev/null +++ b/src/main/java/com/juick/http/www/RSS.java @@ -0,0 +1,101 @@ +/* + * Juick + * Copyright (C) 2008-2013, ugnich + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.http.www; + +import com.juick.Message; +import com.juick.server.MessagesQueries; +import org.springframework.jdbc.core.JdbcTemplate; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.io.PrintWriter; +import java.text.SimpleDateFormat; +import java.util.Date; +import java.util.List; + +/** + * + * @author ugnich + */ +public class RSS { + + private static final SimpleDateFormat sdfRSS = new SimpleDateFormat("EEE, d MMM yyyy HH:mm:ss Z"); + + protected void doGet(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response, int uid, String uname) throws ServletException, IOException { + List<Integer> mids = MessagesQueries.getUserBlog(sql, uid, 0, 0); + if (mids.isEmpty()) { + response.sendError(404); + return; + } + + List<Message> msgs = MessagesQueries.getMessages(sql, mids); + + response.setContentType("application/rss+xml; charset=UTF-8"); + try (PrintWriter out = response.getWriter()) { + out.println("<?xml version='1.0' encoding='utf-8'?>"); + out.println("<rss version='2.0' xmlns:atom='http://www.w3.org/2005/Atom' xmlns:slash='http://purl.org/rss/1.0/modules/slash/' xmlns:rdf='http://www.w3.org/1999/02/22-rdf-syntax-ns#' xmlns:media='http://search.yahoo.com/mrss/' xmlns:juick='http://juick.com/'>"); + out.println("<channel>"); + out.println("<atom:link href='http://rss.juick.com/" + uname + "/blog' rel='self' type='application/rss+xml'/>"); + out.println("<title>" + uname + " - Juick</title>"); + out.println("<link>http://juick.com/" + uname + "/</link>"); + out.println("<description>The latest messages by @" + uname + " at Juick</description>"); + out.println("<image><url>http://i.juick.com/a/" + uid + ".png</url><title>" + uname + " - Juick</title><link>http://juick.com/" + uname + "/</link></image>"); + + for (Message msg : msgs) { + out.println("<item>"); + out.println("<link>http://juick.com/" + msg.getUser().getUName() + "/" + msg.getMID() + "</link>"); + out.println("<guid>http://juick.com/" + msg.getUser().getUName() + "/" + msg.getMID() + "</guid>"); + + out.print("<title><![CDATA[@" + msg.getUser().getUName() + ":"); + if (!msg.Tags.isEmpty()) { + for (int n = 0; n < msg.Tags.size(); n++) { + out.print(" *" + msg.Tags.get(n)); + } + } + out.println("]]></title>"); + out.println("<description><![CDATA[" + PageTemplates.formatMessage(msg.getText()) + "]]></description>"); + + Date date = msg.getDate(); + out.println("<pubDate>" + sdfRSS.format(date) + "</pubDate>"); + + + out.println("<comments>http://juick.com/" + msg.getUser().getUName() + "/" + msg.getMID() + "</comments>"); + if (!msg.Tags.isEmpty()) { + for (int n = 0; n < msg.Tags.size(); n++) { + out.println("<category>" + msg.Tags.get(n) + "</category>"); + } + } + if (msg.AttachmentType != null) { + if (msg.AttachmentType.equals("jpg")) { + out.println("<media:content url='http://i.juick.com/photos-1024/" + msg.getMID() + ".jpg' type='image/jpeg'/>"); + out.println("<media:thumbnail url='http://i.juick.com/ps/" + msg.getMID() + ".jpg'/>"); + } else if (msg.AttachmentType.equals("png")) { + out.println("<media:content url='http://i.juick.com/photos-1024/" + msg.getMID() + ".png' type='image/png'/>"); + out.println("<media:thumbnail url='http://i.juick.com/ps/" + msg.getMID() + ".png'/>"); + } + } + out.println("<juick:user uid='" + msg.getUser().getUID() + "'/>"); + out.println("</item>"); + } + + out.println("</channel></rss>"); + } + } +} diff --git a/src/main/java/com/juick/http/www/Settings.java b/src/main/java/com/juick/http/www/Settings.java new file mode 100644 index 00000000..54ee0ee9 --- /dev/null +++ b/src/main/java/com/juick/http/www/Settings.java @@ -0,0 +1,91 @@ +/* + * Juick + * Copyright (C) 2008-2013, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.http.www; + +import org.springframework.jdbc.core.JdbcTemplate; + +import javax.servlet.ServletException; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.io.PrintWriter; + +/** + * + * @author Ugnich Anton + */ +public class Settings { + + protected void doGet(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + + response.setContentType("text/html; charset=UTF-8"); + try (PrintWriter out = response.getWriter()) { + PageTemplates.pageHead(out, "Логин", ""); + PageTemplates.pageNavigation(out, visitor, null); + + out.println("<div id=\"topwrapper\">"); + out.println("<div id=\"wrapper\">"); + out.println("<div id=\"content\">"); + out.println("<form action=\"/login\" method=\"post\">"); + out.println("<p>Имя пользователя: <input type=\"text\" name=\"username\"/></p>"); + out.println("<p>Пароль: <input type=\"password\" name=\"password\"/></p>"); + out.println("<p><input type=\"submit\" value=\" OK \"/></p>"); + out.println("</form>"); + out.println("</div>"); + out.println("</div>"); + out.println("</div>"); // topwrapper + + PageTemplates.pageFooter(request, out, visitor, false); + PageTemplates.pageEnd(out); + } + } + + protected void doPost(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + String username = request.getParameter("username"); + String password = request.getParameter("password"); + if (username == null || password == null || username.length() > 32 || password.isEmpty()) { + response.sendError(400); + return; + } + + int uid = com.juick.server.UserQueries.checkPassword(sql, username, password); + if (uid > 0) { + String hash = com.juick.server.UserQueries.getHashByUID(sql, uid); + Cookie c = new Cookie("hash", hash); + c.setDomain(".juick.com"); + c.setMaxAge(365 * 24 * 60 * 60); + response.addCookie(c); + + + if (uid > 0) { + throw new IOException("Settings"); + } + + String referer = request.getHeader("Referer"); + if (referer != null && referer.startsWith("http://juick.com/") && !referer.equals("http://juick.com/login")) { + response.sendRedirect(referer); + } else { + response.sendRedirect("/"); + } + } else { + response.sendError(403); + } + } +} diff --git a/src/main/java/com/juick/http/www/SignUp.java b/src/main/java/com/juick/http/www/SignUp.java new file mode 100644 index 00000000..1ee23386 --- /dev/null +++ b/src/main/java/com/juick/http/www/SignUp.java @@ -0,0 +1,258 @@ +/* + * Juick + * Copyright (C) 2008-2013, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.http.www; + +import com.juick.server.UserQueries; +import org.apache.commons.lang3.tuple.Pair; +import org.springframework.dao.EmptyResultDataAccessException; +import org.springframework.jdbc.core.JdbcTemplate; + +import javax.servlet.ServletException; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.io.PrintWriter; +import java.util.List; + +/** + * + * @author Ugnich Anton + */ +public class SignUp { + + protected void doGet(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + + String type = request.getParameter("type"); + String hash = request.getParameter("hash"); + if (type == null || type.isEmpty() || hash == null || hash.isEmpty() || hash.length() > 36 || !type.matches("^[a-zA-Z0-9\\-]+$") || !hash.matches("^[a-zA-Z0-9\\-]+$")) { + response.sendError(HttpServletResponse.SC_BAD_REQUEST); + return; + } + + String account = null; + if (type.equals("fb")) { + account = getFacebookNameByHash(sql, hash); + } else if (type.equals("vk")) { + account = getVKNameByHash(sql, hash); + } else if (type.equals("xmpp")) { + account = getJIDByHash(sql, hash); + } else if (type.equals("durov")) { + account = getTelegramNameByHash(sql, hash); + } + if (account == null) { + response.sendError(HttpServletResponse.SC_BAD_REQUEST); + return; + } + + response.setContentType("text/html; charset=UTF-8"); + try (PrintWriter out = response.getWriter()) { + PageTemplates.pageHead(out, "Новый пользователь", null); + PageTemplates.pageNavigation(out, visitor, null); + + out.println("<section id=\"content\">"); + + out.print("<h1 class=\"signup-h1\">"); + if (type.charAt(0) == 'f') { + out.print("<img src=\"//static.juick.com/settings/facebook.png\" alt=\"Facebook\"/>"); + } else if (type.charAt(0) == 'v') { + out.print("<img src=\"//static.juick.com/settings/vk.png\" alt=\"VKontakte\"/>"); + } else if (type.charAt(0) == 'x') { + out.print("<img src=\"//static.juick.com/settings/xmpp.png\" alt=\"XMPP\"/>"); + } else if (type.charAt(0) == 'd') { + out.print("<img src=\"//telegram.org/favicon.ico?3\" alt=\"Telegram\"/>"); + } + out.println(account + "</h1>"); + + out.println("<h2 class=\"signup-h2\">Связать с существующим аккаунтом Juick</h2>"); + out.println("<form action=\"/signup\" method=\"post\">"); + out.println("<input type=\"hidden\" name=\"action\" value=\"link\"/>"); + out.println("<input type=\"hidden\" name=\"type\" value=\"" + type + "\"/>"); + out.println("<input type=\"hidden\" name=\"hash\" value=\"" + hash + "\"/>"); + if (visitor != null) { + out.println("<input type=\"submit\" value=\"Связать с этим аккаунтом\"/>"); + } else { + out.println("<p>Имя пользователя: <input type=\"text\" name=\"username\"/></p>"); + out.println("<p>Пароль: <input type=\"password\" name=\"password\"/></p>"); + out.println("<p><input type=\"submit\" value=\" OK \"/></p>"); + } + out.println("</form>"); + + out.println("<hr class=\"signup-hr\"/>"); + + out.println("<h2 class=\"signup-h2\">Создать новый аккаунт Juick</h2>"); + out.println("<form action=\"/signup\" method=\"post\">"); + out.println("<input type=\"hidden\" name=\"action\" value=\"new\"/>"); + out.println("<input type=\"hidden\" name=\"type\" value=\"" + type + "\"/>"); + out.println("<input type=\"hidden\" name=\"hash\" value=\"" + hash + "\"/>"); + out.println("<p>Имя пользователя: <input type=\"text\" name=\"username\" id=\"username\" onblur=\"checkUsername()\"/><br/><i>(От 2-х до 16-и латинских символов и/или цифр, дефис)</i></p>"); + out.println("<p>Пароль: <input type=\"password\" name=\"password\"/><br/><i>(от 6-и до 32-х символов)</i></p>"); + out.println("<p><input type=\"submit\" value=\" OK \"/></p>"); + out.println("</form>"); + + out.println("</section>"); + + PageTemplates.pageFooter(request, out, visitor, false); + PageTemplates.pageEnd(out); + } + } + + protected void doPost(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + int uid = 0; + + String type = request.getParameter("type"); + String hash = request.getParameter("hash"); + if (type == null || type.isEmpty() || hash == null || hash.isEmpty() || hash.length() > 36 || !type.matches("^[a-zA-Z0-9\\-]+$") || !hash.matches("^[a-zA-Z0-9\\-]+$")) { + response.sendError(HttpServletResponse.SC_BAD_REQUEST); + return; + } + + String action = request.getParameter("action"); + if (action.charAt(0) == 'l') { + + if (visitor == null) { + String username = request.getParameter("username"); + String password = request.getParameter("password"); + if (username == null || password == null || username.length() > 32 || password.isEmpty()) { + response.sendError(HttpServletResponse.SC_BAD_REQUEST); + return; + } + uid = com.juick.server.UserQueries.checkPassword(sql, username, password); + } else { + uid = visitor.getUID(); + } + + if (uid <= 0) { + response.sendError(HttpServletResponse.SC_FORBIDDEN); + return; + } + + if (!(type.charAt(0) == 'f' && setFacebookUser(sql, hash, uid)) + && !(type.charAt(0) == 'v' && setVKUser(sql, hash, uid)) + && !(type.charAt(0) == 'd' && setTelegramUser(sql, hash, uid)) + && !(type.charAt(0) == 'x' && setJIDUser(sql, hash, uid))) { + response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + + } else { // Create new account + String username = request.getParameter("username"); + String password = request.getParameter("password"); + if (username == null || password == null || username.length() < 2 || username.length() > 16 || !username.matches("^[a-zA-Z0-9\\-]+$") || password.length() < 6 || password.length() > 32) { + response.sendError(HttpServletResponse.SC_BAD_REQUEST); + return; + } + + // CHECK USERNAME + + uid = UserQueries.createUser(sql, username, password); + if (uid <= 0) { + response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + + if (!(type.charAt(0) == 'f' && setFacebookUser(sql, hash, uid)) + && !(type.charAt(0) == 'v' && setVKUser(sql, hash, uid)) + && !(type.charAt(0) == 'd' && setTelegramUser(sql, hash, uid)) + && !(type.charAt(0) == 'x' && setJIDUser(sql, hash, uid))) { + response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + + int ref = 0; + String sRef = Utils.getCookie(request, "ref"); + if (sRef != null) { + try { + ref = Integer.parseInt(sRef); + } catch (Exception e) { + } + } + + if (ref > 0) { + setUserRef(sql, uid, ref); + } + + visitor = null; + } + + if (visitor == null) { + hash = com.juick.server.UserQueries.getHashByUID(sql, uid); + Cookie c = new Cookie("hash", hash); + c.setMaxAge(365 * 24 * 60 * 60); + response.addCookie(c); + } + + response.sendRedirect("/"); + } + + private boolean setUserRef(JdbcTemplate sql, int uid, int ref) { + return sql.update("INSERT INTO users_refs(user_id,ref) VALUES (?,?)", uid, ref) > 0; + } + + private String getFacebookNameByHash(JdbcTemplate sql, String hash) { + try { + return sql.queryForObject("SELECT fb_name,fb_link FROM facebook WHERE loginhash=?", String.class, hash); + } catch (EmptyResultDataAccessException e) { + return null; + } + } + private String getTelegramNameByHash(JdbcTemplate sql, String hash) { + try { + String name = sql.queryForObject("SELECT tg_name FROM telegram WHERE loginhash=?", String.class, hash); + return "<a href=\"https://telegram.me/" + name + "\" rel=\"nofollow\">" + name + "</a>"; + } catch (EmptyResultDataAccessException e) { + return null; + } + } + + private boolean setFacebookUser(JdbcTemplate sql, String hash, int uid) { + return sql.update("UPDATE facebook SET user_id=?,loginhash=NULL WHERE loginhash=?", uid, hash) > 0; + } + + private String getVKNameByHash(JdbcTemplate sql, String hash) { + List<Pair<String, String>> logins = sql.query("SELECT vk_name,vk_link FROM vk WHERE loginhash=?", + (rs, num) -> { + return Pair.of(rs.getString(1), rs.getString(2)); + }, hash); + if (logins.size() > 0) { + return "<a href=\"http://vk.com/" + logins.get(0).getRight() + "\" rel=\"nofollow\">" + logins.get(0).getLeft() + "</a>"; + } + return null; + } + + private boolean setVKUser(JdbcTemplate sql, String hash, int uid) { + return sql.update("UPDATE vk SET user_id=?,loginhash=NULL WHERE loginhash=?", uid, hash) > 0; + } + private boolean setTelegramUser(JdbcTemplate sql, String hash, int uid) { + return sql.update("UPDATE telegram SET user_id=?,loginhash=NULL WHERE loginhash=?", uid, hash) > 0; + } + + private String getJIDByHash(JdbcTemplate sql, String hash) { + try { + return sql.queryForObject("SELECT jid FROM jids WHERE loginhash=?", String.class, hash); + } catch (EmptyResultDataAccessException e) { + return null; + } + } + + private boolean setJIDUser(JdbcTemplate sql, String hash, int uid) { + return sql.update("UPDATE jids SET user_id=?,loginhash=NULL WHERE loginhash=?", uid, hash) > 0; + } +} diff --git a/src/main/java/com/juick/http/www/TwitterAuth.java b/src/main/java/com/juick/http/www/TwitterAuth.java new file mode 100644 index 00000000..bbad4d83 --- /dev/null +++ b/src/main/java/com/juick/http/www/TwitterAuth.java @@ -0,0 +1,86 @@ +package com.juick.http.www; + +import com.github.scribejava.apis.TwitterApi; +import com.github.scribejava.core.builder.ServiceBuilder; +import com.github.scribejava.core.model.