@Override public String getCountedValue(Request request) { if (request.getClientInfo().getUser() != null) { return request.getClientInfo().getUser().getIdentifier(); } // Otherwise, use the IP address. return request.getClientInfo().getUpstreamAddress(); }
/** * Sets the media type preferences. Note that when used with HTTP * connectors, this property maps to the "Accept" header. * * @param acceptedMediaTypes * The media type preferences. */ public void setAcceptedMediaTypes( List<Preference<MediaType>> acceptedMediaTypes) { synchronized (this) { List<Preference<MediaType>> ac = getAcceptedMediaTypes(); ac.clear(); ac.addAll(acceptedMediaTypes); } }
public class MyEnroler implements Enroler { private Application application; public MyEnroler(Application application) { this.application = application; } public void enrole(ClientInfo clientInfo) { Role role = new Role(application, "roleId", "Role name"); clientInfo.getRoles().add(role); } }
/** * If client can accept text/html, always prefer it. WebKit-based browsers * claim to want application/xml, but we don't want to give it to them. See * <a href="https://webarchive.jira.com/browse/HER-1603">https://webarchive.jira.com/browse/HER-1603</a> */ public Variant getPreferredVariant() { boolean addExplicitTextHtmlPreference = false; for (Preference<MediaType> mediaTypePreference: getRequest().getClientInfo().getAcceptedMediaTypes()) { if (mediaTypePreference.getMetadata().equals(MediaType.TEXT_HTML)) { mediaTypePreference.setQuality(Float.MAX_VALUE); addExplicitTextHtmlPreference = false; break; } else if (mediaTypePreference.getMetadata().includes(MediaType.TEXT_HTML)) { addExplicitTextHtmlPreference = true; } } if (addExplicitTextHtmlPreference) { List<Preference<MediaType>> acceptedMediaTypes = getRequest().getClientInfo().getAcceptedMediaTypes(); acceptedMediaTypes.add(new Preference<MediaType>(MediaType.TEXT_HTML, Float.MAX_VALUE)); getRequest().getClientInfo().setAcceptedMediaTypes(acceptedMediaTypes); } return super.getPreferredVariant(); }
/** * Returns the preferred media type among a list of supported ones, based on * the client preferences. * * @param supported * The supported media types. * @return The preferred media type. */ public MediaType getPreferredMediaType(List<MediaType> supported) { return getPreferredMetadata(supported, getAcceptedMediaTypes()); }
clientInfo = new ClientInfo(); for (Preference<CharacterSet> o : rci.getAcceptedCharacterSets()) { clientInfo.getAcceptedCharacterSets().add(o); for (Preference<Encoding> o : rci.getAcceptedEncodings()) { clientInfo.getAcceptedEncodings().add(o); for (Preference<Language> o : rci.getAcceptedLanguages()) { clientInfo.getAcceptedLanguages().add(o); for (Preference<MediaType> o : rci.getAcceptedMediaTypes()) { clientInfo.getAcceptedMediaTypes().add(o); clientInfo.setAddress(rci.getAddress()); clientInfo.setAgent(rci.getAgent()); for (String o : rci.getForwardedAddresses()) { clientInfo.getForwardedAddresses().add(o); clientInfo.setFrom(rci.getFrom()); clientInfo.setPort(rci.getPort()); clientInfo.setAgentAttributes(rci.getAgentAttributes()); clientInfo.setAgentProducts(rci.getAgentProducts()); clientInfo.setAuthenticated(rci.isAuthenticated()); for (org.restlet.data.Expectation o : rci.getExpectations()) { clientInfo.getExpectations().add(o);
