@Override public void filter(ContainerRequestContext requestContext) throws IOException { final SecurityContext sc = requestContext.getSecurityContext(); if (!isUserLoggedIn(sc)) { try { final String destResource = URLEncoder.encode( requestContext.getUriInfo().getRequestUri().toString(), "UTF-8"); final URI loginURI = requestContext.getUriInfo().getBaseUriBuilder() .path(LogInLogOutPages.LOGIN_RESOURCE) .queryParam(LogInLogOutPages.REDIRECT_QUERY_PARM, destResource) .build(); requestContext .abortWith(Response.temporaryRedirect(loginURI).build()); } catch (final Exception ex) { final String errMsg = String.format( "Failed to forward the request to login page: %s", ex.getMessage()); LOG.error(errMsg, ex); requestContext .abortWith(Response.serverError().entity(errMsg).build()); } } } }
@Override public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException { final String method = requestContext.getMethod(); final String uri = requestContext.getUriInfo().getRequestUri().toString(); final int respStatus = responseContext.getStatus(); final String reasonPhrase = responseContext.getStatusInfo().getReasonPhrase(); final String srcIpAddr = request.get().getRemoteAddr(); final String contentType = requestContext.getHeaderString(HttpHeaders.CONTENT_TYPE); LOGGER.info("Handled request from {} {} {}, content-type {} status code {} {}", srcIpAddr, method, uri, contentType, respStatus, reasonPhrase); } }
@Override public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException { final Response.StatusType responseStatus = responseContext.getStatusInfo(); final String requestPath = requestContext.getUriInfo().getAbsolutePath().getPath(); final List<MediaType> acceptableMediaTypes = requestContext.getAcceptableMediaTypes(); final boolean acceptsHtml = acceptableMediaTypes.stream() .anyMatch(mediaType -> mediaType.isCompatible(MediaType.TEXT_HTML_TYPE) || mediaType.isCompatible(MediaType.APPLICATION_XHTML_XML_TYPE)); final boolean isGetRequest = "get".equalsIgnoreCase(requestContext.getMethod()); if (isGetRequest && responseStatus == Response.Status.NOT_FOUND && acceptsHtml && !requestPath.startsWith("/" + HttpConfiguration.PATH_API)) { final String entity = indexHtmlGenerator.get(requestContext.getHeaders()); responseContext.setStatusInfo(Response.Status.OK); responseContext.setEntity(entity, new Annotation[0], MediaType.TEXT_HTML_TYPE); responseContext.getHeaders().putSingle("X-UA-Compatible", "IE=edge"); } } }
@Override public void filter(final ContainerRequestContext request, final ContainerResponseContext response) throws IOException { String id = request.getHeaderString(REQUEST_ID); if (Strings.isNullOrEmpty(id)) { id = generateRandomUuid().toString(); } logger.trace("method={} path={} request_id={} status={} length={}", request.getMethod(), request.getUriInfo().getPath(), id, response.getStatus(), response.getLength()); response.getHeaders().putSingle(REQUEST_ID, id); }
@Override public void filter(ContainerRequestContext rc) { String maybeType = rc.getUriInfo().getQueryParameters().getFirst("type"); if (maybeType != null && maybeType.equals("gpx")) { rc.getHeaders().putSingle(HttpHeaders.ACCEPT, "application/gpx+xml"); } }
@Override public void filter(ContainerRequestContext ctx) throws IOException { // validate if (!headerValue.equals(ctx.getHeaderString(headerName))) { ctx.abortWith(Response.status(Response.Status.FORBIDDEN) .type(MediaType.TEXT_PLAIN) .entity(String.format("Expected header '%s' not present or value not equal to '%s'", headerName, headerValue)) .build()); } }
final String incomingReqUri = req.getUriInfo().getRequestUri().toString(); final String incomingBaseUri = req.getUriInfo().getBaseUri().toASCIIString(); try { String baseUriWithoutSlash = incomingBaseUri; URI newReqUri = new URI(baseUriWithoutSlash + "/" + relativeUri); LOGGER .warn("Rewriting new Request URI {} (incomingBaseUri = {}, incomingReqUri = {})", newReqUri.toString(), incomingBaseUri, incomingReqUri); req.setRequestUri(newReqUri); String path = req.getUriInfo().getPath(); if ((req.getMethod().equalsIgnoreCase("PUT") || req.getMethod().equalsIgnoreCase("POST"))) { String mediaType = modifiedContentType(path); if (mediaType != null) { req.getHeaders().remove(HttpHeaders.CONTENT_TYPE); req.getHeaders().add(HttpHeaders.CONTENT_TYPE, mediaType);