*; +import com.github.scribejava.core.oauth.OAuth10aService; +import com.github.scribejava.core.oauth.OAuthService; +import com.juick.server.UserQueries; +import org.json.JSONObject; +import org.springframework.jdbc.core.JdbcTemplate; + +import javax.servlet.ServletException; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.sql.Connection; + +/** + * Created by vt on 01.12.2015. + */ +public class TwitterAuth { + + private final static String VERIFY_URL = "https://api.twitter.com/1.1/account/verify_credentials.json"; + + private String consumerKey, consumerSecret; + + public TwitterAuth(String consumerKey, String consumerSecret) { + this.consumerKey = consumerKey; + this.consumerSecret = consumerSecret; + } + + protected void doGet(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) + throws ServletException, IOException { + String hash = "", request_token = "", request_token_secret = ""; + String verifier = request.getParameter("oauth_verifier"); + Cookie[] cookies = request.getCookies(); + for (Cookie cookie : cookies) { + if (cookie.getName().equals("hash")) { + hash = cookie.getValue(); + } + if (cookie.getName().equals("request_token")) { + request_token = cookie.getValue(); + } + if (cookie.getName().equals("request_token_secret")) { + request_token_secret = cookie.getValue(); + } + } + com.juick.User user = UserQueries.getUserByHash(sql, hash); + if ( user == null || user.getUID() == 0) { + response.sendError(403); + return; + } + OAuth10aService oAuthService = new ServiceBuilder() + .apiKey(consumerKey) + .apiSecret(consumerSecret) + .callback("http://juick.com/_twitter") + .build(TwitterApi.instance()); + + if (request_token.isEmpty() && request_token_secret.isEmpty() + && (verifier == null || verifier.isEmpty())) { + OAuth1RequestToken requestToken = oAuthService.getRequestToken(); + String authUrl = oAuthService.getAuthorizationUrl(requestToken); + response.addCookie(new Cookie("request_token", requestToken.getToken())); + response.addCookie(new Cookie("request_token_secret", requestToken.getTokenSecret())); + response.setStatus(HttpServletResponse.SC_FOUND); + response.setHeader("Location", authUrl); + } else { + if (verifier != null && verifier.length() > 0) { + OAuth1RequestToken requestToken = new OAuth1RequestToken(request_token, request_token_secret); + OAuth1AccessToken accessToken = oAuthService.getAccessToken(requestToken, verifier); + OAuthRequest oAuthRequest = new OAuthRequest(Verb.GET, VERIFY_URL, oAuthService); + oAuthService.signRequest(accessToken, oAuthRequest); + JSONObject jsonResponse = new JSONObject(oAuthRequest.send().getBody()); + String screenName = jsonResponse.getString("screen_name"); + if (UserQueries.linkTwitterAccount(sql, user, accessToken.getToken(), accessToken.getTokenSecret(), + screenName)) { + response.setStatus(HttpServletResponse.SC_FOUND); + response.setHeader("Location", "http://juick.com/settings"); + } else { + response.sendError(500); + } + } + } + } +} diff --git a/src/main/java/com/juick/http/www/User.java b/src/main/java/com/juick/http/www/User.java new file mode 100644 index 00000000..0bdd910e --- /dev/null +++ b/src/main/java/com/juick/http/www/User.java @@ -0,0 +1,344 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.http.www; + +import com.juick.Tag; +import com.juick.server.MessagesQueries; +import com.juick.server.TagQueries; +import com.juick.server.UserQueries; +import org.springframework.jdbc.core.JdbcTemplate; + +import javax.servlet.ServletException; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.io.PrintWriter; +import java.io.UnsupportedEncodingException; +import java.net.URLEncoder; +import java.util.Arrays; +import java.util.List; + +/** + * + * @author Ugnich Anton + */ +public class User { + + protected void doGetBlog(JdbcTemplate sql, JdbcTemplate sqlSearch, HttpServletRequest request, HttpServletResponse response, com.juick.User user) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + + List<Integer> mids; + + String paramShow = request.getParameter("show"); + + com.juick.Tag paramTag = null; + String paramTagStr = request.getParameter("tag"); + if (paramTagStr != null) { + if (paramTagStr.length() < 64) { + paramTag = TagQueries.getTag(sql, paramTagStr, false); + } + if (paramTag == null) { + Errors.doGet404(sql, request, response); + return; + } else if (!paramTag.Name.equals(paramTagStr)) { + String url = "/" + user.getUName() + "/?tag=" + URLEncoder.encode(paramTag.Name, "UTF-8"); + Utils.sendPermanentRedirect(response, url); + return; + } + } + + int paramBefore = 0; + String paramBeforeStr = request.getParameter("before"); + if (paramBeforeStr != null) { + try { + paramBefore = Integer.parseInt(paramBeforeStr); + } catch (NumberFormatException e) { + } + } + + String paramSearch = request.getParameter("search"); + if (paramSearch != null && paramSearch.length() > 64) { + paramSearch = null; + } + + int privacy = 0; + if (visitor != null) { + if (user.getUID() == visitor.getUID() || visitor.getUID() == 1) { + privacy = -3; + } else if (UserQueries.isInWL(sql, user.getUID(), visitor.getUID())) { + privacy = -2; + } + } + + String title; + if (paramShow == null) { + if (paramTag != null) { + title = "Блог " + user.getUName() + ": *" + Utils.encodeHTML(paramTag.Name); + mids = MessagesQueries.getUserTag(sql, user.getUID(), paramTag.TID, privacy, paramBefore); + } else if (paramSearch != null) { + title = "Блог " + user.getUName() + ": " + Utils.encodeHTML(paramSearch); + mids = MessagesQueries.getUserSearch(sql, sqlSearch, user.getUID(), Utils.encodeSphinx(paramSearch), privacy, paramBefore); + } else { + title = "Блог " + user.getUName(); + mids = MessagesQueries.getUserBlog(sql, user.getUID(), privacy, paramBefore); + } + } else if (paramShow.equals("recomm")) { + title = "Рекомендации " + user.getUName(); + mids = MessagesQueries.getUserRecommendations(sql, user.getUID(), paramBefore); + } else if (paramShow.equals("photos")) { + title = "Фотографии " + user.getUName(); + mids = MessagesQueries.getUserPhotos(sql, user.getUID(), privacy, paramBefore); + } else { + Errors.doGet404(sql, request, response); + return; + } + + if (visitor == null) { + pageUserRefCookie(request, response, user.getUID()); + } + + response.setContentType("text/html; charset=UTF-8"); + try (PrintWriter out = response.getWriter()) { + String head = "<link rel=\"alternate\" type=\"application/rss+xml\" title=\"@" + user.getUName() + "\" href=\"//rss.juick.com/" + user.getUName() + "/blog\"/>"; + if (paramTag != null && TagQueries.getTagNoIndex(sql, paramTag.TID)) { + head += "<meta name=\"robots\" content=\"noindex,nofollow\"/>"; + } else if (paramBefore > 0 || paramShow != null) { + head += "<meta name=\"robots\" content=\"noindex\"/>"; + } + PageTemplates.pageHead(out, title, head); + PageTemplates.pageNavigation(out, visitor, null); + pageUserColumn(out, sql, user, visitor); + + if (mids.size() > 0) { + out.println("<section id=\"content\">"); + + if (paramTag != null) { + out.println("<p class=\"page\"><a href=\"/tag/" + URLEncoder.encode(paramTag.Name, "UTF-8") + "\">← Все записи с тегом <b>" + Utils.encodeHTML(paramTag.Name) + "</b></a></p>"); + } + + PageTemplates.printMessages(out, sql, user, mids, visitor, visitor == null ? 4 : 5, 0); + + if (mids.size() >= 20) { + String nextpage = "?before=" + mids.get(mids.size() - 1); + if (paramShow != null) { + nextpage += "&show=" + paramShow; + } + if (paramTag != null) { + nextpage += "&tag=" + URLEncoder.encode(paramTag.Name, "UTF-8"); + } + if (paramSearch != null) { + nextpage += "&search=" + URLEncoder.encode(paramSearch, "UTF-8"); + } + out.println("<p class=\"page\"><a href=\"" + nextpage + "\" rel=\"prev\">Читать дальше →</a></p>"); + } + + out.println("</section>"); + } + + PageTemplates.pageFooter(request, out, visitor, true); + PageTemplates.pageEnd(out); + } + } + + protected void doGetTags(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response, com.juick.User user) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + + if (visitor == null) { + pageUserRefCookie(request, response, user.getUID()); + } + + response.setContentType("text/html; charset=UTF-8"); + try (PrintWriter out = response.getWriter()) { + String head = "<meta name=\"robots\" content=\"noindex,nofollow\"/>"; + PageTemplates.pageHead(out, "Теги " + user.getUName(), head); + PageTemplates.pageNavigation(out, visitor, null); + pageUserColumn(out, sql, user, visitor); + + out.println("<section id=\"content\">"); + out.println("<p>" + pageUserTags(sql, user, visitor, 0) + "</p>"); + out.println("</section>"); + + PageTemplates.pageFooter(request, out, visitor, false); + PageTemplates.pageEnd(out); + } + } + + protected void doGetFriends(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response, com.juick.User user) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + + if (visitor == null) { + pageUserRefCookie(request, response, user.getUID()); + } + + response.setContentType("text/html; charset=UTF-8"); + try (PrintWriter out = response.getWriter()) { + String head = "<meta name=\"robots\" content=\"noindex\"/>"; + PageTemplates.pageHead(out, "Подписки " + user.getUName(), head); + PageTemplates.pageNavigation(out, visitor, null); + pageUserColumn(out, sql, user, visitor); + + out.println("<section id=\"content\">"); + out.println("<table class=\"users\"><tr>"); + + List<com.juick.User> friends = UserQueries.getUserFriends(sql, user.getUID()); + for (int i = 0; i < friends.size(); i++) { + if (i % 3 == 0 && i > 0) { + out.print("</tr><tr>"); + } + out.print("<td><a href=\"/" + friends.get(i).getUName() + + "/\"><img src=\"//i.juick.com/as/" + friends.get(i).getUID() + ".png\"/>" + + friends.get(i).getUName() + "</a></td>"); + } + + out.println("</tr></table>"); + out.println("</section>"); + + PageTemplates.pageFooter(request, out, visitor, false); + PageTemplates.pageEnd(out); + } + } + + protected void doGetReaders(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response, com.juick.User user) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + + if (visitor == null) { + pageUserRefCookie(request, response, user.getUID()); + } + + response.setContentType("text/html; charset=UTF-8"); + try (PrintWriter out = response.getWriter()) { + String head = "<meta name=\"robots\" content=\"noindex\"/>"; + PageTemplates.pageHead(out, "Читатели " + user.getUName(), head); + PageTemplates.pageNavigation(out, visitor, null); + pageUserColumn(out, sql, user, visitor); + + out.println("<section id=\"content\">"); + out.println("<table class=\"users\"><tr>"); + + List<com.juick.User> readers = UserQueries.getUserReaders(sql, user.getUID()); + for (int i = 0; i < readers.size(); i++) { + if (i % 3 == 0 && i > 0) { + out.print("</tr><tr>"); + } + out.print("<td><a href=\"/" + readers.get(i).getUName() + + "/\"><img src=\"//i.juick.com/as/" + readers.get(i).getUID() + ".png\"/>" + + readers.get(i).getUName() + "</a></td>"); + } + + out.println("</tr></table>"); + out.println("</section>"); + + PageTemplates.pageFooter(request, out, visitor, false); + PageTemplates.pageEnd(out); + } + } + + public static void pageUserRefCookie(HttpServletRequest request, HttpServletResponse response, int uid) { + String hReferer = request.getHeader("Referer"); + String ref = Utils.getCookie(request, "ref"); + + if (ref == null && (hReferer == null || !(hReferer.startsWith("http://juick.com/") || hReferer.startsWith("https://juick.com/")))) { + Cookie c = new Cookie("ref", Integer.toString(uid)); + c.setMaxAge(7 * 24 * 60 * 60); + c.setPath("/"); + response.addCookie(c); + } + } + + public static void pageUserColumn(PrintWriter out, JdbcTemplate sql, com.juick.User user, com.juick.User visitor) { + out.println("<aside id=\"column\">"); + out.println(" <div id=\"ctitle\"><a href=\"./\"><img src=\"//i.juick.com/as/" + user.getUID() + ".png\" alt=\"\"/>" + user.getUName() + "</a></div>"); + if (visitor != null && visitor.getUID() > 0 && visitor.getUID() != user.getUID()) { + out.println(" <ul id=\"ctoolbar\">"); + if (UserQueries.isSubscribed(sql, visitor.getUID(), user.getUID())) { + out.println(" <li><a href=\"/post?body=U+%40" + user.getUName() + "\" title=\"Подписан\"><div style=\"background-position: -48px 0\"></div></a></li>"); + } else { + out.println(" <li><a href=\"/post?body=S+%40" + user.getUName() + "\" title=\"Подписаться\"><div style=\"background-position: -16px 0\"></div></a></li>"); + } + if (UserQueries.isInBL(sql, visitor.getUID(), user.getUID())) { + out.println(" <li><a href=\"/post?body=BL+%40" + user.getUName() + "\" title=\"Разблокировать\"><div style=\"background-position: -96px 0\"></div></a></li>"); + } else { + out.println(" <li><a href=\"/post?body=BL+%40" + user.getUName() + "\" title=\"Заблокировать\"><div style=\"background-position: -80px 0\"></div></a></li>"); + } + if (!UserQueries.isInBLAny(sql, user.getUID(), visitor.getUID())) { + out.println(" <li><a href=\"/pm/sent?uname=" + user.getUName() + "\" title=\"Написать приватное сообщение\"><div style=\"background-position: -112px 0\"></div></a></li>"); + } + out.println(" </ul>"); + } else { + out.println(" <hr/>"); + } + out.println(" <ul>"); + out.println(" <li><a href=\"./\">Блог</a></li>"); + out.println(" <li><a href=\"./?show=recomm\" rel=\"nofollow\">Рекомендации</a></li>"); + out.println(" <li><a href=\"./?show=photos\" rel=\"nofollow\">Фотографии</a></li>"); + out.println(" </ul>"); + out.println(" <hr/>"); + out.println(" <form action=\"./\">"); + out.println(" <p><input type=\"text\" name=\"search\" class=\"inp\" placeholder=\"Поиск\"/></p>"); + out.println(" </form>"); + out.println(" <p class=\"tags\">" + pageUserTags(sql, user, visitor, 20) + "<a href=\"./tags\" rel=\"nofollow\">...</a></p>"); + out.println(" <hr/>"); + out.println(" <div id=\"ustats\"><ul>"); + out.println(" <li><a href=\"./friends\">Я читаю: " + UserQueries.getStatsIRead(sql, user.getUID()) + "</a></li>"); + out.println(" <li><a href=\"./readers\">Мои подписчики: " + UserQueries.getStatsMyReaders(sql, user.getUID()) + "</a></li>"); + out.println(" <li>Сообщений: " + UserQueries.getStatsMessages(sql, user.getUID()) + "</li>"); + out.println(" <li>Комментариев: " + UserQueries.getStatsReplies(sql, user.getUID()) + "</li>"); + out.println(" </ul>"); + + List<com.juick.User> iread = UserQueries.getUserReadLeastPopular(sql, user.getUID(), 8); + if (!iread.isEmpty()) { + out.println("<table class=\"iread\"><tr>"); + for (int i = 0; i < iread.size(); i++) { + if (i == 4) { + out.println("</tr><tr>"); + } + com.juick.User u = iread.get(i); + out.println("<td><a href=\"/" + u.getUName() + "/\"><img src=\"//i.juick.com/a/" + u.getUID() + ".png\" alt=\"" + u.getUName() + "\"/></a></td>"); + } + out.println("</tr></table>"); + } + + out.println(" </div>"); + out.println("</aside>"); + } + + public static String pageUserTags(JdbcTemplate sql, com.juick.User user, com.juick.User visitor, int cnt) { + List<Tag> tags = TagQueries.getUserTagsAll(sql, user.getUID()); + int maxUsageCnt = tags.stream().map(t -> t.UsageCnt).max(Integer::max).orElse(0); + String ret = ""; + int count = Math.min(tags.size(), cnt); + for (int i = 0; i < count; i++) { + String tag = Utils.encodeHTML(tags.get(i).Name); + try { + tag = "<a href=\"./?tag=" + URLEncoder.encode(tags.get(i).Name, "UTF-8") + "\" title=\"" + + tags.get(i).UsageCnt + "\" rel=\"nofollow\">" + tag + "</a>"; + } catch (UnsupportedEncodingException e) { + } + + if (tags.get(i).UsageCnt > maxUsageCnt / 3 * 2) { + ret += "<big>" + tag + "</big> "; + } else if (tags.get(i).UsageCnt > maxUsageCnt / 3) { + ret += "<small>" + tag + "</small> "; + } else { + ret += tag + " "; + } + } + return ret; + } +} diff --git a/src/main/java/com/juick/http/www/UserThread.java b/src/main/java/com/juick/http/www/UserThread.java new file mode 100644 index 00000000..638e3a3b --- /dev/null +++ b/src/main/java/com/juick/http/www/UserThread.java @@ -0,0 +1,364 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.http.www; + +import com.juick.Message; +import com.juick.Tag; +import com.juick.server.MessagesQueries; +import com.juick.server.UserQueries; +import org.springframework.jdbc.core.JdbcTemplate; + +import java.io.IOException; +import java.io.PrintWriter; +import java.util.ArrayList; +import java.util.List; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * + * @author Ugnich Anton + */ +public class UserThread { + + protected void doGetThread(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response, int MID) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + + if (!MessagesQueries.canViewThread(sql, MID, visitor != null ? visitor.getUID() : 0)) { + response.sendError(403); + return; + } + + com.juick.Message msg = MessagesQueries.getMessage(sql, MID); + + boolean listview = false; + String paramView = request.getParameter("view"); + if (paramView != null) { + if (paramView.equals("list")) { + listview = true; + if (visitor != null) { + UserQueries.setUserOptionInt(sql, visitor.getUID(), "repliesview", 1); + } + } else if (paramView.equals("tree") && visitor != null) { + UserQueries.setUserOptionInt(sql, visitor.getUID(), "repliesview", 0); + } + } else if (visitor != null && UserQueries.getUserOptionInt(sql, visitor.getUID(), "repliesview", 0) == 1) { + listview = true; + } + + String title = msg.getUser().getUName() + ": " + msg.getTagsString(); + + if (visitor == null) { + User.pageUserRefCookie(request, response, msg.getUser().getUID()); + } + + response.setContentType("text/html; charset=UTF-8"); + PrintWriter out = response.getWriter(); + try { + String headers = "<link rel=\"alternate\" type=\"application/rss+xml\" title=\"@" + msg.getUser().getUName() + "\" href=\"//rss.juick.com/" + msg.getUser().getUName() + "/blog\"/>"; + if (paramView != null) { + headers += "<link rel=\"canonical\" href=\"http://juick.com/" + msg.getUser().getUName() + "/" + msg.getMID() + "\"/>"; + } + if (msg.Hidden) { + headers += "<meta name=\"robots\" content=\"noindex\"/>"; + } + PageTemplates.pageHead(out, title, headers); + PageTemplates.pageNavigation(out, visitor, null); + + out.println("<section id=\"content\" style=\"margin-left: 0; width: 100%\">"); + printMessage(out, sql, msg, visitor); + printReplies(out, sql, msg, visitor, listview); + out.println("</section>"); + + PageTemplates.pageFooter(request, out, visitor, false); + + out.println("<script type='text/javascript'>"); + out.println("var pageMID=" + msg.getMID() + ";"); + out.println("initWS();"); + out.println("</script>"); + + PageTemplates.pageEnd(out); + } finally { + out.close(); + } + } + + public static com.juick.Message printMessage(PrintWriter out, JdbcTemplate sql, com.juick.Message msg, com.juick.User visitor) { + msg.VisitorCanComment = visitor != null; + + List<Tag> tags = MessagesQueries.getMessageTags(sql, msg.getMID()); + String tagsStr = PageTemplates.formatTags(tags); + if (msg.ReadOnly) { + tagsStr += " *readonly"; + msg.VisitorCanComment = false; + } + if (msg.Privacy < 0) { + tagsStr += " *friends"; + } + + String txt; + if (!msg.Tags.isEmpty() && msg.Tags.contains("code")) { + txt = PageTemplates.formatMessageCode(msg.getText()); + } else { + txt = PageTemplates.formatMessage(msg.getText()); + } + + if (!tags.isEmpty()) { + tagsStr = "<span class=\"msg-tags\">" + tagsStr + "</span>"; + } + + out.println("<ul>"); + out.println(" <li id=\"msg-" + msg.getMID() + "\" class=\"msg msgthread\">"); + out.println(" <div class=\"msg-avatar\"><a href=\"/" + msg.getUser().getUName() + "/\"><img src=\"//i.juick.com/a/" + msg.getUser().getUID() + ".png\" alt=\"" + msg.getUser().getUName() + "\"/></a></div>"); + out.println(" <div class=\"msg-cont\">"); + out.println(" <div class=\"msg-menu\"><a href=\"#\" onclick=\"showMessageLinksDialog(" + msg.getMID() + "); return false\"></a></div>"); + out.println(" <div class=\"msg-header\"><a href=\"/" + msg.getUser().getUName() + "/\">@" + msg.getUser().getUName() + "</a>:" + tagsStr + "</div>"); + out.println(" <div class=\"msg-ts\">" + PageTemplates.formatJSLocalTime(msg.getDate()) + "</div>"); + out.println(" <div class=\"msg-txt\">" + txt + "</div>"); + + if (msg.AttachmentType != null) { + out.println(" <div class=\"msg-media\"><a href=\"//i.juick.com/p/" + msg.getMID() + "." + msg.AttachmentType + "\"><img src=\"//i.juick.com/photos-512/" + msg.getMID() + "." + msg.AttachmentType + "\" alt=\"\"/></a></div>"); + } + + boolean visitorInBL = false; + if (visitor != null) { + if (visitor.getUID() == msg.getUser().getUID()) { + msg.VisitorCanComment = true; + } else { + visitorInBL = UserQueries.isInBL(sql, msg.getUser().getUID(), visitor.getUID()); + if (visitorInBL) { + msg.VisitorCanComment = false; + } + } + } + + if (msg.VisitorCanComment) { + out.println(" <form action=\"/comment\" method=\"POST\" enctype=\"multipart/form-data\"><input type=\"hidden\" name=\"mid\" value=\"" + msg.getMID() + "\"/>"); + out.println(" <div class=\"msg-comment\"><div class=\"ta-wrapper\"><textarea name=\"body\" rows=\"1\" class=\"reply\" placeholder=\"Написать комментарий\" onkeypress=\"postformListener(this.form,event)\"></textarea></div></div>"); + out.println(" </form>"); + } + + List<String> recomm = MessagesQueries.getMessageRecommendations(sql, msg.getMID()); + if (!recomm.isEmpty()) { + out.print(" <div class=\"" + (msg.VisitorCanComment ? "msg-recomms" : "msg-comments") + "\">Рекомендовали (" + recomm.size() + "): "); + for (int i = 0; i < recomm.size(); i++) { + if (i > 0) { + out.print(", "); + } + out.print("<a href=\"/" + recomm.get(i) + "/\">@" + recomm.get(i) + "</a>"); + } + out.println("</div>"); + } + out.println(" </div>"); + out.println(" </li>"); + + out.println(" <li id=\"mtoolbar\"><ul>"); + out.println(" <li><a href=\"/" + msg.getMID() + "\"><div style=\"background-position: -64px 0\"></div>" + msg.getMID() + "</a></li>"); + if (visitor != null) { + if (visitor.getUID() != msg.getUser().getUID()) { + if (MessagesQueries.isSubscribed(sql, visitor.getUID(), msg.getMID())) { + out.println(" <li><a href=\"/post?body=U+%23" + msg.getMID() + "\"><div style=\"background-position: -48px 0\"></div>Подписан</a></li>"); + } else { + out.println(" <li><a href=\"/post?body=S+%23" + msg.getMID() + "\"><div style=\"background-position: -16px 0\"></div>Подписаться</a></li>"); + } + if (!visitorInBL) { + out.println(" <li><a href=\"/post?body=%21+%23" + msg.getMID() + "\"><div style=\"background-position: -32px 0\"></div>Рекомендовать</a></li>"); + } + } else { + out.println(" <li><a href=\"/post?body=D+%23" + msg.getMID() + "\"><div style=\"background-position: 0\"></div>Удалить</a></li>"); + } + } + out.println(" </ul></li>"); + out.println("</ul>"); + + return msg; + } + + public static void printReplies(PrintWriter out, JdbcTemplate sql, com.juick.Message msg, com.juick.User visitor, boolean listview) { + List<com.juick.Message> replies = MessagesQueries.getReplies(sql, msg.getMID()); + + List<Integer> blUIDs = new ArrayList<Integer>(); + for (int i = 0; i < replies.size(); i++) { + com.juick.Message reply = replies.get(i); + if (reply.getUser().getUID() != msg.getUser().getUID() && !blUIDs.contains(reply.getUser().getUID())) { + blUIDs.add(reply.getUser().getUID()); + } + if (reply.ReplyTo > 0) { + boolean added = false; + for (int n = 0; n < replies.size(); n++) { + if (replies.get(n).getRID() == reply.ReplyTo) { + replies.get(n).childs.add(reply); + added = true; + break; + } + } + if (!added) { + reply.ReplyTo = 0; + } + } + } + + if (!replies.isEmpty()) { + if (visitor != null && msg.getUser().getUID() == visitor.getUID()) { + for (Message reply : replies) { + reply.VisitorCanComment = true; + } + } else if (visitor != null && msg.VisitorCanComment) { + blUIDs = UserQueries.checkBL(sql, visitor.getUID(), blUIDs); + for (Message reply : replies) { + reply.VisitorCanComment = reply.getUser().getUID() == visitor.getUID() || !blUIDs.contains(reply.getUser().getUID()); + } + } else { + for (Message reply : replies) { + reply.VisitorCanComment = false; + } + } + + boolean foldable = false; + if (replies.size() > 10) { + for (int i = 0; i < replies.size() - 1; i++) { + if (replies.get(i).getChildsCount() > 1) { + foldable = true; + break; + } + } + } + + out.println("<div class=\"title2\">"); + out.print(" <div class=\"title2-right\">"); + if (listview) { + out.print("<a href=\"?view=tree\" rel=\"nofollow\">Показать деревом</a>"); + } else { + if (foldable) { + out.print("<span id=\"unfoldall\"><a href=\"#\" onclick=\"$('#replies>li').show(); $('#replies .msg-comments').hide(); $('#unfoldall').hide(); return false\">Раскрыть все</a> · </span>"); + } + out.print("<a href=\"?view=list\" rel=\"nofollow\">Показать списком</a>"); + } + out.print("</div>"); + out.println(" <h2>Ответы (" + replies.size() + ")</h2>"); + out.println("</div>"); + + out.println("<ul id=\"replies\">"); + if (listview) { + printList(out, replies, visitor); + } else { + printTree(out, replies, visitor, 0, 0, false); + } + out.println("</ul>"); + + for (Message reply : replies) { + reply.cleanupChilds(); + } + replies.clear(); + } + } + + public static void printTree(PrintWriter out, List<com.juick.Message> replies, com.juick.User visitor, int ReplyTo, int margin, boolean hidden) { + if (margin > 240) { + margin = 240; + } + + for (int i = 0; i < replies.size(); i++) { + com.juick.Message msg = replies.get(i); + if (msg.ReplyTo == ReplyTo) { + + out.print(" <li id=\"" + msg.getRID() + "\" class=\"msg\" style=\""); + if (margin > 0) { + out.print("margin-left: " + margin + "px;"); + } + if (hidden) { + out.print("display:none;"); + } + out.println("\">"); + if (!msg.getUser().Banned) { + out.println(" <div class=\"msg-avatar\"><a href=\"/" + msg.getUser().getUName() + "/\"><img src=\"//i.juick.com/a/" + msg.getUser().getUID() + ".png\" alt=\"" + msg.getUser().getUName() + "\"/></a></div>"); + } else { + out.println(" <div class=\"msg-avatar\"><img src=\"//i.juick.com/av-96.png\"/></div>"); + } + out.println(" <div class=\"msg-cont\">"); + out.println(" <div class=\"msg-menu\"><a href=\"#\" onclick=\"showMessageLinksDialog(" + msg.getMID() + "," + msg.getRID() + "); return false\"></a></div>"); + if (!msg.getUser().Banned) { + out.println(" <div class=\"msg-header\"><a href=\"/" + msg.getUser().getUName() + "/\">@" + msg.getUser().getUName() + "</a>:</div>"); + } else { + out.println(" <div class=\"msg-header\">[удалено]:</div>"); + } + out.println(" <div class=\"msg-ts\"><a href=\"/" + msg.getMID() + "#" + msg.getRID() + "\" title=\"" + PageTemplates.sdfSQL.format(msg.getDate()) + " GMT\">" + PageTemplates.formatDate(msg.TimeAgo, msg.getDate()) + "</a></div>"); + out.println(" <div class=\"msg-txt\">" + PageTemplates.formatMessage(msg.getText()) + "</div>"); + if (msg.AttachmentType != null) { + out.println(" <div class=\"msg-media\"><a href=\"//i.juick.com/p/" + msg.getMID() + "-" + msg.getRID() + "." + msg.AttachmentType + "\"><img src=\"//i.juick.com/photos-512/" + msg.getMID() + "-" + msg.getRID() + "." + msg.AttachmentType + "\" alt=\"\"/></a></div>"); + } + if (msg.VisitorCanComment) { + out.println(" <div class=\"msg-links\"><a href=\"#\" onclick=\"return showCommentForm(" + msg.getMID() + "," + msg.getRID() + ")\">Ответить</a></div>"); + out.println(" <div class=\"msg-comment\" style=\"display: none\"></div>"); + } else if (visitor == null) { + out.println(" <div class=\"msg-links\"><a href=\"#\" onclick=\"return openDialogLogin()\">Ответить</a></div>"); + } + + int childs = msg.getChildsCount(); + if (ReplyTo == 0 && childs > 1 && replies.size() > 10) { + out.println(" <div class=\"msg-comments\"><a href=\"#\" onclick=\"return showMoreReplies(" + msg.getRID() + ")\">" + PageTemplates.formatReplies(childs) + "</a></div>"); + + } + out.println(" </div>"); + out.println(" </li>"); + + if (ReplyTo == 0 && childs > 1 && replies.size() > 10) { + printTree(out, msg.childs, visitor, msg.getRID(), margin + 20, true); + } else if (childs > 0) { + printTree(out, msg.childs, visitor, msg.getRID(), margin + 20, hidden); + } + } + } + } + + public static void printList(PrintWriter out, List<com.juick.Message> replies, com.juick.User visitor) { + for (Message msg : replies) { + out.print(" <li id=\"" + msg.getRID() + "\" class=\"msg\">"); + if (!msg.getUser().Banned) { + out.println(" <div class=\"msg-avatar\"><a href=\"/" + msg.getUser().getUName() + "/\"><img src=\"//i.juick.com/a/" + msg.getUser().getUID() + ".png\" alt=\"" + msg.getUser().getUName() + "\"/></a></div>"); + } else { + out.println(" <div class=\"msg-avatar\"><img src=\"//i.juick.com/av-96.png\"/></div>"); + } + out.println(" <div class=\"msg-cont\">"); + out.println(" <div class=\"msg-menu\"><a href=\"#\" onclick=\"showMessageLinksDialog(" + msg.getMID() + "," + msg.getRID() + "); return false\"></a></div>"); + if (!msg.getUser().Banned) { + out.println(" <div class=\"msg-header\"><a href=\"/" + msg.getUser().getUName() + "/\">@" + msg.getUser().getUName() + "</a>:</div>"); + } else { + out.println(" <div class=\"msg-header\">[удалено]:</div>"); + } + out.println(" <div class=\"msg-ts\"><a href=\"/" + msg.getMID() + "#" + msg.getRID() + "\" title=\"" + PageTemplates.sdfSQL.format(msg.getDate()) + " GMT\">" + PageTemplates.formatDate(msg.TimeAgo, msg.getDate()) + "</a></div>"); + out.println(" <div class=\"msg-txt\">" + PageTemplates.formatMessage(msg.getText()) + "</div>"); + if (msg.AttachmentType != null) { + out.println(" <div class=\"msg-media\"><a href=\"//i.juick.com/p/" + msg.getMID() + "-" + msg.getRID() + "." + msg.AttachmentType + "\"><img src=\"//i.juick.com/photos-512/" + msg.getMID() + "-" + msg.getRID() + "." + msg.AttachmentType + "\" alt=\"\"/></a></div>"); + } + out.print(" <div class=\"msg-links\">/" + msg.getRID()); + if (msg.ReplyTo > 0) { + out.print(" в ответ на <a href=\"#" + msg.ReplyTo + "\">/" + msg.ReplyTo + "</a>"); + } + if (msg.VisitorCanComment) { + out.println(" · <a href=\"#\" onclick=\"return showCommentForm(" + msg.getMID() + "," + msg.getRID() + ")\">Ответить</a></div>"); + out.println(" <div class=\"msg-comment\" style=\"display: none\"></div>"); + } else if (visitor == null) { + out.println(" <div class=\"msg-links\"><a href=\"#\" onclick=\"return openDialogLogin()\">Ответить</a></div>"); + } + out.println(" </div>"); + out.println(" </li>"); + } + } +} diff --git a/src/main/java/com/juick/http/www/Utils.java b/src/main/java/com/juick/http/www/Utils.java new file mode 100644 index 00000000..ab721020 --- /dev/null +++ b/src/main/java/com/juick/http/www/Utils.java @@ -0,0 +1,248 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.http.www; + +import org.springframework.jdbc.core.JdbcTemplate; + +import java.io.BufferedReader; +import java.io.FileOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.io.PrintWriter; +import java.net.URL; +import java.net.URLConnection; +import java.sql.Connection; +import java.sql.ResultSet; +import java.sql.SQLException; +import java.sql.Statement; +import java.util.ArrayList; +import java.util.UUID; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.Part; + +/** + * + * @author Ugnich Anton + */ +public class Utils { + + public static String getCookie(HttpServletRequest request, String name) { + Cookie cookies[] = request.getCookies(); + if (cookies != null) { + for (int i = 0; i < cookies.length; i++) { + if (cookies[i].getName().equals(name)) { + return cookies[i].getValue(); + } + } + } + return null; + } + + public static String receiveMultiPartFile(HttpServletRequest request, String name) throws Exception { + String attachmentFName = null; + + Part filePart = request.getPart("attach"); + if (filePart != null) { + String partname = Utils.getPartFilename(filePart); + if (partname != null && partname.length() > 0) { + String attachmentType = partname.substring(partname.length() - 3).toLowerCase(); + if (attachmentType.equals("jpg") || attachmentType.equals("peg") || attachmentType.equals("png")) { + if (attachmentType.equals("peg")) { + attachmentType = "jpg"; + } + attachmentFName = UUID.randomUUID().toString() + "." + attachmentType; + filePart.write("/var/www/juick.com/i/tmp/" + attachmentFName); + } else { + throw new Exception("Wrong file type"); + } + } + } + + return attachmentFName; + } + + public static com.juick.User getVisitorUser(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) { + String hash = getCookie(request, "hash"); + if (hash != null) { + com.juick.User visitor = com.juick.server.UserQueries.getUserByHash(sql, hash); + if (response != null && visitor != null) { + response.setHeader("X-Username", visitor.getUName()); + } + return visitor; + } else { + return null; + } + } + + public static void sendTemporaryRedirect(HttpServletResponse response, String location) { + response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); + response.setHeader("Location", location); + } + + public static void sendPermanentRedirect(HttpServletResponse response, String location) { + response.setStatus(HttpServletResponse.SC_MOVED_PERMANENTLY); + response.setHeader("Location", location); + } + + public static String getPartFilename(Part part) { + for (String cd : part.getHeader("content-disposition").split(";")) { + if (cd.trim().startsWith("filename")) { + String filename = cd.substring(cd.indexOf('=') + 1).trim().replace("\"", ""); + return filename.substring(filename.lastIndexOf('/') + 1).substring(filename.lastIndexOf('\\') + 1); // MSIE fix. + } + } + return null; + } + + public static void finishSQL(ResultSet rs, Statement stmt) { + if (rs != null) { + try { + rs.close(); + } catch (SQLException e) { + } + } + if (stmt != null) { + try { + stmt.close(); + } catch (SQLException e) { + } + } + } + + public static void replyJSON(HttpServletRequest request, HttpServletResponse response, String json) throws IOException { + response.setContentType("application/json; charset=UTF-8"); + response.setHeader("Access-Control-Allow-Origin", "*"); + + String callback = request.getParameter("callback"); + if (callback != null && (callback.length() > 64 || !callback.matches("[a-zA-Z0-9\\-\\_]+"))) { + callback = null; + } + + PrintWriter out = response.getWriter(); + try { + if (callback != null) { + out.print(callback + "("); + out.print(json); + out.print(")"); + } else { + out.print(json); + } + } finally { + out.close(); + } + } + + public static String convertArray2String(ArrayList<Integer> mids) { + String q = ""; + for (int i = 0; i < mids.size(); i++) { + if (i > 0) { + q += ","; + } + q += mids.get(i); + } + return q; + } + + public static String encodeHTML(String str) { + return str.replaceAll("&", "&").replaceAll("<", "<").replaceAll(">", ">").replaceAll("'", "'").replaceAll("\"", """).replaceAll("\n", " "); + } + + public static String encodeSphinx(String str) { + return str.replaceAll("@", "\\\\@"); + } + + public static int parseInt(String str, int def) { + int ret = def; + if (str != null) { + try { + ret = Integer.parseInt(str); + } catch (Exception e) { + } + } + return ret; + } + + public static String fetchURL(String url) { + try { + URLConnection c = new URL(url).openConnection(); + BufferedReader in = new BufferedReader(new InputStreamReader(c.getInputStream())); + String inputLine; + StringBuilder b = new StringBuilder(); + while ((inputLine = in.readLine()) != null) { + b.append(inputLine).append("\n"); + } + in.close(); + return b.toString(); + } catch (Exception e) { + System.err.println("fetchURL: "+e.toString()); + return null; + } + } + + public static String downloadImage(URL url) throws