summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatthias Andreas Benkard <code@mail.matthias.benkard.de>2012-06-18 22:58:35 +0200
committerMatthias Andreas Benkard <code@mail.matthias.benkard.de>2012-06-18 22:58:35 +0200
commit95f8ddb6de40e59f8209f8b96d543bb18a434e20 (patch)
tree6593c455c517447bf71fea13392dc1967e71e82f
parent7c57376a3f9a4cebfedb693dedb37131c922c7e3 (diff)
Issue webID-enabled certificates to users.
-rw-r--r--src/mulk/benki/db.clj2
-rw-r--r--src/mulk/benki/genkey.clj23
-rw-r--r--src/mulk/benki/id.clj3
-rw-r--r--src/mulk/benki/util.clj10
4 files changed, 29 insertions, 9 deletions
diff --git a/src/mulk/benki/db.clj b/src/mulk/benki/db.clj
index 343b09f..b45ec30 100644
--- a/src/mulk/benki/db.clj
+++ b/src/mulk/benki/db.clj
@@ -1,6 +1,6 @@
(ns mulk.benki.db
(:refer-clojure)
- (:use [mulk.benki util config])
+ (:use [mulk.benki config])
(:require [clojure.java.jdbc :as sql]))
diff --git a/src/mulk/benki/genkey.clj b/src/mulk/benki/genkey.clj
index 0378181..381bc00 100644
--- a/src/mulk/benki/genkey.clj
+++ b/src/mulk/benki/genkey.clj
@@ -24,7 +24,10 @@
BcRSAContentSignerBuilder]
[org.bouncycastle.asn1.x509
X509Name
- SubjectPublicKeyInfo]
+ X509Extension
+ SubjectPublicKeyInfo
+ GeneralName
+ GeneralNames]
[org.bouncycastle.asn1.x500
X500Name]))
@@ -70,7 +73,7 @@
(defn twenty-years-from-now []
(java.util.Date. (+ (* 20 3600 24 365 1000) (.getTime (now)))))
-(defn sign-spkac [spkac]
+(defn sign-spkac [spkac user]
(let [serial (swap! cert-serial inc)
pubkeyinfo (-> spkac
(.getPublicKeyAndChallenge)
@@ -80,10 +83,16 @@
(java.math.BigInteger. (str serial))
(now)
(twenty-years-from-now)
- (X500Name. "CN=Benki User")
- pubkeyinfo)
- cert (.build builder cert-signer)]
- cert))
+ (X500Name. (fmt nil "CN=Benki User (~a)" (user-nickname user)))
+ pubkeyinfo)]
+ (.addExtension builder
+ X509Extension/subjectAlternativeName
+ true
+ (GeneralNames.
+ (GeneralName.
+ GeneralName/uniformResourceIdentifier
+ (link :profile user))))
+ (.build builder cert-signer)))
(defpage "/genkey" []
(redirect "/keys"))
@@ -100,7 +109,7 @@
;;(redirect (linkrel :keys))
{:status 200
:headers {"Content-Type" "application/x-x509-user-cert"}
- :body (.getEncoded (sign-spkac spkac))})))
+ :body (.getEncoded (sign-spkac spkac *user*))})))
(defpage "/keys" []
(with-auth
diff --git a/src/mulk/benki/id.clj b/src/mulk/benki/id.clj
index efff197..d1f8263 100644
--- a/src/mulk/benki/id.clj
+++ b/src/mulk/benki/id.clj
@@ -112,3 +112,6 @@
(get-in (request/ring-request) [:headers "accept"]))
(render-xrds nickname)
(show-profile-page)))
+
+(defpage [:get "/~:nickname"] {nickname :nickname}
+ (redirect (link :profile nickname)))
diff --git a/src/mulk/benki/util.clj b/src/mulk/benki/util.clj
index 46e187d..7f85ead 100644
--- a/src/mulk/benki/util.clj
+++ b/src/mulk/benki/util.clj
@@ -3,7 +3,7 @@
(:use [hiccup core page-helpers]
[clojure.core.match :only [match]]
noir.core
- [mulk.benki config])
+ [mulk.benki config db])
(:require [noir.session :as session]
[noir.request :as request]
[noir.response :as response]
@@ -57,6 +57,13 @@
content
(:bottom kind)]))
+(defmulti user-nickname type)
+(defmethod user-nickname java.lang.String [x]
+ x)
+(defmethod user-nickname java.lang.Number [x]
+ (with-dbt
+ (:nickname (query1 "SELECT * FROM user_nicknames WHERE \"user\" = ?" x))))
+
(defn linkrel [& args]
(match [(vec args)]
[[:login]] (str (:cert-req-base @benki-config) "/login")
@@ -71,6 +78,7 @@
[[:wiki title & xs]] (fmt nil "/wiki/~a~@[~a~]" title (first xs))
[[:keys]] "/keys"
[[:keys :register]] "/keys/register"
+ [[:profile user]] (fmt nil "/~~~a" (user-nickname user))
))
(defn link [& args]