@Override public String getHttpMethod() { return original.getHttpMethod(); }
@Override public String getHttpMethod() { return original.getHttpMethod(); }
protected boolean isSimpleCORSRequest(RestxRequest req) { // see https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS if (!SIMPLE_METHODS.contains(req.getHttpMethod())) { return false; } Optional<String> origin = req.getHeader("Origin"); if (!origin.isPresent()) { return false; } if ("POST".equals(req.getHttpMethod())) { if (!asList("application/x-www-form-urlencoded", "multipart/form-data", "text/plain") .contains(req.getContentType())) { return false; } } return true; }
protected boolean isSimpleCORSRequest(RestxRequest req) { // see https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS if (!SIMPLE_METHODS.contains(req.getHttpMethod())) { return false; } Optional<String> origin = req.getHeader("Origin"); if (!origin.isPresent()) { return false; } if ("POST".equals(req.getHttpMethod())) { if (!asList("application/x-www-form-urlencoded", "multipart/form-data", "text/plain") .contains(req.getContentType())) { return false; } } return true; }
private boolean isPreflightRequest(RestxRequest req) { return req.getHeader("Origin").isPresent() && req.getHeader("Access-Control-Request-Method").isPresent() && "OPTIONS".equals(req.getHttpMethod()); }
private boolean isPreflightRequest(RestxRequest req) { return req.getHeader("Origin").isPresent() && req.getHeader("Access-Control-Request-Method").isPresent() && "OPTIONS".equals(req.getHttpMethod()); }
@Override public Optional<RestxHandlerMatch> match(RestxRequest request) { Optional<String> enc = request.getHeader("Accept-Encoding"); if (!enc.isPresent()) { return Optional.absent(); } if (!acceptsGzip(enc.get())) { return Optional.absent(); } for (RestxRequestMatcher matcher : matchers) { Optional<? extends RestxRequestMatch> match = matcher.match(request.getHttpMethod(), request.getRestxPath()); if (match.isPresent()) { return Optional.of(new RestxHandlerMatch(match.get(), this)); } } return Optional.absent(); }
@Override public Optional<RestxHandlerMatch> match(RestxRequest req) { if (req.getHttpMethod().equals("GET") && req.getRestxPath().startsWith(baseRestPath)) { return Optional.of(new RestxHandlerMatch( new StdRestxRequestMatch(baseRestPath + "*", req.getRestxPath()), this)); } else { return Optional.absent(); } }
@Override public Optional<RestxHandlerMatch> match(RestxRequest request) { Optional<String> enc = request.getHeader("Accept-Encoding"); if (!enc.isPresent()) { return Optional.absent(); } if (!acceptsGzip(enc.get())) { return Optional.absent(); } for (RestxRequestMatcher matcher : matchers) { Optional<? extends RestxRequestMatch> match = matcher.match(request.getHttpMethod(), request.getRestxPath()); if (match.isPresent()) { return Optional.of(new RestxHandlerMatch(match.get(), this)); } } return Optional.absent(); }
@Override public Optional<RestxHandlerMatch> match(RestxRequest req) { if (req.getHttpMethod().equals("GET") && req.getRestxPath().startsWith(baseRestPath)) { return Optional.of(new RestxHandlerMatch( new StdRestxRequestMatch(baseRestPath + "*", req.getRestxPath()), this)); } else { return Optional.absent(); } }
@Override public Optional<RestxHandlerMatch> match(RestxRequest req) { Optional<String> acrMethod = req.getHeader("Access-Control-Request-Method"); if ("OPTIONS".equals(req.getHttpMethod()) && acrMethod.isPresent()) { Optional<String> origin = req.getHeader("Origin"); CORS cors = CORS.check(authorizers, req, origin.get(), acrMethod.get(), req.getRestxPath()); if (cors.isAccepted()) { return Optional.of(new RestxHandlerMatch(new StdRestxRequestMatch("*", req.getRestxPath(), ImmutableMap.<String, String>of(), ImmutableMap.of("cors", cors)), this)); } else { logger.info("Unauthorized pre-flight CORS request; Origin={}; Method={}", origin.get(), acrMethod.get()); return unauthorized(req); } } return Optional.absent(); }
@Override public Optional<RestxHandlerMatch> match(RestxRequest req) { Optional<String> origin = req.getHeader("Origin"); if (origin.isPresent() && !isSameOrigin(req, origin.get()) && !isPreflightRequest(req)) { CORS cors = CORS.check(authorizers, req, origin.get(), req.getHttpMethod(), req.getRestxPath()); if (cors.isAccepted()) { return Optional.of(new RestxHandlerMatch(new StdRestxRequestMatch("*", req.getRestxPath(), ImmutableMap.<String, String>of(), ImmutableMap.of("cors", cors)), this)); } else { if (isSimpleCORSRequest(req)) { logger.info("Unauthorized simple CORS request; Origin={}; Method={}", origin.get(), req.getHttpMethod()); } else { // the check should already have been done by the preflight request, so we shouldn't get to that point // but we never know how the client is actually implemented logger.info("Unauthorized CORS request (not captured by pre flight); Origin={}; Method={}", origin.get(), req.getHttpMethod()); } return unauthorized(req); } } return Optional.absent(); }
@Override public Optional<RestxHandlerMatch> match(RestxRequest req) { String path = req.getRestxPath(); return RestxHandlerMatch.of(matcher.match(req.getHttpMethod(), path), this); }