URI requestUri = request.getUriInfo().getRequestUri(); String query = requestUri.getQuery(); String origRequest; if ((null == query) || query.isEmpty()) { origRequest = requestUri.getPath(); } else { origRequest = requestUri.getPath() + "?" + query; securityContext.endpointConfig(ec); request.setProperty(PROP_FILTER_CONTEXT, filterContext); request.setSecurityContext(new JerseySecurityContext(securityContext, filterContext.getMethodSecurity(), "https".equals(filterContext.getTargetUri().getScheme())));
@Override public Response apply(ContainerRequestContext request) { Map<String, Link> links = this.linksResolver .resolveLinks(request.getUriInfo().getAbsolutePath().toString()); return Response.ok(Collections.singletonMap("_links", links)).build(); }
@Override public URL getRequestURL() { try { return context.getUriInfo().getRequestUri().toURL(); } catch (MalformedURLException ex) { Logger.getLogger(OAuthServerRequest.class.getName()).log(Level.SEVERE, null, ex); return null; } }
@Override public void filter(ContainerRequestContext requestContext) { if (!tracingEnabled(requestContext)) { return; } ServerRequest serverRequest = this.request.get(); Tracer tracer = serverRequest.webServer().configuration().tracer(); SpanContext parentSpan = TracingContext.get() .map(TracingContext::parentSpan) .orElseGet(serverRequest::spanContext); Tracer.SpanBuilder spanBuilder = tracer .buildSpan(spanName(requestContext)) .asChildOf(parentSpan) .withTag(Tags.SPAN_KIND.getKey(), Tags.SPAN_KIND_SERVER) .withTag(Tags.HTTP_METHOD.getKey(), requestContext.getMethod()) .withTag(Tags.HTTP_URL.getKey(), requestContext.getUriInfo().getRequestUri().toString()) .withTag(Tags.COMPONENT.getKey(), "jaxrs"); configureSpan(spanBuilder); Span span = spanBuilder.start(); requestContext.setProperty(SPAN_PROPERTY, span); // set the client tracing context TracingContext.compute(() -> TracingContext.create(tracer, requestContext.getHeaders())) .parentSpan(span.context()); }
@Override protected FilterContext initRequestFiltering(ContainerRequestContext requestContext) { FilterContext context = new FilterContext(); Method definitionMethod = getDefinitionMethod(requestContext); if (definitionMethod == null) { // this will end in 404, just let it on context.setShouldFinish(true); return context; } context.setMethodSecurity(getMethodSecurity(definitionMethod)); context.setResourceName(definitionMethod.getDeclaringClass().getSimpleName()); context.setMethod(requestContext.getMethod()); context.setHeaders(HttpUtil.toSimpleMap(requestContext.getHeaders())); context.setTargetUri(requestContext.getUriInfo().getRequestUri()); context.setResourcePath(context.getTargetUri().getPath()); context.setJerseyRequest((ContainerRequest) requestContext); // now extract headers featureConfig().getQueryParamHandlers() .forEach(handler -> handler.extract(uriInfo, context.getHeaders())); return context; }
@Override public void filter(final ContainerRequestContext rc) throws IOException { final UriInfo uriInfo = rc.getUriInfo(); String path = uriInfo.getRequestUri().getRawPath(); if (path.indexOf('.') == -1) { return; final List<PathSegment> l = uriInfo.getPathSegments(false); if (l.isEmpty()) { return; rc.getHeaders().putSingle(HttpHeaders.ACCEPT, accept.toString()); rc.getHeaders().putSingle(HttpHeaders.ACCEPT_LANGUAGE, acceptLanguage); rc.setRequestUri(uriInfo.getRequestUriBuilder().replacePath(path).build());
@Override public void filter(final ContainerRequestContext request) { if (!request.getMethod().equalsIgnoreCase("POST")) { return; final String header = getParamValue(Source.HEADER, request.getHeaders(), "X-HTTP-Method-Override"); final String query = getParamValue(Source.QUERY, request.getUriInfo().getQueryParameters(), "_method"); request.setMethod(override); if (override.equals("GET")) { if (request.getMediaType() != null && MediaType.APPLICATION_FORM_URLENCODED_TYPE.getType().equals(request.getMediaType().getType())) { final UriBuilder ub = request.getUriInfo().getRequestUriBuilder(); final Form f = ((ContainerRequest) request).readEntity(Form.class); for (final Map.Entry<String, List<String>> param : f.asMap().entrySet()) { ub.queryParam(param.getKey(), param.getValue().toArray()); request.setRequestUri(request.getUriInfo().getBaseUri(), ub.build());
