java source code of AuthenticationController

computoser-master
- src
  - main
    - resources
      - ehcache.xml
      - logback.xml
      - titleComponents.properties
      - emailTemplates
        license.txt
        digest.vm
        purchase.vm
      - edu
        stanford
        nlp
        dcoref
        coref.properties
        pipeline
        StanfordCoreNLP.properties
      - stopwords.txt
      - license
        AGPL-3-header.txt
      - jmx.xml
      - applicationContext.xml
      - META-INF
        persistence.xml
      - social.xml
      - bots
        agents.txt
      - caches.xml
    - java
      - com
        music
        PadsGenerator.java
        dao
        UserDao.java
        Dao.java
        QueryDetails.java
        PieceDao.java
        PageableOperation.java
        factors.txt
        MainPartGenerator.java
        ScoreManipulator.java
        web
        ManagementController.java
        MusicController.java
        TimelineToMusicController.java
        Cart.java
        websocket
        Game.java
        Player.java
        dto
        PlayerResult.java
        GameAction.java
        GameResults.java
        GameMessage.java
        Metre.java
        Instrument.java
        Answer.java
        GameEvent.java
        GameEventType.java
        PossibleAnswers.java
        GameHandler.java
        util
        StartupListener.java
        RequestBlockingFilter.java
        ExceptionResolver.java
        AutoLoginInterceptor.java
        WebSocketConfigurer.java
        GameController.java
        PagesController.java
        UserContext.java
        AuthenticationController.java
        SocialSignInAdapter.java
        CartController.java
        BassPartGenerator.java
        Test.java
        MetreConfigurer.java
        Midi2WavRenderer.java
        util
        RetryableOperation.java
        music
        SMFTools.java
        Chance.java
        NoteFactory.java
        GoldenRatioRandom.java
        InstrumentNameExtractor.java
        ChordUtils.java
        Cadences.java
        ToneResolver.java
        SecurityUtils.java
        GeneralUtils.java
        Graph.java
        MutingPrintStream.java
        cache
        CacheKeyGenerator.java
        CacheKey.java
        SharedData.java
        persistence
        PersistentDateTime.java
        HibernateExtendedJpaVendorAdapter.java
        xmlmodel
        TimeAttributes.java
        Test.java
        ScorePartDefinition.java
        Measure.java
        RestElement.java
        MeasureAttributes.java
        NoteElement.java
        Pitch.java
        ScorePartwise.java
        ScorePart.java
        PercussionGenerator.java
        TimpaniPartGenerator.java
        TitleGenerator.java
        scheduled
        LikeCountingJob.java
        TimelineMusicProcessor.java
        MusicGenerationJob.java
        PieceDigestSendingJob.java
        FeedGenerator.java
        BackupJob.java
        AccompanimentPartGenerator.java
        service
        ManagementService.java
        UserService.java
        NewsService.java
        PurchaseService.java
        PieceService.java
        FileStorageService.java
        EmailService.java
        PiecePackService.java
        LocalFileStorageService.java
        AmazonFileStorageService.java
        text
        TimelineToMusicService.java
        SentimentAnalyzer.java
        auth
        JpaUsersConnectionRepository.java