@Override public Optional<RestxHandlerMatch> match(RestxRequest req) { Optional<String> origin = req.getHeader("Origin"); if (origin.isPresent() && !isSameOrigin(req, origin.get()) && !isPreflightRequest(req)) { CORS cors = CORS.check(authorizers, req, origin.get(), req.getHttpMethod(), req.getRestxPath()); if (cors.isAccepted()) { return Optional.of(new RestxHandlerMatch(new StdRestxRequestMatch("*", req.getRestxPath(), ImmutableMap.<String, String>of(), ImmutableMap.of("cors", cors)), this)); } else { if (isSimpleCORSRequest(req)) { logger.info("Unauthorized simple CORS request; Origin={}; Method={}", origin.get(), req.getHttpMethod()); } else { // the check should already have been done by the preflight request, so we shouldn't get to that point // but we never know how the client is actually implemented logger.info("Unauthorized CORS request (not captured by pre flight); Origin={}; Method={}", origin.get(), req.getHttpMethod()); } return unauthorized(req); } } return Optional.absent(); }
@Override public Optional<RestxHandlerMatch> match(RestxRequest req) { Optional<String> acrMethod = req.getHeader("Access-Control-Request-Method"); if ("OPTIONS".equals(req.getHttpMethod()) && acrMethod.isPresent()) { Optional<String> origin = req.getHeader("Origin"); CORS cors = CORS.check(authorizers, req, origin.get(), acrMethod.get(), req.getRestxPath()); if (cors.isAccepted()) { return Optional.of(new RestxHandlerMatch(new StdRestxRequestMatch("*", req.getRestxPath(), ImmutableMap.<String, String>of(), ImmutableMap.of("cors", cors)), this)); } else { logger.info("Unauthorized pre-flight CORS request; Origin={}; Method={}", origin.get(), acrMethod.get()); return unauthorized(req); } } return Optional.absent(); }
@Override public Optional<RestxHandlerMatch> match(RestxRequest req) { String path = req.getRestxPath(); return RestxHandlerMatch.of(matcher.match(req.getHttpMethod(), path), this); }
/** * This method is called by RestxStatsCollectionFilter, to collect stats about requests. * * @param req the incoming request * @param resp the outgoing response * @param stop a stopwatch which has measured the request / response handling time */ final void notifyRequest(RestxRequest req, RestxResponse resp, Stopwatch stop) { RequestStats requestStats = stats.getRequestStats().get(req.getHttpMethod()); if (requestStats != null) { requestStats.getRequestsCount().incrementAndGet(); long duration = stop.elapsed(TimeUnit.MICROSECONDS); requestStats.getTotalDuration().addAndGet(duration); long minDuration; while ((minDuration = requestStats.getMinDuration().get()) > duration) { if (requestStats.getMinDuration().compareAndSet(minDuration, duration)) { break; } } long maxDuration; while ((maxDuration = requestStats.getMaxDuration().get()) < duration) { if (requestStats.getMaxDuration().compareAndSet(maxDuration, duration)) { break; } } } touch(); }
Iterable<WhenHttpRequest> findWhensMatchingRequest(ImmutableMap<String, RestxSpec> allSpecs, RestxRequest restxRequest) { Collection<WhenHttpRequest> matchingRequestsSpecs = Lists.newArrayList(); for (Map.Entry<String, RestxSpec> spec : allSpecs.entrySet()) { for (When when : spec.getValue().getWhens()) { if (when instanceof WhenHttpRequest) { WhenHttpRequest request = (WhenHttpRequest) when; String requestPath = request.getPath(); if (!requestPath.startsWith("/")) { requestPath = "/" + requestPath; } StdRequest stdRequest = StdRequest.builder() .setBaseUri("http://restx.io") // baseUri is required but we won't use it .setHttpMethod(request.getMethod()).setFullPath(requestPath).build(); if (restxRequest.getHttpMethod().equals(stdRequest.getHttpMethod()) && restxRequest.getRestxPath().equals(stdRequest.getRestxPath())) { MapDifference<String, ImmutableList<String>> difference = Maps.difference(restxRequest.getQueryParams(), stdRequest.getQueryParams()); if (difference.entriesOnlyOnRight().isEmpty() && difference.entriesDiffering().isEmpty()) { matchingRequestsSpecs.add(request); break; } } } } } return matchingRequestsSpecs; } }
Iterable<WhenHttpRequest> findWhensMatchingRequest(ImmutableMap<String, RestxSpec> allSpecs, RestxRequest restxRequest) { Collection<WhenHttpRequest> matchingRequestsSpecs = Lists.newArrayList(); for (Map.Entry<String, RestxSpec> spec : allSpecs.entrySet()) { for (When when : spec.getValue().getWhens()) { if (when instanceof WhenHttpRequest) { WhenHttpRequest request = (WhenHttpRequest) when; String requestPath = request.getPath(); if (!requestPath.startsWith("/")) { requestPath = "/" + requestPath; } StdRequest stdRequest = StdRequest.builder() .setBaseUri("http://restx.io") // baseUri is required but we won't use it .setHttpMethod(request.getMethod()).setFullPath(requestPath).build(); if (restxRequest.getHttpMethod().equals(stdRequest.getHttpMethod()) && restxRequest.getRestxPath().equals(stdRequest.getRestxPath())) { MapDifference<String, ImmutableList<String>> difference = Maps.difference(restxRequest.getQueryParams(), stdRequest.getQueryParams()); if (difference.entriesOnlyOnRight().isEmpty() && difference.entriesDiffering().isEmpty()) { matchingRequestsSpecs.add(request); break; } } } } } return matchingRequestsSpecs; } }
Stopwatch stopwatch = Stopwatch.createStarted(); System.out.print("RECORDING REQUEST..."); final String method = restxRequest.getHttpMethod(); final String path = (restxRequest.getRestxUri().length()>1)?restxRequest.getRestxUri().substring(1):restxRequest.getRestxUri(); // remove leading slash final ImmutableMap<String, String> cookies =