/*

* Copyright 2006-2008 Sxip Identity Corporation

*/

package org.openid4java.util;

import org.apache.commons.logging.Log;

import org.apache.commons.logging.LogFactory;

import org.apache.http.Header;

import org.apache.http.HttpEntity;

import org.apache.http.NameValuePair;

import org.apache.http.client.HttpClient;

import org.apache.http.client.entity.UrlEncodedFormEntity;

import org.apache.http.client.methods.HttpGet;

import org.apache.http.client.methods.HttpHead;

import org.apache.http.client.methods.HttpPost;

import org.apache.http.client.params.AllClientPNames;

import org.apache.http.conn.ssl.X509HostnameVerifier;

import org.apache.http.message.BasicNameValuePair;

import java.io.IOException;

import java.io.InputStream;

import java.util.ArrayList;

import java.util.Arrays;

import java.util.HashMap;

import java.util.List;

import java.util.Map;

import java.util.Map.Entry;

import java.util.Date;

import javax.net.ssl.SSLContext;

/**

* Wrapper cache around HttpClient providing caching for HTTP requests.

* Intended to be used to optimize the number of HTTP requests performed

* during OpenID discovery.

*

* @author Marius Scurtescu, Johnny Bufu

*/

public class HttpCache extends AbstractHttpFetcher

{

private static Log _log = LogFactory.getLog(HttpCache.class);

private static final boolean DEBUG = _log.isDebugEnabled();

/**

* HttpClient used to place the HTTP requests.

*/

private HttpClient _client;

/**

* Cache for GET requests. Map of URL -> HttpResponse.

*/

private Map _getCache = new HashMap();

// todo: cache management

/**

* Cache for HEAD requests. Map of URL -> HttpResponse.

*/

private Map _headCache = new HashMap();

public HttpCache()

{

this(null);

}

public HttpCache(SSLContext sslContext)

{

this(sslContext, null);

}

/**

* Constructs a new HttpCache object, that will be initialized with the

* default set of HttpRequestOptions.

*

* @see HttpRequestOptions

*/

public HttpCache(SSLContext sslContext, X509HostnameVerifier hostnameVerifier)

{

super();

_client = HttpClientFactory.getInstance(

getDefaultRequestOptions().getMaxRedirects(),

getDefaultRequestOptions().getAllowCircularRedirects(),

getDefaultRequestOptions().getSocketTimeout(),

getDefaultRequestOptions().getConnTimeout(),

null, sslContext, hostnameVerifier);

}

/**

* Removes a cached GET response.

*

* @param url The URL for which to remove the cached response.

*/

private void removeGet(String url)

{

if (_getCache.keySet().contains(url))

{

_log.info("Removing cached GET response for " + url);

_getCache.remove(url);

}

else

_log.info("NOT removing cached GET for " + url + " NOT FOUND.");

}

/* (non-Javadoc)

* @see org.openid4java.util.HttpFetcher#get(java.lang.String, org.openid4java.util.HttpRequestOptions)

*/

public HttpResponse get(String url, HttpRequestOptions requestOptions)

throws IOException

{

DefaultHttpResponse resp = (DefaultHttpResponse) _getCache.get(url);

if (resp != null)

{

if (match(resp, requestOptions))

{

_log.info("Returning cached GET response for " + url);

return resp;

} else

{

_log.info("Removing cached GET for " + url);

removeGet(url);

}

}

HttpGet get = new HttpGet(url);

org.apache.http.HttpResponse httpResponse = null;

HttpEntity responseEntity = null;

try

{

get.getParams().setParameter(AllClientPNames.HANDLE_REDIRECTS, Boolean.TRUE);

HttpUtils.setRequestOptions(get, requestOptions);

httpResponse = _client.execute(get);

responseEntity = httpResponse.getEntity();

int statusCode = httpResponse.getStatusLine().getStatusCode();

String statusLine = httpResponse.getStatusLine().getReasonPhrase();

ResponseBody body = getResponseBody(responseEntity,

requestOptions.getMaxBodySize());

resp = new DefaultHttpResponse(statusCode, statusLine,

requestOptions.getMaxRedirects(), get.getURI().toString(),

httpResponse.getAllHeaders(), body.getBody());

resp.setBodySizeExceeded(body.isBodyTruncated());

// save result in cache

_getCache.put(url, resp);

}

finally

{

HttpUtils.dispose(responseEntity);

}

return resp;

}

private List<NameValuePair> toList(Map<String, String> parameters) {

List<NameValuePair> list = new ArrayList<NameValuePair>(parameters.size());

for (Entry<String, String> entry : parameters.entrySet()) {

list.add(new BasicNameValuePair(entry.getKey(), entry.getValue()));

}

return list;

