/**
* POST: For an "update" action : update cart and show the cart page For a "checkout" action:
* moves the cart items to a transaction and redirects to the products page with a success message
*/
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
try {
Customer customer = getOrCreateCustomer(req, resp);
String action = req.getParameter("action");
if ("update".equals(action)) {
Map<Long, Integer> productQuantityMap = new HashMap<Long, Integer>();
for (Map.Entry<String, String[]> param : req.getParameterMap().entrySet()) {
if (param.getKey().startsWith("product-")) {
long productId = Long.parseLong(param.getKey().substring(8));
int quantity = Integer.parseInt(param.getValue()[0]);
productQuantityMap.put(productId, quantity);
}
}
int cartItemCount =
getStorefrontService(req).updateCart(customer.getId(), productQuantityMap);
customer.setCartItemCount(cartItemCount);
doGet(req, resp);
} else if ("checkout".equals(action)) {
// Move items from cart to transaction
getStorefrontService(req).checkout(customer.getId());
// Report success
String itemDesc =
(customer.getCartItemCount() != 1) ? customer.getCartItemCount() + " items" : "item";
addMessage(
req,
MessageSeverity.SUCCESS,
"Your transaction was successful. Your "
+ itemDesc
+ " will be shipped soon. Thank you for shopping with us!");
// Forward to products page
customer.setCartItemCount(0);
resp.sendRedirect(
"store-products?tenant="
+ UriComponent.encode(
getTenant(req).getAppInstance().getTenantName(), Type.QUERY_PARAM));
}
} catch (Exception e) {
addErrorMessage(req, e);
doGet(req, resp);
}
}
public void testRSASHA1() {
DummyRequest request =
new DummyRequest()
.requestMethod("GET")
.requestURL("http://photos.example.net/photos")
.parameterValue("file", "vacaction.jpg")
.parameterValue("size", "original");
OAuthParameters params =
new OAuthParameters()
.realm(REALM)
.consumerKey(CONSUMER_KEY)
.signatureMethod(RSA_SIGNATURE_METHOD)
.timestamp(RSA_TIMESTAMP)
.nonce(RSA_NONCE)
.version(VERSION);
OAuthSecrets secrets = new OAuthSecrets().consumerSecret(RSA_PRIVKEY);
// generate digital signature; ensure it matches the OAuth spec
String signature = null;
try {
signature = OAuthSignature.generate(request, params, secrets);
} catch (OAuthSignatureException se) {
fail(se.getMessage());
}
assertEquals(signature, RSA_SIGNATURE);
OAuthParameters saved = (OAuthParameters) params.clone();
try {
// sign the request; clear params; parse params from request; ensure they match original
OAuthSignature.sign(request, params, secrets);
} catch (OAuthSignatureException se) {
fail(se.getMessage());
}
// signing the request should not have modified the original parameters
assertTrue(params.equals(saved));
assertTrue(params.getSignature() == null);
params = new OAuthParameters();
params.readRequest(request);
assertEquals(params.getRealm(), REALM);
assertEquals(params.getConsumerKey(), CONSUMER_KEY);
// assertEquals(params.getToken(), ACCESS_TOKEN);
assertEquals(params.getSignatureMethod(), RSA_SIGNATURE_METHOD);
assertEquals(params.getTimestamp(), RSA_TIMESTAMP);
assertEquals(params.getNonce(), RSA_NONCE);
assertEquals(params.getVersion(), VERSION);
assertEquals(params.getSignature(), RSA_SIGNATURE);
// perform the same encoding as done by OAuthParameters.writeRequest
// to see if the encoded signature will match
assertEquals(
UriComponent.encode(params.getSignature(), UriComponent.Type.UNRESERVED),
RSA_SIGNATURE_ENCODED);
secrets = new OAuthSecrets().consumerSecret(RSA_CERTIFICATE);
try {
// verify signature using request that was just signed
assertTrue(OAuthSignature.verify(request, params, secrets));
} catch (OAuthSignatureException se) {
fail(se.getMessage());
}
}