@Override public String getRestxPath() { return original.getRestxPath(); }
@Override public String getRestxPath() { return original.getRestxPath(); }
protected String requestRelativePath(RestxRequest req) { return req.getRestxPath().substring(baseRestPath.length()); }
protected String requestRelativePath(RestxRequest req) { return req.getRestxPath().substring(baseRestPath.length()); }
@Override public Optional<RestxHandlerMatch> match(RestxRequest req) { if (req.getHttpMethod().equals("GET") && req.getRestxPath().startsWith(baseRestPath)) { return Optional.of(new RestxHandlerMatch( new StdRestxRequestMatch(baseRestPath + "*", req.getRestxPath()), this)); } else { return Optional.absent(); } }
@Override public Optional<RestxHandlerMatch> match(RestxRequest req) { if (req.getHttpMethod().equals("GET") && req.getRestxPath().startsWith(baseRestPath)) { return Optional.of(new RestxHandlerMatch( new StdRestxRequestMatch(baseRestPath + "*", req.getRestxPath()), this)); } else { return Optional.absent(); } }
protected Optional<RestxHandlerMatch> unauthorized(RestxRequest req) { return Optional.of( new RestxHandlerMatch(new StdRestxRequestMatch("*", req.getRestxPath(), ImmutableMap.<String, String>of(), ImmutableMap.<String, String>of()), UNAUTHORIZED_HANDLER)); } }
@Override public Optional<RestxHandlerMatch> match(RestxRequest req) { Optional<String> authorization = req.getHeader("Authorization"); if (authorization.isPresent()) { if (authorization.get().toLowerCase(Locale.ENGLISH).startsWith("basic ")) { return Optional.of(new RestxHandlerMatch( new StdRestxRequestMatch("*", req.getRestxPath()), basicHandler)); } else { logger.warn("unsupported authentication type: " + authorization.get()); } } return Optional.absent(); }
protected Optional<RestxHandlerMatch> unauthorized(RestxRequest req) { return Optional.of( new RestxHandlerMatch(new StdRestxRequestMatch("*", req.getRestxPath(), ImmutableMap.<String, String>of(), ImmutableMap.<String, String>of()), UNAUTHORIZED_HANDLER)); } }
@Override public Optional<RestxHandlerMatch> match(RestxRequest req) { if (privatePath.matcher(req.getRestxPath()).find()) { return Optional.of(new RestxHandlerMatch( new StdRestxRequestMatch("/@/*", req.getRestxPath()), new RestxHandler() { @Override public void handle(RestxRequestMatch match, RestxRequest req, RestxResponse resp, RestxContext ctx) throws IOException { final RestxSession current = RestxSession.current(); if (current.getPrincipal().isPresent() && permissionFactory.hasRole(RESTX_ADMIN_ROLE).has(current.getPrincipal().get(), Collections.<String, String>emptyMap()).isPresent()) { ctx.nextHandlerMatch().handle(req, resp, ctx); } else { throw new WebException(HttpStatus.UNAUTHORIZED); } } } )); } return Optional.absent(); } };
@Override public Optional<RestxHandlerMatch> match(RestxRequest req) { Optional<String> authorization = req.getHeader("Authorization"); if (authorization.isPresent()) { if (authorization.get().toLowerCase(Locale.ENGLISH).startsWith("basic ")) { return Optional.of(new RestxHandlerMatch( new StdRestxRequestMatch("*", req.getRestxPath()), basicHandler)); } else { logger.warn("unsupported authentication type: " + authorization.get()); } } return Optional.absent(); }
@Override public Optional<RestxHandlerMatch> match(RestxRequest request) { Optional<String> enc = request.getHeader("Accept-Encoding"); if (!enc.isPresent()) { return Optional.absent(); } if (!acceptsGzip(enc.get())) { return Optional.absent(); } for (RestxRequestMatcher matcher : matchers) { Optional<? extends RestxRequestMatch> match = matcher.match(request.getHttpMethod(), request.getRestxPath()); if (match.isPresent()) { return Optional.of(new RestxHandlerMatch(match.get(), this)); } } return Optional.absent(); }
