+// Copyright 2000-2005 the Contributors, as shown in the revision logs.
+// Licensed under the Apache Public Source License 2.0 ("the License").
+// You may not use this file except in compliance with the License.
+
package org.ibex.mail;
import java.lang.reflect.*;
//import org.prevayler.*;
public abstract class Confirmation implements Externalizable {
public static final long serialVersionUID = 0x981879f18a11ffeeL;
- public static final Address FROM = Address.parse("adam@megacz.com"); // FIXME
+
+ public static int master_serial = 0;
public transient Address who = null;
public long expiration;
public abstract String getDescription();
+ public abstract String getURL(String tail);
+ public int serial;
+
+ private static HashMap<Integer,Confirmation> all = new HashMap<Integer,Confirmation>();
+
+ public static Confirmation get(int serial) {
+ return all.get(serial);
+ }
- protected Confirmation(Address who, long expiration) { this.who = who; this.expiration = expiration; }
+ protected Confirmation(Address who, long expiration) {
+ this.who = who;
+ this.expiration = expiration;
+ this.serial = master_serial++;
+ all.put(serial, this);
+ }
public void readExternal(ObjectInput s) throws IOException {
try {
}
}
- public void signAndSend(long secret, Date now) throws IOException, Message.Malformed {
- SMTP.Outgoing.accept(new Message(new Stream("From: " + FROM + "\r\n" +
- "To: " + who.toString(true) + "\r\n" +
- "Subject: confirm " + getDescription() + "\r\n" +
- "\r\n" +
- "Please click the link below to " + getDescription() + "\r\n" +
- sign(secret)),
- new Message.Envelope(FROM, who, now)
- )
+ public void signAndSend(Address sender, long secret, Date now) throws IOException, Message.Malformed {
+ SMTP.Outgoing.accept(Message.newMessage(new Fountain.StringFountain("From: " + sender + "\r\n" +
+ "To: " + who.toString(true) + "\r\n" +
+ "Subject: confirm " + getDescription() + "\r\n" +
+ "Message-Id: "+Message.generateFreshMessageId()+"\r\n" +
+ "\r\n" +
+ "Please click the link below to " + getDescription() + "\r\n" +
+ getURL(sign(secret))),
+ sender,
+ who
+ )
);
}
oos.flush();
oos.close();
byte[] b = os.toByteArray();
- StringBuffer sb = new StringBuffer(new String(Base64.encode(b)));
+ StringBuffer sb = new StringBuffer();
+ sb.append(serial);
+ //sb.append(new String(Encode.toBase64(b)));
sb.append('.');
SHA1 sha1 = new SHA1();
sha1.update(b, 0, b.length);
b = new byte[sha1.getDigestSize()];
sha1.doFinal(b, 0);
- sb.append(new String(Base64.encode(b)));
+ sb.append(new String(Encode.toBase64(b)));
return sb.toString();
}
public static Confirmation decode(String encoded, long secret, Date now) {
try {
- String payload = encoded.substring(0, encoded.indexOf('.'));
- ObjectInputStream ois = new ObjectInputStream(new InflaterInputStream(new Base64.InputStream(payload)));
- Confirmation cve = (Confirmation)ois.readObject();
+ String serial = encoded.substring(0, encoded.indexOf('.'));
+ Confirmation cve = get(Integer.parseInt(serial));
if (!cve.sign(secret).equals(encoded)) throw new InvalidSignature();
if (now.getTime() > cve.expiration) throw new Expired();
return cve;
- } catch (ClassNotFoundException e) {
- Log.error(Confirmation.class, e);
- throw new InvalidSignature();
} catch (IOException e) {
Log.error(Confirmation.class, e);
throw new InvalidSignature();