/** * Ensures the {@link HttpRequest} has been tokenized. * * @return {@link HttpRequest}. */ private HttpRequest ensureTokenised() { HttpRequest request = this.connection.getRequest(); if (!this.isTokenisedRequest) { // Tokenise out the arguments HttpRequestTokeniser.tokeniseHttpRequest(request, HttpRequestStateManagedObjectSource.this.argumentParsers, this); // Request now tokenised this.isTokenisedRequest = true; } return request; }
@Override @SuppressWarnings("unchecked") public T parse(ServerHttpConnection connection) throws HttpException { try { return (T) mapper.readValue(connection.getRequest().getEntity(), javaType); } catch (IOException ex) { throw new HttpException(ex); } } };
@Override public String extractApplicationPath(ServerHttpConnection connection) throws HttpException { return WebRouter.transformToApplicationCanonicalPath(connection.getRequest().getUri(), this.contextPath); }
@Override public Object execute(ManagedFunctionContext<NotFoundDependencies, None> context) throws NotFoundHttpException { // Obtain the request path ServerHttpConnection connection = (ServerHttpConnection) context .getObject(NotFoundDependencies.SERVER_HTTP_CONNECTION); String requestPath = connection.getRequest().getUri(); // Not found throw new NotFoundHttpException(requestPath); }
@Override public void loadObjects(ObjectRegistry<Indexed> registry) throws Throwable { this.objectRegistry = registry; // Obtain the server HTTP connection ServerHttpConnection connection = (ServerHttpConnection) registry .getObject(DefaultHttpAuthenticationManagedObjectSource.this.httpSecurityNames.length); // Determine the HTTP authentications to use int[] httpAuthenticationIndexes = DefaultHttpAuthenticationManagedObjectSource.this.negotiator .getHandler(connection.getRequest()); if (httpAuthenticationIndexes == null) { throw new HttpException(HttpStatus.INTERNAL_SERVER_ERROR, null, "No " + HttpAuthentication.class.getSimpleName() + " negotiated for default " + HttpAuthentication.class.getSimpleName()); } // Load the HTTP authentications this.httpAuthentications = new HttpAuthentication[httpAuthenticationIndexes.length]; for (int i = 0; i < httpAuthenticationIndexes.length; i++) { int httpAuthenticationIndex = httpAuthenticationIndexes[i]; this.httpAuthentications[i] = (HttpAuthentication<?>) registry.getObject(httpAuthenticationIndex); } }
@Override public void send(T object) throws HttpException { this.context.run(() -> { // Lazy obtain the content type cache if (this.contentTypeCache == null) { this.contentTypeCache = ObjectResponseManagedObjectSource.this.objectNegotiator .getHandler(this.connection.getRequest()); } // Ensure have acceptable content type if (this.contentTypeCache == null) { throw new HttpException(HttpStatus.NOT_ACCEPTABLE, ObjectResponseManagedObjectSource.this.notAcceptableHeaders, null); } // Handle the object handleObject(object, this.contentTypeCache, OBJECT_RESPONDER_FACTORY, this.connection); return null; }); } }
@Override public void authenticate(Void credentials, AuthenticateContext<MockAccessControl, None> context) throws HttpException { // Obtain the authentication scheme HttpAuthenticationScheme scheme = HttpAuthenticationScheme .getHttpAuthenticationScheme(context.getConnection().getRequest()); if ((scheme == null) || (!(AUTHENTICATION_SCHEME.equalsIgnoreCase(scheme.getAuthentiationScheme())))) { return; // no/incorrect authentication scheme } // Parse out user and roles String[] parameters = scheme.getParameters().split(","); String userName = parameters[0].trim(); String password = parameters.length > 1 ? parameters[1].trim() : null; if (!(userName.equals(password))) { return; // must match to authenticate } String[] roles = new String[parameters.length - 1]; for (int i = 1; i < parameters.length; i++) { roles[i - 1] = parameters[i].trim(); } // Create the access control MockAccessControl accessControl = new MockAccessControl(userName, roles); // Remember access control for further requests context.getSession().setAttribute(SESSION_ATTRIBUTE_HTTP_SECURITY, accessControl); // Return the access control context.accessControlChange(accessControl, null); }
/** * Services the {@link HttpRequest}. * * @param connection * {@link ServerHttpConnection}. * @param managedFunctionContext * {@link ManagedFunctionContext}. * @return <code>true</code> if {@link HttpRequest} was routed to a * {@link WebRouteHandler}. <code>false</code> indicates not * handled. */ public boolean service(ServerHttpConnection connection, ManagedFunctionContext<?, Indexed> managedFunctionContext) { // Obtain the request details HttpRequest request = connection.getRequest(); HttpMethod method = request.getMethod(); String requestUri = request.getUri(); // Attempt to match to a route for (int i = 0; i < this.nodes.length; i++) { WebRouteNode node = this.nodes[i]; // Determine if handled by node if (node.handle(method, requestUri, 0, null, connection, managedFunctionContext)) { return true; // servicing request } } // As here, not handling request return false; }
@Override public boolean handle(HttpEscalationContext context) throws IOException { // Obtain the connection ServerHttpConnection connection = context.getServerHttpConnection(); // Obtain the acceptable content type ContentTypeCache contentTypeCache = this.escalationNegotiator.getHandler(connection.getRequest()); if (contentTypeCache == null) { return false; // not able to handle escalation } // Obtain the escalation Throwable escalation = context.getEscalation(); // Handle escalation handleObject(escalation, contentTypeCache, ESCALATION_RESPONDER_FACTORY, connection); return true; // handled }
String path = connection.getRequest().getUri(); int endPathIndex = path.indexOf('?'); if (endPathIndex >= 0) {
