Idle and disabled queue mode support + cancel and setexpiration

malaqueueit · malaqueueit · commit bdbcd82e4a2d · 2014-09-12T11:16:36.000+02:00
diff --git a/QueueIT.Security.Examples/web/advanced.jsp b/QueueIT.Security.Examples/web/advanced.jsp
@@ -5,6 +5,7 @@
 <%
     try
     {
+        
             IValidateResult result = SessionValidationController.validateRequest("advanced", new URI("http://www.google.com"));
 
             // Check if user must be enqueued
diff --git a/QueueIT.Security.Examples/web/cancel.jsp b/QueueIT.Security.Examples/web/cancel.jsp
@@ -0,0 +1,37 @@
+<%@page import="java.util.concurrent.Callable"%>
+<%@page import="queueit.security.*"%>
+<%@page contentType="text/html" pageEncoding="UTF-8"%>
+<%@taglib prefix="t" tagdir="/WEB-INF/tags" %>
+<%
+    try
+    {
+        IValidateResult result = SessionValidationController.validateRequest("ticketania", request.getParameter("eventid"));
+
+        // Check if user must be enqueued
+        if (result instanceof AcceptedConfirmedResult)
+        {
+            ((AcceptedConfirmedResult)result).cancel();
+        }
+    }
+    catch (ExpiredValidationException ex)
+    {
+        // Known user has has expired - Show error page and use GetCancelUrl to get user back in the queue
+        response.sendRedirect("error.jsp?queuename=default&t=" + ex.getKnownUser().getOriginalUrl());
+        return;
+    }
+    catch (KnownUserValidationException ex)
+    {
+        // Known user is invalid - Show error page and use GetCancelUrl to get user back in the queue
+        response.sendRedirect("error.jsp?queuename=default&t=" + ((KnownUserException)ex.getCause()).getOriginalUrl());
+        return;
+    }
+%>
+<t:master>
+    <jsp:attribute name="title">
+        Cancel Validation
+    </jsp:attribute>
+    <jsp:attribute name="body">
+        <h3>Cancel validation result</h3>
+        <p>Your validation result has been canceled</p>
+    </jsp:attribute>
+</t:master>
diff --git a/QueueIT.Security.Examples/web/expire.jsp b/QueueIT.Security.Examples/web/expire.jsp
@@ -0,0 +1,38 @@
+<%@page import="java.util.Date"%>
+<%@page import="java.util.concurrent.Callable"%>
+<%@page import="queueit.security.*"%>
+<%@page contentType="text/html" pageEncoding="UTF-8"%>
+<%@taglib prefix="t" tagdir="/WEB-INF/tags" %>
+<%
+    try
+    {
+        IValidateResult result = SessionValidationController.validateRequest("ticketania", request.getParameter("eventid"));
+
+        // Check if user must be enqueued
+        if (result instanceof AcceptedConfirmedResult)
+        {
+            ((AcceptedConfirmedResult)result).setExpiration(new Date((new Date()).getTime() + 15));
+        }
+    }
+    catch (ExpiredValidationException ex)
+    {
+        // Known user has has expired - Show error page and use GetCancelUrl to get user back in the queue
+        response.sendRedirect("error.jsp?queuename=default&t=" + ex.getKnownUser().getOriginalUrl());
+        return;
+    }
+    catch (KnownUserValidationException ex)
+    {
+        // Known user is invalid - Show error page and use GetCancelUrl to get user back in the queue
+        response.sendRedirect("error.jsp?queuename=default&t=" + ((KnownUserException)ex.getCause()).getOriginalUrl());
+        return;
+    }
+%>
+<t:master>
+    <jsp:attribute name="title">
+        Expire Validation
+    </jsp:attribute>
+    <jsp:attribute name="body">
+        <h3>Expire validation result</h3>
+    <p>Your validation result has set to expire in 15 sec</p>
+    </jsp:attribute>
+</t:master>
diff --git a/QueueIT.Security.Examples/web/simple.jsp b/QueueIT.Security.Examples/web/simple.jsp
@@ -1,18 +1,34 @@
+<%@page import="java.net.URI"%>
 <%@page import="java.util.concurrent.Callable"%>
 <%@page import="queueit.security.*"%>
 <%@page contentType="text/html" pageEncoding="UTF-8"%>
 <%@taglib prefix="t" tagdir="/WEB-INF/tags" %>
 <%
+    String cancelUrl = null;
+    String expireUrl = null;
+    
     try
     {
         IValidateResult result = SessionValidationController.validateRequest();
 