Exception { + String attachmentFName = null; + Exception ex = null; + + InputStream is = null; + FileOutputStream fos = null; + try { + URLConnection urlConn = url.openConnection(); + is = urlConn.getInputStream(); + String mime = urlConn.getContentType(); + + String attachmentType; + if (mime != null && mime.equals("image/jpeg")) { + attachmentType = "jpg"; + } else if (mime != null && mime.equals("image/png")) { + attachmentType = "png"; + } else { + throw new Exception("Wrong file type"); + } + + attachmentFName = UUID.randomUUID().toString() + "." + attachmentType; + fos = new FileOutputStream("/var/www/juick.com/i/tmp/" + attachmentFName); + byte[] buffer = new byte[10240]; + int len; + while ((len = is.read(buffer)) > 0) { + fos.write(buffer, 0, len); + } + } catch (Exception e) { + ex = e; + attachmentFName = null; + } finally { + try { + if (is != null) { + is.close(); + } + } finally { + if (fos != null) { + fos.close(); + } + } + } + + if (ex != null) { + throw ex; + } else { + return attachmentFName; + } + } +} diff --git a/src/main/java/com/juick/http/www/VKontakteLogin.java b/src/main/java/com/juick/http/www/VKontakteLogin.java new file mode 100644 index 00000000..8fad3b7a --- /dev/null +++ b/src/main/java/com/juick/http/www/VKontakteLogin.java @@ -0,0 +1,128 @@ +/* + * Juick + * Copyright (C) 2008-2013, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.http.www; + +import com.juick.server.UserQueries; +import org.json.JSONException; +import org.json.JSONObject; +import org.springframework.dao.EmptyResultDataAccessException; +import org.springframework.jdbc.core.JdbcTemplate; + +import javax.servlet.ServletException; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.net.URLEncoder; +import java.util.UUID; + +/** + * + * @author Ugnich Anton + */ +public class VKontakteLogin { + + private static final String VK_APPID = "3544101"; + private static final String VK_SECRET = "z2afNI8jA5lIpZ2jsTm1"; + private static final String VK_REDIRECT = "http://juick.com/_vklogin"; + + protected void doGet(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + String code = request.getParameter("code"); + if (code == null || code.equals("")) { + response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); + response.setHeader("Location", "https://oauth.vk.com/authorize?client_id=" + VK_APPID + "&redirect_uri=" + URLEncoder.encode(VK_REDIRECT, "utf-8") + "&scope=friends,wall,offline&response_type=code"); + return; + } + + + String tokenjson = Utils.fetchURL("https://oauth.vk.com/access_token?client_id=" + VK_APPID + "&redirect_uri=" + URLEncoder.encode(VK_REDIRECT, "utf-8") + "&client_secret=" + VK_SECRET + "&code=" + URLEncoder.encode(code, "utf-8")); + if (tokenjson == null || tokenjson.isEmpty()) { + System.err.println("VK TOKEN EMPTY"); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + String token = null; + long vkID = 0; + try { + JSONObject json = new JSONObject(tokenjson); + token = json.getString("access_token"); + vkID = json.getLong("user_id"); + } catch (JSONException e) { + System.err.println("VK TOKEN EXCEPTION: " + e); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + if (token == null || vkID == 0) { + System.err.println("VK TOKEN EMPTY: " + tokenjson); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + + + + String graph = Utils.fetchURL("https://api.vk.com/method/users.get?uids=" + vkID + "&fields=screen_name&access_token=" + token); + if (graph == null || graph.isEmpty()) { + System.err.println("VK GRAPH ERROR"); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + + try { + JSONObject json = new JSONObject(graph).getJSONArray("response").getJSONObject(0); + String vkName = json.getString("first_name") + " " + json.getString("last_name"); + String vkLink = json.getString("screen_name"); + + if (vkName == null || vkLink == null || vkName.isEmpty() || vkName.length() == 1 || vkLink.isEmpty()) { + throw new Exception(); + } + + int uid = getUIDbyVKID(sql, vkID); + if (uid > 0) { + Cookie c = new Cookie("hash", UserQueries.getHashByUID(sql, uid)); + c.setMaxAge(50 * 24 * 60 * 60); + response.addCookie(c); + response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); + response.setHeader("Location", "/"); + } else { + String loginhash = UUID.randomUUID().toString(); + if (!insertDB(sql, vkID, loginhash, token, vkName, vkLink)) { + throw new Exception(); + } + response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); + response.setHeader("Location", "/signup?type=vk&hash=" + loginhash); + } + } catch (Exception e) { + System.err.println("JSON ERROR: " + e); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + } + + private int getUIDbyVKID(JdbcTemplate sql, long vkID) { + try { + return sql.queryForObject("SELECT user_id FROM vk WHERE vk_id=? AND user_id IS NOT NULL", Integer.class, vkID); + } catch (EmptyResultDataAccessException e) { + return 0; + } + } + + private boolean insertDB(JdbcTemplate sql, long vkID, String loginhash, String token, String vkName, String vkLink) { + return sql.update("INSERT INTO vk(vk_id,loginhash,access_token,vk_name,vk_link) VALUES (?,?,?,?,?)", + vkID, loginhash, token, vkName, vkLink) > 0; + } +} diff --git a/src/main/java/com/juick/server/protocol/JuickProtocol.java b/src/main/java/com/juick/server/protocol/JuickProtocol.java new file mode 100644 index 00000000..1a2e5333 --- /dev/null +++ b/src/main/java/com/juick/server/protocol/JuickProtocol.java @@ -0,0 +1,375 @@ +package com.juick.server.protocol; + +import com.juick.*; +import com.juick.json.MessageSerializer; +import com.juick.server.*; +import com.juick.server.protocol.annotation.UserCommand; +import com.juick.xmpp.extensions.JuickMessage; +import org.springframework.jdbc.core.JdbcTemplate; + +import java.lang.reflect.InvocationTargetException; +import java.lang.reflect.Method; +import java.util.*; +import java.util.regex.Matcher; +import java.util.regex.Pattern; +import java.util.stream.Collectors; + +/** + * Created by oxpa on 22.03.16. + */ + +public class JuickProtocol { + MessageSerializer json = new MessageSerializer(); + JdbcTemplate sql; + String baseUri; + + public JuickProtocol(JdbcTemplate sql, String baseUri) { + this.sql = sql; + this.baseUri = baseUri; + } + + /** + * find command by pattern and invoke + * @param user who send command + * @param userInput given by user + * @return command result + * @throws InvocationTargetException + * @throws IllegalAccessException + * @throws NoSuchMethodException + */ + public ProtocolReply getReply(User user, String userInput) throws InvocationTargetException, + IllegalAccessException, NoSuchMethodException { + Optional<Method> cmd = Arrays.asList(getClass().getDeclaredMethods()).stream() + .filter(m -> m.isAnnotationPresent(UserCommand.class)) + .filter(m -> Pattern.compile(m.getAnnotation(UserCommand.class).pattern(), + m.getAnnotation(UserCommand.class).patternFlags()).matcher(userInput).matches()) + .findFirst(); + if (!cmd.isPresent()) { + // default command - post as new message + return postMessage(user, userInput); + } else { + Matcher matcher = Pattern.compile(cmd.get().getAnnotation(UserCommand.class).pattern(), + cmd.get().getAnnotation(UserCommand.class).patternFlags()).matcher(userInput); + List<String> groups = new ArrayList<>(); + while (matcher.find()) { + for (int i = 1; i <= matcher.groupCount(); i++) { + groups.add(matcher.group(i)); + } + } + return (ProtocolReply) getClass().getMethod(cmd.get().getName(), User.class, String[].class) + .invoke(this, user, groups.toArray(new String[groups.size()])); + } + } + + public ProtocolReply postMessage(User user, String input) { + List<Tag> tags = TagQueries.fromString(sql, input, false); + String body = input.substring(TagQueries.toString(tags).length()); + int mid = MessagesQueries.createMessage(sql, user.getUID(), body, null, tags); + //app.events().publishEvent(new JuickMessageEvent(app.messages().getMessage(mid))); + return new ProtocolReply("New message posted.\n#" + mid + " " + baseUri + mid, + Optional.of(json.serializeList(Collections.singletonList(MessagesQueries.getMessage(sql, mid))))); + } + + @UserCommand(pattern = "^#(\\++)$", help = "#+ - Show last Juick messages (#++ - second page, ...)") + public ProtocolReply commandLast(User user, String... arguments) { + // number of + is the page count + int page = arguments[0].length(); + List<Integer> mids = MessagesQueries.getAll(sql, user.getUID(), page); + List<Message> messages = MessagesQueries.getMessages(sql, mids); + // TODO: message toString + return new ProtocolReply("Last messages: \n" + String.join("\n", messages.stream().map(Object::toString) + .collect(Collectors.toList())), Optional.of(json.serializeList(messages))); + } + + @UserCommand(pattern = "^\\s*bl\\s*$", patternFlags = Pattern.CASE_INSENSITIVE, + help = "BL - Show your blacklist") + public ProtocolReply commandBL(User user_from, String... arguments) { + List<User> blusers; + List<String> bltags; + + blusers = UserQueries.getUserBLUsers(sql, user_from.getUID()); + bltags = TagQueries.getUserBLTags(sql, user_from.getUID()); + + + String txt = ""; + if (bltags.size() > 0) { + for (String bltag : bltags) { + txt += "*" + bltag + "\n"; + } + + if (blusers.size() > 0) { + txt += "\n"; + } + } + if (blusers.size() > 0) { + for (User bluser : blusers) { + txt += "@" + bluser.getUName() + "\n"; + } + } + if (txt.isEmpty()) { + txt = "You don't have any users or tags in your blacklist."; + } + return new ProtocolReply(txt, Optional.empty()); + } + + @UserCommand(pattern = "^\\@([^\\s\\n\\+]+)(\\+?)$", + help = "@username+ - Show user's info and last 10 messages (@username++ - second page, ..)") + public ProtocolReply commandUser(User user, String... arguments) { + User blogUser = UserQueries.getUserByName(sql, arguments[0]); + int page = arguments[1].length(); + if (blogUser.getUID() > 0) { + List<Integer> mids = MessagesQueries.getUserBlog(sql, blogUser.getUID(), 0, page); + List<Message> messages = MessagesQueries.getMessages(sql, mids); + return new ProtocolReply(String.format("Last messages from @%s:\n%s", arguments[0], + String.join("\n", messages.stream() + .map(Object::toString).collect(Collectors.toList()))), + Optional.of(json.serializeList(messages))); + } + return new ProtocolReply("User not found", Optional.empty()); + } + + @UserCommand(pattern = "^\\s*d\\s*\\#([0-9]+)\\s*$", patternFlags = Pattern.CASE_INSENSITIVE, + help = "D #12345 - delete the message") + public ProtocolReply commandDel(User user, String... args) { + try { + int mid = Integer.parseInt(args[0]); + if (MessagesQueries.deleteMessage(sql, user.getUID(), mid)) { + return new ProtocolReply(String.format("Message %s deleted", mid), Optional.empty()); + } + } catch (NumberFormatException e) { + return new ProtocolReply("Error", Optional.empty()); + } + return new ProtocolReply("Error", Optional.empty()); + } + + @UserCommand(pattern = "^\\s*login\\s*$", patternFlags = Pattern.CASE_INSENSITIVE, + help = "LOGIN - log in to Juick website") + public ProtocolReply commandLogin(User user, String... arguments) { + return new ProtocolReply(baseUri + "?" + UserQueries.getHashByUID(sql, user.getUID()), + Optional.empty()); + } + + @UserCommand(pattern = "^(#+)$", help = "# - Show last messages from your feed (## - second page, ...)") + public ProtocolReply commandMyFeed(User user, String... arguments) { + // number of # is the page count + int page = arguments[0].length(); + List<Integer> mids = MessagesQueries.getMyFeed(sql, user.getUID(), page); + List<Message> messages = MessagesQueries.getMessages(sql, mids); + // TODO: add instructions for empty feed + return new ProtocolReply("Your feed: \n" + String.join("\n", + messages.stream().map(Object::toString).collect(Collectors.toList())), + Optional.of(json.serializeList(messages))); + } + + @UserCommand(pattern = "^\\s*(on|off)\\s*$", patternFlags = Pattern.CASE_INSENSITIVE, + help = "ON/OFF - Enable/disable subscriptions delivery") + public ProtocolReply commandOnOff(User user, String[] input) { + UserQueries.ActiveStatus newStatus; + String retValUpdated; + if (input[0].toLowerCase().equals("on")) { + newStatus = UserQueries.ActiveStatus.Active; + retValUpdated = "Notifications are activated for " + user.getJID(); + } else { + newStatus = UserQueries.ActiveStatus.Inactive; + retValUpdated = "Notifications are disabled for " + user.getJID(); + } + + if (UserQueries.setActiveStatusForJID(sql, user.getJID(), newStatus)) { + return new ProtocolReply(retValUpdated, Optional.empty()); + } else { + return new ProtocolReply(String.format("Subscriptions status for %s was not changed", user.getJID()), + Optional.empty()); + } + } + + @UserCommand(pattern = "^\\s*ping\\s*$", patternFlags = Pattern.CASE_INSENSITIVE, + help = "PING - returns you a PONG") + public ProtocolReply commandPing(User user, String[] input) { + return new ProtocolReply("PONG", Optional.empty()); + } + + @UserCommand(pattern = "^\\@(\\S+)\\s+([\\s\\S]+)$", help = "@username message - send PM to username") + public ProtocolReply commandPM(User user_from, String... arguments) { + String user_to = arguments[0]; + String body = arguments[1]; + int ret = 0; + + int uid_to = 0; + String jid_to = null; + boolean haveInRoster = false; + + if (user_to.indexOf('@') > 0) { + uid_to = UserQueries.getUIDbyJID(sql, user_to); + } else { + uid_to = UserQueries.getUIDbyName(sql, user_to); + } + + if (uid_to > 0) { + if (!UserQueries.isInBLAny(sql, uid_to, user_from.getUID())) { + if (PMQueries.createPM(sql, user_from.getUID(), uid_to, body)) { + //jid_to = UserQueries.getJIDsbyUID(sql, uid_to); + if (jid_to != null) { + haveInRoster = PMQueries.havePMinRoster(sql, user_from.getUID(), jid_to); + } + ret = 200; + } else { + ret = 500; + } + } else { + ret = 403; + } + } else { + ret = 404; + } + + + if (ret == 200) { + JuickMessage jmsg = new JuickMessage(); + jmsg.setUser(user_from); + jmsg.setText(body); + // TODO: add PM payload + //app.events().publishEvent(new JuickMessageEvent(jmsg)); + /* TODO: move to XMPP component + if (jid_to != null) { + Message mm = new Message(); + mm.to = new JID(jid_to); + mm.type = Message.Type.chat; + if (haveInRoster) { + mm.from = new JID(user_from.getUName(), getDomain(), "Juick"); + mm.body = body; + } else { + mm.from = new JID("juick", getDomain(), "Juick"); + mm.body = "Private message from @" + user_from.getUName() + ":\n" + body; + } + return Collections.singletonList(mm); + } + */ + } + if (ret == 200) { + return new ProtocolReply("Private message sent", Optional.empty()); + } else { + return new ProtocolReply("Error " + ret, Optional.empty()); + } + } + + @UserCommand(pattern = "^#(\\d+)(\\+?)$", help = "#1234 - Show message (#1234+ - message with replies)") + public ProtocolReply commandShow(User user, String... arguments) { + boolean showReplies = arguments[1].length() > 0; + int mid; + try { + mid = Integer.parseInt(arguments[0]); + } catch (NumberFormatException e) { + return new ProtocolReply("Error", Optional.empty()); + } + Message msg = MessagesQueries.getMessage(sql, mid); + if (showReplies) { + List<Message> replies = MessagesQueries.getReplies(sql, mid); + replies.add(0, msg); + return new ProtocolReply(String.join("\n", + replies.stream().map(Object::toString).collect(Collectors.toList())), + Optional.of(json.serializeList(replies))); + } + return new ProtocolReply(msg.toString(), Optional.of(json.serializeList(Collections.singletonList(msg)))); + } + @UserCommand(pattern = "^(#|\\.)(\\d+)((\\.|\\-|\\/)(\\d+))?\\s([\\s\\S]+)", + help = "#1234 *tag *tag2 - edit tags\n#1234 text - reply to message") + public ProtocolReply EditOrReply(User user, String... args) { + int mid; + try { + mid = Integer.parseInt(args[1]); + } catch (NumberFormatException e) { + return new ProtocolReply("Error", Optional.empty()); + } + int rid; + try { + rid = Integer.parseInt(args[4]); + } catch (NumberFormatException e) { + rid = 0; + } + String txt = args[5]; + List<Tag> messageTags = TagQueries.fromString(sql, txt, true); + if (messageTags.size() > 0) { + if (user.getUID() != MessagesQueries.getMessageAuthor(sql, mid).getUID()) { + return new ProtocolReply("It is not your message", Optional.empty()); + } + TagQueries.updateTags(sql, mid, messageTags); + return new ProtocolReply("Tags are updated", Optional.empty()); + } else { + int newrid = MessagesQueries.createReply(sql, mid, rid, user.getUID(), txt, null); + return new ProtocolReply("Reply posted.