Search in sources :

Example 1 with CORSRule

use of com.pspace.ifs.ksan.gw.format.CORSConfiguration.CORSRule in project ksan by infinistor.

the class OptionsObject method process.

@Override
public void process() throws GWException {
    logger.info(GWConstants.LOG_OPTIONS_OBJECT_START);
    String bucket = s3Parameter.getBucketName();
    initBucketInfo(bucket);
    if (Strings.isNullOrEmpty(getBucketInfo().getCors())) {
        throw new GWException(GWErrorCode.NO_SUCH_CORS_CONFIGURATION, s3Parameter);
    } else {
        XmlMapper xmlMapper = new XmlMapper();
        try {
            CORSConfiguration corsConfiguration = xmlMapper.readValue(getBucketInfo().getCors(), CORSConfiguration.class);
            String corsOrigin = s3Parameter.getRequest().getHeader(HttpHeaders.ORIGIN);
            if (Strings.isNullOrEmpty(corsOrigin)) {
                throw new GWException(GWErrorCode.INVALID_CORS_ORIGIN, s3Parameter);
            }
            String corsMethods = s3Parameter.getRequest().getHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD);
            String corsHeaders = s3Parameter.getRequest().getHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS);
            boolean originpass = false;
            String resOrigin = "";
            String allowMethods = "";
            String allowHeaders = "";
            String maxAges = "";
            String exposeHeaders = "";
            for (CORSRule icors : corsConfiguration.CORSRules) {
                for (String origin : icors.AllowedOrigins) {
                    if (GWUtils.likematch(origin, corsOrigin)) {
                        if (origin.equals(GWConstants.ASTERISK)) {
                            resOrigin = origin;
                        } else {
                            resOrigin = corsOrigin;
                        }
                        originpass = true;
                    }
                }
                if (originpass == false)
                    continue;
                int first = 0;
                if (!Strings.isNullOrEmpty(corsMethods) && icors.AllowedMethods != null) {
                    for (String corsMethod : corsMethods.split(GWConstants.COMMA)) {
                        boolean temp = false;
                        if (icors.AllowedMethods == null) {
                            continue;
                        }
                        for (String method : icors.AllowedMethods) {
                            if (method.compareTo(GWConstants.ASTERISK) == 0 || corsMethod.trim().compareTo(method) == 0) {
                                temp = true;
                            }
                        }
                        if (temp == true && first == 0) {
                            allowMethods += corsMethod;
                            first++;
                        } else if (temp == true && first > 0) {
                            allowMethods += GWConstants.COMMA + corsMethod;
                            first++;
                        }
                    }
                } else if (Strings.isNullOrEmpty(corsMethods) && icors.AllowedMethods != null) {
                    throw new GWException(GWErrorCode.ACCESS_DENIED, s3Parameter);
                }
                first = 0;
                if (!Strings.isNullOrEmpty(corsHeaders)) {
                    for (String corsHeader : corsHeaders.split(GWConstants.COMMA)) {
                        boolean temp = false;
                        if (icors.AllowedHeaders == null) {
                            continue;
                        }
                        for (String header : icors.AllowedHeaders) {
                            if (header.compareTo(GWConstants.ASTERISK) == 0 || corsHeader.trim().compareTo(header) == 0) {
                                temp = true;
                            }
                        }
                        if (temp == true && first == 0) {
                            allowHeaders += corsHeader;
                            first++;
                        } else if (temp == true && first > 0) {
                            allowHeaders += GWConstants.COMMA + corsHeader;
                            first++;
                        }
                    }
                }
                first = 0;
                if (icors.ExposeHeaders != null) {
                    for (String exposeHeader : icors.ExposeHeaders) {
                        if (first == 0) {
                            exposeHeaders += exposeHeader;
                            first++;
                        } else {
                            exposeHeaders += GWConstants.COMMA + exposeHeader;
                            first++;
                        }
                    }
                }
                if (!Strings.isNullOrEmpty(icors.MaxAgeSeconds))
                    maxAges = icors.MaxAgeSeconds;
                if (originpass == true)
                    break;
            }
            if (originpass == false) {
                throw new GWException(GWErrorCode.ACCESS_DENIED, s3Parameter);
            }
            // check
            if (Strings.isNullOrEmpty(allowMethods)) {
                if (!Strings.isNullOrEmpty(corsMethods)) {
                    throw new GWException(GWErrorCode.ACCESS_DENIED, s3Parameter);
                }
            }
            // check
            if (Strings.isNullOrEmpty(allowHeaders)) {
                if (!Strings.isNullOrEmpty(corsHeaders)) {
                    throw new GWException(GWErrorCode.ACCESS_DENIED, s3Parameter);
                }
            }
            s3Parameter.getResponse().addHeader(HttpHeaders.VARY, HttpHeaders.ORIGIN);
            s3Parameter.getResponse().addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, resOrigin);
            if (!Strings.isNullOrEmpty(allowMethods)) {
                s3Parameter.getResponse().addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, allowMethods);
            }
            if (!Strings.isNullOrEmpty(allowHeaders)) {
                s3Parameter.getResponse().addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, allowHeaders);
            }
            if (!Strings.isNullOrEmpty(exposeHeaders)) {
                s3Parameter.getResponse().addHeader(HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, exposeHeaders);
            }
            if (!maxAges.isEmpty()) {
                s3Parameter.getResponse().addHeader(HttpHeaders.ACCESS_CONTROL_MAX_AGE, maxAges);
            }
        } catch (JsonProcessingException e) {
            PrintStack.logging(logger, e);
        }
    }
    s3Parameter.getResponse().setStatus(HttpServletResponse.SC_OK);
}
Also used : CORSConfiguration(com.pspace.ifs.ksan.gw.format.CORSConfiguration) CORSRule(com.pspace.ifs.ksan.gw.format.CORSConfiguration.CORSRule) GWException(com.pspace.ifs.ksan.gw.exception.GWException) JsonProcessingException(com.fasterxml.jackson.core.JsonProcessingException) XmlMapper(com.fasterxml.jackson.dataformat.xml.XmlMapper)

