Examples with GetMapping org.springframework.web.bind.annotation.GetMapping used on opensource projects

Example 36 with GetMapping

use of org.springframework.web.bind.annotation.GetMapping in project cas by apereo.

the class ConfigurationStateController method getConfiguration.

/**
 * Gets configuration.
 *
 * @param request  the request
 * @param response the response
 * @return the configuration
 */
@GetMapping("/getConfiguration")
@ResponseBody
public Map getConfiguration(final HttpServletRequest request, final HttpServletResponse response) {
    final Map results = new TreeMap();
    ensureEndpointAccessIsAuthorized(request, response);
    if (environmentEndpoint == null || !environmentEndpoint.isEnabled()) {
        LOGGER.warn("Environment endpoint is either undefined or disabled");
        return results;
    }
    final Pattern pattern = RegexUtils.createPattern("(configService:|applicationConfig:).+(application|cas).+");
    final Map<String, Object> environmentSettings = environmentEndpoint.invoke();
    environmentSettings.entrySet().stream().filter(entry -> pattern.matcher(entry.getKey()).matches()).forEach(entry -> {
        final Map<String, Object> keys = (Map<String, Object>) entry.getValue();
        keys.keySet().forEach(key -> {
            if (!results.containsKey(key)) {
                final String propHolder = String.format("${%s}", key);
                final String value = this.environment.resolvePlaceholders(propHolder);
                results.put(key, environmentEndpoint.sanitize(key, value));
            }
        });
    });
    return results;
}

Example 37 with GetMapping

use of org.springframework.web.bind.annotation.GetMapping in project cas by apereo.

the class IdPInitiatedProfileHandlerController method handleIdPInitiatedSsoRequest.

/**
 * Handle idp initiated sso requests.
 *
 * @param response the response
 * @param request  the request
 * @throws Exception the exception
 */
@GetMapping(path = SamlIdPConstants.ENDPOINT_SAML2_IDP_INIT_PROFILE_SSO)
protected void handleIdPInitiatedSsoRequest(final HttpServletResponse response, final HttpServletRequest request) throws Exception {
    // The name (i.e., the entity ID) of the service provider.
    final String providerId = CommonUtils.safeGetParameter(request, SamlIdPConstants.PROVIDER_ID);
    if (StringUtils.isBlank(providerId)) {
        LOGGER.warn("No providerId parameter given in unsolicited SSO authentication request.");
        throw new MessageDecodingException("No providerId parameter given in unsolicited SSO authentication request.");
    }
    final SamlRegisteredService registeredService = verifySamlRegisteredService(providerId);
    final Optional<SamlRegisteredServiceServiceProviderMetadataFacade> adaptor = getSamlMetadataFacadeFor(registeredService, providerId);
    if (!adaptor.isPresent()) {
        throw new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE, "Cannot find metadata linked to " + providerId);
    }
    // The URL of the response location at the SP (called the "Assertion Consumer Service")
    // but can be omitted in favor of the IdP picking the default endpoint location from metadata.
    String shire = CommonUtils.safeGetParameter(request, SamlIdPConstants.SHIRE);
    final SamlRegisteredServiceServiceProviderMetadataFacade facade = adaptor.get();
    if (StringUtils.isBlank(shire)) {
        LOGGER.warn("Resolving service provider assertion consumer service URL for [{}] and binding [{}]", providerId, SAMLConstants.SAML2_POST_BINDING_URI);
        @NonNull final AssertionConsumerService acs = facade.getAssertionConsumerService(SAMLConstants.SAML2_POST_BINDING_URI);
        shire = acs.getLocation();
    }
    if (StringUtils.isBlank(shire)) {
        LOGGER.warn("Unable to resolve service provider assertion consumer service URL for AuthnRequest construction for entityID: [{}]", providerId);
        throw new MessageDecodingException("Unable to resolve SP ACS URL for AuthnRequest construction");
    }
    // The target resource at the SP, or a state token generated by an SP to represent the resource.
    final String target = CommonUtils.safeGetParameter(request, SamlIdPConstants.TARGET);
    // A timestamp to help with stale request detection.
    final String time = CommonUtils.safeGetParameter(request, SamlIdPConstants.TIME);
    final SAMLObjectBuilder builder = (SAMLObjectBuilder) configBean.getBuilderFactory().getBuilder(AuthnRequest.DEFAULT_ELEMENT_NAME);
    final AuthnRequest authnRequest = (AuthnRequest) builder.buildObject();
    authnRequest.setAssertionConsumerServiceURL(shire);
    final SAMLObjectBuilder isBuilder = (SAMLObjectBuilder) configBean.getBuilderFactory().getBuilder(Issuer.DEFAULT_ELEMENT_NAME);
    final Issuer issuer = (Issuer) isBuilder.buildObject();
    issuer.setValue(providerId);
    authnRequest.setIssuer(issuer);
    authnRequest.setProtocolBinding(SAMLConstants.SAML2_POST_BINDING_URI);
    final SAMLObjectBuilder pBuilder = (SAMLObjectBuilder) configBean.getBuilderFactory().getBuilder(NameIDPolicy.DEFAULT_ELEMENT_NAME);
    final NameIDPolicy nameIDPolicy = (NameIDPolicy) pBuilder.buildObject();
    nameIDPolicy.setAllowCreate(Boolean.TRUE);
    authnRequest.setNameIDPolicy(nameIDPolicy);
    if (NumberUtils.isCreatable(time)) {
        authnRequest.setIssueInstant(new DateTime(TimeUnit.SECONDS.convert(Long.parseLong(time), TimeUnit.MILLISECONDS), ISOChronology.getInstanceUTC()));
    } else {
        authnRequest.setIssueInstant(new DateTime(DateTime.now(), ISOChronology.getInstanceUTC()));
    }
    authnRequest.setForceAuthn(Boolean.FALSE);
    if (StringUtils.isNotBlank(target)) {
        request.setAttribute(SamlProtocolConstants.PARAMETER_SAML_RELAY_STATE, target);
    }
    final MessageContext ctx = new MessageContext();
    ctx.setAutoCreateSubcontexts(true);
    if (facade.isAuthnRequestsSigned()) {
        samlObjectSigner.encode(authnRequest, registeredService, facade, response, request, SAMLConstants.SAML2_POST_BINDING_URI);
    }
    ctx.setMessage(authnRequest);
    ctx.getSubcontext(SAMLBindingContext.class, true).setHasBindingSignature(false);
    final Pair<SignableSAMLObject, MessageContext> pair = Pair.of(authnRequest, ctx);
    initiateAuthenticationRequest(pair, response, request);
}

