From b4b27bda7d12b2dfdfcef565b52146457b350b8f Mon Sep 17 00:00:00 2001 From: Peter Hormanns Date: Fri, 6 Dec 2019 19:02:08 +0100 Subject: [PATCH] autodiscover / POST --- .../AutoconfigAutodiscoverServlet.java | 106 ++++++++++++++++-- 1 file changed, 96 insertions(+), 10 deletions(-) diff --git a/hsarback/src/de/hsadmin/autoconfig/AutoconfigAutodiscoverServlet.java b/hsarback/src/de/hsadmin/autoconfig/AutoconfigAutodiscoverServlet.java index 69fde6a..c9301c0 100644 --- a/hsarback/src/de/hsadmin/autoconfig/AutoconfigAutodiscoverServlet.java +++ b/hsarback/src/de/hsadmin/autoconfig/AutoconfigAutodiscoverServlet.java @@ -5,6 +5,7 @@ import java.io.IOException; import javax.persistence.EntityManager; import javax.persistence.Query; import javax.servlet.ServletException; +import javax.servlet.ServletInputStream; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -21,10 +22,11 @@ import org.apache.commons.httpclient.HttpStatus; import org.w3c.dom.DOMException; import org.w3c.dom.Document; import org.w3c.dom.Element; +import org.w3c.dom.NodeList; +import org.xml.sax.SAXException; import de.hsadmin.core.model.HSAdminException; import de.hsadmin.core.model.Transaction; -import de.hsadmin.core.util.IPv6Trick; import de.hsadmin.mods.email.EMailAddress; import de.hsadmin.mods.user.UnixUser; @@ -92,14 +94,98 @@ public class AutoconfigAutodiscoverServlet extends HttpServlet { */ @Override protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { - final String remoteAddr = req.getRemoteAddr(); - if (!IPv6Trick.isKnownRemote(remoteAddr)) { - resp.sendError(HttpStatus.SC_UNAUTHORIZED); - return; + final ServletInputStream xmlInputStream = req.getInputStream(); + try { + String emailAddr = ""; + final DocumentBuilderFactory builderFactory = DocumentBuilderFactory.newInstance(); + DocumentBuilder builder = builderFactory.newDocumentBuilder(); + final Document requestDocument = builder.parse(xmlInputStream); + final Element documentElement = requestDocument.getDocumentElement(); + documentElement.normalize(); + final NodeList emailAddressNodeList = documentElement.getElementsByTagName("EMailAddress"); + if (emailAddressNodeList.getLength() == 1) { + emailAddr = emailAddressNodeList.item(0).getTextContent().trim(); + } + final String[] addrParts = emailAddr.split("@"); + if (addrParts.length != 2) { + resp.sendError(HttpStatus.SC_BAD_REQUEST); + return; + } + String uniqueMailbox = null; + try { + uniqueMailbox = getUniqueMailbox(emailAddr); + } catch (HSAdminException e) { + throw new ServletException(e); + } + final Document document = buildAutodiscoverDocument(builderFactory, uniqueMailbox); + serializeDocument(document, resp); + } catch (ParserConfigurationException e) { + throw new ServletException(e); + } catch (SAXException e) { + throw new ServletException(e); } } + +// public static void main(String[] args) { +// final DocumentBuilderFactory builderFactory = DocumentBuilderFactory.newInstance(); +// final String mbox = "xyz00-test"; +// try { +// final Document document = buildAutodiscoverDocument(builderFactory, mbox); +// final TransformerFactory transformerFactory = TransformerFactory.newInstance(); +// final Transformer transformer = transformerFactory.newTransformer(); +// transformer.transform(new DOMSource(document), new StreamResult(System.out)); +// } catch (ParserConfigurationException e) { +// // TODO Auto-generated catch block +// e.printStackTrace(); +// } catch (TransformerException e) { +// // TODO Auto-generated catch block +// e.printStackTrace(); +// } +// } - private Element appendElementWithAttribute(final Document document, final Element parent, + private static Document buildAutodiscoverDocument(final DocumentBuilderFactory builderFactory, String uniqueMailbox) + throws ParserConfigurationException { + DocumentBuilder builder; + final String pacName = uniqueMailbox.substring(0, 5); + final String pacDomain = pacName + ".hostsharing.net"; + final String userName = uniqueMailbox; + builder = builderFactory.newDocumentBuilder(); + final Document document = builder.newDocument(); + final Element autodiscover = document.createElementNS("http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006", "Autodiscover"); + document.appendChild(autodiscover); + final Element response = document.createElementNS("http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a", "Response"); + autodiscover.appendChild(response); + final Element user = document.createElement("User"); + response.appendChild(user); + appendElementWithText(document, user, "DisplayName", pacDomain); + final Element account = document.createElement("Account"); + response.appendChild(account); + appendElementWithText(document, account, "AccountType", "email"); + appendElementWithText(document, account, "Action", "settings"); + final Element protocolIMAP = document.createElement("Protocol"); + account.appendChild(protocolIMAP); + appendElementWithText(document, protocolIMAP, "Type", "IMAP"); + appendElementWithText(document, protocolIMAP, "Server", pacDomain); + appendElementWithText(document, protocolIMAP, "Port", "993"); + appendElementWithText(document, protocolIMAP, "DomainRequired", "off"); + appendElementWithText(document, protocolIMAP, "SPA", "off"); + appendElementWithText(document, protocolIMAP, "SSL", "on"); + appendElementWithText(document, protocolIMAP, "AuthRequired", "on"); + appendElementWithText(document, protocolIMAP, "LoginName", userName); + final Element protocolSMTP = document.createElement("Protocol"); + account.appendChild(protocolSMTP); + appendElementWithText(document, protocolSMTP, "Type", "SMTP"); + appendElementWithText(document, protocolSMTP, "Server", pacDomain); + appendElementWithText(document, protocolSMTP, "Port", "465"); + appendElementWithText(document, protocolSMTP, "DomainRequired", "off"); + appendElementWithText(document, protocolSMTP, "SPA", "off"); + appendElementWithText(document, protocolSMTP, "SSL", "on"); + appendElementWithText(document, protocolSMTP, "AuthRequired", "on"); + appendElementWithText(document, protocolSMTP, "LoginName", userName); + return document; + } + + private static Element appendElementWithAttribute(final Document document, final Element parent, final String childElementName, final String attributeName, final String attributeValue) { final Element child = document.createElement(childElementName); child.setAttribute(attributeName, attributeValue); @@ -107,7 +193,7 @@ public class AutoconfigAutodiscoverServlet extends HttpServlet { return child; } - private Element appendElementWithText(final Document document, final Element parent, + private static Element appendElementWithText(final Document document, final Element parent, final String childElementName, final String text) { final Element child = document.createElement(childElementName); parent.appendChild(child); @@ -115,12 +201,12 @@ public class AutoconfigAutodiscoverServlet extends HttpServlet { return child; } - private void serializeDocument(final Document document, final HttpServletResponse resp) + private static void serializeDocument(final Document document, final HttpServletResponse resp) throws ServletException { resp.setContentType("text/xml"); try { - TransformerFactory transformerFactory = TransformerFactory.newInstance(); - Transformer transformer = transformerFactory.newTransformer(); + final TransformerFactory transformerFactory = TransformerFactory.newInstance(); + final Transformer transformer = transformerFactory.newTransformer(); transformer.transform(new DOMSource(document), new StreamResult(resp.getOutputStream())); } catch (TransformerException e) { throw new ServletException(e);