        JpaConnectionRepository.java
        SimpleBeatGenerator.java
        Generator.java
        DroneGenerator.java
        ScaleConfigurer.java
        GenerationOptions.java
        tools
        VariationTester.java
        SongDBDownloader.java
        SongDBAnalyzer.java
        ScaleTester.java
        InstrumentExtractor.java
        InstrumentTester.java
        MidiAnalyzer.java
        SongChart.java
        NoteElement.java
        MusicXmlRenderer.java
        model
        Chord.java
        persistent
        TimelineMusic.java
        IntermediateDecisions.java
        FeedEntry.java
        PiecePlay.java
        Purchase.java
        News.java
        Piece.java
        SocialAuthentication.java
        PiecePack.java
        TimelineMusicRequest.java
        PaymentType.java
        User.java
        PieceEvaluation.java
        InstrumentGroups.java
        ChordType.java
        PartType.java
        ToneGroups.java
        prefs
        Variation.java
        Mood.java
        UserPreferences.java
        Tempo.java
        Ternary.java
        ToneType.java
        Scale.java
        ExtendedPhrase.java
        SpecialNoteType.java
        Contour.java
        ScoreContext.java
        EffectsGenerator.java
        MutableInteger.java
        PartConfigurer.java
        Arpeggiator.java
    - webapp
      - img
      - playerSkins
        jplayer.blue.monday.jpg
        jplayer.blue.monday.css
        jplayer.blue.monday.seeking.gif
      - WEB-INF
        dispatcher-servlet.xml
        jsp
        footer.jsp
        about.jsp
        customizations.jsp
        socialSignup.jsp
        header.jsp
        track.jsp
        playerScripts.jsp
        analytics.jsp
        news.jsp
        signin.jsp
        tracksTable.jsp
        terms.jsp
        twitterMusic.jsp
        txt
        robots.txt
        extras.jsp
        includes.jsp
        signup.jsp
        stockpacks.jsp
        imprint.jsp
        player.jsp
        twitterMusicHome.jsp
        game.jsp
        index.jsp
        tracks.jsp
        cart.jsp
        web.xml
      - scripts
        bootstrap.min.js
        ZeroClipboard.min.js
        bootstrap.js
        jquery-1.10.2.min.js
        jquery.jplayer.min.js
        jquery.zclip.min.js
        ZeroClipboard.swf
        jplayer.swf
        sockjs.min.js
      - styles
        main.css
        bootstrap-responsive.min.css
        bootstrap.min.css
        bootstrap.css
        bootstrap-responsive.css
  - test
    - java
      - com
        music
        websocket
        GameTest.java
        SentimentAnalyzerTest.java
        LengthTest.java
        tools
        HeaderManager.java
- pom.xml
- LICENSE
- lib
- config
  - server
    - catalina-sh-properties
    - server.xml
    - addSwap.txt
    - ffmpeg-install
    - jmxremote.password
    - jmxremote.access
  - application.properties
- analysis
  - db
    - 197.xml
    - 143.xml
    - 78.xml
    - 16.xml
    - 332.xml
    - 25.xml
    - 20.xml
    - 468.xml
    - 26.xml
    - 484.xml
    - 292.xml
    - 344.xml
    - 454.xml
    - 95.xml
    - 104.xml
    - 356.xml
    - 329.xml
    - 52.xml
    - 90.xml
    - 467.xml
    - 422.xml
    - 297.xml
    - 343.xml
    - 31.xml
    - 19.xml
    - 189.xml
    - 198.xml
    - 365.xml
    - 202.xml
    - 88.xml
    - 362.xml
    - 466.xml
    - 396.xml
    - 47.xml
    - 401.xml
    - 253.xml