.getHttpAuthenticationScheme(connection.getRequest()); if ((scheme == null) || (!(AUTHENTICATION_SCHEME_BASIC.equalsIgnoreCase(scheme.getAuthentiationScheme())))) {
@Override public boolean ratify(Void credentials, RatifyContext<HttpAccessControl> context) { // Attempt to obtain from session HttpAccessControl accessControl = (HttpAccessControl) context.getSession() .getAttribute(SESSION_ATTRIBUTE_HTTP_SECURITY); if (accessControl != null) { // Load the access control and no need to authenticate context.accessControlChange(accessControl, null); return false; } // Determine if digest credentials on request HttpAuthenticationScheme scheme = HttpAuthenticationScheme .getHttpAuthenticationScheme(context.getConnection().getRequest()); if ((scheme == null) || (!(AUTHENTICATION_SCHEME_DIGEST.equalsIgnoreCase(scheme.getAuthentiationScheme())))) { return false; // no/incorrect authentication scheme } // As here, then have digest authentication details return true; }
@Override public boolean ratify(Void credentials, RatifyContext<MockAccessControl> context) { // Attempt to obtain from session MockAccessControl accessControl = (MockAccessControl) context.getSession() .getAttribute(SESSION_ATTRIBUTE_HTTP_SECURITY); if (accessControl != null) { // Load the security and no need to authenticate context.accessControlChange(accessControl, null); return false; } // Determine if basic credentials on request HttpAuthenticationScheme scheme = HttpAuthenticationScheme .getHttpAuthenticationScheme(context.getConnection().getRequest()); if ((scheme == null) || (!(AUTHENTICATION_SCHEME.equalsIgnoreCase(scheme.getAuthentiationScheme())))) { return false; // must be mock authentication } // As here, then have mock authentication details return true; }
@Override public boolean ratify(Void credentials, RatifyContext<HttpAccessControl> context) { // Attempt to obtain from session HttpAccessControl accessControl = (HttpAccessControl) context.getSession() .getAttribute(SESSION_ATTRIBUTE_HTTP_SECURITY); if (accessControl != null) { // Load the security and no need to authenticate context.accessControlChange(accessControl, null); return false; } // Determine if basic credentials on request HttpAuthenticationScheme scheme = HttpAuthenticationScheme .getHttpAuthenticationScheme(context.getConnection().getRequest()); if ((scheme == null) || (!(AUTHENTICATION_SCHEME_BASIC.equalsIgnoreCase(scheme.getAuthentiationScheme())))) { return false; // must be basic authentication } // As here, then have basic authentication details return true; }
@Override public void loadObjects(ObjectRegistry<Indexed> registry) throws Throwable { // Obtain the HTTP request this.connection = (ServerHttpConnection) registry.getObject(this.serverHttpConnectionIndex); HttpRequest request = this.connection.getRequest(); // Ensure have the HTTP session Id generator if (this.httpSessionIdGenerator == null) { this.httpSessionIdGenerator = (HttpSessionIdGenerator) registry.getObject(this.httpSessionIdGeneratorIndex); } // Ensure have the HTTP session store if (this.httpSessionStore == null) { this.httpSessionStore = (HttpSessionStore) registry.getObject(this.httpSessionStoreIndex); } // Obtain the Session Id from the Session cookie HttpRequestCookie sessionIdCookie = request.getCookies().getCookie(this.sessionIdCookieName); String sessionId = (sessionIdCookie == null ? null : sessionIdCookie.getValue()); // Handle based on Session Id being available if ((sessionId == null) || (sessionId.trim().length() == 0)) { // No established session so create a new session this.generateSessionId(); } else { // Retrieve the existing session this.loadSessionId(sessionId, false); } }
@Override public Object execute(ManagedFunctionContext<HttpRouteDependencies, Indexed> context) { // Obtain the server HTTP connection ServerHttpConnection connection = (ServerHttpConnection) context .getObject(HttpRouteDependencies.SERVER_HTTP_CONNECTION); // Load the escalation handler if (this.escalationHandler != null) { connection.getResponse().setEscalationHandler(this.escalationHandler); } // Determine if potentially redirect HttpRequestCookie cookie = connection.getRequest().getCookies() .getCookie(HttpRedirectFunction.REDIRECT_COOKIE_NAME); if (cookie != null) { // Redirect, so trigger flow to import previous state context.doFlow(this.handleRedirectFlowIndex, cookie, null); return null; // serviced by redirect } // No redirect, so route the request return this.router.route(connection, context); }
@Override public void handle(HttpArgument pathArguments, ServerHttpConnection connection, ManagedFunctionContext<?, Indexed> context) { // Determine if secure connection is required if (this.isRequireSecure && (!connection.isSecure())) { // Non-secure, requiring secure - so redirect String path = connection.getRequest().getUri(); String securePath = connection.getServerLocation().createClientUrl(this.isRequireSecure, path); // Send redirect response to secure path HttpResponse response = connection.getResponse(); response.setStatus(HttpStatus.TEMPORARY_REDIRECT); response.getHeaders().addHeader(LOCATION, securePath); return; } // Undertake flow to service route context.doFlow(this.flowIndex, pathArguments, null); }
int[] flowIndexes = this.challengeNegotiator.getHandler(connection.getRequest()); if (flowIndexes == null) { throw new HttpException(HttpStatus.INTERNAL_SERVER_ERROR, null,
HttpRequest request = connection.getRequest(); String uri = request.getUri(); if (!(this.inputPath.isMatchPath(uri, this.terminatingPathCharacter))) {
HttpRequest request = connection.getRequest(); CredentialStore store = (CredentialStore) context.getObject(Dependencies.CREDENTIAL_STORE);