001// Licensed under the Apache License, Version 2.0 (the "License"); 002// you may not use this file except in compliance with the License. 003// You may obtain a copy of the License at 004// 005// http://www.apache.org/licenses/LICENSE-2.0 006// 007// Unless required by applicable law or agreed to in writing, software 008// distributed under the License is distributed on an "AS IS" BASIS, 009// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 010// See the License for the specific language governing permissions and 011// limitations under the License. 012 013package org.apache.tapestry5.kaptcha.components; 014 015import org.apache.tapestry5.ComponentResources; 016import org.apache.tapestry5.MarkupWriter; 017import org.apache.tapestry5.StreamResponse; 018import org.apache.tapestry5.annotations.Persist; 019import org.apache.tapestry5.annotations.SupportsInformalParameters; 020import org.apache.tapestry5.http.Link; 021import org.apache.tapestry5.http.services.Response; 022import org.apache.tapestry5.ioc.annotations.Inject; 023import org.apache.tapestry5.kaptcha.services.KaptchaProducer; 024import org.apache.tapestry5.services.HttpError; 025 026import javax.imageio.ImageIO; 027import javax.servlet.http.HttpServletResponse; 028import java.awt.image.BufferedImage; 029import java.io.ByteArrayInputStream; 030import java.io.ByteArrayOutputStream; 031import java.io.IOException; 032import java.io.InputStream; 033 034/** 035 * Part of a Captcha based authentication scheme; a KaptchaImage generates a new 036 * text image whenever it <em>renders</em> and can provide the previously 037 * rendered text subsequently (it is stored persistently in the session). 038 * 039 * The component renders an {@code <img>} tag, including width and height attributes. Other attributes 040 * come from informal parameters. 041 * 042 * @tapestrydoc 043 * @since 5.3 044 */ 045@SupportsInformalParameters 046public class KaptchaImage 047{ 048 049 @Persist 050 private String captchaText; 051 052 @Inject 053 private KaptchaProducer producer; 054 055 @Inject 056 private ComponentResources resources; 057 058 @Inject 059 private Response response; 060 061 public String getCaptchaText() 062 { 063 return captchaText; 064 } 065 066 void setupRender() 067 { 068 captchaText = producer.createText(); 069 } 070 071 boolean beginRender(MarkupWriter writer) 072 { 073 Link link = resources.createEventLink("image"); 074 075 writer.element("img", 076 077 "src", link.toURI(), 078 079 "width", producer.getWidth(), 080 081 "height", producer.getHeight()); 082 083 resources.renderInformalParameters(writer); 084 085 writer.end(); 086 087 return false; 088 } 089 090 Object onImage() throws IOException 091 { 092 if (captchaText == null) 093 { 094 return new HttpError(HttpServletResponse.SC_NOT_FOUND, "Session expired."); 095 } 096 097 return new StreamResponse() 098 { 099 @Override 100 public String getContentType() 101 { 102 return "image/jpeg"; 103 } 104 105 @Override 106 public InputStream getStream() throws IOException 107 { 108 BufferedImage image = producer.createImage(captchaText); 109 110 ByteArrayOutputStream baos = new ByteArrayOutputStream(); 111 112 ImageIO.write(image, "jpg", baos); 113 114 return new ByteArrayInputStream(baos.toByteArray()); 115 } 116 117 @Override 118 public void prepareResponse(Response response) 119 { 120 response.setDateHeader("Expires", 0); 121 // Set standard HTTP/1.1 no-cache headers. 122 response.addHeader("Cache-Control", "no-store, no-cache, must-revalidate"); 123 // Set IE extended HTTP/1.1 no-cache headers (use addHeader). 124 response.addHeader("Cache-Control", "post-check=0, pre-check=0"); 125 // Set standard HTTP/1.0 no-cache header. 126 response.setHeader("Pragma", "no-cache"); 127 } 128 }; 129 130 } 131}