+        
         // Check if user must be enqueued
         if (result instanceof EnqueueResult)
         {
             response.sendRedirect(((EnqueueResult)result).getRedirectUrl().toString());
             return;
         }
+            
+        if (result instanceof AcceptedConfirmedResult)
+        {
+            String currentUrl = request.getRequestURL().toString();
+            cancelUrl = result.getQueue().getCancelUrl(
+                    new URI(currentUrl.substring(0, currentUrl.indexOf("simple.jsp")) + "cancel.jsp?eventId=simple")).toString();
+            expireUrl = "expire.jsp?eventid=simple";
+            
+            request.setAttribute("cancelUrl", cancelUrl);
+            request.setAttribute("expireUrl", expireUrl);
+        }
     }
     catch (ExpiredValidationException ex)
     {
@@ -46,5 +62,7 @@
             Add controller code to the jsp files. The simple.jsp file 
             contains the minimum code required to set up the queue.</li>
     </ol>
+    <div><a href="${cancelUrl}">Cancel queue validation token</a></div>
+    <div><a href="${expireUrl}">Change expiration</a></div>
     </jsp:attribute>
 </t:master>
diff --git a/QueueIT.Security/src/queueit/security/AcceptedConfirmedResult.java b/QueueIT.Security/src/queueit/security/AcceptedConfirmedResult.java
@@ -1,5 +1,7 @@
 package queueit.security;
 
+import java.util.Date;
+
 public class AcceptedConfirmedResult extends ValidateResultBase {
     private IKnownUser knownUser;
     private boolean isInitialValidationRequest;
@@ -18,4 +20,14 @@ public boolean isInitialValidationRequest() {
         this.knownUser = knownUser;
         this.isInitialValidationRequest = initialRequest;
     }
+    
+    public void cancel()
+    {
+        SessionValidationController.cancel(this);
+    }
+    
+    public void setExpiration(Date expirationTime)
+    {
+        SessionValidationController.setExpiration(this, expirationTime);
+    }
 }
diff --git a/QueueIT.Security/src/queueit/security/CookieValidateResultRepository.java b/QueueIT.Security/src/queueit/security/CookieValidateResultRepository.java
@@ -1,21 +1,25 @@
 package queueit.security;
 
-import java.io.InputStream;
 import java.io.UnsupportedEncodingException;
 import java.net.URI;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
+import java.text.DateFormat;
+import java.text.SimpleDateFormat;
+import java.util.Collection;
 import java.util.Date;
 import java.util.Properties;
+import java.util.TimeZone;
 import java.util.UUID;
-import java.util.concurrent.Callable;
 import javax.servlet.http.*;
 import javax.xml.bind.DatatypeConverter;
 
 public class CookieValidateResultRepository extends ValidateResultRepositoryBase {
 
     static String defaultCookieDomain;
     static int defaultCookieExpiration = 1200;
+    static int defaultIdleExpiration = 180;
+    static int defaultDisabledExpiration = 180;
     
     static {       
         loadConfiguration();
@@ -28,11 +32,25 @@ private static void loadConfiguration()
             Properties props = QueueitProperties.getProperties("queueit.properties");
             defaultCookieDomain = props.getProperty("cookieDomain", null);
             defaultCookieExpiration =  Integer.parseInt(props.getProperty("cookieExpiration", "1200"));
+            defaultIdleExpiration =  Integer.parseInt(props.getProperty("idleExpiration", "180"));
+            defaultDisabledExpiration =  Integer.parseInt(props.getProperty("disabledExpiration", "180"));
         } catch (Exception e) {
             // no need to handle exception
         }    
     }
     
+    public static void configure(String cookieDomain, Integer cookieExpiration, Integer idleExpiration, Integer disabledExpiration)
+    {
+        if (cookieDomain != null)
+            defaultCookieDomain = cookieDomain;
+        if (cookieExpiration != null)
+            defaultCookieExpiration = cookieExpiration;
+        if (idleExpiration != null)
+            defaultIdleExpiration = idleExpiration;        
+        if (disabledExpiration != null)
+            defaultDisabledExpiration = disabledExpiration;        
+    }
+    
     @Override
     public IValidateResult getValidationResult(IQueue queue) {
         
@@ -42,7 +60,7 @@ public IValidateResult getValidationResult(IQueue queue) {
         String queueId = null;
         String originalUrl = null;
         String encryptedPlaceInQueue = null;
-        String redirectType = null;
+        RedirectType redirectType = null;
         String timeStamp = null;
         String actualHash = null;
         Integer placeInQueue = 0;
@@ -57,7 +75,7 @@ public IValidateResult getValidationResult(IQueue queue) {
             if (cookies[i].getName().equals(key + "-PlaceInQueue"))
                 encryptedPlaceInQueue = cookies[i].getValue();
             if (cookies[i].getName().equals(key + "-RedirectType"))
-                redirectType = cookies[i].getValue();
+                redirectType = RedirectType.fromString(cookies[i].getValue());
             if (cookies[i].getName().equals(key + "-TimeStamp"))
                 timeStamp = cookies[i].getValue();
             if (cookies[i].getName().equals(key + "-Hash"))
@@ -74,12 +92,13 @@ public IValidateResult getValidationResult(IQueue queue) {
             return null;
         }
             
