Example 1 with JsonSerializerJSONP
use of cz.metacentrum.perun.rpc.serializer.JsonSerializerJSONP in project perun by CESNET.
the class Api method serve.
@SuppressWarnings("ConstantConditions")
private void serve(HttpServletRequest req, HttpServletResponse resp, boolean isGet, boolean isPut) throws IOException {
Serializer ser = null;
String manager = "N/A";
String method = "N/A";
boolean isJsonp = false;
PerunRequest perunRequest = null;
ApiCaller caller;
String callbackName = req.getParameter("callback");
long timeStart = System.currentTimeMillis();
caller = (ApiCaller) req.getSession(true).getAttribute(APICALLER);
OutputStream out = resp.getOutputStream();
// init pending request in HTTP session
if (req.getSession().getAttribute(PERUNREQUESTS) == null) {
req.getSession().setAttribute(PERUNREQUESTS, new ConcurrentSkipListMap<String, PerunRequest>());
}
// store pending requests locally, because accessing it from session object after response is written would cause IllegalStateException
@SuppressWarnings("unchecked") ConcurrentSkipListMap<String, PerunRequest> pendingRequests = ((ConcurrentSkipListMap<String, PerunRequest>) req.getSession().getAttribute(PERUNREQUESTS));
// Check if it is request for list of pending operations.
if (req.getPathInfo().equals("/jsonp/" + PERUNREQUESTSURL)) {
// name used to identify pending request
String callbackId = req.getParameter("callbackId");
JsonSerializerJSONP serializer = new JsonSerializerJSONP(out, req, resp);
resp.setContentType(serializer.getContentType());
try {
// Create a copy of the PERUNREQUESTS and then pass it to the serializer
if (callbackId != null) {
// return single entry
serializer.write(pendingRequests.get(callbackId));
} else {
// return all pending requests
serializer.write(Arrays.asList(pendingRequests.values().toArray()));
}
} catch (RpcException e) {
serializer.writePerunRuntimeException(e);
}
out.close();
return;
}
// prepare result object
Object result = null;
PrintWriter printWriter = null;
try {
// [0] format, [1] class, [2] method
String[] fcm;
try {
if (req.getPathInfo() == null) {
throw new RpcException(RpcException.Type.NO_PATHINFO);
}
fcm = req.getPathInfo().substring(1).split("/");
if (fcm.length < 3 || fcm[0].isEmpty() || fcm[1].isEmpty() || fcm[2].isEmpty()) {
throw new RpcException(RpcException.Type.INVALID_URL, req.getPathInfo());
}
manager = fcm[1];
method = fcm[2];
ser = selectSerializer(fcm[0], manager, method, out, req, resp);
// what is the output format?
if ("jsonp".equalsIgnoreCase(fcm[0])) {
isJsonp = true;
}
if (ser instanceof PdfSerializer) {
resp.addHeader("Content-Disposition", "attachment; filename=\"output.pdf\"");
}
resp.setContentType(ser.getContentType());
} catch (RpcException rex) {
// selects the default serializer (json) before throwing the exception
ser = new JsonSerializer(out);
resp.setContentType(ser.getContentType());
throw rex;
}
// Initialize deserializer
Deserializer des;
if (isGet) {
des = new UrlDeserializer(req);
} else {
des = selectDeserializer(fcm[0], req);
}
// We have new request, so do the whole auth/authz stuff
if (caller == null) {
caller = new ApiCaller(getServletContext(), setupPerunPrincipal(req, des), setupPerunClient(req));
// Store the current session
req.getSession(true).setAttribute(APICALLER, caller);
} else if (!Objects.equals(caller.getSession().getPerunPrincipal().getExtSourceName(), getExtSourceName(req, des))) {
// If the user is coming from the URL protected by different authN mechanism, destroy and create session again
caller = new ApiCaller(getServletContext(), setupPerunPrincipal(req, des), setupPerunClient(req));
req.getSession(true).setAttribute(APICALLER, caller);
} else if (!Objects.equals(caller.getSession().getPerunPrincipal().getActor(), getActor(req, des)) && !caller.getSession().getPerunPrincipal().getExtSourceName().equals(ExtSourcesManager.EXTSOURCE_NAME_LOCAL)) {
// prevent cookie stealing (if remote user changed, rebuild session)
caller = new ApiCaller(getServletContext(), setupPerunPrincipal(req, des), setupPerunClient(req));
req.getSession(true).setAttribute(APICALLER, caller);
}
// Does user want to logout from perun?