}

@Override

public HttpResponse post(String url, Map<String, String> parameters,

HttpRequestOptions requestOptions) throws IOException {

// we don't actually cache posts, since they are used for

// association requests and signature verification

// build the post message with the parameters from the request

HttpPost post = new HttpPost(url);

DefaultHttpResponse resp;

org.apache.http.HttpResponse httpResponse = null;

try

{

// can't follow redirects on a POST (w/o user intervention)

post.getParams().setBooleanParameter(AllClientPNames.HANDLE_REDIRECTS, false);

HttpUtils.setRequestOptions(post, requestOptions);

post.setEntity(new UrlEncodedFormEntity(toList(parameters), "UTF-8"));

// place the http call to the OP

if (DEBUG) _log.debug("Performing HTTP POST on " + url);

httpResponse = _client.execute(post);

int statusCode = httpResponse.getStatusLine().getStatusCode();

String statusLine = httpResponse.getStatusLine().getReasonPhrase();

ResponseBody body = getResponseBody(httpResponse.getEntity(),

requestOptions.getMaxBodySize());

resp = new DefaultHttpResponse(statusCode, statusLine,

requestOptions.getMaxRedirects(), post.getURI().toString(),

httpResponse.getAllHeaders(), body.getBody());

resp.setBodySizeExceeded(body.isBodyTruncated());

}

finally

{

HttpUtils.dispose(httpResponse);

}

return resp;

}

/**

* Returns content of an HTTP response entitity, but no more than maxBytes.

* @throws IOException

*/

private ResponseBody getResponseBody(HttpEntity response, int maxBodySize) throws IOException {

InputStream httpBodyInput = response.getContent();

if (httpBodyInput == null) {

return new ResponseBody(null, false);

}

// trim down maxBodySize if we know the content is smaller than

// maxBodySize

if ((response.getContentLength() > 0)

&& (response.getContentLength() < maxBodySize)) {

maxBodySize = (int) response.getContentLength();

}

byte data[] = new byte[maxBodySize];

int totalRead = 0;

int currentRead;

while (totalRead < maxBodySize)

{

currentRead = httpBodyInput.read(

data, totalRead, maxBodySize - totalRead);

if (currentRead == -1) break;

totalRead += currentRead;

}

boolean bodySizeExceeded = (httpBodyInput.read() > 0);

httpBodyInput.close();

if (DEBUG) _log.debug("Read " + totalRead + " bytes.");

return new ResponseBody(new String(data, 0, totalRead), bodySizeExceeded);

}

private boolean match(DefaultHttpResponse resp, HttpRequestOptions requestOptions)

{

// use cache?

if ( resp != null && ! requestOptions.isUseCache())

{

_log.info("Explicit fresh GET requested; removing cached copy");

return false;

}

//is cache fresh?

if ( resp != null && (requestOptions.getCacheTTLSeconds() >= 0))

{

long cacheTTL = requestOptions.getCacheTTLSeconds() * 1000;

Date now = new Date();

long currentTime = now.getTime();

long cacheExpTime = resp.getTimestamp() + cacheTTL;

if (cacheExpTime < currentTime)

{

String cacheExpTimeStr = (new Date(cacheExpTime)).toString();

_log.info("Cache Expired at " + cacheExpTimeStr + "; removing cached copy");

return false;

}

}

// content type rules

String requiredContentType = requestOptions.getContentType();

if (resp != null && requiredContentType != null)

{

Header responseContentType = resp.getResponseHeader("content-type");

if ( responseContentType != null &&

responseContentType.getValue() != null &&

!responseContentType.getValue().split(";")[0]

.equalsIgnoreCase(requiredContentType) )

{

_log.info("Cached GET response does not match " +

"the required content type, removing.");

return false;

}

}

if (resp != null &&

resp.getMaxRedirectsFollowed() > requestOptions.getMaxRedirects())

{

_log.info("Cached GET response used " +

resp.getMaxRedirectsFollowed() +

" max redirects; current requirement is: " +

requestOptions.getMaxRedirects());

return false;

}

return true;

}

/* (non-Javadoc)

* @see org.openid4java.util.HttpFetcher#head(java.lang.String, org.openid4java.util.HttpRequestOptions)

*/

public HttpResponse head(String url, HttpRequestOptions requestOptions)

throws IOException

{

DefaultHttpResponse resp = (DefaultHttpResponse) _headCache.get(url);

if (resp != null)

{

if (match(resp, requestOptions))

{

_log.info("Returning cached HEAD response for " + url);

return resp;

} else

{

_log.info("Removing cached HEAD for " + url);

removeGet(url);

}

}

HttpHead head = new HttpHead(url);

org.apache.http.HttpResponse httpResponse = null;

HttpEntity responseEntity = null;

try

{

head.getParams().setParameter(AllClientPNames.HANDLE_REDIRECTS, Boolean.TRUE);

