/** * Check the given request for supported methods and a required session, if any. * @param request current HTTP request * @throws ServletException if the request cannot be handled because a check failed * @since 4.2 */ protected final void checkRequest(HttpServletRequest request) throws ServletException { // Check whether we should support the request method. String method = request.getMethod(); if (this.supportedMethods != null && !this.supportedMethods.contains(method)) { throw new HttpRequestMethodNotSupportedException(method, this.supportedMethods); } // Check whether a session is required. if (this.requireSession && request.getSession(false) == null) { throw new HttpSessionRequiredException("Pre-existing session required but none found"); } }
/** * Processes the incoming Hessian request and creates a Hessian response. */ @Override public void handleRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { if (!"POST".equals(request.getMethod())) { throw new HttpRequestMethodNotSupportedException(request.getMethod(), new String[] {"POST"}, "HessianServiceExporter only supports POST requests"); } response.setContentType(CONTENT_TYPE_HESSIAN); try { invoke(request.getInputStream(), response.getOutputStream()); } catch (Throwable ex) { throw new NestedServletException("Hessian skeleton invocation failed", ex); } }
@RequestMapping(value = "**") public void methodsNotAllowed(HttpServletRequest request) throws HttpRequestMethodNotSupportedException { throw new HttpRequestMethodNotSupportedException(request.getMethod()); }
@RequestMapping(value = "/introspect") @ResponseBody public IntrospectionClaims methodNotSupported(HttpServletRequest request) throws HttpRequestMethodNotSupportedException { throw new HttpRequestMethodNotSupportedException(request.getMethod()); }
@RequestMapping(value = "/oauth/token", method=RequestMethod.GET) public ResponseEntity<OAuth2AccessToken> getAccessToken(Principal principal, @RequestParam Map<String, String> parameters) throws HttpRequestMethodNotSupportedException { if (!allowedRequestMethods.contains(HttpMethod.GET)) { throw new HttpRequestMethodNotSupportedException("GET"); } return postAccessToken(principal, parameters); }
/** * Check the given request for supported methods and a required session, if any. * @param request current HTTP request * @throws ServletException if the request cannot be handled because a check failed * @since 4.2 */ protected final void checkRequest(HttpServletRequest request) throws ServletException { // Check whether we should support the request method. String method = request.getMethod(); if (this.supportedMethods != null && !this.supportedMethods.contains(method)) { throw new HttpRequestMethodNotSupportedException(method, this.supportedMethods); } // Check whether a session is required. if (this.requireSession && request.getSession(false) == null) { throw new HttpSessionRequiredException("Pre-existing session required but none found"); } }
/** * Processes the incoming Hessian request and creates a Hessian response. */ @Override public void handleRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { if (!"POST".equals(request.getMethod())) { throw new HttpRequestMethodNotSupportedException(request.getMethod(), new String[] {"POST"}, "HessianServiceExporter only supports POST requests"); } response.setContentType(CONTENT_TYPE_HESSIAN); try { invoke(request.getInputStream(), response.getOutputStream()); } catch (Throwable ex) { throw new NestedServletException("Hessian skeleton invocation failed", ex); } }
@RequestMapping(value = "**", method = POST) public ResponseEntity<OAuth2AccessToken> doDelegatePost(Principal principal, @RequestParam Map<String, String> parameters, HttpServletRequest request) throws HttpRequestMethodNotSupportedException { if (hasText(request.getQueryString()) && !isAllowQueryString()) { logger.debug("Call to /oauth/token contains a query string. Aborting."); throw new HttpRequestMethodNotSupportedException("POST"); } return postAccessToken(principal, parameters); }