    - 138.xml
    - 150.xml
    - 207.xml
    - 481.xml
    - 162.xml
    - 27.xml
    - 346.xml
    - 37.xml
    - 17.xml
    - 446.xml
    - 408.xml
    - 318.xml
    - 185.xml
    - 434.xml
    - 124.xml
    - 141.xml
    - 152.xml
    - 18.xml
    - 50.xml
    - 323.xml
    - 414.xml
    - 24.xml
    - 426.xml
    - 279.xml
    - 2.xml
    - 56.xml
    - 312.xml
    - 278.xml
    - 191.xml
    - 57.xml
    - 230.xml
    - 33.xml
    - 387.xml
    - 417.xml
    - 147.xml
    - 140.xml
    - 282.xml
    - 452.xml
    - 281.xml
    - 40.xml
    - 493.xml
    - 438.xml
    - 38.xml
    - 91.xml
    - 192.xml
    - 173.xml
    - 181.xml
    - 59.xml
    - 176.xml
    - 443.xml
    - 236.xml
    - 168.xml
    - 148.xml
    - 471.xml
    - 177.xml
    - 293.xml
    - 261.xml
    - 219.xml
    - 175.xml
    - 432.xml
    - 214.xml
    - 227.xml
    - 489.xml
    - 11.xml
    - 342.xml
    - 431.xml
    - 389.xml
    - 275.xml
    - 298.xml
    - 437.xml
    - 306.xml
    - 375.xml
    - 68.xml
    - 369.xml
    - 371.xml
    - 10.xml
    - 448.xml
    - 240.xml
    - 62.xml
    - 196.xml
    - 127.xml
    - 42.xml
    - 115.xml
    - 183.xml
    - 491.xml
    - 82.xml
    - 339.xml
    - 160.xml
    - 381.xml
    - 296.xml
    - 3.xml
    - 67.xml
    - 121.xml
    - 228.xml
    - 319.xml
    - 137.xml
    - 419.xml
    - 231.xml
    - 289.xml
    - 350.xml
    - 478.xml
    - 89.xml
    - 257.xml
    - 93.xml
    - 307.xml
    - 221.xml
    - 394.xml
    - 243.xml
    - 199.xml
    - 450.xml
    - 313.xml
    - 161.xml
    - 412.xml
    - 35.xml
    - 328.xml
    - 178.xml
    - 400.xml
    - 465.xml
    - 421.xml
    - 109.xml
    - 461.xml
    - 157.xml
    - 302.xml
    - 386.xml
    - 135.xml
    - 75.xml
    - 105.xml
    - 376.xml
    - 406.xml
    - 463.xml
    - 428.xml
    - 330.xml
    - 262.xml
    - 334.xml
    - 211.xml
    - 165.xml
    - 108.xml
    - 488.xml
    - 436.xml
    - 209.xml
    - 125.xml
    - 103.xml
    - 233.xml
    - 171.xml
    - 407.xml
    - 128.xml
    - 411.xml
    - 462.xml
    - 87.xml
    - 445.xml
    - 77.xml
    - 449.xml
    - 206.xml
    - 65.xml
    - 402.xml
    - 403.xml
    - 439.xml
    - 5.xml
    - 71.xml
    - 63.xml
    - 200.xml
    - 155.xml
    - 119.xml
    - 242.xml
    - 418.xml
    - 53.xml
    - 480.xml
    - 45.xml
    - 377.xml
    - 73.xml
    - 487.xml
    - 234.xml
    - 134.xml
    - 388.xml
    - 327.xml
    - 492.xml
    - 291.xml
    - 309.xml
    - 325.xml
    - 70.xml
    - 132.xml
    - 255.xml
    - 241.xml
    - 470.xml
    - 194.xml
    - 225.xml
    - 193.xml
    - 79.xml
    - 166.xml
    - 96.xml
    - 440.xml
    - 317.xml
    - 117.xml
    - 49.xml
    - 216.xml
    - 84.xml
    - 100.xml
    - 114.xml
    - 85.xml
    - 310.xml
    - 36.xml
    - 97.xml
    - 237.xml
    - 13.xml
    - 9.xml
    - 337.xml
    - 94.xml
    - 224.xml
    - 245.xml
    - 259.xml
    - 354.xml
    - 264.xml
    - 133.xml
    - 46.xml
    - 393.xml
    - 260.xml
    - 98.xml
    - 366.xml
    - 265.xml
    - 244.xml
    - 277.xml
    - 254.xml
    - 142.xml
    - 7.xml
    - 118.xml
    - 111.xml
    - 382.xml
    - 442.xml
    - 287.xml
    - 280.xml
    - 474.xml
    - 203.xml
    - 360.xml
    - 55.xml
    - 154.xml
    - 163.xml
    - 66.xml
    - 110.xml
    - 266.xml
    - 311.xml
    - 186.xml
    - 116.xml
    - 425.xml
    - 139.xml
    - 288.xml
    - 456.xml
    - 229.xml