if ("utils".equals(manager) && "logout".equals(method)) {
if (req.getSession(false) != null) {
req.getSession().removeAttribute(APICALLER);
// deletes the cookies
Cookie[] cookies = req.getCookies();
if (cookies != null) {
final String SHIBBOLETH_COOKIE_FORMAT = "^_shib.+$";
for (Cookie c : cookies) {
// if shibboleth cookie
if (c.getName().matches(SHIBBOLETH_COOKIE_FORMAT)) {
// remove it
c.setValue("0");
c.setMaxAge(0);
// add updated cookie to the response
resp.addCookie(c);
}
}
}
// Invalidate session
req.getSession().invalidate();
}
ser.write("Logout");
// closes the request
out.close();
return;
} else if ("utils".equals(manager) && "getGuiConfiguration".equals(method)) {
ser.write(BeansUtils.getAllPropertiesFromCustomConfiguration("perun-web-gui.properties"));
// closes the request
out.close();
return;
} else if ("utils".equals(manager) && "getAppsConfig".equals(method)) {
ser.write(PerunAppsConfig.getInstance());
// closes the request
out.close();
return;
} else if ("utils".equals(manager) && PERUNSTATUS.equals(method)) {
Date date = new Date();
Timestamp timestamp = new Timestamp(date.getTime());
Map<String, Integer> auditerConsumers;
// noinspection unchecked
auditerConsumers = (Map<String, Integer>) caller.call("auditMessagesManager", "getAllAuditerConsumers", des);
List<String> perunStatus = new ArrayList<>();
perunStatus.add("Version of Perun: " + getPerunRpcVersion());
perunStatus.add("Version of PerunDB: " + caller.call("databaseManager", "getCurrentDatabaseVersion", des));
perunStatus.add("Version of Servlet: " + getServletContext().getServerInfo());
perunStatus.add("Version of DB-driver: " + caller.call("databaseManager", "getDatabaseDriverInformation", des));
perunStatus.add("Version of DB: " + caller.call("databaseManager", "getDatabaseInformation", des));
perunStatus.add("Version of Java platform: " + System.getProperty("java.version"));
for (String consumerName : auditerConsumers.keySet()) {
Integer lastProcessedId = auditerConsumers.get(consumerName);
perunStatus.add("AuditerConsumer: '" + consumerName + "' with last processed id='" + lastProcessedId + "'");
}
perunStatus.add("LastMessageId: " + caller.call("auditMessagesManager", "getLastMessageId", des));
perunStatus.add("Timestamp: " + timestamp);
ser.write(perunStatus);
out.close();
return;
} else if ("utils".equals(manager) && PERUNSTATISTICS.equals(method)) {
Date date = new Date();
Timestamp timestamp = new Timestamp(date.getTime());
List<String> perunStatistics = new ArrayList<>();
perunStatistics.add("Timestamp: '" + timestamp + "'");
perunStatistics.add("USERS: '" + caller.call("usersManager", "getUsersCount", des) + "'");
perunStatistics.add("FACILITIES: '" + caller.call("facilitiesManager", "getFacilitiesCount", des) + "'");
perunStatistics.add("DESTINATIONS: '" + caller.call("servicesManager", "getDestinationsCount", des) + "'");
perunStatistics.add("VOS: '" + caller.call("vosManager", "getVosCount", des) + "'");
perunStatistics.add("RESOURCES: '" + caller.call("resourcesManager", "getResourcesCount", des) + "'");
perunStatistics.add("GROUPS: '" + caller.call("groupsManager", "getGroupsCount", des) + "'");
perunStatistics.add("AUDITMESSAGES: '" + caller.call("auditMessagesManager", "getAuditerMessagesCount", des) + "'");
ser.write(perunStatistics);
out.close();
return;
} else if ("utils".equals(manager) && PERUNSYSTEMTIME.equals(method)) {
long systemTimeInMillis = System.currentTimeMillis();
ser.write(systemTimeInMillis);
out.close();
}
// Store identification of the request only if supported by app (it passed unique callbackName)
if (callbackName != null) {
perunRequest = new PerunRequest(caller.getSession().getPerunPrincipal(), callbackName, manager, method, des.readAll());
