Add BOM generation from within the app.

currentmonitor/lantern-service-currentmonitor/src/main/java/com/lanternsoftware/currentmonitor/servlet/AuthServlet.java

@@ -1,7 +1,8 @@
 package com.lanternsoftware.currentmonitor.servlet;
 
+import com.google.api.client.googleapis.auth.oauth2.GoogleAuthorizationCodeTokenRequest;
 import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken;
-import com.google.api.client.googleapis.auth.oauth2.GoogleIdTokenVerifier;
+import com.google.api.client.googleapis.auth.oauth2.GoogleTokenResponse;
 import com.google.api.client.http.javanet.NetHttpTransport;
 import com.google.api.client.json.jackson2.JacksonFactory;
 import com.lanternsoftware.currentmonitor.context.Globals;
@@ -18,14 +19,19 @@ import org.slf4j.LoggerFactory;
 import javax.servlet.annotation.WebServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-import java.util.Collections;
 
 @WebServlet("/auth/*")
 public class AuthServlet extends CMServlet {
 	private static final NetHttpTransport transport = new NetHttpTransport();
 	private static final JacksonFactory jsonFactory = new JacksonFactory();
 	private static final Logger logger = LoggerFactory.getLogger(AuthServlet.class);
-	private static final String googleSsoKey = ResourceLoader.loadFileAsString(LanternFiles.OPS_PATH + "google_sso_key.txt");
+	private static final String googleClientId;
+	private static final String googleClientSecret;
+	static {
+		DaoEntity google = DaoSerializer.parse(ResourceLoader.loadFileAsString(LanternFiles.OPS_PATH + "google_sso.txt"));
+		googleClientId = DaoSerializer.getString(google, "id");
+		googleClientSecret = DaoSerializer.getString(google, "secret");
+	}
 
 	@Override
 	protected void doGet(HttpServletRequest _req, HttpServletResponse _rep) {
@@ -33,20 +39,21 @@ public class AuthServlet extends CMServlet {
 		if (NullUtils.isEmpty(authCode)) {
 			BasicAuth auth = new BasicAuth(_req);
 			if (NullUtils.isEqual(auth.getUsername(), "googlesso")) {
-				GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier.Builder(transport, jsonFactory).setAudience(Collections.singletonList(googleSsoKey)).build();
+				logger.info("Attempting google SSO");
 				try {
-					GoogleIdToken idToken = verifier.verify(auth.getPassword());
-					if (idToken != null) {
-						GoogleIdToken.Payload payload = idToken.getPayload();
-						String email = payload.getEmail();
-						authCode = Globals.dao.getAuthCodeForEmail(email, DateUtils.fromTimeZoneId(_req.getHeader("timezone")));
+					GoogleTokenResponse tokenResponse = new GoogleAuthorizationCodeTokenRequest(transport, jsonFactory, "https://oauth2.googleapis.com/token", googleClientId, googleClientSecret, auth.getPassword(), "").execute();
+					if (tokenResponse != null) {
+						GoogleIdToken idToken = tokenResponse.parseIdToken();
+						if (idToken != null) {
+							logger.info("Successfully received google id token");
+							authCode = Globals.dao.getAuthCodeForEmail(idToken.getPayload().getEmail(), DateUtils.fromTimeZoneId(_req.getHeader("timezone")));
+							logger.info("Auth code for google user is valid: " + (authCode != null));
+						}
 					}
+				} catch (Exception _e) {
+					logger.error("Failed to validate google auth code", _e);
 				}
-				catch (Exception _e) {
-					logger.error("Failed to validate google auth token", _e);
-  				}
-			}
-			else
+			} else
 				authCode = Globals.dao.authenticateAccount(auth.getUsername(), auth.getPassword());
 		}
 		DaoEntity rep = new DaoEntity("auth_code", authCode);

currentmonitor/lantern-service-currentmonitor/src/main/java/com/lanternsoftware/currentmonitor/servlet/BomServlet.java

@@ -0,0 +1,38 @@
+package com.lanternsoftware.currentmonitor.servlet;
+
+import com.lanternsoftware.currentmonitor.context.Globals;
+import com.lanternsoftware.datamodel.currentmonitor.BreakerConfig;
+import com.lanternsoftware.datamodel.currentmonitor.bom.BOM;
+import com.lanternsoftware.util.CollectionUtils;
+import com.lanternsoftware.util.csv.CSVWriter;
+import com.lanternsoftware.util.dao.DaoEntity;
+import com.lanternsoftware.util.dao.DaoQuery;
+import com.lanternsoftware.util.dao.DaoSerializer;
+
+import javax.servlet.annotation.WebServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+@WebServlet("/bom/*")
+public class BomServlet extends CMServlet {
+	@Override
+	protected void doGet(HttpServletRequest _req, HttpServletResponse _rep) {
+		String[] path = path(_req);
+		if (CollectionUtils.size(path) < 1){
+			_rep.setStatus(401);
+			return;
+		}
+		DaoEntity id = CollectionUtils.getFirst(Globals.dao.getProxy().queryForEntities("bom", new DaoQuery("_id", path[0])));
+		int acctId = DaoSerializer.getInteger(id, "acct_id");
+		if (acctId == 0) {
+			_rep.setStatus(401);
+			return;
+		}
+		BreakerConfig config = Globals.dao.getConfig(acctId);
+		if (config == null) {
+			_rep.setStatus(401);
+			return;
+		}
+		setResponseEntity(_rep, "text/csv",CSVWriter.toByteArray(BOM.fromConfig(config).toCsv(false)));
+	}
+}

currentmonitor/lantern-service-currentmonitor/src/main/java/com/lanternsoftware/currentmonitor/servlet/GenerateBomServlet.java

@@ -0,0 +1,23 @@
+package com.lanternsoftware.currentmonitor.servlet;
+
+import com.lanternsoftware.currentmonitor.context.Globals;
+import com.lanternsoftware.datamodel.currentmonitor.AuthCode;
+import com.lanternsoftware.util.dao.DaoEntity;
+
+import javax.servlet.annotation.WebServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+@WebServlet("/generateBom")
+public class GenerateBomServlet extends SecureServlet {
+	@Override
+	protected void get(AuthCode _authCode, HttpServletRequest _req, HttpServletResponse _rep) {
+		AuthCode authCode = Globals.dao.decryptAuthCode(_req.getHeader("auth_code"));
+		if (authCode == null) {
+			_rep.setStatus(401);
+			return;
+		}
+		String id = Globals.dao.getProxy().saveEntity("bom", new DaoEntity("acct_id", authCode.getAccountId()));
+		jsonResponse(_rep, new DaoEntity("link", "bom/" + id));
+	}
+}