/** * Generates a CallLog for the request and adds it to the buffer. * * @param request * The Request object associated with the request. * @param response * The Response object associated with the request. * @param duration * The duration of the request in milliseconds. * @param startTime * The time at which the request arrived to the agent as an * epoch. */ public void addCallLogToBuffer(Request request, Response response, int duration, long startTime) { CallLog callLog = new CallLog(); callLog.setDate(new Date(startTime)); callLog.setDuration(duration); callLog.setMethod(request.getMethod().getName()); callLog.setPath(request.getResourceRef().getPath()); callLog.setRemoteIp(request.getClientInfo().getUpstreamAddress()); callLog.setStatusCode(response.getStatus().getCode()); callLog.setUserAgent(request.getClientInfo().getAgent()); callLog.setUserToken((request.getClientInfo().getUser() == null) ? "" : request.getClientInfo().getUser().getIdentifier()); callLogs.add(callLog); if (callLogs.size() >= bufferSize) { flushLogs(); } }
@Override protected int beforeHandle( Request request, Response response ) { String extensions = request.getResourceRef().getExtensions(); if ( extensions != null ) { int idx = extensions.lastIndexOf( '.' ); if ( idx != -1 ) { extensions = extensions.substring( idx + 1 ); } MetadataService metadataService = getApplication().getMetadataService(); Metadata metadata = metadataService.getMetadata( extensions ); if ( metadata instanceof MediaType ) { request.getClientInfo().setAcceptedMediaTypes( Collections.singletonList( new Preference<MediaType>( ( MediaType ) metadata ) ) ); String path = request.getResourceRef().getPath(); path = path.substring( 0, path.length() - extensions.length() - 1 ); request.getResourceRef().setPath( path ); } } return Filter.CONTINUE; }
@Override public void handle(Request request, Response response) { String entity = "Method : " + request.getMethod() + "\nResource URI : " + request.getResourceRef() + "\nIP address : " + request.getClientInfo().getAddress() + "\nAgent name : " + request.getClientInfo().getAgentName() + "\nAgent version: " + request.getClientInfo().getAgentVersion(); response.setEntity(entity, MediaType.TEXT_PLAIN); }
public static Map<String, Object> getBaseDataModel(final Request nextRequest) final ClientInfo nextClientInfo = nextRequest.getClientInfo(); final Map<String, Object> dataModel = new TreeMap<String, Object>(); dataModel.put("resourceRef", nextRequest.getResourceRef()); dataModel.put("rootRef", nextRequest.getRootRef()); dataModel.put("baseUrl", nextRequest.getRootRef().toString()); dataModel.put("clientInfo", nextClientInfo); dataModel.put("isAuthenticated", nextClientInfo.isAuthenticated()); final List<Role> roles = nextClientInfo.getRoles(); final boolean isAdmin = roles.contains(RestletUtilRoles.ADMIN.getRole()); dataModel.put("isAdmin", isAdmin); dataModel.put("currentUser", nextClientInfo.getUser()); dataModel.put("pageUrl", nextRequest.getOriginalRef().toString(false, false)); final User currentUser = nextClientInfo.getUser(); if(currentUser != null)
ChallengeResponse cr = request.getChallengeResponse(); if (cr == null) { ClientInfo clientInfo = request.getClientInfo(); clientInfo.setUser(new User(jsonResponse .getString(OAuthServerResource.USERNAME))); clientInfo.setRoles(Scopes.toRoles(jsonResponse .getString(OAuthServerResource.SCOPE))); } catch (JSONException ex) {
if(this.getRequest().getClientInfo().isAuthenticated()) .findUser(this.getRequest().getClientInfo().getUser().getIdentifier()); .getUserUri(this.getRequest().getClientInfo().getUser().getIdentifier()); .getRootRef().toString(false, false));
private UnitOfWork createUnitOfWork( Request request ) { UsecaseBuilder usecaseBuilder = UsecaseBuilder.buildUsecase( request.getResourceRef().getIdentifier( true ) ); User user = request.getClientInfo().getUser(); if( user != null ) { UserIdentity userIdentity = new UserIdentity( user.getIdentifier(), user.getName(), user.getEmail(), user.getFirstName(), user.getLastName() ); usecaseBuilder.withMetaInfo( userIdentity ); } return uowf.newUnitOfWork( usecaseBuilder.newUsecase() ); }
