@Override public String headers(String header) { return delegate.headers(header); }
@Override public Set<String> headers() { return delegate.headers(); }
default String preconditionHeader(Request request, String header) { //possibly move to a filter/middleware? String etag = request.headers(header); if (etag == null) { return null; } // workaround for how jetty's gzip handler modifies the etag return etag.replaceAll("^\"(.*)\"$", "$1").replaceAll("(.*)(--(gzip|deflate))", "$1"); }
protected boolean isJsonContentType(Request request) { String mime = request.headers("Content-Type"); if (isBlank(mime)) { return false; } try { MimeType mimeType = MimeType.valueOf(mime); return "application".equals(mimeType.getType()) && "json".equals(mimeType.getSubtype()); } catch (InvalidMimeTypeException e) { return false; } }
protected void verifyContentType(Request request, Response response) throws IOException { if (!UPDATE_HTTP_METHODS.contains(request.requestMethod().toUpperCase())) { return; } boolean requestHasBody = request.contentLength() >= 1 || request.raw().getInputStream().available() >= 1 || "chunked".equalsIgnoreCase(request.headers("Transfer-Encoding")); if (requestHasBody) { if (!isJsonContentType(request)) { throw haltBecauseJsonContentTypeExpected(); } } else if (request.headers().stream().noneMatch(headerName -> headerName.toLowerCase().equals("x-gocd-confirm"))) { throw haltBecauseConfirmHeaderMissing(); } }
public User getAuthenticatedUser(Request request) { User theUser = request.session().attribute(USER_SESSION_ID); if(theUser == null) { String authHeader = request.headers("Authorization"); if(authHeader != null) { byte[] authData;
response.header("Access-Control-Allow-Origin", request.headers("Origin")); response.header("Access-Control-Allow-Methods", "GET, POST, PUT"); response.header("Access-Control-Allow-Headers", request.headers("Access-Control-Request-Headers")); response.header("Content-Type", "text/html; charset=utf-8"); return ""; response.header("Access-Control-Allow-Origin", request.headers("Origin")); response.header("Access-Control-Allow-Methods", "GET, POST, PUT"); response.header("Access-Control-Allow-Headers", request.headers("Access-Control-Request-Headers")); response.header("Content-Type", "text/html; charset=utf-8"); return ""; response.header("Access-Control-Allow-Origin", request.headers("Origin")); response.header("Access-Control-Allow-Methods", "GET, POST, PUT"); response.header("Access-Control-Allow-Headers", request.headers("Access-Control-Request-Headers")); response.header("Content-Type", "text/html; charset=utf-8"); return ""; response.header("Access-Control-Allow-Origin", request.headers("Origin")); response.header("Access-Control-Allow-Methods", "GET, POST, PUT"); response.header("Access-Control-Allow-Headers", request.headers("Access-Control-Request-Headers")); response.header("Content-Type", "text/html; charset=utf-8"); return ""; response.header("Access-Control-Allow-Origin", request.headers("Origin")); response.header("Access-Control-Allow-Methods", "GET, POST, PUT"); response.header("Access-Control-Allow-Headers", request.headers("Access-Control-Request-Headers")); response.header("Content-Type", "text/html; charset=utf-8"); return "";
response.header("Access-Control-Allow-Origin", request.headers("Origin")); response.type("application/json"); response.status(HttpStatus.SC_OK); response.header("Access-Control-Allow-Origin", request.headers("Origin")); response.type("application/json"); response.status(HttpStatus.SC_OK); response.header("Access-Control-Allow-Origin", request.headers("Origin")); response.header("Access-Control-Allow-Methods", "GET, POST, PUT"); response.header("Access-Control-Allow-Headers", request.headers("Access-Control-Request-Headers")); response.header("Content-Type", "text/html"); return ""; response.header("Access-Control-Allow-Origin", request.headers("Origin")); response.type("application/json"); response.status(HttpStatus.SC_OK); response.header("Access-Control-Allow-Origin", request.headers("Origin")); response.type("application/json"); response.status(HttpStatus.SC_OK); response.header("Access-Control-Allow-Origin", request.headers("Origin")); response.type("application/json"); response.status(HttpStatus.SC_OK); response.header("Access-Control-Allow-Origin", request.headers("Origin")); response.type("application/json"); response.status(HttpStatus.SC_OK);
