public void commit() { if (!committed) { if (responseContentType != null) { apiServletContext.getResponse().setHeader("Content-Type", responseContentType); } apiServletContext.getResponse().setStatus(responseCode); committed = true; } }
@Override public boolean challenge(ApiRequest request) { if ("upgrade".equalsIgnoreCase(request.getServletContext().getRequest().getHeader(CONNECTION))) { return false; } if ("true".equalsIgnoreCase(request.getServletContext().getRequest().getHeader(NO_CHALLENGE_HEADER))) { return false; } HttpServletResponse response = request.getServletContext().getResponse(); String realm = REALM.get(); if (realm == null) { response.setHeader(CHALLENGE_HEADER, BASIC); } else { response.setHeader(CHALLENGE_HEADER, String.format(BASIC_REALM, realm)); } return true; }
@Override public boolean parse(ApiRequest apiRequest) throws IOException { HttpServletRequest request = apiRequest.getServletContext().getRequest(); String path = request.getServletPath(); String[] parts = path.split("/"); if (parts.length > 4 && "projects".equalsIgnoreCase(parts[2]) && !"projectMembers".equalsIgnoreCase(parts[4])) { String projectId = parts[3]; apiRequest.setSubContext(String.format("/%s/%s", parts[2], projectId)); String[] newPath = ArrayUtils.addAll(new String[]{"", parts[1]}, ArrayUtils.subarray(parts, 4, Integer.MAX_VALUE)); String servletPath = StringUtils.join(newPath, "/"); request = new ProjectHttpServletRequest(request, projectId, servletPath); apiRequest.getServletContext().setRequest(request); } return super.parse(apiRequest); }
public InputStream getInputStream() throws IOException { if (apiServletContext == null) { return null; } return apiServletContext.getRequest().getInputStream(); }
protected Object deleteToken(Object obj, ApiRequest request) { Token token = new Token(); String jwt = ""; token = listToken(); jwt = token.getJwt(); if(StringUtils.isBlank(jwt)) { throw new ClientVisibleException(ResponseCodes.INTERNAL_SERVER_ERROR, "JWTNotProvided", "Request does not contain JWT cookie", null); } request.setResponseCode(ResponseCodes.NO_CONTENT); HttpServletResponse response = request.getServletContext().getResponse(); String cookieString="token=;Path=/;Expires=Thu, 01 Jan 1970 00:00:00 GMT;"; response.addHeader("Set-Cookie", cookieString); request.getServletContext().setResponse(response); if(authTokenDao.deleteToken(jwt)) { return obj; } return null; } }
SchemaFactory schemaFactory = schemaFactories.get(version); ApiRequest apiRequest = new ApiRequest(new ApiServletContext(httpRequest, httpResponse, chain), schemaFactory); apiRequest.setAttribute("requestStartTime", System.currentTimeMillis()); ApiContext context = null;
public ApiRequest(ApiServletContext requestServletContext, SchemaFactory schemaFactory) { super(); this.apiServletContext = requestServletContext; this.locale = requestServletContext == null ? null : requestServletContext.getRequest().getLocale(); this.schemaFactory = schemaFactory; }
@Override public void setContentEncoding(String contentEncoding) { request.getServletContext().getResponse().setHeader("Content-Encoding", contentEncoding); }
@Override public void handle(ApiRequest request) throws IOException { HttpServletRequest httpRequest = request.getServletContext().getRequest(); HttpServletResponse response = request.getServletContext().getResponse();
@Override public Account getAccount(ApiRequest request) { if (SecurityConstants.SECURITY.get()) { return null; } String authHeader = StringUtils.trim(request.getServletContext().getRequest().getHeader(ENFORCE_AUTH_HEADER)); if (StringUtils.equals("true", authHeader)) { return null; } return authDao.getAdminAccount(); }
public OutputStream getOutputStream() throws IOException { if (committed) { throw new IllegalStateException("Response is commited"); } commit(); committed = true; return apiServletContext.getResponse().getOutputStream(); }
@Override public void handle(ApiRequest request) throws IOException { if (request.isCommitted()) return; if (!getResponseFormat().equals(request.getResponseFormat())) { return; } Object responseObject = getResponseObject(request); if (responseObject == null) return; request.setResponseContentType(getContentType()); JsonMapper jsonMapper = this.jsonMapper; if (request.getServletContext().getRequest().getHeader("X-API-Action-Links") != null) { jsonMapper = actionLinksMapper; } OutputStream os = request.getOutputStream(); BufferedOutputStream buf = new BufferedOutputStream(os); ByteArrayOutputStream baos = new ByteArrayOutputStream(); writeJson(jsonMapper, chunked ? buf : baos, responseObject, request); buf.flush(); if (!chunked) { byte[] bytes = baos.toByteArray(); request.getServletContext().getResponse().setContentLength(bytes.length); os.write(bytes); os.flush(); } }