-        String expectedHash = generateHash(queueId, originalUrl, placeInQueue, redirectType, timeStamp);
+        String expectedHash = generateHash(queueId, originalUrl, placeInQueue, redirectType.toString(), timeStamp);
         
         if (!expectedHash.equals(actualHash))
             return null;
         
-        setCookie(queue, queueId, originalUrl, placeInQueue, redirectType, timeStamp, actualHash);
+        if (redirectType != RedirectType.Disabled && redirectType != RedirectType.Idle)
+            setCookie(queue, queueId, originalUrl, placeInQueue, redirectType, timeStamp, actualHash, null);
         
         return new AcceptedConfirmedResult(
                 queue, 
@@ -89,13 +108,18 @@ public IValidateResult getValidationResult(IQueue queue) {
                     new Date(Integer.parseInt(timeStamp)), 
                     queue.getCustomerId(), 
                     queue.getEventId(), 
-                    RedirectType.valueOf(redirectType), 
+                    redirectType, 
                     URI.create(originalUrl)), 
                 false);
     }
 
     @Override
     public void setValidationResult(IQueue queue, IValidateResult validationResult) {
+        this.setValidationResult(queue, validationResult, null);
+    }
+    
+    @Override
+    public void setValidationResult(IQueue queue, IValidateResult validationResult, Date expirationTime) {
         
         if (validationResult instanceof AcceptedConfirmedResult)
         {   
@@ -104,37 +128,86 @@ public void setValidationResult(IQueue queue, IValidateResult validationResult)
             String queueId = confirmedResult.getKnownUser().getQueueId().toString();
             String originalUrl = confirmedResult.getKnownUser().getOriginalUrl().toString();
             Integer placeInQueue = confirmedResult.getKnownUser().getPlaceInQueue();
-            String redirectType = confirmedResult.getKnownUser().getRedirectType().toString();
+            RedirectType redirectType = confirmedResult.getKnownUser().getRedirectType();
             Long timeStamp = confirmedResult.getKnownUser().getTimeStamp().getTime() / 1000;
             
-            String hash = generateHash(queueId, originalUrl, placeInQueue, redirectType, timeStamp.toString());
+            String hash = generateHash(queueId, originalUrl, placeInQueue, redirectType.toString(), timeStamp.toString());
 
-            setCookie(queue, queueId, originalUrl, placeInQueue, redirectType, timeStamp.toString(), hash);
+            setCookie(queue, queueId, originalUrl, placeInQueue, redirectType, timeStamp.toString(), hash, expirationTime);
         }                
     }
     
-    private void setCookie(IQueue queue, String queueId, String originalUrl, Integer placeInQueue, String redirectType, String timeStamp, String hash)
+    private void setCookie(
+        IQueue queue, 
+        String queueId, 
+        String originalUrl, 
+        Integer placeInQueue, 
+        RedirectType redirectType, 
+        String timeStamp, 
+        String hash,
+        Date expirationTime)
     {
         String key = generateKey(queue.getCustomerId(), queue.getEventId());
         HttpServletResponse response = RequestContext.getCurrentInstance().getResponse();
         
-        addCookie(new Cookie(key + "-QueueId", queueId), response);
-            addCookie(new Cookie(key + "-OriginalUrl", originalUrl), response);
-            addCookie(new Cookie(key + "-PlaceInQueue", Hashing.encryptPlaceInQueue(placeInQueue)), response);
-            addCookie(new Cookie(key + "-RedirectType", redirectType), response);
-            addCookie(new Cookie(key + "-TimeStamp", timeStamp.toString()), response);
-            addCookie(new Cookie(key + "-Hash", hash), response);           
+        int expiration;
+        Date now = new Date();
+        
+        if (expirationTime != null)
+            expiration = (int)(expirationTime.getTime() - now.getTime());
+        else if (redirectType == RedirectType.Disabled)
+            expiration = defaultDisabledExpiration;
+        else if (redirectType == RedirectType.Idle)
+            expiration = defaultIdleExpiration;
+        else
+            expiration = defaultCookieExpiration;
+
+        this.clearExistingCookies(response, key, expiration);
+        
+        addCookie(new Cookie(key + "-QueueId", queueId), response, expiration);
+        addCookie(new Cookie(key + "-OriginalUrl", originalUrl), response, expiration);
+        addCookie(new Cookie(key + "-PlaceInQueue", Hashing.encryptPlaceInQueue(placeInQueue)), response, expiration);
+        addCookie(new Cookie(key + "-RedirectType", redirectType.toString()), response, expiration);
+        addCookie(new Cookie(key + "-TimeStamp", timeStamp.toString()), response, expiration);
+        addCookie(new Cookie(key + "-Hash", hash), response, expiration);           
     }
     
