if(request.method() != Method.OPTIONS && !"/_searchguard/license".equals(request.path()) && !"/_searchguard/health".equals(request.path())) {
/** * Handle HTTP OPTIONS requests to a valid REST endpoint. A 200 HTTP * response code is returned, and the response 'Allow' header includes a * list of valid HTTP methods for the endpoint (see * <a href="https://tools.ietf.org/html/rfc2616#section-9.2">HTTP/1.1 - 9.2 * - Options</a>). */ private void handleOptionsRequest(RestRequest request, RestChannel channel, Set<RestRequest.Method> validMethodSet) { if (request.method() == RestRequest.Method.OPTIONS && validMethodSet.size() > 0) { BytesRestResponse bytesRestResponse = new BytesRestResponse(OK, TEXT_CONTENT_TYPE, BytesArray.EMPTY); bytesRestResponse.addHeader("Allow", Strings.collectionToDelimitedString(validMethodSet, ",")); channel.sendResponse(bytesRestResponse); } else if (request.method() == RestRequest.Method.OPTIONS && validMethodSet.size() == 0) { /* * When we have an OPTIONS HTTP request and no valid handlers, * simply send OK by default (with the Access Control Origin header * which gets automatically added). */ channel.sendResponse(new BytesRestResponse(OK, TEXT_CONTENT_TYPE, BytesArray.EMPTY)); } }
/** * Handle a requests with no candidate handlers (return a 400 Bad Request * error). */ private void handleBadRequest(RestRequest request, RestChannel channel) throws IOException { try (XContentBuilder builder = channel.newErrorBuilder()) { builder.startObject(); { builder.field("error", "no handler found for uri [" + request.uri() + "] and method [" + request.method() + "]"); } builder.endObject(); channel.sendResponse(new BytesRestResponse(BAD_REQUEST, builder)); } }
void handleFavicon(RestRequest request, RestChannel channel) { if (request.method() == RestRequest.Method.GET) { try { try (InputStream stream = getClass().getResourceAsStream("/config/favicon.ico")) { ByteArrayOutputStream out = new ByteArrayOutputStream(); Streams.copy(stream, out); BytesRestResponse restResponse = new BytesRestResponse(RestStatus.OK, "image/x-icon", out.toByteArray()); channel.sendResponse(restResponse); } } catch (IOException e) { channel.sendResponse(new BytesRestResponse(INTERNAL_SERVER_ERROR, BytesRestResponse.TEXT_CONTENT_TYPE, BytesArray.EMPTY)); } } else { channel.sendResponse(new BytesRestResponse(FORBIDDEN, BytesRestResponse.TEXT_CONTENT_TYPE, BytesArray.EMPTY)); } }
void tryAllHandlers(final RestRequest request, final RestChannel channel, final ThreadContext threadContext) throws Exception { for (String key : headersToCopy) { String httpHeader = request.header(key); if (httpHeader != null) { threadContext.putHeader(key, httpHeader); } } // Request execution flag boolean requestHandled = false; if (checkErrorTraceParameter(request, channel) == false) { channel.sendResponse( BytesRestResponse.createSimpleErrorResponse(channel, BAD_REQUEST, "error traces in responses are disabled.")); return; } // Loop through all possible handlers, attempting to dispatch the request Iterator<MethodHandlers> allHandlers = getAllHandlers(request); for (Iterator<MethodHandlers> it = allHandlers; it.hasNext(); ) { final Optional<RestHandler> mHandler = Optional.ofNullable(it.next()).flatMap(mh -> mh.getHandler(request.method())); requestHandled = dispatchRequest(request, channel, client, mHandler); if (requestHandled) { break; } } // If request has not been handled, fallback to a bad request error. if (requestHandled == false) { handleBadRequest(request, channel); } }
&& validMethodSet.contains(request.method()) == false && request.method() != RestRequest.Method.OPTIONS) { } else if (validMethodSet.contains(request.method()) == false && (request.method() == RestRequest.Method.OPTIONS)) { handleOptionsRequest(request, channel, validMethodSet); requestHandled = true;