    - 378.xml
    - 367.xml
    - 322.xml
    - 246.xml
    - 41.xml
    - 226.xml
    - 201.xml
    - 126.xml
    - 28.xml
    - 410.xml
    - 122.xml
    - 34.xml
    - 335.xml
    - 99.xml
    - 404.xml
    - 424.xml
    - 249.xml
    - 6.xml
    - 156.xml
    - 464.xml
    - 283.xml
    - 321.xml
    - 399.xml
    - 429.xml
    - 385.xml
    - 294.xml
    - 170.xml
    - 64.xml
    - 276.xml
    - 220.xml
    - 326.xml
    - 472.xml
    - 151.xml
    - 83.xml
    - 106.xml
    - 316.xml
    - 263.xml
    - 469.xml
    - 284.xml
    - 370.xml
    - 149.xml
    - 158.xml
    - 248.xml
    - 43.xml
    - 258.xml
    - 347.xml
    - 435.xml
    - 286.xml
    - 188.xml
    - 86.xml
    - 290.xml
    - 123.xml
    - 60.xml
    - 380.xml
    - 460.xml
    - 12.xml
    - 475.xml
    - 427.xml
    - 479.xml
    - 333.xml
    - 395.xml
    - 21.xml
    - 451.xml
    - 349.xml
    - 4.xml
    - 218.xml
    - 0.xml
    - 235.xml
    - 32.xml
    - 144.xml
    - 212.xml
    - 268.xml
    - 340.xml
    - 390.xml
    - 187.xml
    - 112.xml
    - 167.xml
    - 473.xml
    - 274.xml
    - 256.xml
    - 145.xml
    - 423.xml
    - 341.xml
    - 384.xml
    - 44.xml
    - 270.xml
    - 273.xml
    - 180.xml
    - 76.xml
    - 61.xml
    - 113.xml
    - 238.xml
    - 304.xml
    - 336.xml
    - 444.xml
    - 51.xml
    - 81.xml
    - 250.xml
    - 305.xml
    - 420.xml
    - 416.xml
    - 374.xml
    - 22.xml
    - 359.xml
    - 146.xml
    - 195.xml
    - 102.xml
    - 308.xml
    - 239.xml
    - 271.xml
    - 169.xml
    - 184.xml
    - 391.xml
    - 54.xml
    - 455.xml
    - 398.xml
    - 299.xml
    - 8.xml
    - 215.xml
    - 476.xml
    - 182.xml
    - 314.xml
    - 372.xml
    - 15.xml
    - 324.xml
    - 352.xml
    - 483.xml
    - 368.xml
    - 267.xml
    - 1.xml
    - 320.xml
    - 92.xml
    - 58.xml
    - 303.xml
    - 23.xml
    - 301.xml
    - 174.xml
    - 361.xml
    - 190.xml
    - 205.xml
    - 397.xml
    - 441.xml
    - 285.xml
    - 358.xml
    - 269.xml
    - 164.xml
    - 107.xml
    - 379.xml
    - 217.xml
    - 353.xml
    - 30.xml
    - 433.xml
    - 136.xml
    - 405.xml
    - 39.xml
    - 204.xml
    - 447.xml
    - 458.xml
    - 482.xml
    - 392.xml
    - 338.xml
    - 179.xml
    - 373.xml
    - 272.xml
    - 48.xml
    - 223.xml
    - 457.xml
    - 129.xml
    - 315.xml
    - 351.xml
    - 485.xml
    - 14.xml
    - 486.xml
    - 172.xml
    - 222.xml
    - 363.xml
    - 477.xml
    - 131.xml
    - 69.xml
    - 357.xml
    - 430.xml
    - 208.xml
    - 210.xml
    - 364.xml
    - 251.xml
    - 159.xml
    - 130.xml
    - 409.xml
    - 213.xml
    - 415.xml
    - 232.xml
    - 459.xml
    - 120.xml
    - 355.xml
    - 153.xml
    - 74.xml
    - 29.xml
    - 72.xml
    - 295.xml
    - 345.xml
    - 383.xml
    - 413.xml
    - 101.xml
    - 300.xml
    - 348.xml
    - 247.xml
    - 453.xml
  - midi
    - jarre
      - oxygene6.mid
      - equin1a.mid
      - equinoxe5.mid
      - EQUINOX3.MID
      - oxygene3.mid
      - oxygene2.mid
      - magne1a.mid
      - magnetic2.mid
      - EQUINOX7.MID
      - equinoxe4.mid
      - magnetic4.mid
      - oxygene4-1.mid
    - beatles
      - 01A-1__I_Want_To_Hold_Your Hand.mid
      - 07A-4__You've_Got_To_Hide_Your_Love_Away.mid
      - 10A-2__Eleanor_Rigby.mid
      - 07A-1__Help!.mid
      - 10A-5__Yellow_Submarine.mid
      - 01A-6__All_My_Loving.mid
- README.md
- .gitignore
- TODO.txt

