From 3582109cf79cf1e38d6d96f4ec96bf63a78aba83 Mon Sep 17 00:00:00 2001
From: Sergey Linnik <sergey.linnik@onlyoffice.com>
Date: Thu, 2 Aug 2018 16:49:09 +0300
Subject: [PATCH] java: jwt in track

---
 web/documentserver-example/java/pom.xml       |  7 ++++-
 .../main/java/controllers/IndexServlet.java   | 27 ++++++++++++++++---
 .../main/java/helpers/DocumentManager.java    | 27 +++++++++++++++++++
 .../src/main/resources/settings.properties    |  1 +
 4 files changed, 58 insertions(+), 4 deletions(-)

diff --git a/web/documentserver-example/java/pom.xml b/web/documentserver-example/java/pom.xml
index b19badbe..9337da72 100644
--- a/web/documentserver-example/java/pom.xml
+++ b/web/documentserver-example/java/pom.xml
@@ -13,7 +13,7 @@
         <endorsed.dir>${project.build.directory}/endorsed</endorsed.dir>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
     </properties>
-    
+
     <dependencies>
         <dependency>
             <groupId>com.googlecode.json-simple</groupId>
@@ -31,6 +31,11 @@
             <artifactId>gson</artifactId>
             <version>2.8.5</version>
         </dependency>
+        <dependency>
+            <groupId>com.inversoft</groupId>
+            <artifactId>prime-jwt</artifactId>
+            <version>1.3.1</version>
+        </dependency>
     </dependencies>
 
     <build>
diff --git a/web/documentserver-example/java/src/main/java/controllers/IndexServlet.java b/web/documentserver-example/java/src/main/java/controllers/IndexServlet.java
index 8ac1afbc..d089d539 100644
--- a/web/documentserver-example/java/src/main/java/controllers/IndexServlet.java
+++ b/web/documentserver-example/java/src/main/java/controllers/IndexServlet.java
@@ -48,6 +48,8 @@ import helpers.FileUtility;
 import org.json.simple.JSONObject;
 import org.json.simple.parser.JSONParser;
 
+import org.primeframework.jwt.domain.JWT;
+
 @WebServlet(name = "IndexServlet", urlPatterns = {"/IndexServlet"})
 @MultipartConfig
 public class IndexServlet extends HttpServlet
@@ -246,13 +248,32 @@ public class IndexServlet extends HttpServlet
             return;
         }
 
-        long status = (long) jsonObj.get("status");
+        int status;
+        String downloadUri;
+
+        if (DocumentManager.TokenEnabled())
+        {
+            String token = (String) jsonObj.get("token");
+
+            JWT jwt = DocumentManager.ReadToken(token);
+            if (jwt == null)
+            {
+                writer.write("JWT.parse error");
+                return;
+            }
+
+            status = jwt.getInteger("status");
+            downloadUri = jwt.getString("url");
+        }
+        else
+        {
+            status = (int) jsonObj.get("status");
+            downloadUri = (String) jsonObj.get("url");
+        }
 
         int saved = 0;
         if (status == 2 || status == 3)//MustSave, Corrupted
         {
-            String downloadUri = (String) jsonObj.get("url");
-
             try
             {
                 URL url = new URL(downloadUri);
diff --git a/web/documentserver-example/java/src/main/java/helpers/DocumentManager.java b/web/documentserver-example/java/src/main/java/helpers/DocumentManager.java
index 65ed2c65..72cdf0fd 100644
--- a/web/documentserver-example/java/src/main/java/helpers/DocumentManager.java
+++ b/web/documentserver-example/java/src/main/java/helpers/DocumentManager.java
@@ -39,6 +39,9 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import entities.FileType;
 
+import org.primeframework.jwt.domain.JWT;
+import org.primeframework.jwt.hmac.HMACVerifier;
+import org.primeframework.jwt.Verifier;
 
 public class DocumentManager
 {
@@ -228,4 +231,28 @@ public class DocumentManager
 
         return ".docx";
     }
+
+    public static JWT ReadToken(String token)
+    {
+        try
+        {
+            Verifier verifier = HMACVerifier.newVerifier(GetTokenSecret());
+            return JWT.getDecoder().decode(token, verifier);
+        }
+        catch (Exception exception)
+        {
+            return null;
+        }
+    }
+
+    public static Boolean TokenEnabled()
+    {
+        String secret = GetTokenSecret();
+        return secret != null && !secret.isEmpty();
+    }
+
+    private static String GetTokenSecret()
+    {
+        return ConfigManager.GetProperty("files.docservice.secret");
+    }
 }
\ No newline at end of file
diff --git a/web/documentserver-example/java/src/main/resources/settings.properties b/web/documentserver-example/java/src/main/resources/settings.properties
index 7c586298..0d030593 100644
--- a/web/documentserver-example/java/src/main/resources/settings.properties
+++ b/web/documentserver-example/java/src/main/resources/settings.properties
@@ -10,3 +10,4 @@ files.docservice.url.converter=https://documentserver/ConvertService.ashx
 files.docservice.url.tempstorage=https://documentserver/ResourceService.ashx
 files.docservice.url.api=https://documentserver/web-apps/apps/api/documents/api.js
 files.docservice.url.preloader=https://documentserver/web-apps/apps/api/documents/cache-scripts.html
+files.docservice.secret=