/** * Handle requests to a valid REST endpoint using an unsupported HTTP * method. A 405 HTTP response code is returned, and the response 'Allow' * header includes a list of valid HTTP methods for the endpoint (see * <a href="https://tools.ietf.org/html/rfc2616#section-10.4.6">HTTP/1.1 - * 10.4.6 - 405 Method Not Allowed</a>). */ private void handleUnsupportedHttpMethod(RestRequest request, RestChannel channel, Set<RestRequest.Method> validMethodSet) { try { BytesRestResponse bytesRestResponse = BytesRestResponse.createSimpleErrorResponse(channel, METHOD_NOT_ALLOWED, "Incorrect HTTP method for uri [" + request.uri() + "] and method [" + request.method() + "], allowed: " + validMethodSet); bytesRestResponse.addHeader("Allow", Strings.collectionToDelimitedString(validMethodSet, ",")); channel.sendResponse(bytesRestResponse); } catch (final IOException e) { logger.warn("failed to send bad request response", e); channel.sendResponse(new BytesRestResponse(INTERNAL_SERVER_ERROR, BytesRestResponse.TEXT_CONTENT_TYPE, BytesArray.EMPTY)); } }
public static boolean isWriteRequest(final RestRequest request, boolean strictModeEnabled) { if (request.method() == Method.DELETE || request.method() == Method.PUT) { return true; } if (request.method() == Method.POST) { if (!stringContainsItemFromListAsCommand(request.path(), strictModeEnabled?SecurityUtil.BUILT_IN_READ_COMMANDS_STRICT : SecurityUtil.BUILT_IN_READ_COMMANDS_LAX)) { return true; } } return stringContainsItemFromListAsCommand(request.path(), strictModeEnabled?SecurityUtil.BUILT_IN_WRITE_COMMANDS_STRICT : SecurityUtil.BUILT_IN_WRITE_COMMANDS_LAX); }
@Override public RestChannelConsumer prepareRequest(RestRequest request, NodeClient client) throws IOException { if (request.method().equals(RestRequest.Method.GET)) { return handleGet(request, client); } else if (request.method().equals(RestRequest.Method.POST)) { return handlePost(request, client); } else { throw new IllegalArgumentException("illegal method [" + request.method() + "] for request [" + request.path() + "]"); } }
private AuditMessage(final String username, final String message, final RestRequest request) { auditInfo.put("audit_user", username); auditInfo.put("audit_message", message); auditInfo.put("audit_date", new Date().toString()); auditInfo.put("audit_details_context", String.valueOf(request.getContext())); auditInfo.put("audit_details_headers", Iterables.toString(request.headers())); auditInfo.put("audit_details_rest", request.method() + " " + request.path() + " " + request.params()); auditInfo.put("audit_details_class", request.getClass().toString()); try { auditInfo.put("audit_ip", SecurityUtil.getProxyResolvedHostAddressFromRequest(request, settings).toString()); } catch (final UnknownHostException e) { //no-op } }
@Override protected void handleRequest(RestRequest request, RestChannel channel, Client client) throws Exception { if (request.method().equals(RestRequest.Method.GET)) { handleGet(request, channel, client); } else if (request.method().equals(RestRequest.Method.POST)) { handlePost(request, channel, client); } }
/** * Handle a requests with no candidate handlers (return a 400 Bad Request * error). */ private void handleBadRequest(RestRequest request, RestChannel channel) throws IOException { try (XContentBuilder builder = channel.newErrorBuilder()) { builder.startObject(); { builder.field("error", "no handler found for uri [" + request.uri() + "] and method [" + request.method() + "]"); } builder.endObject(); channel.sendResponse(new BytesRestResponse(BAD_REQUEST, builder)); } }
