View Javadoc

1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements. See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership. The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License. You may obtain a copy of the License at
9    *
10   * http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied. See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package com.tapas.evidence.fe.controller;
20  
21  import java.awt.image.BufferedImage;
22  import java.io.ByteArrayOutputStream;
23  
24  import javax.imageio.ImageIO;
25  import javax.inject.Inject;
26  import javax.servlet.ServletOutputStream;
27  import javax.servlet.http.HttpServletRequest;
28  import javax.servlet.http.HttpServletResponse;
29  
30  import org.springframework.stereotype.Controller;
31  import org.springframework.web.bind.annotation.RequestMapping;
32  
33  import com.octo.captcha.service.CaptchaServiceException;
34  import com.octo.captcha.service.multitype.MultiTypeCaptchaService;
35  
36  /**
37   * @author Michal Bocek
38   * @since 1.0.0
39   */
40  @Controller
41  public class CaptchaController {
42  	public static final String CAPTCHA_IMAGE_FORMAT = "jpeg";
43  
44  	@Inject
45  	private MultiTypeCaptchaService captchaService;
46  
47  	@RequestMapping("/captcha.jpg")
48  	public void showForm(HttpServletRequest request, HttpServletResponse response) throws Exception {
49  		byte[] captchaChallengeAsJpeg = null;
50  		// the output stream to render the captcha image as jpeg into
51  		ByteArrayOutputStream jpegOutputStream = new ByteArrayOutputStream();
52  		try {
53  			// get the session id that will identify the generated captcha.
54  			// the same id must be used to validate the response, the session id is a good candidate!
55  
56  			String captchaId = request.getSession().getId();
57  			BufferedImage challenge = captchaService.getImageChallengeForID(captchaId, request.getLocale());
58  
59  			ImageIO.write(challenge, CAPTCHA_IMAGE_FORMAT, jpegOutputStream);
60  		} catch (IllegalArgumentException e) {
61  			response.sendError(HttpServletResponse.SC_NOT_FOUND);
62  			return;
63  		} catch (CaptchaServiceException e) {
64  			response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
65  			return;
66  		}
67  
68  		captchaChallengeAsJpeg = jpegOutputStream.toByteArray();
69  
70  		// flush it in the response
71  		response.setHeader("Cache-Control", "no-store");
72  		response.setHeader("Pragma", "no-cache");
73  		response.setDateHeader("Expires", 0);
74  		response.setContentType("image/" + CAPTCHA_IMAGE_FORMAT);
75  
76  		ServletOutputStream responseOutputStream = response.getOutputStream();
77  		responseOutputStream.write(captchaChallengeAsJpeg);
78  		responseOutputStream.flush();
79  		responseOutputStream.close();
80  	}
81  }