Example 2 with CORSRule

use of com.pspace.ifs.ksan.gw.format.CORSConfiguration.CORSRule in project ksan by infinistor.

the class GWUtils method checkCors.

public static void checkCors(S3Parameter s3Parameter) {
    if (!Strings.isNullOrEmpty(s3Parameter.getBucket().getCors())) {
        XmlMapper xmlMapper = new XmlMapper();
        try {
            CORSConfiguration corsConfiguration = xmlMapper.readValue(s3Parameter.getBucket().getCors(), CORSConfiguration.class);
            String corsOrigin = s3Parameter.getRequest().getHeader(HttpHeaders.ORIGIN);
            String corsMethods = s3Parameter.getRequest().getHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD);
            boolean originpass = false;
            String resOrigin = "";
            String allowMethods = "";
            String allowHeaders = "";
            String maxAges = "";
            String exposeHeaders = "";
            for (CORSRule icors : corsConfiguration.CORSRules) {
                if (!Strings.isNullOrEmpty(corsOrigin)) {
                    for (String origin : icors.AllowedOrigins) {
                        if (GWUtils.likematch(origin, corsOrigin)) {
                            if (origin.equals(GWConstants.ASTERISK)) {
                                resOrigin = origin;
                            } else {
                                resOrigin = corsOrigin;
                            }
                            originpass = true;
                        }
                    }
                }
                if (originpass == false)
                    continue;
                int first = 0;
                if (Strings.isNullOrEmpty(corsMethods)) {
                    if (icors.AllowedMethods != null) {
                        String corsMethod = "";
                        boolean temp = false;
                        for (String method : icors.AllowedMethods) {
                            temp = true;
                            corsMethod = method;
                        }
                        if (temp == true && first == 0) {
                            allowMethods += corsMethod;
                            first++;
                        } else if (temp == true && first > 0) {
                            allowMethods += GWConstants.COMMA + corsMethod;
                            first++;
                        }
                    }
                    if (!allowMethods.contains(s3Parameter.getMethod())) {
                        return;
                    }
                } else {
                    for (String corsMethod : corsMethods.split(GWConstants.COMMA)) {
                        boolean temp = false;
                        if (icors.AllowedMethods == null) {
                            continue;
                        }
                        for (String method : icors.AllowedMethods) {
                            if (method.compareTo(GWConstants.ASTERISK) == 0 || corsMethod.trim().compareTo(method) == 0) {
                                temp = true;
                            }
                        }
                        if (temp == true && first == 0) {
                            allowMethods += corsMethod;
                            first++;
                        } else if (temp == true && first > 0) {
                            allowMethods += GWConstants.COMMA + corsMethod;
                            first++;
                        }
                    }
                    if (Strings.isNullOrEmpty(allowMethods)) {
                        return;
                    }
                }
                first = 0;
                if (icors.AllowedHeaders != null) {