\n#" + mid + "/" + newrid + " " + + baseUri + mid + "/" + newrid, + Optional.of(json.serializeList(Collections.singletonList(MessagesQueries.getReply(sql, mid, newrid))))); + } + } + + @UserCommand(pattern = "^(s|u)\\s+#(\\d+)$", help = "S #1234 - subscribe to comments", + patternFlags = Pattern.CASE_INSENSITIVE) + public ProtocolReply commandSubscribeMessage(User user, String... args) { + boolean subscribe = args[0].equalsIgnoreCase("s"); + int mid; + try { + mid = Integer.parseInt(args[1]); + } catch (NumberFormatException e) { + return new ProtocolReply("Error", Optional.empty()); + } + if (subscribe) { + if (SubscriptionsQueries.subscribeMessage(sql, mid, user.getUID())) { + return new ProtocolReply("Subscribed", Optional.empty()); + } + } else { + if (SubscriptionsQueries.unSubscribeMessage(sql, mid, user.getUID())) { + return new ProtocolReply("Unsubscribed from #" + mid, Optional.empty()); + } + return new ProtocolReply("You was not subscribed to #" + mid, Optional.empty()); + } + return new ProtocolReply("Error", Optional.empty()); + } + @UserCommand(pattern = "^(s|u)\\s+\\@(\\S+)$", help = "S @user - subscribe to user's posts", + patternFlags = Pattern.CASE_INSENSITIVE) + public ProtocolReply commandSubscribeUser(User user, String... args) { + boolean subscribe = args[0].equalsIgnoreCase("s"); + User toUser = UserQueries.getUserByName(sql, args[1]); + if (toUser.getUID() > 0) { + if (subscribe) { + if (SubscriptionsQueries.subscribeUser(sql, user, toUser)) { + return new ProtocolReply("Subscribed", Optional.empty()); + // TODO: notification + // TODO: already subscribed case + } + } else { + if (SubscriptionsQueries.unSubscribeUser(sql, user, toUser)) { + return new ProtocolReply("Unsubscribed from @" + toUser.getUName(), Optional.empty()); + } + return new ProtocolReply("You was not subscribed to @" + toUser.getUName(), Optional.empty()); + } + } + return new ProtocolReply("Error", Optional.empty()); + } + @UserCommand(pattern = "^(s|u)\\s+\\*(\\S+)$", help = "S *tag - subscribe to tag" + + "\nU *tag - unsubscribe from tag", patternFlags = Pattern.CASE_INSENSITIVE) + public ProtocolReply commandSubscribeTag(User user, String... args) { + boolean subscribe = args[0].equalsIgnoreCase("s"); + Tag tag = TagQueries.getTag(sql, args[1], true); + if (subscribe) { + if (SubscriptionsQueries.subscribeTag(sql, user, tag)) { + return new ProtocolReply("Subscribed", Optional.empty()); + } + } else { + if (SubscriptionsQueries.unSubscribeTag(sql, user, tag)) { + return new ProtocolReply("Unsubscribed from " + tag.Name, Optional.empty()); + } + return new ProtocolReply("You was not subscribed to " + tag.Name, Optional.empty()); + } + return new ProtocolReply("Error", Optional.empty()); + } + + @UserCommand(pattern = "^\\s*help\\s*$", patternFlags = Pattern.CASE_INSENSITIVE, + help = "HELP - returns this help message") + public ProtocolReply commandHelp(User user, String[] input) { + List<String> commandsHelp = Arrays.asList(getClass().getDeclaredMethods()).stream() + .filter(m -> m.isAnnotationPresent(UserCommand.class)) + .map(m -> m.getAnnotation(UserCommand.class).help()) + .collect(Collectors.toList()); + return new ProtocolReply(String.join("\n", commandsHelp), Optional.empty()); + } +} diff --git a/src/main/java/com/juick/server/protocol/ProtocolReply.java b/src/main/java/com/juick/server/protocol/ProtocolReply.java new file mode 100644 index 00000000..d9d36a5d --- /dev/null +++ b/src/main/java/com/juick/server/protocol/ProtocolReply.java @@ -0,0 +1,23 @@ +package com.juick.server.protocol; + +import java.util.Optional; + +/** + * Created by vitalyster on 08.04.2016. + */ +public class ProtocolReply { + + private Optional<String> json; + private String description; + + public ProtocolReply(String text, Optional<String> json) { + this.description = text; + this.json = json; + } + public String getDescription() { + return description; + } + public Optional<String> getJson() { + return json; + } +} diff --git a/src/main/java/com/juick/server/protocol/annotation/UserCommand.java b/src/main/java/com/juick/server/protocol/annotation/UserCommand.java new file mode 100644 index 00000000..af7c4924 --- /dev/null +++ b/src/main/java/com/juick/server/protocol/annotation/UserCommand.java @@ -0,0 +1,31 @@ +package com.juick.server.protocol.annotation; + +import java.lang.annotation.ElementType; +import java.lang.annotation.Retention; +import java.lang.annotation.RetentionPolicy; +import java.lang.annotation.Target; + +/** + * Created by oxpa on 22.03.16. + */ +@Target({ElementType.TYPE, ElementType.METHOD}) +@Retention(RetentionPolicy.RUNTIME) +public @interface UserCommand { + /** + * + * @return a command pattern + */ + String pattern() default ""; + + /** + * + * @return pattern flags + */ + int patternFlags() default 0; + + /** + * + * @return a string used in HELP command output. Basically, only 1 string + */ + String help() default ""; +} diff --git a/src/main/java/com/juick/xmpp/extensions/JuickMessage.java b/src/main/java/com/juick/xmpp/extensions/JuickMessage.java new file mode 100644 index 00000000..885b2375 --- /dev/null +++ b/src/main/java/com/juick/xmpp/extensions/JuickMessage.java @@ -0,0 +1,184 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.xmpp.extensions; + +import com.juick.xmpp.utils.XmlUtils; +import com.juick.xmpp.*; +import java.io.IOException; +import java.text.ParseException; +import java.text.SimpleDateFormat; +import java.util.TimeZone; + +import org.xmlpull.v1.XmlPullParser; +import org.xmlpull.v1.XmlPullParserException; + +/** + * + * @author Ugnich Anton + */ +public class JuickMessage extends com.juick.Message implements StanzaChild { + + public final static String XMLNS = "http://juick.com/message"; + public final static String TagName = "juick"; + private SimpleDateFormat df; + + public JuickMessage() { + df = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss"); + df.setTimeZone(TimeZone.getTimeZone("UTC")); + } + + public JuickMessage(com.juick.Message msg) { + super(msg); + df = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss"); + df.setTimeZone(TimeZone.getTimeZone("UTC")); + } + + @Override + public String getXMLNS() { + return XMLNS; + } + + @Override + public JuickMessage parse(XmlPullParser parser) throws XmlPullParserException, IOException, ParseException { + JuickMessage jmsg = new JuickMessage(); + + final String sMID = parser.getAttributeValue(null, "mid"); + if (sMID != null) { + jmsg.setMID(Integer.parseInt(sMID)); + } + final String sRID = parser.getAttributeValue(null, "rid"); + if (sRID != null) { + jmsg.setRID(Integer.parseInt(sRID)); + } + final String sReplyTo = parser.getAttributeValue(null, "replyto"); + if (sReplyTo != null) { + jmsg.ReplyTo = Integer.parseInt(sReplyTo); + } + final String sPrivacy = parser.getAttributeValue(null, "privacy"); + if (sPrivacy != null) { + jmsg.Privacy = Integer.parseInt(sPrivacy); + } + final String sFriendsOnly = parser.getAttributeValue(null, "friendsonly"); + if (sFriendsOnly != null) { + jmsg.FriendsOnly = true; + } + final String sReadOnly = parser.getAttributeValue(null, "readonly"); + if (sReadOnly != null) { + jmsg.ReadOnly = true; + } + String ts = parser.getAttributeValue(null, "timestamp"); + if (ts != null) { + jmsg.setDate(df.parse(ts)); + } + jmsg.AttachmentType = parser.getAttributeValue(null, "attach"); + + while (parser.next() == XmlPullParser.START_TAG) { + final String tag = parser.getName(); + final String xmlns = parser.getNamespace(); + if (tag.equals("body")) { + jmsg.setText(XmlUtils.getTagText(parser)); + } else if (tag.equals(JuickUser.TagName) && xmlns != null && xmlns.equals(JuickUser.XMLNS)) { + jmsg.setUser(new JuickUser().parse(parser)); + } else if (tag.equals("tag")) { + jmsg.Tags.add(XmlUtils.getTagText(parser)); + } else { + XmlUtils.skip(parser); + } + } + return jmsg; + } + + @Override + public String toString() { + String ret = ""; + + ret = "<" + TagName + " xmlns=\"" + XMLNS + "\""; + if (getMID() > 0) { + ret += " mid=\"" + getMID() + "\""; + } + if (getRID() > 0) { + ret += " rid=\"" + getRID() + "\""; + } + if (ReplyTo > 0) { + ret += " replyto=\"" + ReplyTo + "\""; + } + ret += " privacy=\"" + Privacy + "\""; + if (FriendsOnly) { + ret += " friendsonly=\"1\""; + } + if (ReadOnly) { + ret += " readonly=\"1\""; + } + if (getDate() != null) { + ret += " ts=\"" + df.format(getDate()) + "\""; + } + if (AttachmentType != null) { + ret += " attach=\"" + AttachmentType + "\""; + } + ret += ">"; + if (getUser() != null) { + ret += JuickUser.toString(getUser()); + } + if (getText() != null) { + ret += "<body>" + XmlUtils.escape(getText()) + "</body>"; + } + if (!Tags.isEmpty()) { + for (int i = 0; i < Tags.size(); i++) { + ret += "<tag>" + XmlUtils.escape(Tags.get(i)) + "</tag>"; + } + } + ret += "</" + TagName + ">"; + + return ret; + } + + @Override + public boolean equals(Object obj) { + if (!(obj instanceof JuickMessage)) { + return false; + } + JuickMessage jmsg = (JuickMessage) obj; + return (this.getMID() == jmsg.getMID() && this.getRID() == jmsg.getRID()); + } + + @Override + public int compareTo(Object obj) throws ClassCastException { + if (!(obj instanceof JuickMessage)) { + throw new ClassCastException(); + } + JuickMessage jmsg = (JuickMessage) obj; + + if (this.getMID() != jmsg.getMID()) { + if (this.getMID() > jmsg.getMID()) { + return -1; + } else { + return 1; + } + } + + if (this.getRID() != jmsg.getRID()) { + if (this.getRID() < jmsg.getRID()) { + return -1; + } else { + return 1; + } + } + + return 0; + } +} diff --git a/src/main/java/com/juick/xmpp/extensions/JuickUser.java b/src/main/java/com/juick/xmpp/extensions/JuickUser.java new file mode 100644 index 00000000..edc6749a --- /dev/null +++ b/src/main/java/com/juick/xmpp/extensions/JuickUser.java @@ -0,0 +1,75 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.xmpp.extensions; + +import com.juick.xmpp.utils.XmlUtils; +import com.juick.xmpp.*; +import java.io.IOException; +import org.xmlpull.v1.XmlPullParser; +import org.xmlpull.v1.XmlPullParserException; + +/** + * + * @author Ugnich Anton + */ +public class JuickUser extends com.juick.User implements StanzaChild { + + public final static String XMLNS = "http://juick.com/user"; + public final static String TagName = "user"; + + public JuickUser() { + } + + public JuickUser(com.juick.User user) { + super(user); + } + + @Override + public String getXMLNS() { + return XMLNS; + } + + @Override + public JuickUser parse(final XmlPullParser parser) throws XmlPullParserException, IOException { + JuickUser juser = new JuickUser(); + String strUID = parser.getAttributeValue(null, "uid"); + if (strUID != null) { + juser.setUID(Integer.parseInt(strUID)); + } + juser.setUName(parser.getAttributeValue(null, "uname")); + XmlUtils.skip(parser); + return juser; + } + + public static String toString(com.juick.User user) { + String str = "<" + TagName + " xmlns='" + XMLNS + "'"; + if (user.getUID() > 0) { + str += " uid='" + user.getUID() + "'"; + } + if (user.getUName() != null && user.getUName().length() > 0) { + str += " uname='" + XmlUtils.escape(user.getUName()) + "'"; + } + str += "/>"; + return str; + } + + @Override + public String toString() { + return toString(this); + } +} diff --git a/src/main/java/com/juick/xmpp/s2s/CacheEntry.java b/src/main/java/com/juick/xmpp/s2s/CacheEntry.java new file mode 100644 index 00000000..7cdb18ab --- /dev/null +++ b/src/main/java/com/juick/xmpp/s2s/CacheEntry.java @@ -0,0 +1,19 @@ +package com.juick.xmpp.s2s; + +/** + * + * @author ugnich + */ +public class CacheEntry { + + public String hostname; + public long tsCreated; + public long tsUpdated; + public String xml; + + public CacheEntry(String hostname, String xml) { + this.hostname = hostname; + this.tsCreated = this.tsUpdated = System.currentTimeMillis(); + this.xml = xml; + } +} diff --git a/src/main/java/com/juick/xmpp/s2s/CleaningUp.java b/src/main/java/com/juick/xmpp/s2s/CleaningUp.java new file mode 100644 index 00000000..14d97ed8 --- /dev/null +++ b/src/main/java/com/juick/xmpp/s2s/CleaningUp.java @@ -0,0 +1,107 @@ +package com.juick.xmpp.s2s; + +import java.io.FileNotFoundException; +import java.io.PrintWriter; +import java.io.UnsupportedEncodingException; +import java.util.Iterator; + +/** + * + * @author ugnich + */ +public class CleaningUp implements Runnable { + XMPPComponent xmpp; + + public CleaningUp(XMPPComponent xmpp) { + this.xmpp = xmpp; + } + + @Override + public void run() { + while (true) { + try { + PrintWriter statsFile = new PrintWriter(xmpp.STATSFILE, "UTF-8"); + statsFile.write("<html><body><h2>Threads: " + Thread.activeCount() + "</h2>"); + statsFile.write("<h2>Out (" + xmpp.outConnections.size() + ")</h2><table border=1><tr><th>to</th><th>sid</th><th>inactive</th><th>out packets</th><th>out bytes</th></tr>"); + + long now = System.currentTimeMillis(); + + synchronized (xmpp.outConnections) { + for (Iterator<ConnectionOut> i = xmpp.outConnections.iterator(); i.hasNext();) { + ConnectionOut c = i.next(); + int inactive = (int) ((double) (now - c.tsLocalData) / 1000.0); + if (inactive > 900) { + c.closeConnection(); + i.remove(); + } else { + statsFile.write(" <tr>"); + statsFile.write(" <td>" + c.to + "</td>\n"); + statsFile.write(" <td>" + c.streamID + "</td>\n"); + statsFile.write(" <td>" + inactive + "</td>\n"); + statsFile.write(" <td>" + c.packetsLocal + "</td>\n"); + statsFile.write(" <td>" + c.bytesLocal + "</td>\n"); + statsFile.write(" <tr>"); + } + } + } + + statsFile.write("</table><h2>In (" + xmpp.inConnections.size() + ")</h2><table border=1><tr><th>from</th><th>sid</th><th>inactive</th><th>in packets</th></tr>"); + + synchronized (xmpp.inConnections) { + for (Iterator<ConnectionIn> i = xmpp.inConnections.iterator(); i.hasNext();) { + ConnectionIn c = i.next(); + int inactive = (int) ((double) (now - c.tsRemoteData) / 1000.0); + if (inactive > 900) { + c.closeConnection(); + i.remove(); + } else { + statsFile.write(" <tr>"); + if (c.from.isEmpty()) { + statsFile.write(" <td> </td>\n"); + } else if (c.from.size() == 1) { + statsFile.write(" <td>" + c.from.get(0) + "</td>\n"); + } else { + String out = " <td>"; + for (int n = 0; n < c.from.size(); n++) { + if (n > 0) { + out += "<br/>"; + } + out += c.from.get(n); + } + statsFile.write(out + "</td>\n"); + } + statsFile.write(" <td>" + c.streamID + "</td>\n"); + statsFile.write(" <td>" + inactive + "</td>\n"); + statsFile.write(" <td>" + c.packetsRemote + "</td>\n"); + statsFile.write(" <tr>"); + } + } + } + + statsFile.write("</table><h2>Cache (" + xmpp.outCache.size() + ")</h2><table border=1><tr><th>host</th><th>live</th><th>size</th></tr>"); + + synchronized (xmpp.outCache) { + for (Iterator<CacheEntry> i = xmpp.outCache.iterator(); i.hasNext();) { + CacheEntry c = i.next(); + int inactive = (int) ((double) (now - c.tsCreated) / 1000.0); + if (inactive > 600) { + i.remove(); + } else { + statsFile.write("<tr><td>" + c.hostname + "</td><td>" + inactive + "</td><td>" + c.xml.length() + "</td></tr>"); + } + } + } + + statsFile.write("</table></body></html>"); + statsFile.close(); + + try { + Thread.sleep(10000); + } catch (InterruptedException e) { + } + } catch (FileNotFoundException e) { + } catch (UnsupportedEncodingException e) { + } + } + } +} diff --git a/src/main/java/com/juick/xmpp/s2s/Connection.java b/src/main/java/com/juick/xmpp/s2s/Connection.java new file mode 100644 index 00000000..eae6efaa --- /dev/null +++ b/src/main/java/com/juick/xmpp/s2s/Connection.java @@ -0,0 +1,148 @@ +package com.juick.xmpp.s2s; + +import org.xmlpull.mxp1.MXParser; +import org.xmlpull.v1.XmlPullParser; +import org.xmlpull.v1.XmlPullParserException; + +import javax.crypto.Mac; +import javax.crypto.spec.SecretKeySpec; +import javax.net.ssl.KeyManagerFactory; +import javax.net.ssl.SSLContext; +import javax.net.ssl.TrustManager; +import javax.net.ssl.X509TrustManager; +import java.io.*; +import java.net.Socket; +import java.security.*; +import java.security.cert.CertificateException; +import java.util.UUID; +import java.util.logging.Logger; + +/** + * + * @author ugnich + */ +public class Connection { + + protected static final Logger LOGGER = Logger.getLogger(Connection.class.getName()); + + public String streamID; + public long tsCreated = 0; + public long tsLocalData = 0; + public long bytesLocal = 0; + public long packetsLocal = 0; + XMPPComponent xmpp; + Socket socket; + public static final String NS_DB = "jabber:server:dialback"; + public static final String NS_TLS = "urn:ietf:params:xml:ns:xmpp-tls"; + public static final String NS_STREAM = "http://etherx.jabber.org/streams"; + XmlPullParser parser = new MXParser(); + OutputStreamWriter writer; + private boolean secured = false; + SSLContext sc; + private TrustManager[] trustAllCerts = new TrustManager[]{ + new X509TrustManager() { + public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) { + } + + public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) { + } + public java.security.cert.X509Certificate[] getAcceptedIssuers() { + return null; + } + } + }; + + + public Connection(XMPPComponent xmpp) throws XmlPullParserException, KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, UnrecoverableKeyException, KeyManagementException { + this.xmpp = xmpp; + tsCreated = System.currentTimeMillis(); + parser.setFeature(XmlPullParser.FEATURE_PROCESS_NAMESPACES, true); + KeyStore ks = KeyStore.getInstance("JKS"); + try (InputStream ksIs = new FileInputStream(xmpp.keystore)) { + ks.load(ksIs, xmpp.keystorePassword.toCharArray()); + } + + KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory + .getDefaultAlgorithm()); + kmf.init(ks, xmpp.keystorePassword.toCharArray()); + sc = SSLContext.getInstance("TLSv1.2"); + + sc.init(kmf.getKeyManagers(), trustAllCerts, new SecureRandom()); + + } + + public void logParser() { + if (streamID == null) { + return; + } + String tag = "IN: <" + parser.getName(); + for (int i = 0; i < parser.getAttributeCount(); i++) { + tag += " " + parser.getAttributeName(i) + "=\"" + parser.getAttributeValue(i) + "\""; + } + tag += ">...