// Add perunRequest into the queue of the requests for POST only
if (!isGet && !isPut) {
pendingRequests.put(callbackName, perunRequest);
}
}
PerunClient perunClient = caller.getSession().getPerunClient();
if (perunClient.getType() == PerunClient.Type.OAUTH) {
if (!perunClient.getScopes().contains(PerunClient.PERUN_API_SCOPE)) {
// user has not consented to scope perun_api for the client on the OAuth Authorization Server
throw new PrivilegeException("Scope " + PerunClient.PERUN_API_SCOPE + " is missing, either the client app " + perunClient.getId() + " has not asked for it, or the user has not granted it.");
}
}
// Process request and sent the response back
if (SCIMMANAGER.equals(manager)) {
// Process SCIM protocol
result = caller.getSCIMManager().process(caller.getSession(), method, des.readAll());
if (perunRequest != null)
perunRequest.setResult(result);
if (!(result instanceof Response))
throw new InternalErrorException("SCIM manager returned unexpected result: " + result);
resp.setStatus(((Response) result).getStatus());
String response = (String) ((Response) result).getEntity();
printWriter = new PrintWriter(resp.getOutputStream());
printWriter.println(response);
printWriter.flush();
} else {
// Save only exceptions from caller to result
try {
result = caller.call(manager, method, des);
if (perunRequest != null)
perunRequest.setResult(result);
} catch (Exception ex) {
result = ex;
throw ex;
}
ser.write(result);
}
} catch (PerunException pex) {
// If the output is JSONP, it cannot send the HTTP 400 code, because the web browser wouldn't accept this
if (!isJsonp) {
resp.setStatus(400);
}
log.warn("Perun exception {}: {}.", pex.getErrorId(), pex);
ser.writePerunException(pex);
} catch (PerunRuntimeException prex) {
// If the output is JSONP, it cannot send the HTTP 400 code, because the web browser wouldn't accept this
if (!isJsonp) {
resp.setStatus(400);
}
log.warn("PerunRuntime exception {}: {}.", prex.getErrorId(), prex);
ser.writePerunRuntimeException(prex);
} catch (IOException ioex) {
// IOException gets logged and is rethrown
// noinspection ThrowableNotThrown
log.warn("IO exception {}: {}.", Long.toHexString(System.currentTimeMillis()), ioex);
new RpcException(RpcException.Type.UNCATCHED_EXCEPTION, ioex);
throw ioex;
} catch (Exception ex) {
// If the output is JSONP, it cannot send the HTTP 400 code, because the web browser wouldn't accept this
if (!isJsonp) {
resp.setStatus(500);
}
log.warn("Perun exception {}: {}.", Long.toHexString(System.currentTimeMillis()), ex);
ser.writePerunRuntimeException(new RpcException(RpcException.Type.UNCATCHED_EXCEPTION, ex));
} finally {
if (!isGet && !isPut && perunRequest != null) {
// save result of this perunRequest
perunRequest.setEndTime(System.currentTimeMillis());
if (result instanceof Exception)
perunRequest.setResult(result);
perunRequest.setEndTime(System.currentTimeMillis());
}
// Check all resolved requests and remove them if they are old than timeToLiveWhenDone
Iterator<String> iterator = pendingRequests.keySet().iterator();
while (iterator.hasNext()) {
String key = iterator.next();
PerunRequest value = pendingRequests.get(key);
if (value != null) {
if (value.getEndTime() < 0)
continue;
if (System.currentTimeMillis() - value.getEndTime() > timeToLiveWhenDone) {
iterator.remove();
}
}
}
if (printWriter != null)
printWriter.close();
}
out.close();
if (Objects.equals(manager, "authzResolver") && Objects.equals(method, "keepAlive")) {
log.trace("Method {}.{} called by {} from {}, duration {} ms.", manager, method, caller.getSession().getPerunPrincipal().getActor(), caller.getSession().getPerunPrincipal().getExtSourceName(), (System.currentTimeMillis() - timeStart));
} else {