Example 38 with GetMapping

use of org.springframework.web.bind.annotation.GetMapping in project cas by apereo.

the class OidcRevocationEndpointController method handleRequestInternal.

/**
 * Handle request for revocation.
 *
 * @param request  the request
 * @param response the response
 * @return the jwk set
 */
@GetMapping(value = '/' + OidcConstants.BASE_OIDC_URL + '/' + OidcConstants.REVOCATION_URL)
public ResponseEntity<String> handleRequestInternal(final HttpServletRequest request, final HttpServletResponse response) {
    try {
        final CredentialsExtractor<UsernamePasswordCredentials> authExtractor = new BasicAuthExtractor();
        final UsernamePasswordCredentials credentials = authExtractor.extract(Pac4jUtils.getPac4jJ2EContext(request, response));
        if (credentials == null) {
            throw new IllegalArgumentException("No credentials are provided to verify introspection on the access token");
        }
        final OAuthRegisteredService service = OAuth20Utils.getRegisteredOAuthServiceByClientId(this.servicesManager, credentials.getUsername());
        if (this.validator.checkServiceValid(service) && this.validator.checkParameterExist(request, OAuth20Constants.ACCESS_TOKEN) && this.validator.checkClientSecret(service, credentials.getPassword())) {
            final String token = request.getParameter(OidcConstants.TOKEN);
            if (StringUtils.isNotBlank(token)) {
                this.ticketRegistry.deleteTicket(token);
            }
        }
    } catch (final Exception e) {
        LOGGER.error(e.getMessage(), e);
    }
    return new ResponseEntity<>(HttpStatus.OK);
}

Example 39 with GetMapping

use of org.springframework.web.bind.annotation.GetMapping in project mzzb-server by mingzuozhibi.

the class DiscController method getOne.

@Transactional
@GetMapping(value = "/api/discs/{id}", produces = MEDIA_TYPE)
public String getOne(@PathVariable Long id) {
    Disc disc = dao.get(Disc.class, id);
    if (disc == null) {
        if (LOGGER.isWarnEnabled()) {
            warnRequest("[获取碟片失败][指定的碟片Id不存在][Id={}]", id);
        }
        return errorMessage("指定的碟片Id不存在");
    }
    JSONObject result = disc.toJSON();
    if (LOGGER.isDebugEnabled()) {
        debugRequest("[获取碟片成功][碟片信息={}]", result);
    }
    result.put("ranks", buildRanks(dao, disc));
    return objectResult(result);
}

Example 40 with GetMapping

use of org.springframework.web.bind.annotation.GetMapping in project mzzb-server by mingzuozhibi.

the class DiscController method search.

@Transactional
@PreAuthorize("hasRole('BASIC')")
@GetMapping(value = "/api/discs/search/{asin}", produces = MEDIA_TYPE)
public String search(@PathVariable String asin) {
    AtomicReference<Disc> disc = new AtomicReference<>(dao.lookup(Disc.class, "asin", asin));
    StringBuffer error = new StringBuffer();
    if (disc.get() == null) {
        searchFromAmazon(asin, disc, error);
        waitForSearch(disc);
    }
    if (disc.get() == null) {
        if (error.length() > 0) {
            return errorMessage(error.toString());
        }
        if (LOGGER.isInfoEnabled()) {
            infoRequest("[查找碟片][从Amazon查询超时][asin={}]]", asin);
        }
        return errorMessage("查询超时，你可以稍后再尝试");
    }
    JSONArray result = new JSONArray();
    JSONObject discJSON = disc.get().toJSON();
    if (LOGGER.isInfoEnabled()) {
        infoRequest("[查找碟片成功][碟片信息={}]", discJSON);
    }
    result.put(discJSON);
    return objectResult(result);
}