-    private void addCookie(Cookie cookie, HttpServletResponse response)
-    {
+    private void addCookie(Cookie cookie, HttpServletResponse response, int maxAge)
+    {                     
         cookie.setHttpOnly(true);      
-        cookie.setMaxAge(defaultCookieExpiration);
+        cookie.setMaxAge(maxAge < 0 ? 0 : maxAge);
         if (defaultCookieDomain != null)
             cookie.setDomain(defaultCookieDomain);
-                
+               
         response.addCookie(cookie);
     }
+    
+    private void clearExistingCookies(HttpServletResponse response, String key, int maxAge)
+    {
+        Collection<String> cookieHeaders = response.getHeaders("Set-Cookie");
+        
+        if (maxAge > 0)
+        {
+            Date expdate= new Date();
+            expdate.setTime (expdate.getTime() + (maxAge * 1000));
+            DateFormat df = new SimpleDateFormat("dd-MMM-yyyy kk:mm:ss z");
+            df.setTimeZone(TimeZone.getTimeZone("GMT"));
+
+            response.setHeader("Set-Cookie", key + "=true; Expires=" + df.format(expdate) + ";");
+        }
+        else
+        {
+            response.setHeader("Set-Cookie", key + "=true; Expires=Thu, 11-Sep-2014 11:27:49 GMT;");
+        }
+        
+        for (String cookieHeader : cookieHeaders)
+        {
+            if (!cookieHeader.contains(key))
+            {
+                response.addHeader("Set-Cookie", cookieHeader);
+            }
+        }
+    }
 
     private String generateHash(String queueId, String originalUrl, Integer placeInQueue, String redirectType, String timeStamp) {
         try {
@@ -154,4 +227,9 @@ private String generateHash(String queueId, String originalUrl, Integer placeInQ
             return null;
         }
     }
+
+    @Override
+    public void cancel(IQueue queue, IValidateResult validationResult) {
+        this.setValidationResult(queue, validationResult, new Date(System.currentTimeMillis()-24*60*60*1000));
+    }
 }
diff --git a/QueueIT.Security/src/queueit/security/IValidateResultRepository.java b/QueueIT.Security/src/queueit/security/IValidateResultRepository.java
@@ -1,6 +1,10 @@
 package queueit.security;
 
+import java.util.Date;
+
 public interface IValidateResultRepository {
     IValidateResult getValidationResult(IQueue queue);
     void setValidationResult(IQueue queue, IValidateResult validationResult);
+    void setValidationResult(IQueue queue, IValidateResult validationResult, Date expirationTime);
+    void cancel(IQueue queue, IValidateResult validationResult);
 }
diff --git a/QueueIT.Security/src/queueit/security/SessionStateModel.java b/QueueIT.Security/src/queueit/security/SessionStateModel.java
@@ -10,4 +10,5 @@ public class SessionStateModel implements java.io.Serializable {
     public Date TimeStamp;
     public RedirectType RedirectType;
     public Integer PlaceInQueue;
+    public Date Expiration;
 }
diff --git a/QueueIT.Security/src/queueit/security/SessionValidateResultRepository.java b/QueueIT.Security/src/queueit/security/SessionValidateResultRepository.java
diff --git a/QueueIT.Security/src/queueit/security/SessionValidationController.java b/QueueIT.Security/src/queueit/security/SessionValidationController.java

Original file line number	Diff line number	Diff line change
`@@ -5,6 +5,7 @@`
`5`	`5`	`<%`
`6`	`6`	`try`
`7`	`7`	`{`
	`8`	`+`
`8`	`9`	`IValidateResult result = SessionValidationController.validateRequest("advanced", new URI("http://www.google.com"));`
`9`	`10`
`10`	`11`	`// Check if user must be enqueued`
Original file line number	Diff line number	Diff line change
`@@ -10,4 +10,5 @@ public class SessionStateModel implements java.io.Serializable {`
`10`	`10`	`public Date TimeStamp;`
`11`	`11`	`public RedirectType RedirectType;`
`12`	`12`	`public Integer PlaceInQueue;`
	`13`	`+ public Date Expiration;`
`13`	`14`	`}`