@Override public HttpServerExchange sendOutOfBandResponse(HttpServerExchange exchange) { throw UndertowMessages.MESSAGES.outOfBandResponseNotSupported(); }
@Override public void receiveFullBytes(final FullBytesCallback callback, final ErrorCallback errorCallback) { if(done) { throw UndertowMessages.MESSAGES.requestBodyAlreadyRead(); throw UndertowMessages.MESSAGES.argumentCannotBeNull("callback"); if (exchange.isRequestComplete()) { callback.handle(exchange, EMPTY_BYTE_ARRAY); return; String contentLengthString = exchange.getRequestHeaders().getFirst(Headers.CONTENT_LENGTH); long contentLength; final ByteArrayOutputStream sb; try (PooledByteBuffer pooled = exchange.getConnection().getByteBufferPool().getArrayBackedPool().allocate()) { while ((s = inputStream.read(pooled.getBuffer().array(), pooled.getBuffer().arrayOffset(), pooled.getBuffer().remaining())) > 0) { sb.write(pooled.getBuffer().array(), pooled.getBuffer().arrayOffset(), s);
public AuthenticationMechanismOutcome authenticate(HttpServerExchange exchange, SecurityContext securityContext) { List<String> authHeaders = exchange.getRequestHeaders().get(AUTHORIZATION); if (authHeaders != null) { for (String current : authHeaders) { String ua = exchange.getRequestHeaders().getFirst(Headers.USER_AGENT); if(ua != null) { for (Map.Entry<Pattern, Charset> entry : userAgentCharsets.entrySet()) { UndertowLogger.SECURITY_LOGGER.debugf("Found basic auth header %s (decoded using charset %s) in %s", plainChallenge, charset, exchange); } catch (IOException e) { UndertowLogger.SECURITY_LOGGER.debugf(e, "Failed to decode basic auth header %s in %s", base64Challenge, exchange); result = AuthenticationMechanismOutcome.AUTHENTICATED; } else { securityContext.authenticationFailed(MESSAGES.authenticationFailed(userName), name); result = AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
@Override public void transferFrom(FileChannel source, IoCallback callback) { if (callback == null) { throw UndertowMessages.MESSAGES.argumentCannotBeNull("callback"); } if(!exchange.getConnection().isOpen()) { invokeOnException(callback, new ClosedChannelException()); return; } if(exchange.isResponseComplete()) { invokeOnException(callback, new IOException(UndertowMessages.MESSAGES.responseComplete())); } if (this.fileChannel != null || this.buffer != null) { throw UndertowMessages.MESSAGES.dataAlreadyQueued(); } this.callback = callback; this.fileChannel = source; if (inCallback) { return; } if(transferTask == null) { transferTask = new TransferTask(); } if (exchange.isInIoThread()) { exchange.dispatch(transferTask); return; } transferTask.run(); }
@Override public void send(final ByteBuffer buffer, final IoCallback callback) { if (callback == null) { throw UndertowMessages.MESSAGES.argumentCannotBeNull("callback"); if(!exchange.getConnection().isOpen()) { invokeOnException(callback, new ClosedChannelException()); return; if(exchange.isResponseComplete()) { invokeOnException(callback, new IOException(UndertowMessages.MESSAGES.responseComplete())); throw UndertowMessages.MESSAGES.dataAlreadyQueued(); long responseContentLength = exchange.getResponseContentLength(); if(responseContentLength > 0 && buffer.remaining() > responseContentLength) { invokeOnException(callback, UndertowLogger.ROOT_LOGGER.dataLargerThanContentLength(buffer.remaining(), responseContentLength)); return; if (channel == null) { if (callback == IoCallback.END_EXCHANGE) { if (responseContentLength == -1 && !exchange.getResponseHeaders().contains(Headers.TRANSFER_ENCODING)) { exchange.setResponseContentLength(buffer.remaining()); this.channel = channel = exchange.getResponseChannel(); if (channel == null) { throw UndertowMessages.MESSAGES.responseChannelAlreadyProvided();
