kawasima/RedirectServlet.java

## RedirectServlet.java
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URL;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.util.UUID;

import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.codec.binary.Hex;
import org.apache.commons.lang.StringUtils;

@SuppressWarnings("serial")
public class RedirectServlet extends HttpServlet {
	private Key key;
	private String confirmPath;

	public void init() throws ServletException {
		ServletConfig config = getServletConfig();
		String keyString = config.getInitParameter("key");
		if (keyString == null)
			keyString = UUID.randomUUID().toString();
		key = new SecretKeySpec(keyString.getBytes(), "HmacSHA1");
		confirmPath = config.getInitParameter("confirmPath");
	}

	@Override
	public void doGet(HttpServletRequest request, HttpServletResponse response)
		throws IOException {
		URL url = null;

		String userHash = request.getParameter("h");
		try {
			String u = request.getParameter("u");
			url = new URL(u);
		} catch (Exception e) {
			response.sendError(HttpServletResponse.SC_NOT_FOUND);
			return;
		}
		try {
			byte[] digest = digest(url.toString());
			String digestHex = Hex.encodeHexString(digest);
			if (StringUtils.equals(userHash, digestHex)) {
				response.sendRedirect(url.toString());
				return;
			} else if (confirmPath != null) {
				RequestDispatcher dispatcher = request.getRequestDispatcher(confirmPath);
				dispatcher.forward(request, response);
			} else {
				response.sendError(HttpServletResponse.SC_FORBIDDEN);
			}
		} catch (Exception e) {
			response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
		}
	}

	private byte[] digest(String url) throws UnsupportedEncodingException, GeneralSecurityException {
		Mac mac = Mac.getInstance(key.getAlgorithm());
		mac.init(key);
		return mac.doFinal(url.getBytes());
	}

	@Override
	public void doPost(HttpServletRequest request, HttpServletResponse response)
		throws IOException, ServletException {
		response.sendError(HttpServletResponse.SC_METHOD_NOT_ALLOWED);
	}

	public  String getHashCode(String url) {
		try {
			byte[] digest = digest(url);
			return Hex.encodeHexString(digest);
		} catch (Exception e) {
			return StringUtils.EMPTY;
		}
	}
}
	import java.io.IOException;
	import java.io.UnsupportedEncodingException;
	import java.net.URL;
	import java.security.GeneralSecurityException;
	import java.security.Key;
	import java.util.UUID;

	import javax.crypto.Mac;
	import javax.crypto.spec.SecretKeySpec;
	import javax.servlet.RequestDispatcher;
	import javax.servlet.ServletConfig;
	import javax.servlet.ServletException;
	import javax.servlet.http.HttpServlet;
	import javax.servlet.http.HttpServletRequest;
	import javax.servlet.http.HttpServletResponse;

	import org.apache.commons.codec.binary.Hex;
	import org.apache.commons.lang.StringUtils;

	@SuppressWarnings("serial")
	public class RedirectServlet extends HttpServlet {
	private Key key;
	private String confirmPath;

	public void init() throws ServletException {
	ServletConfig config = getServletConfig();
	String keyString = config.getInitParameter("key");
	if (keyString == null)
	keyString = UUID.randomUUID().toString();
	key = new SecretKeySpec(keyString.getBytes(), "HmacSHA1");
	confirmPath = config.getInitParameter("confirmPath");
	}

	@Override
	public void doGet(HttpServletRequest request, HttpServletResponse response)
	throws IOException {
	URL url = null;

	String userHash = request.getParameter("h");
	try {
	String u = request.getParameter("u");
	url = new URL(u);
	} catch (Exception e) {
	response.sendError(HttpServletResponse.SC_NOT_FOUND);
	return;
	}
	try {
	byte[] digest = digest(url.toString());
	String digestHex = Hex.encodeHexString(digest);
	if (StringUtils.equals(userHash, digestHex)) {
	response.sendRedirect(url.toString());
	return;
	} else if (confirmPath != null) {
	RequestDispatcher dispatcher = request.getRequestDispatcher(confirmPath);
	dispatcher.forward(request, response);
	} else {
	response.sendError(HttpServletResponse.SC_FORBIDDEN);
	}
	} catch (Exception e) {
	response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
	}
	}

	private byte[] digest(String url) throws UnsupportedEncodingException, GeneralSecurityException {
	Mac mac = Mac.getInstance(key.getAlgorithm());
	mac.init(key);
	return mac.doFinal(url.getBytes());
	}

	@Override
	public void doPost(HttpServletRequest request, HttpServletResponse response)
	throws IOException, ServletException {
	response.sendError(HttpServletResponse.SC_METHOD_NOT_ALLOWED);
	}

	public String getHashCode(String url) {
	try {
	byte[] digest = digest(url);
	return Hex.encodeHexString(digest);
	} catch (Exception e) {
	return StringUtils.EMPTY;
	}
	}
	}