private static boolean isJsonRpcLightUri(HttpServletRequest rq) { String pathInfo = ServletUtils.extractPathInfo(rq); return Iterables.any(JSON_RPC_PATHS, pathInfo::startsWith); }
private static boolean isJsonRpcLightUri(HttpServletRequest rq) { String pathInfo = ServletUtils.extractPathInfo(rq); return Iterables.any(JSON_RPC_PATHS, pathInfo::startsWith); }
public boolean allow(final HttpServletRequest request) { if (!this.httpMethod.equalsIgnoreCase(request.getMethod())) { return false; } final String pathInfo = ServletUtils.extractPathInfo(request); return paths.stream().anyMatch(path -> isRegex ? pathInfo.matches(path) : pathInfo.startsWith(path)); }
public boolean allow(final HttpServletRequest request) { if (!this.httpMethod.equalsIgnoreCase(request.getMethod())) { return false; } final String pathInfo = ServletUtils.extractPathInfo(request); return paths.stream().anyMatch(path -> isRegex ? pathInfo.matches(path) : pathInfo.startsWith(path)); }
public boolean allow(HttpServletRequest request) { final String pathInfo = ServletUtils.extractPathInfo(request); if (path.equals(pathInfo)) { String method = extractMethod(request); if (method == null) { return false; } else if (methods.contains(method)) { return true; } } return false; }
public boolean allow(HttpServletRequest request) { final String pathInfo = ServletUtils.extractPathInfo(request); if (path.equals(pathInfo)) { String method = extractMethod(request); if (method == null) { return false; } else if (methods.contains(method)) { return true; } } return false; }
public boolean allow(HttpServletRequest request) { if (!httpMethod.equals(request.getMethod())) { return false; } final String pathInfo = ServletUtils.extractPathInfo(request); if (path.equals(pathInfo)) { // methodName not in path so extract it from body String method = extractMethod(request); if (method == null) { return false; } else if (methods.contains(method)) { return true; } } else { // methodName in path String method = pathInfo.replaceAll(path + "/", ""); return methods.contains(method); } return false; }
public boolean allow(HttpServletRequest request) { if (!httpMethod.equals(request.getMethod())) { return false; } final String pathInfo = ServletUtils.extractPathInfo(request); if (path.equals(pathInfo)) { // methodName not in path so extract it from body String method = extractMethod(request); if (method == null) { return false; } else if (methods.contains(method)) { return true; } } else { // methodName in path String method = pathInfo.replaceAll(path + "/", ""); return methods.contains(method); } return false; }
public boolean allow(HttpServletRequest request) { final String pathInfo = ServletUtils.extractPathInfo(request); final String[] elements = StringUtils.split(pathInfo, '/'); if (elements.length > 2 && "rest".equals(elements[0])) { String name = elements[1]; String version = elements[2].toLowerCase(Locale.US); if (!isVersionString(version)) { version = null; } String method = request.getMethod().toLowerCase(Locale.US); String path = StringUtils.join(Arrays.copyOfRange(elements, version == null ? 2 : 3, elements.length), "/"); if (!path.startsWith("/")) { path = "/" + path; } for (RestScope scope : scopes) { if (scope.match(name, version, path, method)) { return true; } } } return false; }
public boolean allow(HttpServletRequest request) { final String pathInfo = ServletUtils.extractPathInfo(request); final String[] elements = StringUtils.split(pathInfo, '/'); if (elements.length > 2 && "rest".equals(elements[0])) { String name = elements[1]; String version = elements[2].toLowerCase(Locale.US); if (!isVersionString(version)) { version = null; } String method = request.getMethod().toLowerCase(Locale.US); String path = StringUtils.join(Arrays.copyOfRange(elements, version == null ? 2 : 3, elements.length), "/"); if (!path.startsWith("/")) { path = "/" + path; } for (RestScope scope : scopes) { if (scope.match(name, version, path, method)) { return true; } } } return false; }
public boolean allow(HttpServletRequest request) { if (!httpMethod.equals(request.getMethod())) { return false; } final String pathInfo = ServletUtils.extractPathInfo(request); if (path.equals(pathInfo)) { Optional<Pair<String, String>> maybeNamespaceAndName = getMethod(request); if (!maybeNamespaceAndName.isPresent()) { return false; } Pair<String, String> namespaceAndName = maybeNamespaceAndName.get(); for (SoapScope scope : soapActions) { if (scope.match(namespaceAndName.left(), namespaceAndName.right())) { return true; } } } return false; }
public boolean allow(HttpServletRequest request) { if (!httpMethod.equals(request.getMethod())) { return false; } final String pathInfo = ServletUtils.extractPathInfo(request); if (path.equals(pathInfo)) { Optional<Pair<String, String>> maybeNamespaceAndName = getMethod(request); if (!maybeNamespaceAndName.isPresent()) { return false; } Pair<String, String> namespaceAndName = maybeNamespaceAndName.get(); for (SoapScope scope : soapActions) { if (scope.match(namespaceAndName.left(), namespaceAndName.right())) { return true; } } } return false; }
/** * Trim potentially sensitive values from REST calls, append method name for SOAP/RPC. * * @param rq * @return a path that is safe to use for analytics */ private static String toAnalyticsSafePath(HttpServletRequest rq) { String path = StringUtils.removeEnd(ServletUtils.extractPathInfo(rq), "/"); if (isXmlRpcUri(path)) { String method = XmlRpcApiScopeHelper.extractMethod(rq); return path + "/" + method; } else if (isJsonRpcUri(path)) { String method = JsonRpcApiScopeHelper.extractMethod(rq); return path + "/" + method; } else if (isSoapUri(path)) { Optional<Pair<String, String>> maybeMethod = RpcEncodedSoapApiScopeHelper.getMethod(rq); if (!maybeMethod.isPresent()) { return path; } // We're ignoring the namespace String method = maybeMethod.get().right(); return path + "/" + method; } else if (isJsonRpcLightUri(rq)) { return path; } else { return trimRestPath(path); } }
/** * Trim potentially sensitive values from REST calls, append method name for SOAP/RPC. * * @param rq * @return a path that is safe to use for analytics */ private static String toAnalyticsSafePath(HttpServletRequest rq) { String path = StringUtils.removeEnd(ServletUtils.extractPathInfo(rq), "/"); if (isXmlRpcUri(path)) { String method = XmlRpcApiScopeHelper.extractMethod(rq); return path + "/" + method; } else if (isJsonRpcUri(path)) { String method = JsonRpcApiScopeHelper.extractMethod(rq); return path + "/" + method; } else if (isSoapUri(path)) { Optional<Pair<String, String>> maybeMethod = RpcEncodedSoapApiScopeHelper.getMethod(rq); if (!maybeMethod.isPresent()) { return path; } // We're ignoring the namespace String method = maybeMethod.get().right(); return path + "/" + method; } else if (isJsonRpcLightUri(rq)) { return path; } else { return trimRestPath(path); } }