@Override public Optional<RestxHandlerMatch> match(RestxRequest request) { Optional<String> enc = request.getHeader("Accept-Encoding"); if (!enc.isPresent()) { return Optional.absent(); } if (!acceptsGzip(enc.get())) { return Optional.absent(); } for (RestxRequestMatcher matcher : matchers) { Optional<? extends RestxRequestMatch> match = matcher.match(request.getHttpMethod(), request.getRestxPath()); if (match.isPresent()) { return Optional.of(new RestxHandlerMatch(match.get(), this)); } } return Optional.absent(); }
@Override public Optional<RestxHandlerMatch> match(RestxRequest req) { Optional<String> acrMethod = req.getHeader("Access-Control-Request-Method"); if ("OPTIONS".equals(req.getHttpMethod()) && acrMethod.isPresent()) { Optional<String> origin = req.getHeader("Origin"); CORS cors = CORS.check(authorizers, req, origin.get(), acrMethod.get(), req.getRestxPath()); if (cors.isAccepted()) { return Optional.of(new RestxHandlerMatch(new StdRestxRequestMatch("*", req.getRestxPath(), ImmutableMap.<String, String>of(), ImmutableMap.of("cors", cors)), this)); } else { logger.info("Unauthorized pre-flight CORS request; Origin={}; Method={}", origin.get(), acrMethod.get()); return unauthorized(req); } } return Optional.absent(); }
@Override public Optional<RestxHandlerMatch> match(RestxRequest req) { return Optional.of(new RestxHandlerMatch( new StdRestxRequestMatch("*", req.getRestxPath()), new RestxHandler() { @Override public void handle(RestxRequestMatch match, RestxRequest req, RestxResponse resp, RestxContext ctx) throws IOException { throw new WebException(HttpStatus.NOT_FOUND); } } )); } };
@Override public Optional<RestxHandlerMatch> match(RestxRequest req) { return Optional.of(new RestxHandlerMatch( new StdRestxRequestMatch("*", req.getRestxPath()), new RestxHandler() { @Override public void handle(RestxRequestMatch match, RestxRequest req, RestxResponse resp, RestxContext ctx) throws IOException { throw new WebException(HttpStatus.NOT_FOUND); } } )); } };
@Override public Optional<RestxHandlerMatch> match(RestxRequest req) { Optional<String> acrMethod = req.getHeader("Access-Control-Request-Method"); if ("OPTIONS".equals(req.getHttpMethod()) && acrMethod.isPresent()) { Optional<String> origin = req.getHeader("Origin"); CORS cors = CORS.check(authorizers, req, origin.get(), acrMethod.get(), req.getRestxPath()); if (cors.isAccepted()) { return Optional.of(new RestxHandlerMatch(new StdRestxRequestMatch("*", req.getRestxPath(), ImmutableMap.<String, String>of(), ImmutableMap.of("cors", cors)), this)); } else { logger.info("Unauthorized pre-flight CORS request; Origin={}; Method={}", origin.get(), acrMethod.get()); return unauthorized(req); } } return Optional.absent(); }
@Override public Optional<RestxHandlerMatch> match(RestxRequest req) { String path = req.getRestxPath(); return RestxHandlerMatch.of(matcher.match(req.getHttpMethod(), path), this); }
@Override public Optional<RestxHandlerMatch> match(RestxRequest req) { String path = req.getRestxPath(); return RestxHandlerMatch.of(matcher.match(req.getHttpMethod(), path), this); }
@Override public Optional<RestxHandlerMatch> match(RestxRequest req) { Optional<String> origin = req.getHeader("Origin"); if (origin.isPresent() && !isSameOrigin(req, origin.get()) && !isPreflightRequest(req)) { CORS cors = CORS.check(authorizers, req, origin.get(), req.getHttpMethod(), req.getRestxPath()); if (cors.isAccepted()) { return Optional.of(new RestxHandlerMatch(new StdRestxRequestMatch("*", req.getRestxPath(), ImmutableMap.<String, String>of(), ImmutableMap.of("cors", cors)), this)); } else { if (isSimpleCORSRequest(req)) { logger.info("Unauthorized simple CORS request; Origin={}; Method={}", origin.get(), req.getHttpMethod()); } else { // the check should already have been done by the preflight request, so we shouldn't get to that point // but we never know how the client is actually implemented logger.info("Unauthorized CORS request (not captured by pre flight); Origin={}; Method={}", origin.get(), req.getHttpMethod()); } return unauthorized(req); } } return Optional.absent(); }