@Override public Optional<String> getHeader(String headerName) { return original.getHeader(headerName); }
@Override public Optional<String> getHeader(String headerName) { return original.getHeader(headerName); }
private boolean isSameOrigin(RestxRequest req, String origin) { // same origin check. // see http://stackoverflow.com/questions/15512331/chrome-adding-origin-header-to-same-origin-request Optional<String> host = req.getHeader("Host"); if (!host.isPresent()) { // no host header, can't check same origin return false; } if (origin.endsWith(host.get())) { logger.debug("Same Origin request not considered as CORS Request: {}", req); return true; } else { return false; } }
private boolean isSameOrigin(RestxRequest req, String origin) { // same origin check. // see http://stackoverflow.com/questions/15512331/chrome-adding-origin-header-to-same-origin-request Optional<String> host = req.getHeader("Host"); if (!host.isPresent()) { // no host header, can't check same origin return false; } if (origin.endsWith(host.get())) { logger.debug("Same Origin request not considered as CORS Request: {}", req); return true; } else { return false; } }
private boolean checkAllowed(RestxRequest request, String headerName, ImmutableCollection<String> allowed) { Optional<String> requestProperty = request.getHeader(headerName); if (requestProperty.isPresent()) { for (String s : Splitter.on(',').trimResults().split(requestProperty.get())) { if (!allowed.contains(s.toLowerCase(Locale.ENGLISH))) { logger.debug("CORS request not accepted by {}: {} not allowed: {}\nREQUEST => {}", this, headerName, s, request); return false; } } } return true; }
@Override public Optional<String> extractQueryParamStringedValueFor(EndpointParamDef parameter, RestxRequest request, RestxRequestMatch match) { return request.getHeader(parameter.getName()); } @Override
private boolean checkAllowed(RestxRequest request, String headerName, ImmutableCollection<String> allowed) { Optional<String> requestProperty = request.getHeader(headerName); if (requestProperty.isPresent()) { for (String s : Splitter.on(',').trimResults().split(requestProperty.get())) { if (!allowed.contains(s.toLowerCase(Locale.ENGLISH))) { logger.debug("CORS request not accepted by {}: {} not allowed: {}\nREQUEST => {}", this, headerName, s, request); return false; } } } return true; }
@Override public Optional<String> extractQueryParamStringedValueFor(EndpointParamDef parameter, RestxRequest request, RestxRequestMatch match) { return request.getHeader(parameter.getName()); } @Override
private String getMode(RestxRequest restxRequest) { return restxRequest.getHeader("RestxMode").or(getMode()); }
private String getMode(RestxRequest restxRequest) { return restxRequest.getHeader("RestxMode").or(getMode()); }
/** * Prepares the metadata to be used for session stats monitoring. * * If you override this method, make sure to include the map built by the default implementation if you want * the monitor admin session view to work properly, unless you override it too. * * @param req the request for which metadata should be prepared * @param session the session for which metadata should be prepared * @return the prepared metadata */ protected ImmutableMap<String, String> prepareSessionStatsMetadata(RestxRequest req, RestxSession session) { return ImmutableMap.of( "clientAddress", req.getClientAddress(), "userAgent", req.getHeader("User-Agent").or("Unknown")); } }
@Override public Optional<RestxHandlerMatch> match(RestxRequest req) { Optional<String> authorization = req.getHeader("Authorization"); if (authorization.isPresent()) { if (authorization.get().toLowerCase(Locale.ENGLISH).startsWith("basic ")) { return Optional.of(new RestxHandlerMatch( new StdRestxRequestMatch("*", req.getRestxPath()), basicHandler)); } else { logger.warn("unsupported authentication type: " + authorization.get()); } } return Optional.absent(); }
@Override public Optional<RestxHandlerMatch> match(RestxRequest req) { Optional<String> authorization = req.getHeader("Authorization"); if (authorization.isPresent()) { if (authorization.get().toLowerCase(Locale.ENGLISH).startsWith("basic ")) { return Optional.of(new RestxHandlerMatch( new StdRestxRequestMatch("*", req.getRestxPath()), basicHandler)); } else { logger.warn("unsupported authentication type: " + authorization.get()); } } return Optional.absent(); }
@Override public Optional<RestxHandlerMatch> match(RestxRequest request) { Optional<String> enc = request.getHeader("Accept-Encoding"); if (!enc.isPresent()) { return Optional.absent(); } if (!acceptsGzip(enc.get())) { return Optional.absent(); } for (RestxRequestMatcher matcher : matchers) { Optional<? extends RestxRequestMatch> match = matcher.match(request.getHttpMethod(), request.getRestxPath()); if (match.isPresent()) { return Optional.of(new RestxHandlerMatch(match.get(), this)); } } return Optional.absent(); }
@Override public Optional<RestxHandlerMatch> match(RestxRequest req) { Optional<String> acrMethod = req.getHeader("Access-Control-Request-Method"); if ("OPTIONS".equals(req.getHttpMethod()) && acrMethod.isPresent()) { Optional<String> origin = req.getHeader("Origin"); CORS cors = CORS.check(authorizers, req, origin.get(), acrMethod.get(), req.getRestxPath()); if (cors.isAccepted()) { return Optional.of(new RestxHandlerMatch(new StdRestxRequestMatch("*", req.getRestxPath(), ImmutableMap.<String, String>of(), ImmutableMap.of("cors", cors)), this)); } else { logger.info("Unauthorized pre-flight CORS request; Origin={}; Method={}", origin.get(), acrMethod.get()); return unauthorized(req); } } return Optional.absent(); }
@Override public Optional<RestxHandlerMatch> match(RestxRequest req) { Optional<String> acrMethod = req.getHeader("Access-Control-Request-Method"); if ("OPTIONS".equals(req.getHttpMethod()) && acrMethod.isPresent()) { Optional<String> origin = req.getHeader("Origin"); CORS cors = CORS.check(authorizers, req, origin.get(), acrMethod.get(), req.getRestxPath()); if (cors.isAccepted()) { return Optional.of(new RestxHandlerMatch(new StdRestxRequestMatch("*", req.getRestxPath(), ImmutableMap.<String, String>of(), ImmutableMap.of("cors", cors)), this)); } else { logger.info("Unauthorized pre-flight CORS request; Origin={}; Method={}", origin.get(), acrMethod.get()); return unauthorized(req); } } return Optional.absent(); }
public void handleIn(RestxRequest req, RestxResponse resp) { if (req.getHeader("If-None-Match").equals(Optional.of(value))) { throw new WebException(HttpStatus.NOT_MODIFIED); } else { cacheControl.writeTo(resp); resp.setHeader("ETag", value); } }
public void handleIn(RestxRequest req, RestxResponse resp) { if (req.getHeader("If-None-Match").equals(Optional.of(value))) { throw new WebException(HttpStatus.NOT_MODIFIED); } else { cacheControl.writeTo(resp); resp.setHeader("ETag", value); } }