/** * Handle a requests with no candidate handlers (return a 400 Bad Request * error). */ private void handleBadRequest(RestRequest request, RestChannel channel) throws IOException { try (XContentBuilder builder = channel.newErrorBuilder()) { builder.startObject(); { builder.field("error", "no handler found for uri [" + request.uri() + "] and method [" + request.method() + "]"); } builder.endObject(); channel.sendResponse(new BytesRestResponse(BAD_REQUEST, builder)); } }
void handleFavicon(RestRequest request, RestChannel channel) { if (request.method() == RestRequest.Method.GET) { try { try (InputStream stream = getClass().getResourceAsStream("/config/favicon.ico")) { ByteArrayOutputStream out = new ByteArrayOutputStream(); Streams.copy(stream, out); BytesRestResponse restResponse = new BytesRestResponse(RestStatus.OK, "image/x-icon", out.toByteArray()); channel.sendResponse(restResponse); } } catch (IOException e) { channel.sendResponse(new BytesRestResponse(INTERNAL_SERVER_ERROR, BytesRestResponse.TEXT_CONTENT_TYPE, BytesArray.EMPTY)); } } else { channel.sendResponse(new BytesRestResponse(FORBIDDEN, BytesRestResponse.TEXT_CONTENT_TYPE, BytesArray.EMPTY)); } }
void executeHandler(RestRequest request, RestChannel channel) throws Exception { final RestHandler handler = getHandler(request); if (handler != null) { handler.handleRequest(request, channel); } else { if (request.method() == RestRequest.Method.OPTIONS) { // when we have OPTIONS request, simply send OK by default (with the Access Control Origin header which gets automatically added) channel.sendResponse(new BytesRestResponse(OK)); } else { channel.sendResponse(new BytesRestResponse(BAD_REQUEST, "No handler found for uri [" + request.uri() + "] and method [" + request.method() + "]")); } } }
private RestHandler getHandler(RestRequest request) { String path = getPath(request); PathTrie<RestHandler> handlers = getHandlersForMethod(request.method()); if (handlers != null) { return handlers.retrieve(path, request.params()); } else { return null; } }
private RestHandler getHandler(RestRequest request) { String path = getPath(request); PathTrie<RestHandler> handlers = getHandlersForMethod(request.method()); if (handlers != null) { return handlers.retrieve(path, request.params()); } else { return null; } }
void handleFavicon(RestRequest request, RestChannel channel) { if (request.method() == RestRequest.Method.GET) { try { try (InputStream stream = getClass().getResourceAsStream("/config/favicon.ico")) { byte[] content = ByteStreams.toByteArray(stream); BytesRestResponse restResponse = new BytesRestResponse(RestStatus.OK, "image/x-icon", content); channel.sendResponse(restResponse); } } catch (IOException e) { channel.sendResponse(new BytesRestResponse(INTERNAL_SERVER_ERROR)); } } else { channel.sendResponse(new BytesRestResponse(FORBIDDEN)); } }
public EditableRestRequest(final RestRequest innerRestquest) { this.innerRestquest = innerRestquest; content = innerRestquest.content(); params = innerRestquest.params(); method = innerRestquest.method(); uri = innerRestquest.uri(); rawPath = innerRestquest.rawPath(); hasContent = innerRestquest.hasContent(); contentUnsafe = innerRestquest.contentUnsafe(); }
public BytesRestResponse(RestChannel channel, RestStatus status, Throwable t) throws IOException { this.status = status; if (channel.request().method() == RestRequest.Method.HEAD) { this.content = BytesArray.EMPTY; this.contentType = TEXT_CONTENT_TYPE; } else { XContentBuilder builder = convert(channel, status, t); this.content = builder.bytes(); this.contentType = builder.contentType().restContentType(); } if (t instanceof ElasticsearchException) { copyHeaders(((ElasticsearchException) t)); } }