HttpUtils.setRequestOptions(head, requestOptions);

httpResponse = _client.execute(head);

responseEntity = httpResponse.getEntity();

int statusCode = httpResponse.getStatusLine().getStatusCode();

String statusLine = httpResponse.getStatusLine().getReasonPhrase();

resp = new DefaultHttpResponse(statusCode, statusLine,

requestOptions.getMaxRedirects(), head.getURI().toString(),

httpResponse.getAllHeaders(), null);

// save result in cache

_headCache.put(url, resp);

}

finally

{

HttpUtils.dispose(responseEntity);

}

return resp;

}

private static class DefaultHttpResponse implements HttpResponse

{

/**

* The status code of the HTTP response.

*/

private int _statusCode;

/**

* The status line of the HTTP response.

*/

private String _statusLine;

/**

* The maximum HTTP redirects limit that was configured

* when this HTTP response was obtained.

*/

private int _maxRedirectsFollowed;

/**

* The final URI from where the document was obtained,

* after following redirects.

*/

private String _finalUri;

/**

* Map of header names List of Header objects of the HTTP response.

*/

private Map _responseHeaders;

/**

* The HTTP response body.

*/

private String _body;

/**

* Flag to indicate if the HTTP response size exceeded the maximum

* allowed by the (default) HttpRequestOptions.

*/

private boolean _bodySizeExceeded = false;

/**

* timestamp of creation

*

*(number of milliseconds since January 1, 1970, 00:00:00 GMT)

*/

private long _timestamp;

/**

* Constructs a new HttpResponse with the provided parameters.

*/

public DefaultHttpResponse(int statusCode, String statusLine,

int redirectsFollowed, String finalUri,

Header[] responseHeaders, String body)

{

_statusCode = statusCode;

_statusLine = statusLine;

_maxRedirectsFollowed = redirectsFollowed;

_finalUri = finalUri;

_responseHeaders = new HashMap();

if (responseHeaders != null)

{

String headerName;

Header header;

for (int i=0; i < responseHeaders.length; i++)

{

// HTTP header names are case-insensitive

headerName = responseHeaders[i].getName().toLowerCase();

header = responseHeaders[i];

List headerList = (List) _responseHeaders.get(headerName);

if (headerList != null)

headerList.add(responseHeaders[i]);

else

_responseHeaders.put(headerName,

new ArrayList(Arrays.asList(new Header[] {header})));

}

}

_body = body;

Date now = new Date();

_timestamp = now.getTime();

}

/**

* Gets the status code of the HttpResponse.

*/

public int getStatusCode()

{

return _statusCode;

}

/**

* Gets the status line of the HttpResponse.

*/

public String getStatusLine()

{

return _statusLine;

}

/**

* Gets the maximum HTTP redirects limit that was configured

* when this HTTP response was obtained.

*/

public int getMaxRedirectsFollowed()

{

return _maxRedirectsFollowed;

}

/**

* Gets the final URI from where the document was obtained,

* after following redirects.

*/

public String getFinalUri()

{

return _finalUri;

}

/**

* Gets the first header matching the provided headerName parameter,

* or null if no header with that name exists.

*/

public Header getResponseHeader(String headerName)

{

List headerList = (List) _responseHeaders.get(headerName.toLowerCase());

if (headerList != null && headerList.size() > 0)

return (Header) headerList.get(0);

else

return null;

}

/**

* Gets an array of Header objects for the provided headerName parameter.

*/

public Header[] getResponseHeaders(String headerName)

{

List headerList = (List) _responseHeaders.get(headerName.toLowerCase());

if (headerList != null)

return (Header[]) headerList.toArray(new Header[headerList.size()]);

else

return new Header[]{}; // empty array, same as HttpClient's method

}

/**

* Gets the HttpResponse body.

*/

public String getBody()

{

return _body;

}

/**

* Returns true if the HTTP response size exceeded the maximum

* allowed by the (default) HttpRequestOptions.

* @return

*/

public boolean isBodySizeExceeded()

{

return _bodySizeExceeded;

}

/**

* Sets the flag to indicate whether the HTTP response size exceeded

* the maximum allowed by the (default) HttpRequestOptions.

*/

public void setBodySizeExceeded(boolean bodySizeExceeded)

{

this._bodySizeExceeded = bodySizeExceeded;

}

public long getTimestamp()

{

return _timestamp;

}

}

private static class ResponseBody {

private final String body;

private final boolean bodyIsTruncated;

public ResponseBody(String body, boolean truncated)

{

this.body = body;

this.bodyIsTruncated = truncated;

}

public String getBody()

{

return body;

}

public boolean isBodyTruncated()

{

return bodyIsTruncated;

}

}

}