</" + parser.getName() + ">\n"; + LOGGER.fine(tag); + } + + public void sendStanza(String xml) throws IOException { + if (streamID != null) { + LOGGER.fine("OUT: " + xml + "\n"); + } + writer.write(xml); + writer.flush(); + tsLocalData = System.currentTimeMillis(); + bytesLocal += xml.length(); + packetsLocal++; + } + + void closeConnection() { + if (streamID != null) { + LOGGER.info(String.format("CLOSING STREAM %s", streamID)); + } + + try { + writer.write("</stream:stream>"); + } catch (Exception e) { + } + + try { + writer.close(); + } catch (Exception e) { + } + + try { + socket.close(); + } catch (Exception e) { + } + } + + static String generateDialbackKey(String to, String from, String id) throws Exception { + Mac hmacSha256 = Mac.getInstance("hmacSHA256"); + + SecretKeySpec secret_key = new SecretKeySpec("$UppPerSeCCret4".getBytes(), "SHA-256"); + hmacSha256.init(secret_key); + byte key[] = hmacSha256.doFinal((to + " " + from + " " + id).getBytes()); + + StringBuilder hexkey = new StringBuilder(); + for (int i = 0; i < key.length; i++) { + hexkey.append(Integer.toHexString(0xFF & key[i])); + } + + return hexkey.toString(); + } + + public boolean isSecured() { + return secured; + } + + public void setSecured(boolean secured) { + this.secured = secured; + } + + public void restartParser() throws XmlPullParserException, IOException { + parser = new MXParser(); + parser.setFeature(XmlPullParser.FEATURE_PROCESS_NAMESPACES, true); + parser.setInput(new InputStreamReader(socket.getInputStream())); + writer = new OutputStreamWriter(socket.getOutputStream()); + streamID = UUID.randomUUID().toString(); + } +} diff --git a/src/main/java/com/juick/xmpp/s2s/ConnectionIn.java b/src/main/java/com/juick/xmpp/s2s/ConnectionIn.java new file mode 100644 index 00000000..345caea9 --- /dev/null +++ b/src/main/java/com/juick/xmpp/s2s/ConnectionIn.java @@ -0,0 +1,222 @@ +package com.juick.xmpp.s2s; + +import com.juick.xmpp.Iq; +import com.juick.xmpp.JID; +import com.juick.xmpp.Message; +import com.juick.xmpp.Presence; +import com.juick.xmpp.utils.XmlUtils; +import org.xmlpull.v1.XmlPullParser; + +import javax.net.ssl.SSLException; +import javax.net.ssl.SSLSocket; +import java.io.EOFException; +import java.io.IOException; +import java.io.InputStreamReader; +import java.io.OutputStreamWriter; +import java.net.Socket; +import java.util.ArrayList; +import java.util.List; +import java.util.UUID; +import java.util.logging.Level; +import java.util.logging.Logger; + +/** + * + * @author ugnich + */ +public class ConnectionIn extends Connection implements Runnable { + + private static final Logger LOGGER = Logger.getLogger(ConnectionIn.class.getName()); + + final public List<String> from = new ArrayList<>(); + public long tsRemoteData = 0; + public long packetsRemote = 0; + JuickBot bot; + + public ConnectionIn(XMPPComponent xmpp, JuickBot bot, Socket socket) throws Exception { + super(xmpp); + this.bot = bot; + this.socket = socket; + streamID = UUID.randomUUID().toString(); + restartParser(); + } + + @Override + public void run() { + LOGGER.info("STREAM FROM ? " + streamID + " START"); + try { + parser.next(); // stream:stream + updateTsRemoteData(); + if (!parser.getName().equals("stream") + || !parser.getNamespace("stream").equals(NS_STREAM)) { +// || !parser.getAttributeValue(null, "version").equals("1.0") +// || !parser.getAttributeValue(null, "to").equals(Main.HOSTNAME)) { + throw new Exception("STREAM FROM ? " + streamID + " INVALID FIRST PACKET"); + } + boolean xmppversionnew = parser.getAttributeValue(null, "version") != null; + + sendOpenStream(parser.getAttributeValue(null, "from"), xmppversionnew); + + while (parser.next() != XmlPullParser.END_DOCUMENT) { + updateTsRemoteData(); + if (parser.getEventType() != XmlPullParser.START_TAG) { + continue; + } + logParser(); + + packetsRemote++; + + String tag = parser.getName(); + if (tag.equals("result") && parser.getNamespace().equals(NS_DB)) { + String dfrom = parser.getAttributeValue(null, "from"); + String to = parser.getAttributeValue(null, "to"); + LOGGER.info("STREAM FROM " + dfrom + " TO " + to + " " + streamID + " ASKING FOR DIALBACK"); + if (dfrom.endsWith(xmpp.HOSTNAME) && (dfrom.equals(xmpp.HOSTNAME) || dfrom.endsWith("." + xmpp.HOSTNAME))) { + break; + } + if (to != null && to.equals(xmpp.HOSTNAME)) { + String dbKey = XmlUtils.getTagText(parser); + updateTsRemoteData(); + + ConnectionOut c = xmpp.getConnectionOut(dfrom, false); + if (c != null) { + c.sendDialbackVerify(streamID, dbKey); + } else { + c = new ConnectionOut(xmpp, dfrom, streamID, dbKey); + xmpp.executorService.submit(c); + } + } else { + throw new HostUnknownException("STREAM FROM " + dfrom + " " + streamID + " INVALID TO " + to); + } + } else if (tag.equals("verify") && parser.getNamespace().equals(NS_DB)) { + String vfrom = parser.getAttributeValue(null, "from"); + String vto = parser.getAttributeValue(null, "to"); + String vid = parser.getAttributeValue(null, "id"); + String vkey = XmlUtils.getTagText(parser); + updateTsRemoteData(); + boolean valid = false; + if (vfrom != null && vto != null && vid != null && vkey != null) { + String vkey2 = generateDialbackKey(vfrom, vto, vid); + valid = vkey.equals(vkey2); + } + if (valid) { + sendStanza("<db:verify from='" + vto + "' to='" + vfrom + "' id='" + vid + "' type='valid'/>"); + LOGGER.info("STREAM FROM " + vfrom + " " + streamID + " DIALBACK VERIFY VALID"); + } else { + sendStanza("<db:verify from='" + vto + "' to='" + vfrom + "' id='" + vid + "' type='invalid'/>"); + LOGGER.warning("STREAM FROM " + vfrom + " " + streamID + " DIALBACK VERIFY INVALID"); + } + } else if (tag.equals("presence") && checkFromTo(parser)) { + Presence p = Presence.parse(parser, null); + if (p != null && (p.type == null || !p.type.equals(Presence.Type.error))) { + bot.incomingPresence(p); + } + } else if (tag.equals("message") && checkFromTo(parser)) { + updateTsRemoteData(); + Message msg = Message.parse(parser, xmpp.childParsers); + if (msg != null && (msg.type == null || !msg.type.equals(Message.Type.error))) { + LOGGER.info("STREAM " + streamID + ": " + msg.toString()); + if (!bot.incomingMessage(msg)) { + xmpp.router.send(msg.toString()); + } + } + } else if (tag.equals("iq") && checkFromTo(parser)) { + updateTsRemoteData(); + String type = parser.getAttributeValue(null, "type"); + String xml = XmlUtils.parseToString(parser, true); + if (type == null || !type.equals(Iq.Type.error)) { + LOGGER.info("STREAM " + streamID + ": " + xml); + xmpp.router.send(xml); + } + } else if (!isSecured() && tag.equals("starttls")) { + LOGGER.info("STREAM " + streamID + " SECURING"); + sendStanza("<proceed xmlns=\"" + NS_TLS + "\" />"); + try { + socket = sc.getSocketFactory().createSocket(socket, socket.getInetAddress().getHostAddress(), + socket.getPort(), true); + ((SSLSocket) socket).setUseClientMode(false); + ((SSLSocket) socket).startHandshake(); + setSecured(true); + LOGGER.info("STREAM " + streamID + " SECURED"); + restartParser(); + } catch (SSLException sex) { + LOGGER.warning("STREAM " + streamID + " SSL ERROR"); + sendStanza("<failed xmlns\"" + NS_TLS + "\" />"); + xmpp.removeConnectionIn(this); + closeConnection(); + } + } else if (isSecured() && tag.equals("stream") && parser.getNamespace().equals(NS_STREAM)) { + sendOpenStream(null, true); + } else { + LOGGER.info("STREAM " + streamID + ": " + XmlUtils.parseToString(parser, true)); + } + } + LOGGER.warning("STREAM " + streamID + " FINISHED"); + xmpp.removeConnectionIn(this); + closeConnection(); + } catch (EOFException ex) { + LOGGER.info(String.format("STREAM %s CLOSED (dirty)", streamID)); + xmpp.removeConnectionIn(this); + closeConnection(); + } catch (HostUnknownException e) { + LOGGER.warning(e.getMessage()); + } catch (Exception e) { + LOGGER.log(Level.WARNING, "STREAM " + streamID + " ERROR", e); + xmpp.removeConnectionIn(this); + closeConnection(); + } + } + + void updateTsRemoteData() { + tsRemoteData = System.currentTimeMillis(); + } + + void sendOpenStream(String from, boolean xmppversionnew) throws IOException { + String openStream = "<?xml version='1.0'?><stream:stream xmlns='jabber:server' " + + "xmlns:stream='http://etherx.jabber.org/streams' xmlns:db='jabber:server:dialback' from='" + + xmpp.HOSTNAME + "' id='" + streamID + "' version='1.0'>"; + if (xmppversionnew) { + openStream += "<stream:features>"; + if (!isSecured() && !xmpp.brokenSSLhosts.contains(from)) { + openStream += "<starttls xmlns=\"" + NS_TLS + "\"><optional/></starttls>"; + } + openStream += "</stream:features>"; + } + sendStanza(openStream); + } + + public void sendDialbackResult(String sfrom, String type) { + try { + sendStanza("<db:result from='" + xmpp.HOSTNAME + "' to='" + sfrom + "' type='" + type + "'/>"); + if (type.equals("valid")) { + from.add(sfrom); + LOGGER.info("STREAM FROM " + sfrom + " " + streamID + " READY"); + } + } catch (IOException e) { + LOGGER.warning("STREAM FROM " + sfrom + " " + streamID + " ERROR: " + e.toString()); + } + } + + boolean checkFromTo(XmlPullParser parser) throws Exception { + String cfrom = parser.getAttributeValue(null, "from"); + String cto = parser.getAttributeValue(null, "to"); + if (cfrom != null && cto != null && !cfrom.isEmpty() && !cto.isEmpty()) { + JID jidto = new JID(cto); + if (jidto.Host != null && jidto.Username != null && jidto.Host.equals(xmpp.HOSTNAME) && jidto.Username.matches("^[a-zA-Z0-9\\-]{2,16}$")) { + JID jidfrom = new JID(cfrom); + int size = from.size(); + for (int i = 0; i < size; i++) { + if (from.get(i).equals(jidfrom.Host)) { + return true; + } + } + } + } + return false; + } + class HostUnknownException extends Exception { + public HostUnknownException(String message) { + super(message); + } + } +} diff --git a/src/main/java/com/juick/xmpp/s2s/ConnectionOut.java b/src/main/java/com/juick/xmpp/s2s/ConnectionOut.java new file mode 100644 index 00000000..fede701e --- /dev/null +++ b/src/main/java/com/juick/xmpp/s2s/ConnectionOut.java @@ -0,0 +1,172 @@ +package com.juick.xmpp.s2s; + +import com.juick.xmpp.extensions.StreamFeatures; +import com.juick.xmpp.utils.XmlUtils; +import org.xmlpull.v1.XmlPullParser; +import org.xmlpull.v1.XmlPullParserException; + +import javax.net.ssl.SSLException; +import javax.net.ssl.SSLSocket; +import java.io.EOFException; +import java.io.IOException; +import java.net.InetAddress; +import java.net.Socket; +import java.net.UnknownHostException; +import java.security.KeyManagementException; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.UnrecoverableKeyException; +import java.security.cert.CertificateException; +import java.util.UUID; +import java.util.logging.Level; + +/** + * @author ugnich + */ +public class ConnectionOut extends Connection implements Runnable { + + public boolean streamReady = false; + public String to; + String checkSID = null; + String dbKey = null; + + public ConnectionOut(XMPPComponent xmpp, String hostname) throws CertificateException, UnrecoverableKeyException, NoSuchAlgorithmException, XmlPullParserException, KeyManagementException, KeyStoreException, IOException { + super(xmpp); + to = hostname; + } + + public ConnectionOut(XMPPComponent xmpp, String hostname, String checkSID, String dbKey) throws Exception { + super(xmpp); + to = hostname; + this.checkSID = checkSID; + this.dbKey = dbKey; + streamID = UUID.randomUUID().toString(); + } + + void sendOpenStream() throws IOException { + sendStanza("<?xml version='1.0'?><stream:stream xmlns='jabber:server' id='" + streamID + + "' xmlns:stream='http://etherx.jabber.org/streams' xmlns:db='jabber:server:dialback' from='" + + xmpp.HOSTNAME + "' to='" + to + "' version='1.0'>"); + } + + void processDialback() throws Exception { + if (checkSID != null) { + sendDialbackVerify(checkSID, dbKey); + } + sendStanza("<db:result from='" + xmpp.HOSTNAME + "' to='" + to + "'>" + + generateDialbackKey(to, xmpp.HOSTNAME, streamID) + "</db:result>"); + } + + @Override + public void run() { + LOGGER.info("STREAM TO " + to + " START"); + try { + HostnamePort addr = DNSQueries.getServerAddress(to); + try { + socket = new Socket(InetAddress.getByName(addr.hostname), addr.port); + } catch (UnknownHostException e) { + socket = new Socket(InetAddress.getByName("talk.google.com"), 5269); + } + restartParser(); + + sendOpenStream(); + + parser.next(); // stream:stream + streamID = parser.getAttributeValue(null, "id"); + if (streamID == null || streamID.isEmpty()) { + throw new Exception("STREAM TO " + to + " INVALID FIRST PACKET"); + } + + LOGGER.info("STREAM TO " + to + " " + streamID + " OPEN"); + xmpp.addConnectionOut(ConnectionOut.this); + boolean xmppversionnew = parser.getAttributeValue(null, "version") != null; + if (!xmppversionnew) { + processDialback(); + } + + while (parser.next() != XmlPullParser.END_DOCUMENT) { + if (parser.getEventType() != XmlPullParser.START_TAG) { + continue; + } + logParser(); + + String tag = parser.getName(); + if (tag.equals("result") && parser.getNamespace().equals(NS_DB)) { + String type = parser.getAttributeValue(null, "type"); + if (type != null && type.equals("valid")) { + streamReady = true; + LOGGER.info("STREAM TO " + to + " " + streamID + " READY"); + + String cache = xmpp.getFromCache(to); + if (cache != null) { + LOGGER.info("STREAM TO " + to + " " + streamID + " SENDING CACHE"); + sendStanza(cache); + } + + } else { + LOGGER.info("STREAM TO " + to + " " + streamID + " DIALBACK FAIL"); + } + XmlUtils.skip(parser); + } else if (tag.equals("verify") && parser.getNamespace().equals(NS_DB)) { + String from = parser.getAttributeValue(null, "from"); + String type = parser.getAttributeValue(null, "type"); + String sid = parser.getAttributeValue(null, "id"); + if (from != null && from.equals(to) && sid != null && !sid.isEmpty() && type != null) { + ConnectionIn c = xmpp.getConnectionIn(sid); + if (c != null) { + c.sendDialbackResult(from, type); + } + } + XmlUtils.skip(parser); + } else if (tag.equals("features") && parser.getNamespace().equals(NS_STREAM)) { + StreamFeatures features = StreamFeatures.parse(parser); + if (!isSecured() && features.STARTTLS >= 0 && !xmpp.brokenSSLhosts.contains(to)) { + System.out.println("STREAM TO " + to + " " + streamID + " SECURING"); + sendStanza("<starttls xmlns=\"" + NS_TLS + "\" />"); + } else { + processDialback(); + } + } else if (tag.equals("proceed") && parser.getNamespace().equals(NS_TLS)) { + try { + socket = sc.getSocketFactory().createSocket(socket, socket.getInetAddress().getHostAddress(), + socket.getPort(), true); + ((SSLSocket) socket).startHandshake(); + setSecured(true); + System.out.println("STREAM " + streamID + " SECURED"); + restartParser(); + sendOpenStream(); + } catch (SSLException sex) { + LOGGER.log(Level.SEVERE, String.format("s2s ssl error: %s %s", to, streamID), sex); + sendStanza("<failed xmlns\"" + NS_TLS + "\" />"); + xmpp.removeConnectionOut(this); + closeConnection(); + } + } else if (isSecured() && tag.equals("stream") && parser.getNamespace().equals(NS_STREAM)) { + streamID = parser.getAttributeValue(null, "id"); + } else { + LOGGER.info("STREAM TO " + to + " " + streamID + ": " + XmlUtils.parseToString(parser, true)); + } + } + + LOGGER.warning("STREAM TO " + to + " " + streamID + " FINISHED"); + xmpp.removeConnectionOut(ConnectionOut.this); + closeConnection(); + } catch (EOFException eofex) { + LOGGER.info(String.format("STREAM %s %s CLOSED (dirty)", to, streamID)); + xmpp.removeConnectionOut(ConnectionOut.this); + closeConnection(); + } catch (Exception e) { + LOGGER.log(Level.SEVERE, String.format("s2s out exception: %s %s", to, streamID), e); + xmpp.removeConnectionOut(ConnectionOut.this); + closeConnection(); + } + } + + public void sendDialbackVerify(String sid, String key) { + try { + sendStanza("<db:verify from='" + xmpp.HOSTNAME + "' to='" + to + "' id='" + sid + "'>" + key + "</db:verify>"); + } catch (IOException e) { + LOGGER.log(Level.WARNING, "STREAM TO " + to + " " + streamID + " ERROR", e); + } + } +} diff --git a/src/main/java/com/juick/xmpp/s2s/ConnectionRouter.java b/src/main/java/com/juick/xmpp/s2s/ConnectionRouter.java new file mode 100644 index 00000000..a3604b8b --- /dev/null +++ b/src/main/java/com/juick/xmpp/s2s/ConnectionRouter.java @@ -0,0 +1,227 @@ +package com.juick.xmpp.s2s; + +import com.juick.server.MessagesQueries; +import com.juick.server.SubscriptionsQueries; +import com.juick.xmpp.