public AuthenticationMechanismOutcome handleDigestHeader(HttpServerExchange exchange, final SecurityContext securityContext) { DigestContext context = exchange.getAttachment(DigestContext.ATTACHMENT_KEY); Map<DigestAuthorizationToken, String> parsedHeader = context.getParsedHeader(); if (qop == null || !supportedQops.contains(qop)) { REQUEST_LOGGER.invalidTokenReceived(DigestAuthorizationToken.MESSAGE_QOP.getName(), parsedHeader.get(DigestAuthorizationToken.MESSAGE_QOP)); REQUEST_LOGGER.missingAuthorizationToken(currentToken.getName()); REQUEST_LOGGER.invalidTokenReceived(DigestAuthorizationToken.REALM.getName(), parsedHeader.get(DigestAuthorizationToken.REALM)); if (parsedHeader.containsKey(DigestAuthorizationToken.DIGEST_URI)) { String uri = parsedHeader.get(DigestAuthorizationToken.DIGEST_URI); String requestURI = exchange.getRequestURI(); if (!exchange.getQueryString().isEmpty()) { requestURI = requestURI + "?" + exchange.getQueryString(); securityContext.authenticationFailed(MESSAGES.authenticationFailed(userName), mechanismName); return AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
public AuthenticationMechanismOutcome authenticate(HttpServerExchange exchange, SecurityContext securityContext) { List<String> authHeaders = exchange.getRequestHeaders().get(AUTHORIZATION); if (authHeaders != null) { for (String current : authHeaders) { String ua = exchange.getRequestHeaders().getFirst(Headers.USER_AGENT); if(ua != null) { for (Map.Entry<Pattern, Charset> entry : userAgentCharsets.entrySet()) { Map<String, Deque<String>> params = exchange.getQueryParameters(); Deque<String> clientIdDeque = params.get("client_id"); if(clientIdDeque != null) { result = AuthenticationMechanismOutcome.AUTHENTICATED; } else { securityContext.authenticationFailed(MESSAGES.authenticationFailed(userName), name); result = AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
UndertowLogger.REQUEST_LOGGER.debugf("Removing session %s as max size has been hit", key); SessionImpl toRemove = sessions.get(key); if (toRemove != null) { rejectedSessionCount.incrementAndGet(); throw UndertowMessages.MESSAGES.tooManySessions(maxSize); throw UndertowMessages.MESSAGES.couldNotFindSessionCookieConfig(); throw UndertowMessages.MESSAGES.couldNotGenerateUniqueSessionId(); evictionToken = null; final SessionImpl session = new SessionImpl(this, sessionID, config, serverExchange.getIoThread(), serverExchange.getConnection().getWorker(), evictionToken, defaultSessionTimeout); UndertowLogger.SESSION_LOGGER.debugf("Created session with id %s for exchange %s", sessionID, serverExchange); sessions.put(sessionID, session); config.setSessionId(serverExchange, session.getId()); session.bumpTimeout(); sessionListeners.sessionCreated(session, serverExchange); serverExchange.putAttachment(NEW_SESSION, session);
@Override public io.undertow.server.session.Session getSession(HttpServerExchange exchange, SessionConfig config) { if (exchange != null) { io.undertow.server.session.Session attachedSession = exchange.getAttachment(this.key); if (attachedSession != null) { return attachedSession; throw UndertowMessages.MESSAGES.couldNotFindSessionCookieConfig(); close = false; if (exchange != null) { exchange.putAttachment(this.key, result);
public AuthenticationMechanismOutcome runFormAuth(final HttpServerExchange exchange, final SecurityContext securityContext) { final FormDataParser parser = formParserFactory.createParser(exchange); if (parser == null) { UndertowLogger.SECURITY_LOGGER.debug("Could not authenticate as no form parser is present"); final FormData.FormValue jPassword = data.getFirst("j_password"); if (jUsername == null || jPassword == null) { UndertowLogger.SECURITY_LOGGER.debugf("Could not authenticate as username or password was not present in the posted result for %s", exchange); return AuthenticationMechanismOutcome.NOT_AUTHENTICATED; if (account != null) { securityContext.authenticationComplete(account, name, true); UndertowLogger.SECURITY_LOGGER.debugf("Authenticated user %s using for auth for %s", account.getPrincipal().getName(), exchange); outcome = AuthenticationMechanismOutcome.AUTHENTICATED; } else { securityContext.authenticationFailed(MESSAGES.authenticationFailed(userName), name); exchange.endExchange();