/** * CORS request filter. * Hijack "preflight" OPTIONS requests before the Jersey resources get them. * The response will then pass through the CORS response filter on its way back out. */ @Override public void filter(ContainerRequestContext requestContext) throws IOException { if (HttpMethod.OPTIONS.equals(requestContext.getMethod())) { Response.ResponseBuilder preflightResponse = Response.status(Response.Status.OK); if (requestContext.getHeaderString("Access-Control-Request-Headers") != null) { preflightResponse.header("Access-Control-Allow-Headers", requestContext.getHeaderString("Access-Control-Request-Headers")); } if (requestContext.getHeaderString("Access-Control-Request-Method") != null) { preflightResponse.header("Access-Control-Allow-Method", "GET,POST"); } requestContext.abortWith(preflightResponse.build()); } }
@Override public void filter(ContainerRequestContext request, ContainerResponseContext response) throws IOException { if (!response.hasEntity()) { return; List<String> varyHeader = response.getStringHeaders().get(HttpHeaders.VARY); if (varyHeader == null || !varyHeader.contains(HttpHeaders.ACCEPT_ENCODING)) { response.getHeaders().add(HttpHeaders.VARY, HttpHeaders.ACCEPT_ENCODING); if (response.getHeaders().getFirst(HttpHeaders.CONTENT_ENCODING) != null) { return; List<String> acceptEncoding = request.getHeaders().get(HttpHeaders.ACCEPT_ENCODING);
@Override public void filter(ContainerRequestContext requestContext) { if (requestContext.getMethod().equals("OPTIONS")) { return; String authHeader = requestContext.getHeaderString(AUTHORIZATION_HEADER); if (authHeader != null) { requestContext.setSecurityContext(securityContext); } else { Method method = resourceInfo.getResourceMethod(); if (!method.isAnnotationPresent(PermitAll.class)) { Response.ResponseBuilder responseBuilder = Response.status(Response.Status.UNAUTHORIZED); if (!XML_HTTP_REQUEST.equals(request.getHeader(X_REQUESTED_WITH))) { responseBuilder.header(WWW_AUTHENTICATE, BASIC_REALM); throw new WebApplicationException(responseBuilder.build());
private void handleGET(ContainerRequestContext request, String key) List<MediaType> acceptableMediaTypes = request.getAcceptableMediaTypes(); if (acceptableMediaTypes != null && acceptableMediaTypes.size() > 0) entry = cache.get(key, acceptableMediaTypes.get(0), request.getHeaders()); entry = cache.get(key, MediaType.WILDCARD_TYPE, request.getHeaders()); if (builder != null) request.abortWith(builder.cacheControl(cc).build()); return; builder = Response.ok(); builder.entity(entry.getCached()); for (Map.Entry<String, List<Object>> header : entry.getHeaders().entrySet()) builder.cacheControl(cc); request.setProperty(DO_NOT_CACHE_RESPONSE, true); request.abortWith(builder.build());
@Override public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException { if (LOG.isDebugEnabled()) { try { final String rawQuery = requestContext.getUriInfo().getRequestUri().getRawQuery(); final Date requestDate = requestContext.getDate(); final String userName = RestTools.getUserNameFromRequest(requestContext); final String remoteAddress = RestTools.getRemoteAddrFromRequest(response.getRequest(), trustedProxies); final String userAgent = requestContext.getHeaderString(HttpHeaders.USER_AGENT); LOG.debug("{} {} [{}] \"{} {}{}\" {} {} {}", remoteAddress, userName == null ? "-" : userName, (requestDate == null ? "-" : requestDate), requestContext.getMethod(), requestContext.getUriInfo().getPath(), (rawQuery == null ? "" : "?" + rawQuery), (userAgent == null ? "-" : userAgent), responseContext.getStatus(), responseContext.getLength()); } catch (Exception e) { LOG.error("Error while processing REST API access log", e); } } } }