@Override public int verify(Request request, Response response) { final String token; try { ChallengeResponse cr = request.getChallengeResponse(); if (cr == null) { return RESULT_MISSING; } else if (ChallengeScheme.HTTP_OAUTH_BEARER.equals(cr.getScheme())) { final String bearer = cr.getRawValue(); if (bearer == null || bearer.isEmpty()) { return RESULT_MISSING; } token = bearer; } else { return RESULT_UNSUPPORTED; } } catch (Exception ex) { return RESULT_INVALID; } Try<User> user = accessTokenVerificationCommandFactory.createVerificationCommand(token).executeCommand(); return user.map(u -> { org.restlet.security.User restletUser = createRestletUser(u); request.getClientInfo().setUser(restletUser); request.getAttributes().put("token", token); return RESULT_VALID; }).orElse(RESULT_INVALID); }
public class MyEnroler implements Enroler { public void enrole(ClientInfo clientInfo) { Request request = Request.getCurrent(); User user = request.getClientInfo().getUser(); if (user!=null) { List<UserRole> roles = user.getRoles(); if (roles!=null) { for (UserRole userRole : roles) { // example of role creation Role role = new Role(userRole.getName(), ""); clientInfo.getRoles().add(role); } } } } }
public int verify(Request request, Response response) { final String clientId; final char[] clientSecret; ChallengeResponse cr = request.getChallengeResponse(); if (cr == null) { if (!isAcceptBodyMethod()) { Form params = new Form(request.getEntity()); clientId = params.getFirstValue(OAuthServerResource.CLIENT_ID); if (clientId == null || clientId.isEmpty()) { request.setEntity(params.getWebRepresentation()); } else { if (!cr.getScheme().equals(ChallengeScheme.HTTP_BASIC)) { request.getClientInfo().setUser(new User(clientId)); } else { response.setEntity(OAuthServerResource
/** * Authenticates the call using the X.509 client certificate. The * verification of the credentials is normally done by the SSL layer, via * the TrustManagers. * * It uses the certificate chain in the request's * "org.restlet.https.clientCertificates" attribute, adds the principal * returned from this chain by {@link #getPrincipals(List)} to the request's * ClientInfo and set the user to the result of {@link #getUser(Principal)} * if that user is non-null. * * If no client certificate is available, then a 401 status is set. */ @Override protected boolean authenticate(Request request, Response response) { List<Certificate> certchain = request.getClientInfo().getCertificates(); List<Principal> principals = getPrincipals(certchain); if ((principals != null) && (principals.size() > 0)) { request.getClientInfo().getPrincipals().addAll(principals); User user = getUser(principals.get(0)); if (user != null) { request.getClientInfo().setUser(user); } return true; } else { response.setStatus(Status.CLIENT_ERROR_UNAUTHORIZED); return false; } }
protected Client getAuthenticatedClient() throws OAuthException { User authenticatedClient = getRequest().getClientInfo().getUser(); if (authenticatedClient == null) { getLogger().warning("Authenticated client_id is missing."); return null; } // XXX: We 'know' the client was authenticated before, 'client' should // not be null. Client client = clients.findById(authenticatedClient.getIdentifier()); getLogger().fine( "Requested by authenticated client " + client.getClientId()); return client; }
@Override protected void afterHandle(Request request, Response response) { super.afterHandle(request, response); Cookie cookie = request.getCookies().getFirst("Credentials"); if (request.getClientInfo().isAuthenticated() && (cookie == null)) { String identifier = request.getChallengeResponse().getIdentifier(); String secret = new String(request.getChallengeResponse() .getSecret()); CookieSetting cookieSetting = new CookieSetting("Credentials", identifier + "=" + secret); cookieSetting.setAccessRestricted(true); cookieSetting.setPath("/"); cookieSetting.setComment("Unsecured cookie based authentication"); cookieSetting.setMaxAge(30); response.getCookieSettings().add(cookieSetting); } }