@Override public String resolveProtocol(Request request) { if(isProxyRequest(request)){ return request.getHeader(X_FORWARDED_PROTOCOL); }else{ throw new IllegalStateException("this request is not a proxied request"); } } }
@Override public String resolveUserAgentRealIp(Request request) { if(isProxyRequest(request)){ return request.getHeader(X_FORWARDED_FOR); }else{ throw new IllegalStateException("this request is not a proxied request"); } }
@Override public String resolveProxyServerName(Request request) { if(isProxyRequest(request)){ return request.getHeader(X_FORWARDED_SERVER); }else{ throw new IllegalStateException("this request is not a proxied request"); } }
@Override public String resolveProtocol(Request request) { if(isProxyRequest(request)){ return request.getHeader(X_FORWARDED_PROTOCOL); }else{ throw new IllegalStateException("this request is not a proxied request"); } } }
@Override public String resolveUserAgentRealIp(Request request) { if(isProxyRequest(request)){ return request.getHeader(X_FORWARDED_FOR); }else{ throw new IllegalStateException("this request is not a proxied request"); } }
@Override public String resolveProxyServerName(Request request) { if(isProxyRequest(request)){ return request.getHeader(X_FORWARDED_SERVER); }else{ throw new IllegalStateException("this request is not a proxied request"); } }
@Override public Token extractTokenFromRequest(Request request) { String v = request.getParameter(OAuth2Constants.ACCESS_TOKEN); if (Strings.isEmpty(v)) { v = request.getHeader(Headers.AUTHORIZATION); if (Strings.startsWithIgnoreCase(v, OAuth2Constants.BEARER_TYPE)) { v = v.substring(OAuth2Constants.BEARER_TYPE.length()).trim(); } else { v = null; } } if (Strings.isEmpty(v)) { return null; } return new SimpleToken(v); }
protected String getToken(Request request) { String token = request.getHeader(securityConfig.getAuthenticationTokenHeaderName()); if(Strings.isEmpty(token)) { Cookie cookie = request.getCookie(getCookieName(request)); if(null != cookie) { token = cookie.getValue(); } } return token; }
protected String[] extractClientCredentials(Request request, Response response) { String authorization = request.getHeader(Headers.AUTHORIZATION); if(!Strings.isEmpty(authorization)){ if(!authorization.startsWith("Basic")){ error(response, 400, INVALID_REQUEST, "invalid Authorization header"); return null; } String base64Token = Strings.trim(authorization.substring("Basic".length())); String token = Base64.decode(base64Token); String[] idAndSecret = Strings.split(token,":"); if(idAndSecret.length != 2){ error(response, 400, INVALID_REQUEST, "invalid Authorization header"); return null; } return new String[]{idAndSecret[0],idAndSecret[1]}; } return new String[]{request.getParameter("client_id"), request.getParameter("client_secret")}; }
@Override public String resolveUserAgentForwarded(Request request) { if(isProxyRequest(request)){ String host = request.getHeader(X_FORWARDED_HOST); if(Strings.isNotEmpty(host)){ String protocol = resolveProtocol(request); if(Strings.isEmpty(protocol)){ protocol = "http"; } protocol += "://"; return protocol + host + request.getContextPath(); }else{ return host + request.getContextPath(); } }else{ throw new IllegalStateException("this request is not a proxied request"); } }
@Override public String resolveUserAgentForwarded(Request request) { if(isProxyRequest(request)){ String host = request.getHeader(X_FORWARDED_HOST); if(Strings.isNotEmpty(host)){ String protocol = resolveProtocol(request); if(Strings.isEmpty(protocol)){ protocol = "http"; } protocol += "://"; return protocol + host + request.getContextPath(); }else{ return host + request.getContextPath(); } }else{ throw new IllegalStateException("this request is not a proxied request"); } }
protected String getCsrfTokenString(Request request) { String token = request.getHeader(securityConfig.getCsrfHeaderName()); if(Strings.isEmpty(token)) { token = request.getParameter(securityConfig.getCsrfParameterName()); if(Strings.isEmpty(token)) { token = CSRF.getRequestToken(request); } } return token; } }
void handleJsonSpecRequest(Api api, Request req, Response resp) throws Throwable { SwaggerJsonWriter w = new SwaggerJsonWriter(); w.setPropertyNamingStyle(api.getConfig().getPropertyNamingStyle()); resp.setContentType(w.getContentType()); String[] parts = req.getParameterValues("parts"); if(null != parts && parts.length == 1) { parts = Strings.split(parts[0], ','); } Set<String> partsSet = null == parts ? Collections.emptySet() : New.hashSet(parts); ApiSpecContext context = new ApiSpecContextImpl(req, partsSet); String json = toSwaggerJson(w, context, api.getMetadata()); String fingerprint = assetStrategy.getFingerprint(json.getBytes()); resp.setHeader(Headers.ETAG, "\"" + fingerprint + "\""); String ifNoneMatch = req.getHeader(Headers.IF_NONE_MATCH); if(!Strings.isEmpty(ifNoneMatch) && ifNoneMatch.equals("\"" + fingerprint + "\"")) { resp.setStatus(HTTP.SC_NOT_MODIFIED); }else { resp.getWriter().write(json); } }
protected AuthzClientCredentials extractClientCredentials(Request request, Response response,OAuth2Params params){ String header = request.getHeader(OAuth2Constants.TOKEN_HEADER); if(header != null && !Strings.isEmpty(header)){ if(!header.startsWith(OAuth2Constants.BASIC_TYPE)){
protected AuthzClientCredentials extractClientCredentials(Request request, Response response, OAuth2Params params) { String header = request.getHeader(OAuth2Constants.TOKEN_HEADER); if (header != null && !Strings.isEmpty(header)) { if (!header.startsWith(OAuth2Constants.BASIC_TYPE)) {