response.header("Access-Control-Allow-Origin", request.headers("Origin")); response.header("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE"); response.header("Access-Control-Allow-Headers", request.headers("Access-Control-Request-Headers")); response.header("Content-Type", "text/html; charset=utf-8"); return ""; response.header("Access-Control-Allow-Origin", request.headers("Origin")); response.status(HttpStatus.SC_CREATED); response.header("Access-Control-Allow-Origin", request.headers("Origin")); response.header("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE"); response.header("Access-Control-Allow-Headers", request.headers("Access-Control-Request-Headers")); response.header("Content-Type", "text/html; charset=utf-8"); return ""; response.header("Access-Control-Allow-Origin", request.headers("Origin")); response.header("Access-Control-Allow-Methods", "POST"); response.header("Access-Control-Allow-Headers", request.headers("Access-Control-Request-Headers")); response.header("Content-Type", "text/html; charset=utf-8"); return ""; response.header("Access-Control-Allow-Origin", request.headers("Origin")); response.header("Access-Control-Allow-Methods", "PUT"); response.header("Access-Control-Allow-Headers", request.headers("Access-Control-Request-Headers")); response.header("Content-Type", "text/html; charset=utf-8"); return ""; response.header("Access-Control-Allow-Origin", request.headers("Origin")); response.header("Access-Control-Allow-Methods", "POST");
private String readToken(Request request) { String authorization = request.headers("Authorization"); return authorization.substring(authorization.indexOf(' ') + 1); } }
private String injectAuthorizationMetaTag(Request request, String indexHtml) { String authHeader = request.headers("Authorization"); if (authHeader == null || authHeader.isEmpty()) { return indexHtml; } String meta = String.format("<meta name=\"authorization\" content=\"%s\">", authHeader); return indexHtml.replaceFirst("<head>", "<head>" + meta); }
private static String details(Request request, Response response) throws UnknownHostException { StringBuilder sb = new StringBuilder(); String myHostname = InetAddress.getLocalHost().getHostName(); sb.append("Hello World By: ").append(myHostname).append("<br/>"); String sourceIP = request.ip(); sb.append("Receive Request From: ").append(sourceIP).append("<br/>"); sb.append("Request Headers are: ").append("<br/>"); request.headers().forEach(header -> sb.append(header).append(": ").append(request.headers(header)).append("<br/>")); return sb.toString(); }
@Override public void define(Service service) { service.options("/*", (request, response) -> { Optional.ofNullable(request.headers("Access-Control-Request-Headers")) .ifPresent(header -> response.header("Access-Control-Allow-Headers", header)); Optional.ofNullable(request.headers("Access-Control-Request-Method")) .ifPresent(header -> response.header("Access-Control-Allow-Methods", header)); return ""; }); } }
public static void allowAllHeaders(Request req, Response res) { String origin = req.headers("Origin"); res.header("Access-Control-Allow-Credentials", "true"); res.header("Access-Control-Allow-Origin", origin); res.header("Content-Encoding", "gzip"); }
@Override public void handle(final Request request, final Response response) { if (!isAuthenticated(request.headers("Authorization"))) { response.header("WWW-Authenticate", "Basic"); server.halt(UNAUTHORIZED_STATUS_CODE); } }
@Test public void handleShouldAcceptValidJwt() throws Exception { Request request = mock(Request.class); when(request.headers(JwtFilter.AUTHORIZATION_HEADER_NAME)).thenReturn("Bearer value"); when(jwtTokenVerifier.verify("value")).thenReturn(true); when(jwtTokenVerifier.hasAttribute("admin", true, "value")).thenReturn(true); jwtFilter.handle(request, mock(Response.class)); } }
@Test public void handleShouldRejectRequestWithBearersHeaders() throws Exception { Request request = mock(Request.class); when(request.headers(JwtFilter.AUTHORIZATION_HEADER_NAME)).thenReturn("Invalid value"); expectedException.expect(HaltException.class); expectedException.expect(STATUS_CODE_MATCHER_401); jwtFilter.handle(request, mock(Response.class)); }
@Test public void handleShouldRejectRequestWithHeaders() throws Exception { Request request = mock(Request.class); when(request.headers()).thenReturn(ImmutableSet.of()); expectedException.expect(HaltException.class); expectedException.expect(STATUS_CODE_MATCHER_401); jwtFilter.handle(request, mock(Response.class)); }
@Test public void handleShouldRejectRequestWithoutAdminClaim() throws Exception { Request request = mock(Request.class); when(request.headers(JwtFilter.AUTHORIZATION_HEADER_NAME)).thenReturn("Bearer value"); when(jwtTokenVerifier.verify("value")).thenReturn(true); when(jwtTokenVerifier.hasAttribute("admin", true, "value")).thenReturn(false); expectedException.expect(HaltException.class); expectedException.expect(STATUS_CODE_MATCHER_401); jwtFilter.handle(request, mock(Response.class)); }
@Test public void handleShouldRejectRequestWithInvalidBearerHeaders() throws Exception { Request request = mock(Request.class); when(request.headers(JwtFilter.AUTHORIZATION_HEADER_NAME)).thenReturn("Bearer value"); when(jwtTokenVerifier.verify("value")).thenReturn(false); expectedException.expect(HaltException.class); expectedException.expect(STATUS_CODE_MATCHER_401); jwtFilter.handle(request, mock(Response.class)); }