                    String corsHeader = "";
                    boolean temp = false;
                    for (String header : icors.AllowedHeaders) {
                        temp = true;
                        corsHeader = header;
                    }
                    if (temp == true && first == 0) {
                        allowHeaders += corsHeader;
                        first++;
                    } else if (temp == true && first > 0) {
                        allowHeaders += GWConstants.COMMA + corsHeader;
                        first++;
                    }
                }
                first = 0;
                if (icors.ExposeHeaders != null) {
                    for (String exposeHeader : icors.ExposeHeaders) {
                        if (first == 0) {
                            exposeHeaders += exposeHeader;
                            first++;
                        } else {
                            exposeHeaders += GWConstants.COMMA + exposeHeader;
                            first++;
                        }
                    }
                }
                if (!Strings.isNullOrEmpty(icors.MaxAgeSeconds))
                    maxAges = icors.MaxAgeSeconds;
                if (originpass == true)
                    break;
            }
            if (originpass == false) {
                return;
            }
            String vary = HttpHeaders.ORIGIN;
            if (!Strings.isNullOrEmpty(allowMethods)) {
                vary += GWConstants.COMMA + HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS;
            }
            if (!Strings.isNullOrEmpty(allowHeaders)) {
                vary += GWConstants.COMMA + HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS;
            }
            if (!Strings.isNullOrEmpty(exposeHeaders)) {
                vary += GWConstants.COMMA + HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS;
            }
            if (!Strings.isNullOrEmpty(maxAges)) {
                vary += GWConstants.COMMA + HttpHeaders.ACCESS_CONTROL_MAX_AGE;
            }
            s3Parameter.getResponse().addHeader(HttpHeaders.VARY, vary);
            s3Parameter.getResponse().addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, resOrigin);
            if (!Strings.isNullOrEmpty(allowMethods)) {
                s3Parameter.getResponse().addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, allowMethods);
            }
            if (!Strings.isNullOrEmpty(allowHeaders)) {
                s3Parameter.getResponse().addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, allowHeaders);
            }
            if (!Strings.isNullOrEmpty(exposeHeaders)) {
                s3Parameter.getResponse().addHeader(HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, exposeHeaders);
            }
            if (!Strings.isNullOrEmpty(maxAges)) {
                s3Parameter.getResponse().addHeader(HttpHeaders.ACCESS_CONTROL_MAX_AGE, maxAges);
            }
        } catch (JsonProcessingException e) {
            PrintStack.logging(logger, e);
        }
    }
}
Also used : CORSConfiguration(com.pspace.ifs.ksan.gw.format.CORSConfiguration) CORSRule(com.pspace.ifs.ksan.gw.format.CORSConfiguration.CORSRule) JsonProcessingException(com.fasterxml.jackson.core.JsonProcessingException) XmlMapper(com.fasterxml.jackson.dataformat.xml.XmlMapper)

Aggregations

JsonProcessingException (com.fasterxml.jackson.core.JsonProcessingException)2 XmlMapper (com.fasterxml.jackson.dataformat.xml.XmlMapper)2 CORSConfiguration (com.pspace.ifs.ksan.gw.format.CORSConfiguration)2 CORSRule (com.pspace.ifs.ksan.gw.format.CORSConfiguration.CORSRule)2 GWException (com.pspace.ifs.ksan.gw.exception.GWException)1