From fef2c58996264f18349b16d22732d2616f68fcc2 Mon Sep 17 00:00:00 2001
From: will <will@cloud.com>
Date: Wed, 25 May 2011 15:38:50 -0700
Subject: [PATCH] bug 9982: Ensuring that the registration token is used only
 once.

---
 .../servlet/RegisterCompleteServlet.java      | 68 ++++++++++---------
 .../com/cloud/user/AccountManagerImpl.java    |  1 +
 2 files changed, 38 insertions(+), 31 deletions(-)

diff --git a/server/src/com/cloud/servlet/RegisterCompleteServlet.java b/server/src/com/cloud/servlet/RegisterCompleteServlet.java
index 690ff96a9ee..0f8a12052d3 100644
--- a/server/src/com/cloud/servlet/RegisterCompleteServlet.java
+++ b/server/src/com/cloud/servlet/RegisterCompleteServlet.java
@@ -79,42 +79,48 @@ public class RegisterCompleteServlet extends HttpServlet implements ServletConte
 	@Override
     protected void doGet(HttpServletRequest req, HttpServletResponse resp) {
 		String registrationToken = req.getParameter("token");
+		int statusCode = HttpServletResponse.SC_OK;
+		String responseMessage = null;
+		
 		if (registrationToken == null || registrationToken.trim().length() == 0) {
-			// Return an error code
-		} 
-		
-		User resourceAdminUser = _accountSvc.getActiveUserByRegistrationToken(registrationToken);
-		if (resourceAdminUser == null) {
-			// Return an error code
+			statusCode = 503;
+			responseMessage = "{ \"registration_info\" : { \"errorcode\" : \"503\", \"Missing token\" } }";
+		} else {
+			User resourceAdminUser = _accountSvc.getActiveUserByRegistrationToken(registrationToken);
+			if (resourceAdminUser != null) {
+				if(!resourceAdminUser.isRegistered()){
+					_accountSvc.markUserRegistered(resourceAdminUser.getId());
+				}
+				
+				Account resourceAdminAccount = _accountSvc.getActiveAccount(resourceAdminUser.getAccountId());
+				Account rsUserAccount = _accountSvc.getActiveAccount(resourceAdminAccount.getAccountName()+"-user", resourceAdminAccount.getDomainId());
+				
+				List<UserVO> users =  _userDao.listByAccount(rsUserAccount.getId());
+				User rsUser = users.get(0);
+				
+				Configuration config = _configDao.findByName("endpointe.url");
+				
+				StringBuffer sb = new StringBuffer();
+		        sb.append("{ \"registration_info\" : { \"endpoint_url\" : \""+config.getValue()+"\", ");
+		        sb.append("\"domain_id\" : \""+resourceAdminAccount.getDomainId()+"\", ");
+		        sb.append("\"admin_account\" : \""+resourceAdminUser.getUsername()+"\", ");
+		        sb.append("\"admin_account_api_key\" : \""+resourceAdminUser.getApiKey()+"\", ");
+		        sb.append("\"admin_account_secret_key\" : \""+resourceAdminUser.getSecretKey()+"\", ");
+		        sb.append("\"user_account\" : \""+rsUser.getUsername()+"\", ");
+		        sb.append("\"user_account_api_key\" : \""+rsUser.getApiKey()+"\", ");
+		        sb.append("\"user_account_secret_key\" : \""+rsUser.getSecretKey()+"\" ");
+		        sb.append("} }");
+		        responseMessage = sb.toString();
+			} else {
+				statusCode = 503;
+				responseMessage = "{ \"registration_info\" : { \"errorcode\" : \"503\", \"Invalid token = " + registrationToken + "\" } }";
+			}
 		}
-		
-		if(!resourceAdminUser.isRegistered()){
-			_accountSvc.markUserRegistered(resourceAdminUser.getId());
-		}
-		
-		Account resourceAdminAccount = _accountSvc.getActiveAccount(resourceAdminUser.getAccountId());
-		Account rsUserAccount = _accountSvc.getActiveAccount(resourceAdminAccount.getAccountName()+"-user", resourceAdminAccount.getDomainId());
-		
-		List<UserVO> users =  _userDao.listByAccount(rsUserAccount.getId());
-		User rsUser = users.get(0);
-		
-		Configuration config = _configDao.findByName("endpointe.url");
-		
-		StringBuffer sb = new StringBuffer();
-        sb.append("{ \"registration_info\" : { \"endpoint_url\" : \""+config.getValue()+"\", ");
-        sb.append("\"domain_id\" : \""+resourceAdminAccount.getDomainId()+"\", ");
-        sb.append("\"admin_account\" : \""+resourceAdminUser.getUsername()+"\", ");
-        sb.append("\"admin_account_api_key\" : \""+resourceAdminUser.getApiKey()+"\", ");
-        sb.append("\"admin_account_secret_key\" : \""+resourceAdminUser.getSecretKey()+"\", ");
-        sb.append("\"user_account\" : \""+rsUser.getUsername()+"\", ");
-        sb.append("\"user_account_api_key\" : \""+rsUser.getApiKey()+"\", ");
-        sb.append("\"user_account_secret_key\" : \""+rsUser.getSecretKey()+"\" ");
-        sb.append("} }");
         
         try {
 	        resp.setContentType("text/javascript; charset=UTF-8");
-	        resp.setStatus(HttpServletResponse.SC_OK);
-			resp.getWriter().print(sb.toString());
+	        resp.setStatus(statusCode);
+			resp.getWriter().print(responseMessage);
         } catch (Exception ex) {
         	s_logger.error("unknown exception writing register complete response", ex);
         }
diff --git a/server/src/com/cloud/user/AccountManagerImpl.java b/server/src/com/cloud/user/AccountManagerImpl.java
index 6f539f4e188..ce0c677cf52 100755
--- a/server/src/com/cloud/user/AccountManagerImpl.java
+++ b/server/src/com/cloud/user/AccountManagerImpl.java
@@ -1789,6 +1789,7 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
 	public void markUserRegistered(long userId) {
         UserVO userForUpdate = _userDao.createForUpdate();
         userForUpdate.setRegistered(true);
+        userForUpdate.setRegistrationToken(null);
         _userDao.update(Long.valueOf(userId), userForUpdate);		
 	}
 }