log.debug("Method {}.{} called by {} from {}, duration {} ms.", manager, method, caller.getSession().getPerunPrincipal().getActor(), caller.getSession().getPerunPrincipal().getExtSourceName(), (System.currentTimeMillis() - timeStart));
}
}
Also used :
OutputStream(java.io.OutputStream)
ArrayList(java.util.ArrayList)
JsonSerializer(cz.metacentrum.perun.rpc.serializer.JsonSerializer)
Timestamp(java.sql.Timestamp)
RpcException(cz.metacentrum.perun.core.api.exceptions.RpcException)
PerunRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PerunRuntimeException)
List(java.util.List)
ArrayList(java.util.ArrayList)
PerunRequest(cz.metacentrum.perun.core.api.PerunRequest)
JsonSerializer(cz.metacentrum.perun.rpc.serializer.JsonSerializer)
Serializer(cz.metacentrum.perun.rpc.serializer.Serializer)
PdfSerializer(cz.metacentrum.perun.rpc.serializer.PdfSerializer)
PrintWriter(java.io.PrintWriter)
Cookie(javax.servlet.http.Cookie)
PdfSerializer(cz.metacentrum.perun.rpc.serializer.PdfSerializer)
UrlDeserializer(cz.metacentrum.perun.rpc.deserializer.UrlDeserializer)
InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException)
PerunException(cz.metacentrum.perun.core.api.exceptions.PerunException)
IOException(java.io.IOException)
Date(java.util.Date)
InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException)
ServletException(javax.servlet.ServletException)
RpcException(cz.metacentrum.perun.core.api.exceptions.RpcException)
CertificateParsingException(java.security.cert.CertificateParsingException)
PerunRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PerunRuntimeException)
IOException(java.io.IOException)
PrivilegeException(cz.metacentrum.perun.core.api.exceptions.PrivilegeException)
UserNotExistsException(cz.metacentrum.perun.core.api.exceptions.UserNotExistsException)
PerunException(cz.metacentrum.perun.core.api.exceptions.PerunException)
Response(javax.ws.rs.core.Response)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
JsonDeserializer(cz.metacentrum.perun.rpc.deserializer.JsonDeserializer)
UrlDeserializer(cz.metacentrum.perun.rpc.deserializer.UrlDeserializer)
Deserializer(cz.metacentrum.perun.rpc.deserializer.Deserializer)
PerunClient(cz.metacentrum.perun.core.api.PerunClient)
PrivilegeException(cz.metacentrum.perun.core.api.exceptions.PrivilegeException)
JsonSerializerJSONP(cz.metacentrum.perun.rpc.serializer.JsonSerializerJSONP)
Map(java.util.Map)
HashMap(java.util.HashMap)
ConcurrentSkipListMap(java.util.concurrent.ConcurrentSkipListMap)
Aggregations
PerunClient (cz.metacentrum.perun.core.api.PerunClient)1
PerunRequest (cz.metacentrum.perun.core.api.PerunRequest)1
InternalErrorException (cz.metacentrum.perun.core.api.exceptions.InternalErrorException)1
PerunException (cz.metacentrum.perun.core.api.exceptions.PerunException)1
PrivilegeException (cz.metacentrum.perun.core.api.exceptions.PrivilegeException)1
RpcException (cz.metacentrum.perun.core.api.exceptions.RpcException)1
UserNotExistsException (cz.metacentrum.perun.core.api.exceptions.UserNotExistsException)1
PerunRuntimeException (cz.metacentrum.perun.core.api.exceptions.rt.PerunRuntimeException)1
Deserializer (cz.metacentrum.perun.rpc.deserializer.Deserializer)1
JsonDeserializer (cz.metacentrum.perun.rpc.deserializer.JsonDeserializer)1
UrlDeserializer (cz.metacentrum.perun.rpc.deserializer.UrlDeserializer)1
JsonSerializer (cz.metacentrum.perun.rpc.serializer.JsonSerializer)1
JsonSerializerJSONP (cz.metacentrum.perun.rpc.serializer.JsonSerializerJSONP)1
PdfSerializer (cz.metacentrum.perun.rpc.serializer.PdfSerializer)1
Serializer (cz.metacentrum.perun.rpc.serializer.Serializer)1
IOException (java.io.IOException)1
OutputStream (java.io.OutputStream)1
PrintWriter (java.io.PrintWriter)1
CertificateParsingException (java.security.cert.CertificateParsingException)1
Timestamp (java.sql.Timestamp)1