@Override public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException, IOException, ServletException { if (allowOnlyPost && !"POST".equalsIgnoreCase(request.getMethod())) { throw new HttpRequestMethodNotSupportedException(request.getMethod(), new String[] { "POST" }); } String clientId = request.getParameter("client_id"); String clientSecret = request.getParameter("client_secret"); // If the request is already authenticated we can assume that this // filter is not needed Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication != null && authentication.isAuthenticated()) { return authentication; } if (clientId == null) { throw new BadCredentialsException("No client credentials presented"); } if (clientSecret == null) { clientSecret = ""; } clientId = clientId.trim(); UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(clientId, clientSecret); return this.getAuthenticationManager().authenticate(authRequest); }
@RequestMapping(value = "/check_token") @ResponseBody public Claims checkToken(HttpServletRequest request) throws HttpRequestMethodNotSupportedException { if (isAllowQueryString()) { String token = request.getParameter("token"); String scope = request.getParameter("scope"); return checkToken( token, hasText(scope) ? new LinkedList<>(commaDelimitedListToSet(scope)) : emptyList(), request ); } else { throw new HttpRequestMethodNotSupportedException(request.getMethod()); } }
@Test public void httpRequestMethodNotSupported() { List<String> supported = Arrays.asList("POST", "DELETE"); Exception ex = new HttpRequestMethodNotSupportedException("GET", supported); ResponseEntity<Object> responseEntity = testException(ex); assertEquals(EnumSet.of(HttpMethod.POST, HttpMethod.DELETE), responseEntity.getHeaders().getAllow()); }
return new HandlerMethod(handler, HTTP_OPTIONS_HANDLE_METHOD); throw new HttpRequestMethodNotSupportedException(request.getMethod(), methods);
throw new HttpRequestMethodNotSupportedException("POST");
return new HandlerMethod(handler, HTTP_OPTIONS_HANDLE_METHOD); throw new HttpRequestMethodNotSupportedException(request.getMethod(), methods);
@Test public void handleHttpRequestMethodNotSupported() { HttpRequestMethodNotSupportedException ex = new HttpRequestMethodNotSupportedException("GET", new String[]{"POST", "PUT"}); ModelAndView mav = exceptionResolver.resolveException(request, response, null, ex); assertNotNull("No ModelAndView returned", mav); assertTrue("No Empty ModelAndView returned", mav.isEmpty()); assertEquals("Invalid status code", 405, response.getStatus()); assertEquals("Invalid Allow header", "POST, PUT", response.getHeader("Allow")); }
private static void reject(HttpMethod method, HttpMethods supported) throws HttpRequestMethodNotSupportedException { Set<String> stringMethods = supported.butWithout(method) // .stream() // .map(HttpMethod::name) // .collect(Collectors.toSet()); throw new HttpRequestMethodNotSupportedException(method.name(), stringMethods); } }
/** * synchronous call to start the QA process (POST), return the URL of the created question */ @RequestMapping(value = "/question/{questionid}", method = RequestMethod.DELETE, produces = "application/json") @ResponseBody public String deleteQuestion(@PathVariable final String questionid) throws HttpRequestMethodNotSupportedException { // TODO: please implement deletion of file if and only if they are in // this question directory (security!) throw new HttpRequestMethodNotSupportedException("not yet implemented"); }
@RequestMapping(value = "/oauth/token", method=RequestMethod.GET) public ResponseEntity<OAuth2AccessToken> getAccessToken(Principal principal, @RequestParam Map<String, String> parameters) throws HttpRequestMethodNotSupportedException { if (!allowedRequestMethods.contains(HttpMethod.GET)) { throw new HttpRequestMethodNotSupportedException("GET"); } return postAccessToken(principal, parameters); }
@RequestMapping(value = "/v2/ldap/token", method = RequestMethod.GET) public ResponseEntity<OAuth2AccessToken> getAccessToken(Principal principal, @RequestParam Map<String, String> parameters, HttpServletRequest request) throws HttpRequestMethodNotSupportedException { if (!allowedRequestMethods.contains(HttpMethod.GET)) { throw new HttpRequestMethodNotSupportedException("GET"); } return postAccessToken(principal, parameters, request); }
private static void reject(HttpMethod method, HttpMethods supported) throws HttpRequestMethodNotSupportedException { Set<String> stringMethods = supported.butWithout(method) // .stream() // .map(HttpMethod::name) // .collect(Collectors.toSet()); throw new HttpRequestMethodNotSupportedException(method.name(), stringMethods); } }