/*
 * Computoser is a music-composition algorithm and a website to present the results
 * Copyright (C) 2012-2014  Bozhidar Bozhanov
 *
 * Computoser is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as
 * published by the Free Software Foundation, either version 3 of the
 * License, or (at your option) any later version.
 *
 * Computoser is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with Computoser.  If not, see <http://www.gnu.org/licenses/>.
 */

package com.music.web;

import java.io.IOException;

import javax.inject.Inject;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.commons.lang3.StringUtils;
import org.hibernate.validator.constraints.impl.EmailValidator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.converter.FormHttpMessageConverter;
import org.springframework.http.converter.HttpMessageConverter;
import org.springframework.http.converter.StringHttpMessageConverter;
import org.springframework.social.connect.web.ProviderSignInAttempt;
import org.springframework.social.connect.web.ProviderSignInController;
import org.springframework.social.facebook.api.Facebook;
import org.springframework.social.facebook.api.FacebookProfile;
import org.springframework.social.twitter.api.Twitter;
import org.springframework.social.twitter.api.TwitterProfile;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.util.MultiValueMap;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.client.RestTemplate;
import org.springframework.web.context.request.NativeWebRequest;
import org.springframework.web.context.request.RequestAttributes;
import org.springframework.web.servlet.view.RedirectView;
import org.springframework.web.util.WebUtils;

import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.music.model.persistent.User;
import com.music.service.UserService;

@Controller
public class AuthenticationController {
    public static final String REDIRECT_AFTER_LOGIN = "redirectAfterLogin";

    private static final Logger logger = LoggerFactory.getLogger(AuthenticationController.class);

    @Inject
    private ProviderSignInController signInController;
    @Inject
    private SocialSignInAdapter signInAdapter;
    @Inject
    private UserService userService;
    @Inject
    private UserContext context;

    private RestTemplate restTemplate = new RestTemplate();
    private EmailValidator emailValidator = new EmailValidator();

    public AuthenticationController() {
        HttpMessageConverter<?> formHttpMessageConverter = new FormHttpMessageConverter();
        HttpMessageConverter<?> stringHttpMessageConverternew = new StringHttpMessageConverter();
        restTemplate.getMessageConverters().add(formHttpMessageConverter);
        restTemplate.getMessageConverters().add(stringHttpMessageConverternew);
    }

    @RequestMapping(value="/signin/{providerId}", method=RequestMethod.GET, params="home") //param to discriminate from the cancellation url (ugly, I know)
    public RedirectView signin(@PathVariable String providerId, @RequestParam(required=false) String redirectUri, NativeWebRequest request, HttpSession session) {
        if (redirectUri != null) {
            session.setAttribute(REDIRECT_AFTER_LOGIN, redirectUri);
        }
        return signInController.signIn(providerId, request);
    }

    @RequestMapping("/socialSignUp")
    public String socialSignupPage(@RequestParam(required=false) String email, NativeWebRequest request, Model model) {
        ProviderSignInAttempt attempt = (ProviderSignInAttempt) request.getAttribute(ProviderSignInAttempt.class.getName(), RequestAttributes.SCOPE_SESSION);
        if (attempt == null && StringUtils.isEmpty(email)) {
            return "redirect:/";
        }
        User user = new User();
        if (attempt != null) {
            Object api = attempt.getConnection().getApi();
            if (api instanceof Facebook) {
                FacebookProfile profile = ((Facebook) api).userOperations().getUserProfile();
                user.setEmail(profile.getEmail());
                user.setNames(profile.getName());
                user.setUsername(profile.getUsername());
            } else if (api instanceof Twitter) {
                TwitterProfile profile = ((Twitter) api).userOperations().getUserProfile();
                user.setNames(profile.getName());
                user.setUsername(profile.getScreenName());
            }
        } else {
            user.setEmail(email);
            model.addAttribute("type", "Persona");
        }
        model.addAttribute("user", user);
        return "socialSignup";
    }

    @RequestMapping("/social/completeRegistration")
    public String completeRegistration(@RequestParam String email, @RequestParam String names,
            @RequestParam String username, @RequestParam String type,
            @RequestParam(defaultValue = "false", required = false) boolean receiveDailyDigest,
            @RequestParam(defaultValue = "false", required = false) boolean loginAutomatically,
            NativeWebRequest request, HttpSession session, Model model) {

        if (!emailValidator.isValid(email, null)) {
            return "redirect:/?message=Invalid email. Try again";
        }