*; +import com.juick.xmpp.extensions.JuickMessage; +import com.juick.xmpp.extensions.Nickname; +import com.juick.xmpp.extensions.XOOB; + +import java.io.IOException; +import java.net.Socket; +import java.util.List; +import java.util.logging.Level; +import java.util.logging.Logger; + +/** + * @author ugnich + */ +public class ConnectionRouter implements Stream.StreamListener, + Message.MessageListener, Iq.IqListener, Presence.PresenceListener { + private static final Logger logger = Logger.getLogger(ConnectionRouter.class.getName()); + + private String componentName; + Stream router; + Socket socket; + + ConnectionRouter(String componentName, String password) { + this.componentName = componentName; + logger.info("STREAM ROUTER START"); + try { + socket = new Socket("localhost", 5347); + router = new StreamComponent(new JID("s2s"), socket.getInputStream(), socket.getOutputStream(), password); + router.addChildParser(new JuickMessage()); + router.addListener((Stream.StreamListener) this); + router.addListener((Message.MessageListener) this); + router.addListener((Iq.IqListener) this); + router.startParsing(); + } catch (IOException e) { + logger.log(Level.SEVERE, "router failed", e); + } + } + public void closeConnection() throws IOException { + router.logoff(); + socket.close(); + } + + public void sendJuickMessage(JuickMessage jmsg) { + List<String> jids; + + synchronized (XMPPComponent.sqlSync) { + if (jmsg.FriendsOnly) { + jids = SubscriptionsQueries.getJIDSubscribedToUser(XMPPComponent.sql, jmsg.getUser().getUID(), jmsg.FriendsOnly); + } else { + jids = SubscriptionsQueries.getJIDSubscribedToUserAndTags(XMPPComponent.sql, jmsg.getUser().getUID(), jmsg.getMID()); + } + } + + String txt = "@" + jmsg.getUser().getUName() + ":" + jmsg.getTagsString() + "\n"; + String attachment = jmsg.getAttachmentURL(); + if (attachment != null) { + txt += attachment + "\n"; + } + txt += jmsg.getText() + "\n\n"; + txt += "#" + jmsg.getMID() + " http://juick.com/" + jmsg.getMID(); + + Nickname nick = new Nickname(); + nick.Nickname = "@" + jmsg.getUser().getUName(); + + com.juick.xmpp.Message msg = new com.juick.xmpp.Message(); + msg.from = JuickBot.JuickJID; + msg.body = txt; + msg.type = Message.Type.chat; + msg.thread = "juick-" + jmsg.getMID(); + msg.addChild(jmsg); + msg.addChild(nick); + if (attachment != null) { + XOOB oob = new XOOB(); + oob.URL = attachment; + msg.addChild(oob); + } + + for (String jid : jids) { + msg.to = new JID(jid); + XMPPComponent.sendOut(msg); + } + } + + public void sendJuickComment(JuickMessage jmsg) { + List<String> jids; + String replyQuote; + String replyTo; + + synchronized (XMPPComponent.sqlSync) { + jids = SubscriptionsQueries.getJIDSubscribedToComments(XMPPComponent.sql, jmsg.getMID(), jmsg.getUser().getUID()); + com.juick.Message replyMessage = jmsg.ReplyTo > 0 ? MessagesQueries.getReply(XMPPComponent.sql, jmsg.getMID(), jmsg.ReplyTo) + : MessagesQueries.getMessage(XMPPComponent.sql, jmsg.getMID()); + replyTo = replyMessage.getUser().getUName(); + replyQuote = getReplyQuote(replyMessage); + } + + String txt = "Reply by @" + jmsg.getUser().getUName() + ":\n" + replyQuote + "\n@" + replyTo + " "; + String attachment = jmsg.getAttachmentURL(); + if (attachment != null) { + txt += attachment + "\n"; + } + txt += jmsg.getText() + "\n\n" + "#" + jmsg.getMID() + "/" + jmsg.getRID() + " http://juick.com/" + jmsg.getMID() + "#" + jmsg.getRID(); + + com.juick.xmpp.Message msg = new com.juick.xmpp.Message(); + msg.from = JuickBot.JuickJID; + msg.body = txt; + msg.type = Message.Type.chat; + msg.addChild(jmsg); + for (String jid : jids) { + msg.to = new JID(jid); + XMPPComponent.sendOut(msg); + } + } + + private String getReplyQuote(com.juick.Message q) { + String quote = q.getText(); + if (quote.length() > 50) { + quote = ">" + quote.substring(0, 47).replace('\n', ' ') + "...\n"; + } else if (quote.length() > 0) { + quote = ">" + quote.replace('\n', ' ') + "\n"; + } + return quote; + } + + public void sendJuickRecommendation(JuickMessage recomm) { + List<String> jids; + JuickMessage jmsg; + synchronized (XMPPComponent.sqlSync) { + jmsg = new JuickMessage(MessagesQueries.getMessage(XMPPComponent.sql, recomm.getMID())); + jids = SubscriptionsQueries.getJIDSubscribedToUserRecommendations(XMPPComponent.sql, + recomm.getUser().getUID(), recomm.getMID(), jmsg.getUser().getUID()); + } + + String txt = "Recommended by @" + recomm.getUser().getUName() + ":\n"; + txt += "@" + jmsg.getUser().getUName() + ":" + jmsg.getTagsString() + "\n"; + String attachment = jmsg.getAttachmentURL(); + if (attachment != null) { + txt += attachment + "\n"; + } + txt += jmsg.getText() + "\n\n"; + txt += "#" + jmsg.getMID(); + if (jmsg.Replies > 0) { + if (jmsg.Replies % 10 == 1 && jmsg.Replies % 100 != 11) { + txt += " (" + jmsg.Replies + " reply)"; + } else { + txt += " (" + jmsg.Replies + " replies)"; + } + } + txt += " http://juick.com/" + jmsg.getMID(); + + Nickname nick = new Nickname(); + nick.Nickname = "@" + jmsg.getUser().getUName(); + + com.juick.xmpp.Message msg = new com.juick.xmpp.Message(); + msg.from = JuickBot.JuickJID; + msg.body = txt; + msg.type = Message.Type.chat; + msg.thread = "juick-" + jmsg.getMID(); + msg.addChild(jmsg); + msg.addChild(nick); + if (attachment != null) { + XOOB oob = new XOOB(); + oob.URL = attachment; + msg.addChild(oob); + } + + for (String jid : jids) { + msg.to = new JID(jid); + XMPPComponent.sendOut(msg); + } + } + + @Override + public boolean onIq(Iq iq) { + JID jid = iq.to; + if (!jid.Host.equals(componentName)) { + logger.info("STREAM ROUTER (IQ): " + iq.toString()); + XMPPComponent.sendOut(iq); + } + return false; + } + + @Override + public void onMessage(Message xmsg) { + logger.info("STREAM ROUTER (PROCESS): " + xmsg.toString()); + JuickMessage jmsg = (JuickMessage) xmsg.getChild(JuickMessage.XMLNS); + JID jid = xmsg.to; + if (jid.Host.equals(componentName)) { + if (jmsg != null) { + if (jid.Username != null && jid.Username.equals("recomm")) { + sendJuickRecommendation(jmsg); + } else { + if (jmsg.getRID() > 0) { + sendJuickComment(jmsg); + } else if (jmsg.getMID() > 0) { + sendJuickMessage(jmsg); + } + } + } + } else { + XMPPComponent.sendOut(xmsg); + } + } + + @Override + public void onPresence(Presence presence) { + JID jid = presence.to; + if (!jid.Host.equals(componentName)) { + logger.info("STREAM ROUTER (PRESENCE): " + presence.toString()); + XMPPComponent.sendOut(presence); + } + } + + @Override + public void onStreamReady() { + logger.info("STREAM ROUTER (READY)"); + } + + @Override + public void onStreamFail(Exception ex) { + logger.log(Level.SEVERE, "STREAM ROUTER (FAIL)", ex); + } +} diff --git a/src/main/java/com/juick/xmpp/s2s/DNSQueries.java b/src/main/java/com/juick/xmpp/s2s/DNSQueries.java new file mode 100644 index 00000000..2b2d60e0 --- /dev/null +++ b/src/main/java/com/juick/xmpp/s2s/DNSQueries.java @@ -0,0 +1,46 @@ +package com.juick.xmpp.s2s; + +import java.net.UnknownHostException; +import java.util.Hashtable; +import java.util.Random; +import javax.naming.NamingException; +import javax.naming.directory.Attribute; +import javax.naming.directory.DirContext; +import javax.naming.directory.InitialDirContext; + +/** + * + * @author ugnich + */ +public class DNSQueries { + + private static Random rand = new Random(); + + public static HostnamePort getServerAddress(String hostname) throws UnknownHostException { + + String host = hostname; + int port = 5269; + + try { + Hashtable<String, String> env = new Hashtable<String, String>(5); + env.put("java.naming.factory.initial", "com.sun.jndi.dns.DnsContextFactory"); + DirContext ctx = new InitialDirContext(env); + Attribute att = ctx.getAttributes("_xmpp-server._tcp." + hostname, new String[]{"SRV"}).get("SRV"); + + if (att != null && att.size() > 0) { + int i = rand.nextInt(att.size()); + try { + String srv[] = att.get(i).toString().split(" "); + port = Integer.parseInt(srv[2]); + host = srv[3]; + } catch (Exception e) { + } + } + + ctx.close(); + } catch (NamingException e) { + } + + return new HostnamePort(host, port); + } +} diff --git a/src/main/java/com/juick/xmpp/s2s/HostnamePort.java b/src/main/java/com/juick/xmpp/s2s/HostnamePort.java new file mode 100644 index 00000000..ce020f8d --- /dev/null +++ b/src/main/java/com/juick/xmpp/s2s/HostnamePort.java @@ -0,0 +1,16 @@ +package com.juick.xmpp.s2s; + +/** + * + * @author ugnich + */ +public class HostnamePort { + + public String hostname; + public int port; + + public HostnamePort(String hostname, int port) { + this.hostname = hostname; + this.port = port; + } +} diff --git a/src/main/java/com/juick/xmpp/s2s/JuickBot.java b/src/main/java/com/juick/xmpp/s2s/JuickBot.java new file mode 100644 index 00000000..f0b71689 --- /dev/null +++ b/src/main/java/com/juick/xmpp/s2s/JuickBot.java @@ -0,0 +1,378 @@ +package com.juick.xmpp.s2s; + +import com.juick.User; +import com.juick.server.PMQueries; +import com.juick.server.TagQueries; +import com.juick.server.UserQueries; +import com.juick.xmpp.JID; +import com.juick.xmpp.Message; +import com.juick.xmpp.Presence; +import com.juick.xmpp.extensions.Error; +import com.juick.xmpp.extensions.JuickMessage; + +import java.util.List; +import java.util.regex.Matcher; +import java.util.regex.Pattern; + +/** + * + * @author ugnich + */ +public class JuickBot { + XMPPComponent xmpp; + public JuickBot(XMPPComponent xmpp, JID JuickJID) { + this.xmpp = xmpp; + this.JuickJID = JuickJID; + } + + public final JID JuickJID; + private static final String HELPTEXT = + "@username text - Send private message\n" + + "*tagname Blah-blah-blah - Post a message with tag 'tagname'\n" + + "#1234 Blah-blah-blah - Answer to message #1234\n" + + "#1234/5 Blah - Answer to reply #1234/5\n" + + "! #1234 - Recommend post\n" + + "\n" + + "# - Show last messages from your feed (## - second page, ...)\n" + + "@ - Show recomendations and popular personal blogs\n" + + "* - Show your tags\n" + + "#1234 - Show message\n" + + "#1234+ - Show message with replies\n" + + "@username - Show user's info\n" + + "@username+ - Show user's info and last 10 messages\n" + + "@username *tag - User's messages with this tag\n" + + "*tag - Show last 10 messages with this tag\n" + + "? blah - Search posts for 'blah'\n" + + "? @username blah - Searching among user\'s posts for 'blah'\n" + + "D #123 - Delete message\n" + + "D #123/45 - Delete reply\n" + + "DL - Delete last message/reply\n" + + "S - Show your subscriptions\n" + + "S #123 - Subscribe to message replies\n" + + "S @username - Subscribe to user's blog\n" + + "U #123 - Unsubscribe from comments\n" + + "U @username - Unsubscribe from user's blog\n" + + "BL - Show your blacklist\n" + + "BL @username - Add/delete user to/from your blacklist\n" + + "BL *tag - Add/delete tag to/from your blacklist\n" + + "ON / OFF - Enable/disable subscriptions delivery\n" + + "PING - Pong\n" + + "\n" + + "Read more: http://juick.com/help/"; + + public boolean incomingPresence(Presence p) throws Exception { + final String username = p.to.Username.toLowerCase(); + final boolean toJuick = username.equals("juick"); + + if (p.type == null) { + Presence reply = new Presence(); + reply.from = new JID(p.to.Username, p.to.Host, null); + reply.to = new JID(p.from.Username, p.from.Host, null); + reply.type = Presence.Type.unsubscribe; + xmpp.sendOut(reply); + return true; + } else if (p.type.equals(Presence.Type.probe)) { + int uid_to = 0; + if (!toJuick) { + uid_to = UserQueries.getUIDbyName(xmpp.sql, username); + } + + if (toJuick || uid_to > 0) { + Presence reply = new Presence(); + reply.from = p.to; + reply.from.Resource = "Juick"; + reply.to = p.from; + reply.priority = 10; + xmpp.sendOut(reply); + } else { + Presence reply = new Presence(p.to, p.from, Presence.Type.error); + reply.id = p.id; + reply.addChild(new Error(Error.Type.cancel, "item-not-found")); + xmpp.sendOut(reply); + return true; + } + return true; + } else if (p.type.equals(Presence.Type.subscribe)) { + boolean canSubscribe = false; + if (toJuick) { + canSubscribe = true; + } else { + int uid_to = UserQueries.getUIDbyName(xmpp.sql, username); + if (uid_to > 0) { + PMQueries.addPMinRoster(xmpp.sql, uid_to, p.from.Bare()); + canSubscribe = true; + } + } + + if (canSubscribe) { + Presence reply = new Presence(p.to, p.from, Presence.Type.subscribed); + xmpp.sendOut(reply); + + reply.from.Resource = "Juick"; + reply.priority = 10; + reply.type = null; + xmpp.sendOut(reply); + + return true; + } else { + Presence reply = new Presence(p.to, p.from, Presence.Type.error); + reply.id = p.id; + reply.addChild(new Error(Error.Type.cancel, "item-not-found")); + xmpp.sendOut(reply); + return true; + } + } else if (p.type.equals(Presence.Type.unsubscribe)) { + if (!toJuick) { + int uid_to = UserQueries.getUIDbyName(xmpp.sql, username); + if (uid_to > 0) { + PMQueries.removePMinRoster(xmpp.sql, uid_to, p.from.Bare()); + } + } + + Presence reply = new Presence(p.to, p.from, Presence.Type.unsubscribed); + xmpp.sendOut(reply); + } + + return false; + } + + public boolean incomingMessage(Message msg) throws Exception { + if (msg.body == null || msg.body.isEmpty()) { + return true; + } + + String username = msg.to.Username.toLowerCase(); + + User user_from = null; + String signuphash = ""; + user_from = UserQueries.getUserByJID(xmpp.sql, msg.from.Bare()); + if (user_from == null) { + signuphash = UserQueries.getSignUpHashByJID(xmpp.sql, msg.from.Bare()); + } + + if (user_from == null) { + Message reply = new Message(msg.to, msg.from, Message.Type.chat); + if (username.equals("juick")) { + reply.body = "Для того, чтобы начать пользоваться сервисом, пожалуйста пройдите быструю регистрацию: http://juick.com/signup?type=xmpp&hash=" + signuphash + "\nЕсли у вас уже есть учетная запись на Juick, вы сможете присоединить этот JabberID к ней.\n\nTo start using Juick, please sign up: http://juick.com/signup?type=xmpp&hash=" + signuphash + "\nIf you already have an account on Juick, you will be proposed to attach this JabberID to your existing account."; + } else { + reply.body = "Внимание, системное сообщение!\nВаш JabberID не обнаружен в списке доверенных. Для того, чтобы отправить сообщение пользователю " + username + "@juick.com, пожалуйста зарегистрируйте свой JabberID в системе: http://juick.com/signup?type=xmpp&hash=" + signuphash + "\nЕсли у вас уже есть учетная запись на Juick, вы сможете присоединить этот JabberID к ней.\n\nWarning, system message!