public static String[] getUsernamePassword(ApiRequest request) { return getUsernamePassword(request.getServletContext().getRequest().getHeader(AUTH_HEADER)); }
public static void prepareRequest(String filename, ApiRequest request) throws IOException { HttpServletResponse response = request.getServletContext().getResponse(); response.setContentType("application/octet-stream"); response.setHeader("Content-Disposition", "attachment; filename=" + filename); response.setHeader("Cache-Control", "private"); response.setHeader("Pragma", "private"); response.setHeader("Expires", "Wed 24 Feb 1982 18:42:00 GMT"); }
@Override protected MessageWriter getMessageWriter(ApiRequest apiRequest) throws IOException { HttpServletRequest req = apiRequest.getServletContext().getRequest(); HttpServletResponse resp = apiRequest.getServletContext().getResponse(); Policy policy = ApiUtils.getPolicy(); String identifier = null;
protected String getStringHeader(ApiRequest request, Object response) { String result = header; URL schemaUrl = ApiContext.getUrlBuilder().resourceCollection(Schema.class); if (schemaUrl == null) { result = result.replace("%SCHEMAS%", ""); } else { result = result.replace("%SCHEMAS%", schemaUrl.toExternalForm()); } if ("true".equals(SettingsUtil.getSetting(settings, "api.dev", ""))) { Cookie[] cookies = request.getServletContext().getRequest().getCookies(); if (cookies != null) { for (Cookie cookie : cookies) { if ("js.url".equals(cookie.getName()) && !StringUtils.isEmpty(cookie.getValue())) { result = result.replace("%JS%", cookie.getValue()); } if ("css.url".equals(cookie.getName()) && !StringUtils.isEmpty(cookie.getValue())) { result = result.replace("%CSS%", cookie.getValue()); } } } } result = result.replace("%JS%", SettingsUtil.getSetting(settings, "api.js.url", getJsUrl())); result = result.replace("%CSS%", SettingsUtil.getSetting(settings, "api.css.url", getCssUrl())); String user = getUser(request, response); if (user == null) { user = ""; } result = result.replace("%USER%", user); return result; }
@Override public boolean handle(ApiRequest request) throws IOException { if (!BOOTSTRAP.equals(request.getId())) { return false; } byte[] content = getBootstrapSource(request); IOUtils.copy(new ByteArrayInputStream(content), request.getServletContext().getResponse().getOutputStream()); return true; }
Cookie[] cookies = request.getServletContext().getRequest().getCookies(); if (cookies != null) { for (Cookie cookie : cookies) { jwt = request.getServletContext().getRequest().getHeader(ProjectConstants.AUTH_HEADER); jwt = request.getServletContext().getRequest().getParameter(TOKEN);
@Override public Object link(String name, Object obj, ApiRequest request) throws IOException { if (obj instanceof Credential) { String secretValue = ((Credential) obj).getSecretValue(); if (secretValue == null) { return null; } byte[] content = secretValue.getBytes("UTF-8"); HttpServletResponse response = request.getServletContext().getResponse(); response.setContentLength(content.length); response.setContentType("application/octet-stream"); response.setHeader("Content-Disposition", "attachment; filename=" + getFilename((Credential) obj, request)); response.setHeader("Cache-Control", "private"); response.setHeader("Pragma", "private"); response.setHeader("Expires", "Wed 24 Feb 1982 18:42:00 GMT"); response.getOutputStream().write(content); return new Object(); } return null; }
@Override public Account getAccount(ApiRequest request) { String[] auth = getUsernamePassword(request.getServletContext().getRequest().getHeader(AUTH_HEADER)); if (auth == null) { return null; } Account account = authDao.getAccountByKeys(auth[0], auth[1], ApiContext.getContext().getTransformationService()); if (account != null) { return switchAccount(account, request); } else if (auth[0].toLowerCase().startsWith(ProjectConstants.OAUTH_BASIC.toLowerCase()) && SecurityConstants.SECURITY.get()) { String[] splits = auth[0].split("="); String projectId = splits.length == 2 ? splits[1] : null; request.setAttribute(ProjectConstants.PROJECT_HEADER, projectId); account = tokenAuthLookUp.getAccountAccess(ProjectConstants.AUTH_TYPE + auth[1], request); } else if (auth[0].toLowerCase().startsWith(ProjectConstants.OAUTH_BASIC.toLowerCase()) && !SecurityConstants.SECURITY.get()) { String[] splits = auth[0].split("="); String projectId = splits.length == 2 ? splits[1] : null; request.setAttribute(ProjectConstants.PROJECT_HEADER, projectId); account = adminAuthLookUp.getAccount(request); } return account; }