        // if the session has expired for a fb/tw registration (i.e. attempt is null), do not proceed - otherwise inconsistent data is stored
        ProviderSignInAttempt attempt = (ProviderSignInAttempt) request.getAttribute(ProviderSignInAttempt.class.getName(), RequestAttributes.SCOPE_SESSION);
        if (attempt != null) {
            User user = userService.completeUserRegistration(email, username, names, attempt.getConnection(), loginAutomatically, receiveDailyDigest);
            signInAdapter.signIn(user, (HttpServletResponse) request.getNativeResponse(), true);
        } else if ("Persona".equals(type)){
            User user = userService.completeUserRegistration(email, username, names, null, loginAutomatically, receiveDailyDigest);
            signInAdapter.signIn(user, (HttpServletResponse) request.getNativeResponse(), true);
        }
        String redirectUri = (String) session.getAttribute(REDIRECT_AFTER_LOGIN);
        if (redirectUri != null) {
            return "redirect:" + redirectUri;
        }
        return "redirect:/";
    }

    @RequestMapping("/persona/auth")
    @ResponseBody
    public String authenticateWithPersona(@RequestParam String assertion,
            @RequestParam boolean userRequestedAuthentication, HttpServletRequest request,
            HttpServletResponse httpResponse, Model model)
            throws IOException {
        if (context.getUser() != null) {
            return "";
        }
        MultiValueMap<String, String> params = new LinkedMultiValueMap<>();
        params.add("assertion", assertion);
        params.add("audience", request.getScheme() + "://" + request.getServerName() + ":" + (request.getServerPort() == 80 ? "" : request.getServerPort()));
        PersonaVerificationResponse response = restTemplate.postForObject("https://verifier.login.persona.org/verify", params, PersonaVerificationResponse.class);
        if (response.getStatus().equals("okay")) {
            User user = userService.getUserByEmail(response.getEmail());
            if (user == null && userRequestedAuthentication) {
                return "/socialSignUp?email=" + response.getEmail();
            } else if (user != null){
                if (userRequestedAuthentication || user.isLoginAutomatically()) {
                    signInAdapter.signIn(user, httpResponse, true);
                    return "/";
                } else {
                    return "";
                }
            } else {
                return ""; //in case this is not a user-requested operation, do nothing
            }
        } else {
            logger.warn("Persona authentication failed due to reason: " + response.getReason());
            throw new IllegalStateException("Authentication failed");
        }
    }

    @RequestMapping("/logout")
    public String logout(HttpSession session, HttpServletRequest request, HttpServletResponse response) {
        session.invalidate();
        Cookie cookie = WebUtils.getCookie(request, SocialSignInAdapter.AUTH_TOKEN_COOKIE_NAME);
        if (cookie != null) {
            cookie.setMaxAge(0);
            cookie.setDomain(".computoser.com");
            cookie.setPath("/");
            response.addCookie(cookie);
        }

        cookie = WebUtils.getCookie(request, SocialSignInAdapter.AUTH_TOKEN_SERIES_COOKIE_NAME);
        if (cookie != null) {
            cookie.setMaxAge(0);
            cookie.setDomain(".computoser.com");
            cookie.setPath("/");
            response.addCookie(cookie);
        }

        return "redirect:/";
    }
    @RequestMapping("/digestEmailUnsubscribe/{id}")
    public String unsubscribe(@PathVariable long id, @RequestParam String hash) {
        userService.unsubscribe(id, hash);
        return "redirect:/?message=Successfully unsubscribed";
    }

    @JsonIgnoreProperties(ignoreUnknown=true)
    @SuppressWarnings("unused")
    private static class PersonaVerificationResponse {
        private String status;
        private String email;
        private String reason;
        public String getStatus() {
            return status;
        }
        public void setStatus(String status) {
            this.status = status;
        }
        public String getEmail() {
            return email;
        }
        public void setEmail(String email) {
            this.email = email;
        }
        public String getReason() {
            return reason;
        }
        public void setReason(String reason) {
            this.reason = reason;
        }
    }
}