\nYour JabberID is not found in our server's white list. To send a message to " + username + "@juick.com, please sign up: http://juick.com/signup?type=xmpp&hash=" + signuphash + "\nIf you already have an account on Juick, you will be proposed to attach this JabberID to your existing account."; + } + xmpp.sendOut(reply); + return true; + } + + if (username.equals("juick")) { + return incomingMessageJuick(user_from, msg); + } + + int uid_to = UserQueries.getUIDbyName(xmpp.sql, username); + + if (uid_to == 0) { + Message reply = new Message(msg.to, msg.from, Message.Type.error); + reply.id = msg.id; + reply.addChild(new Error(Error.Type.cancel, "item-not-found")); + xmpp.sendOut(reply); + return true; + } + + boolean success = false; + if (!UserQueries.isInBLAny(xmpp.sql, uid_to, user_from.getUID())) { + success = PMQueries.createPM(xmpp.sql, user_from.getUID(), uid_to, msg.body); + } + + if (success) { + Message m = new Message(); + m.from = new JID("juick", "juick.com", null); + m.to = new JID(Integer.toString(uid_to), "push.juick.com", null); + JuickMessage jmsg = new JuickMessage(); + jmsg.setUser(user_from); + jmsg.setText(msg.body); + m.childs.add(jmsg); + xmpp.router.send(m.toString()); + + m.to.Host = "ws.juick.com"; + xmpp.router.send(m.toString()); + + List<String> jids; + boolean inroster = false; + jids = UserQueries.getJIDsbyUID(xmpp.sql, uid_to); + for (String jid : jids) { + Message mm = new Message(); + mm.to = new JID(jid); + mm.type = Message.Type.chat; + inroster = PMQueries.havePMinRoster(xmpp.sql, user_from.getUID(), jid); + if (inroster) { + mm.from = new JID(jmsg.getUser().getUName(), "juick.com", "Juick"); + mm.body = msg.body; + } else { + mm.from = new JID("juick", "juick.com", "Juick"); + mm.body = "Private message from @" + jmsg.getUser().getUName() + ":\n" + msg.body; + } + xmpp.sendOut(mm); + } + } else { + Message reply = new Message(msg.to, msg.from, Message.Type.error); + reply.id = msg.id; + reply.addChild(new Error(Error.Type.cancel, "not-allowed")); + xmpp.sendOut(reply); + } + + return true; + } + private static Pattern regexPM = Pattern.compile("^\\@(\\S+)\\s+([\\s\\S]+)$"); + + public boolean incomingMessageJuick(User user_from, Message msg) throws Exception { + String command = msg.body.trim(); + int commandlen = command.length(); + + // COMPATIBILITY + if (commandlen > 7 && command.substring(0, 3).equalsIgnoreCase("PM ")) { + command = command.substring(3).trim(); + commandlen = command.length(); + } + + if (commandlen == 4) { + if (command.equalsIgnoreCase("PING")) { + commandPing(msg); + return true; + } else if (command.equalsIgnoreCase("HELP")) { + commandHelp(msg); + return true; + } + } else if (commandlen == 5 && command.equalsIgnoreCase("LOGIN")) { + commandLogin(msg, user_from); + return true; + } else if (command.charAt(0) == '@') { + Matcher matchPM = regexPM.matcher(command); + if (matchPM.find()) { + String user_to = matchPM.group(1); + String msgtxt = matchPM.group(2); + commandPM(msg, user_from, user_to, msgtxt); + return true; + } + } else if (commandlen == 2 && command.equalsIgnoreCase("BL")) { + commandBLShow(msg, user_from); + return true; + } + + return false; + } + + private void commandPing(Message m) throws Exception { + Presence p = new Presence(JuickJID, m.from); + p.priority = 10; + xmpp.sendOut(p); + + Message reply = new Message(JuickJID, m.from, Message.Type.chat); + reply.body = "PONG"; + xmpp.sendOut(reply); + } + + private void commandHelp(Message m) throws Exception { + Message reply = new Message(JuickJID, m.from, Message.Type.chat); + reply.body = HELPTEXT; + xmpp.sendOut(reply); + } + + private void commandLogin(Message m, User user_from) throws Exception { + Message reply = new Message(JuickJID, m.from, Message.Type.chat); + reply.body = "http://juick.com/login?" + UserQueries.getHashByUID(xmpp.sql, user_from.getUID()); + xmpp.sendOut(reply); + } + + private void commandPM(Message m, User user_from, String user_to, String body) throws Exception { + int ret = 0; + + int uid_to = 0; + List<String> jids_to = null; + boolean haveInRoster = false; + + if (user_to.indexOf('@') > 0) { + uid_to = UserQueries.getUIDbyJID(xmpp.sql, user_to); + } else { + uid_to = UserQueries.getUIDbyName(xmpp.sql, user_to); + } + + if (uid_to > 0) { + if (!UserQueries.isInBLAny(xmpp.sql, uid_to, user_from.getUID())) { + if (PMQueries.createPM(xmpp.sql, user_from.getUID(), uid_to, body)) { + jids_to = UserQueries.getJIDsbyUID(xmpp.sql, uid_to); + ret = 200; + } else { + ret = 500; + } + } else { + ret = 403; + } + } else { + ret = 404; + } + + if (ret == 200) { + Message msg = new Message(); + msg.from = new JID("juick", "juick.com", null); + msg.to = new JID(Integer.toString(uid_to), "push.juick.com", null); + JuickMessage jmsg = new JuickMessage(); + jmsg.setUser(user_from); + jmsg.setText(body); + msg.childs.add(jmsg); + xmpp.router.send(msg.toString()); + + msg.to.Host = "ws.juick.com"; + xmpp.router.send(msg.toString()); + + for (String jid : jids_to) { + Message mm = new Message(); + mm.to = new JID(jid); + mm.type = Message.Type.chat; + haveInRoster = PMQueries.havePMinRoster(xmpp.sql, user_from.getUID(), jid); + if (haveInRoster) { + mm.from = new JID(user_from.getUName(), "juick.com", "Juick"); + mm.body = body; + } else { + mm.from = new JID("juick", "juick.com", "Juick"); + mm.body = "Private message from @" + user_from.getUName() + ":\n" + body; + } + xmpp.sendOut(mm); + } + } + + Message reply = new Message(m.to, m.from); + if (ret == 200) { + reply.type = m.type; + reply.body = "Private message sent"; + } else { + reply.type = Message.Type.error; + reply.body = "Error " + ret; + } + xmpp.sendOut(reply); + } + + private void commandBLShow(Message m, User user_from) throws Exception { + List<User> blusers = UserQueries.getUserBLUsers(xmpp.sql, user_from.getUID()); + List<String> bltags = TagQueries.getUserBLTags(xmpp.sql, user_from.getUID()); + + String txt = ""; + if (bltags.size() > 0) { + for (String bltag : bltags) { + txt += "*" + bltag + "\n"; + } + + if (blusers.size() > 0) { + txt += "\n"; + } + } + if (blusers.size() > 0) { + for (User bluser : blusers) { + txt += "@" + bluser.getUName() + "\n"; + } + } + if (txt.isEmpty()) { + txt = "You don't have any users or tags in your blacklist."; + } + + Message reply = new Message(JuickJID, m.from, Message.Type.chat); + reply.body = txt; + xmpp.sendOut(reply); + } +} diff --git a/src/main/java/com/juick/xmpp/s2s/XMPPComponent.java b/src/main/java/com/juick/xmpp/s2s/XMPPComponent.java new file mode 100644 index 00000000..d0b231e2 --- /dev/null +++ b/src/main/java/com/juick/xmpp/s2s/XMPPComponent.java @@ -0,0 +1,443 @@ +package com.juick.xmpp.s2s; + +import com.juick.User; +import com.juick.server.MessagesQueries; +import com.juick.server.SubscriptionsQueries; +import com.juick.server.UserQueries; +import com.juick.xmpp.*; +import com.juick.xmpp.extensions.JuickMessage; +import com.juick.xmpp.extensions.Nickname; +import com.juick.xmpp.extensions.XOOB; +import org.springframework.jdbc.core.JdbcTemplate; +import org.springframework.jdbc.datasource.DriverManagerDataSource; +import org.xmlpull.v1.XmlPullParserException; + +import javax.servlet.ServletContextEvent; +import javax.servlet.ServletContextListener; +import java.io.IOException; +import java.net.ServerSocket; +import java.net.Socket; +import java.security.KeyManagementException; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.UnrecoverableKeyException; +import java.security.cert.CertificateException; +import java.util.*; +import java.util.concurrent.ExecutorService; +import java.util.concurrent.Executors; +import java.util.logging.Level; +import java.util.logging.Logger; + +/** + * + * @author ugnich + */ +public class XMPPComponent implements ServletContextListener, Stream.StreamListener, + Message.MessageListener, Iq.IqListener, Presence.PresenceListener { + + private static final Logger logger = Logger.getLogger(XMPPComponent.class.getName()); + + public final ExecutorService executorService = Executors.newCachedThreadPool(); + StreamComponent router; + JuickBot bot; + + public String HOSTNAME, componentName; + public String STATSFILE = null; + public String keystore; + public String keystorePassword; + public List<String> brokenSSLhosts; + final List<ConnectionIn> inConnections = Collections.synchronizedList(new ArrayList<>()); + final List<ConnectionOut> outConnections = Collections.synchronizedList(new ArrayList<>()); + final List<CacheEntry> outCache = Collections.synchronizedList(new ArrayList<>()); + JdbcTemplate sql; + final public HashMap<String, StanzaChild> childParsers = new HashMap<>(); + + public void addConnectionIn(ConnectionIn c) { + synchronized (inConnections) { + inConnections.add(c); + } + } + + public void addConnectionOut(ConnectionOut c) { + synchronized (outConnections) { + outConnections.add(c); + } + } + + public void removeConnectionIn(ConnectionIn c) { + synchronized (inConnections) { + inConnections.remove(c); + } + } + + public void removeConnectionOut(ConnectionOut c) { + synchronized (outConnections) { + outConnections.remove(c); + } + } + + public String getFromCache(String hostname) { + CacheEntry ret = null; + synchronized (outCache) { + for (Iterator<CacheEntry> i = outCache.iterator(); i.hasNext();) { + CacheEntry c = i.next(); + if (c.hostname != null && c.hostname.equals(hostname)) { + ret = c; + i.remove(); + break; + } + } + } + return (ret != null) ? ret.xml : null; + } + + public ConnectionOut getConnectionOut(String hostname, boolean needReady) { + synchronized (outConnections) { + for (ConnectionOut c : outConnections) { + if (c.to != null && c.to.equals(hostname) && (!needReady || c.streamReady)) { + return c; + } + } + } + return null; + } + + public ConnectionIn getConnectionIn(String streamID) { + synchronized (inConnections) { + for (ConnectionIn c : inConnections) { + if (c.streamID != null && c.streamID.equals(streamID)) { + return c; + } + } + } + return null; + } + + public void sendOut(Stanza s) { + sendOut(s.to.Host, s.toString()); + } + + public void sendOut(String hostname, String xml) { + boolean haveAnyConn = false; + + ConnectionOut connOut = null; + synchronized (outConnections) { + for (ConnectionOut c : outConnections) { + if (c.to != null && c.to.equals(hostname)) { + if (c.streamReady) { + connOut = c; + break; + } else { + haveAnyConn = true; + break; + } + } + } + } + if (connOut != null) { + try { + connOut.sendStanza(xml); + } catch (IOException e) { + logger.warning("STREAM TO " + connOut.to + " " + connOut.streamID + " ERROR: " + e.toString()); + } + return; + } + + boolean haveCache = false; + synchronized (outCache) { + for (CacheEntry c : outCache) { + if (c.hostname != null && c.hostname.equals(hostname)) { + c.xml += xml; + c.tsUpdated = System.currentTimeMillis(); + haveCache = true; + break; + } + } + if (!haveCache) { + outCache.add(new CacheEntry(hostname, xml)); + } + } + + if (!haveAnyConn) { + try { + ConnectionOut connectionOut = new ConnectionOut(this, hostname); + executorService.submit(connectionOut); + } catch (CertificateException | UnrecoverableKeyException | NoSuchAlgorithmException | XmlPullParserException | KeyStoreException | KeyManagementException | IOException e) { + logger.log(Level.SEVERE, "s2s out error", e); + } + } + } + + @Override + public void contextInitialized(ServletContextEvent sce) { + + logger.info("component initialized"); + Properties conf = new Properties(); + try { + conf.load(sce.getServletContext().getResourceAsStream("/WEB-INF/juick.conf")); + HOSTNAME = conf.getProperty("hostname"); + componentName = conf.getProperty("componentname"); + JID Jid = new JID(conf.getProperty("xmppbot_jid")); + STATSFILE = conf.getProperty("statsfile"); + keystore = conf.getProperty("keystore"); + keystorePassword = conf.getProperty("keystore_password"); + brokenSSLhosts = Arrays.asList(conf.getProperty("broken_ssl_hosts", "").split(",")); + DriverManagerDataSource dataSource = new DriverManagerDataSource(); + dataSource.setDriverClassName(conf.getProperty("datasource_driver", "com.mysql.jdbc.Driver")); + dataSource.setUrl(conf.getProperty("datasource_url")); + sql = new JdbcTemplate(dataSource); + bot = new JuickBot(this, Jid); + + childParsers.put(JuickMessage.XMLNS, new JuickMessage()); + + executorService.submit(() -> { + Socket routerSocket = null; + try { + routerSocket = new Socket("localhost", 5347); + router = new StreamComponent(new JID("s2s"), routerSocket.getInputStream(), routerSocket.getOutputStream(), conf.getProperty("xmpp_password")); + router.addChildParser(new JuickMessage()); + router.addListener((Stream.StreamListener) this); + router.addListener((Message.MessageListener) this); + router.addListener((Iq.IqListener) this); + router.startParsing(); + } catch (IOException e) { + logger.log(Level.SEVERE, "router error", e); + } + }); + executorService.submit(() -> { + final ServerSocket listener = new ServerSocket(5269); + logger.info("s2s listener ready"); + while (true) { + try { + Socket socket = listener.accept(); + ConnectionIn client = new ConnectionIn(this, bot, socket); + addConnectionIn(client); + executorService.submit(client); + } catch (Exception e) { + logger.log(Level.SEVERE, "s2s error", e); + } + } + }); + executorService.submit(new CleaningUp(this)); + + } catch (Exception e) { + logger.log(Level.SEVERE, "XMPPComponent error", e); + } + } + + + + @Override + public void contextDestroyed(ServletContextEvent sce) { + synchronized (outConnections) { + for (Iterator<ConnectionOut> i = outConnections.iterator(); i.hasNext();) { + ConnectionOut c = i.next(); + c.closeConnection(); + i.remove(); + } + } + + synchronized (inConnections) { + for (Iterator<ConnectionIn> i = inConnections.iterator(); i.hasNext();) { + ConnectionIn c = i.next(); + c.closeConnection(); + i.remove(); + } + } + + try { + closeRouterConnection(); + } catch (IOException e) { + logger.log(Level.WARNING, "router warning", e); + } + executorService.shutdown(); + logger.info("component destroyed"); + } + public void closeRouterConnection() throws IOException { + router.logoff(); + } + + public void sendJuickMessage(JuickMessage jmsg) { + List<String> jids = new ArrayList<>(); + + if (jmsg.FriendsOnly) { + jids = SubscriptionsQueries.getJIDSubscribedToUser(sql, jmsg.getUser().getUID(), jmsg.FriendsOnly); + } else { + List<User> users = SubscriptionsQueries.getSubscribedUsers(sql, jmsg.getUser().getUID(), jmsg.getMID()); + for (User user : users) { + for (String jid : UserQueries.getJIDsbyUID(sql, user.getUID())) { + jids.add(jid); + } + } + } + + String txt = "@" + jmsg.getUser().getUName() + ":" + jmsg.getTagsString() + "\n"; + String attachment = jmsg.getAttachmentURL(); + if (attachment != null) { + txt += attachment + "\n"; + } + txt += jmsg.getText() + "\n\n"; + txt += "#" + jmsg.getMID() + " http://juick.com/" + jmsg.getMID(); + + Nickname nick = new Nickname(); + nick.Nickname = "@" + jmsg.getUser().getUName(); + + com.juick.xmpp.Message msg = new com.juick.xmpp.Message(); + msg.from = bot.JuickJID; + msg.body = txt; + msg.type = Message.Type.chat; + msg.thread = "juick-" + jmsg.getMID(); + msg.addChild(jmsg); + msg.addChild(nick); + if (attachment != null) { + XOOB oob = new XOOB(); + oob.URL = attachment; + msg.addChild(oob); + } + + for (String jid : jids) { + msg.to = new JID(jid); + sendOut(msg); + } + } + + public void sendJuickComment(JuickMessage jmsg) { + List<User> users; + String replyQuote; + String replyTo; + + users = SubscriptionsQueries.getUsersSubscribedToComments(sql, jmsg.getMID(), jmsg.getUser().getUID()); + com.juick.Message replyMessage = jmsg.ReplyTo > 0 ? MessagesQueries.getReply(sql, jmsg.getMID(), jmsg.ReplyTo) + : MessagesQueries.getMessage(sql, jmsg.getMID()); + replyTo = replyMessage.getUser().getUName(); + replyQuote = getReplyQuote(replyMessage); + + String txt = "Reply by @" + jmsg.getUser().getUName() + ":\n" + replyQuote + "\n@" + replyTo + " "; + String attachment = jmsg.getAttachmentURL(); + if (attachment != null) { + txt += attachment + "\n"; + } + txt += jmsg.getText() + "\n\n" + "#" + jmsg.getMID() + "/" + jmsg.getRID() + " http://juick.com/" + jmsg.getMID() + "#" + jmsg.getRID(); + + com.juick.xmpp.Message msg = new com.juick.xmpp.Message(); + msg.from = bot.JuickJID; + msg.body = txt; + msg.type = Message.Type.chat; + msg.addChild(jmsg); + for (User user : users) { + for (String jid : UserQueries.getJIDsbyUID(sql, user.getUID())) { + msg.to = new JID(jid); + sendOut(msg); + } + } + } + + private String getReplyQuote(com.juick.Message q) { + String quote = q.getText(); + if (quote.length() > 50) { + quote = ">" + quote.substring(0, 47).replace('\n', ' ') + "...\n"; + } else if (quote.length() > 0) { + quote = ">" + quote.replace('\n', ' ') + "\n"; + } + return quote; + } + + public void sendJuickRecommendation(JuickMessage recomm) { + List<User> users; + JuickMessage jmsg; + jmsg = new JuickMessage(MessagesQueries.getMessage(sql, recomm.getMID())); + users = SubscriptionsQueries.getUsersSubscribedToUserRecommendations(sql, + recomm.getUser().getUID(), recomm.getMID(), jmsg.getUser().getUID()); + + String txt = "Recommended by @" + recomm.getUser().getUName() + ":\n"; + txt += "@" + jmsg.getUser().getUName() + ":" + jmsg.getTagsString() + "\n"; + String attachment = jmsg.getAttachmentURL(); + if (attachment != null) { + txt += attachment + "\n"; + } + txt += jmsg.getText() + "\n\n"; + txt += "#" + jmsg.getMID(); + if (jmsg.Replies > 0) { + if (jmsg.Replies % 10 == 1 && jmsg.Replies % 100 != 11) { + txt += " (" + jmsg.Replies + " reply)"; + } else { + txt += " (" + jmsg.Replies + " replies)"; + } + } + txt += " http://juick.com/" + jmsg.getMID(); + + Nickname nick = new Nickname(); + nick.Nickname = "@" + jmsg.getUser().getUName(); + + com.juick.xmpp.Message msg = new com.juick.xmpp.Message(); + msg.from = bot.JuickJID; + msg.body = txt; + msg.type = Message.Type.chat; + msg.thread = "juick-" + jmsg.getMID(); + msg.addChild(jmsg); + msg.addChild(nick); + if (attachment != null) { + XOOB oob = new XOOB(); + oob.URL = attachment; + msg.addChild(oob); + } + + for (User user : users) { + for (String jid : UserQueries.getJIDsbyUID(sql, user.getUID())) { + msg.to = new JID(jid); + sendOut(msg); + } + } + } + + @Override + public boolean onIq(Iq iq) { + JID jid = iq.to; + if (!jid.Host.equals(componentName)) { + logger.info("STREAM ROUTER (IQ): " + iq.toString()); + sendOut(iq); + } + return false; + } + + @Override + public void onMessage(Message xmsg) { + logger.info("STREAM ROUTER (PROCESS): " + xmsg.toString()); + JuickMessage jmsg = (JuickMessage) xmsg.getChild(JuickMessage.XMLNS); + JID jid = xmsg.to; + if (jid.Host.equals(componentName)) { + if (jmsg != null) { + if (jid.Username != null && jid.Username.equals("recomm")) { + sendJuickRecommendation(jmsg); + } else { + if (jmsg.getRID() > 0) { + sendJuickComment(jmsg); + } else if (jmsg.getMID() > 0) { + sendJuickMessage(jmsg); + } + } + } + } else { + sendOut(xmsg); + } + } + + @Override + public void onPresence(Presence presence) { + JID jid = presence.to; + if (!jid.Host.equals(componentName)) { + logger.info("STREAM ROUTER (PRESENCE): " + presence.toString()); + sendOut(presence); + } + } + + @Override + public void onStreamReady() { + logger.info("STREAM ROUTER (READY)"); + } + + @Override + public void onStreamFail(Exception ex) { + logger.log(Level.SEVERE, "STREAM ROUTER (FAIL)", ex); + } +} |