while (sessions.size() >= maxSize && !evictionQueue.isEmpty()) { String key = evictionQueue.poll(); UndertowLogger.REQUEST_LOGGER.debugf("Removing session %s as max size has been hit", key); ConvergedInMemorySession toRemove = sessions.get(key); if (toRemove != null) { throw UndertowMessages.MESSAGES.couldNotFindSessionCookieConfig(); throw UndertowMessages.MESSAGES.couldNotGenerateUniqueSessionId(); createdSessionCount.incrementAndGet(); final ConvergedSessionImpl session = new ConvergedSessionImpl(this, sessionID, config, serverExchange.getIoThread(), serverExchange.getConnection().getWorker(), evictionToken); ConvergedInMemorySession im = new ConvergedInMemorySession(session, defaultSessionTimeout); sessions.put(sessionID, im);
@Override public io.undertow.server.session.Session createSession(HttpServerExchange exchange, SessionConfig config) { if (config == null) { throw UndertowMessages.MESSAGES.couldNotFindSessionCookieConfig(); exchange.putAttachment(this.key, result); return result; } catch (RuntimeException | Error e) {
public Builder setIdempotentRequestPredicate(Predicate idempotentRequestPredicate) { if(idempotentRequestPredicate == null) { throw UndertowMessages.MESSAGES.argumentCannotBeNull("idempotentRequestPredicate"); } this.idempotentRequestPredicate = idempotentRequestPredicate; return this; }
if (sess == null) { if (reason == SessionListener.SessionDestroyedReason.INVALIDATED) { throw UndertowMessages.MESSAGES.sessionAlreadyInvalidated(); UndertowLogger.SESSION_LOGGER.debugf("Invalidating session %s for exchange %s", sessionId, exchange);
@Override public void registerResourceChangeListener(ResourceChangeListener listener) { throw UndertowMessages.MESSAGES.resourceChangeListenerNotSupported(); }
public StoreResponseStreamSinkConduit(StreamSinkConduit next, HttpServerExchange exchange) { super(next); this.exchange = exchange; long length = exchange.getResponseContentLength(); if (length <= 0L) { outputStream = new ByteArrayOutputStream(); } else { if (length > Integer.MAX_VALUE) { throw UndertowMessages.MESSAGES.responseTooLargeToBuffer(length); } outputStream = new ByteArrayOutputStream((int) length); } }
/** * Waits for the handler to shutdown. */ public void awaitShutdown() throws InterruptedException { synchronized (lock) { if (!shutdown) { throw UndertowMessages.MESSAGES.handlerNotShutdown(); } while (activeRequestsUpdater.get(this) > 0) { lock.wait(); } } }
private void queue(final ByteBuffer[] byteBuffers, final IoCallback ioCallback) { //if data is sent from withing the callback we queue it, to prevent the stack growing indefinitely if (next != null) { throw UndertowMessages.MESSAGES.dataAlreadyQueued(); } next = byteBuffers; queuedCallback = ioCallback; }
@Override public AuthenticationMechanismOutcome authenticate(HttpServerExchange exchange, SecurityContext securityContext) { String principal = getPrincipal(exchange); if(principal == null) { return NOT_ATTEMPTED; } String session = getSession(exchange); if(session == null) { return NOT_ATTEMPTED; } Account account = identityManager.verify(principal, new PasswordCredential(session.toCharArray())); if(account == null) { securityContext.authenticationFailed(UndertowMessages.MESSAGES.authenticationFailed(principal), mechanismName); return NOT_AUTHENTICATED; } securityContext.authenticationComplete(account, mechanismName, false); return AUTHENTICATED; }
void invalidate(final HttpServerExchange exchange, SessionListener.SessionDestroyedReason reason) { synchronized(ConvergedSessionImpl.this) { if (timerCancelKey != null) { timerCancelKey.remove(); } ConvergedInMemorySession sess = sessionManager.sessions.get(sessionId); if (sess == null) { if (reason == SessionListener.SessionDestroyedReason.INVALIDATED) { throw UndertowMessages.MESSAGES.sessionAlreadyInvalidated(); } return; } invalidationStarted = true; } sessionManager.sessionListeners.sessionDestroyed(this, exchange, reason); sessionManager.sessions.remove(sessionId); if (exchange != null) { sessionCookieConfig.clearSession(exchange, this.getId()); } }