Search in sources :

Example 71 with Context

use of javax.ws.rs.core.Context in project graylog2-server by Graylog2.

the class SuggestionsResource method suggestFieldValue.

@POST
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation("Suggest field value")
@NoAuditEvent("Only suggesting field value for query, not changing any data")
public SuggestionsDTO suggestFieldValue(@ApiParam(name = "validationRequest") SuggestionsRequestDTO suggestionsRequest, @Context SearchUser searchUser) {
    final SuggestionRequest req = SuggestionRequest.builder().field(suggestionsRequest.field()).input(suggestionsRequest.input()).streams(adaptStreams(suggestionsRequest.streams(), searchUser)).size(Math.min(suggestionsRequest.size(), SUGGESTIONS_COUNT_MAX)).timerange(Optional.ofNullable(suggestionsRequest.timerange()).orElse(defaultTimeRange())).build();
    SuggestionResponse res = querySuggestionsService.suggest(req);
    final List<SuggestionEntryDTO> suggestions = res.suggestions().stream().map(s -> SuggestionEntryDTO.create(s.getValue(), s.getOccurrence())).collect(Collectors.toList());
    final SuggestionsDTO.Builder suggestionsBuilder = SuggestionsDTO.builder(res.field(), res.input()).suggestions(suggestions).sumOtherDocsCount(res.sumOtherDocsCount());
    res.suggestionError().map(e -> SuggestionsErrorDTO.create(e.type(), e.reason())).ifPresent(suggestionsBuilder::error);
    return suggestionsBuilder.build();
}
Also used : InvalidRangeParametersException(org.graylog2.plugin.indexer.searches.timeranges.InvalidRangeParametersException) Produces(javax.ws.rs.Produces) SuggestionEntryDTO(org.graylog.plugins.views.search.rest.suggestions.SuggestionEntryDTO) SuggestionsDTO(org.graylog.plugins.views.search.rest.suggestions.SuggestionsDTO) Path(javax.ws.rs.Path) ApiParam(io.swagger.annotations.ApiParam) RelativeRange(org.graylog2.plugin.indexer.searches.timeranges.RelativeRange) Inject(javax.inject.Inject) ApiOperation(io.swagger.annotations.ApiOperation) MediaType(javax.ws.rs.core.MediaType) SuggestionsErrorDTO(org.graylog.plugins.views.search.rest.suggestions.SuggestionsErrorDTO) SuggestionsRequestDTO(org.graylog.plugins.views.search.rest.suggestions.SuggestionsRequestDTO) PluginRestResource(org.graylog2.plugin.rest.PluginRestResource) Api(io.swagger.annotations.Api) SuggestionResponse(org.graylog.plugins.views.search.engine.suggestions.SuggestionResponse) NoAuditEvent(org.graylog2.audit.jersey.NoAuditEvent) ImmutableSet(com.google.common.collect.ImmutableSet) POST(javax.ws.rs.POST) Context(javax.ws.rs.core.Context) Set(java.util.Set) RestResource(org.graylog2.shared.rest.resources.RestResource) SuggestionRequest(org.graylog.plugins.views.search.engine.suggestions.SuggestionRequest) Collectors(java.util.stream.Collectors) List(java.util.List) QuerySuggestionsService(org.graylog.plugins.views.search.engine.QuerySuggestionsService) Optional(java.util.Optional) SearchUser(org.graylog.plugins.views.search.permissions.SearchUser) RequiresAuthentication(org.apache.shiro.authz.annotation.RequiresAuthentication) SuggestionsDTO(org.graylog.plugins.views.search.rest.suggestions.SuggestionsDTO) SuggestionResponse(org.graylog.plugins.views.search.engine.suggestions.SuggestionResponse) SuggestionRequest(org.graylog.plugins.views.search.engine.suggestions.SuggestionRequest) SuggestionEntryDTO(org.graylog.plugins.views.search.rest.suggestions.SuggestionEntryDTO) POST(javax.ws.rs.POST) Produces(javax.ws.rs.Produces) ApiOperation(io.swagger.annotations.ApiOperation) NoAuditEvent(org.graylog2.audit.jersey.NoAuditEvent)

Example 72 with Context

use of javax.ws.rs.core.Context in project gravitee-management-rest-api by gravitee-io.

the class ApiInformationsResource method getApiInformations.

@GET
@Produces({ MediaType.APPLICATION_JSON })
@RequirePortalAuth
public Response getApiInformations(@Context Request request, @PathParam("apiId") String apiId) {
    final ApiQuery apiQuery = new ApiQuery();
    apiQuery.setIds(Collections.singletonList(apiId));
    Collection<ApiEntity> userApis = apiService.findPublishedByUser(getAuthenticatedUserOrNull(), apiQuery);
    if (userApis.stream().anyMatch(a -> a.getId().equals(apiId))) {
        List<ApiHeaderEntity> all = apiService.getPortalHeaders(apiId);
        List<ApiInformation> information = all.stream().map(apiHeaderEntity -> {
            ApiInformation ai = new ApiInformation();
            ai.setName(apiHeaderEntity.getName());
            ai.setValue(apiHeaderEntity.getValue());
            return ai;
        }).collect(Collectors.toList());
        return Response.ok(information).build();
    }
    throw new ApiNotFoundException(apiId);
}
Also used : ApiQuery(io.gravitee.rest.api.model.api.ApiQuery) ApiEntity(io.gravitee.rest.api.model.api.ApiEntity) PathParam(javax.ws.rs.PathParam) Context(javax.ws.rs.core.Context) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET) Collection(java.util.Collection) ApiNotFoundException(io.gravitee.rest.api.service.exceptions.ApiNotFoundException) RequirePortalAuth(io.gravitee.rest.api.portal.rest.security.RequirePortalAuth) Collectors(java.util.stream.Collectors) ApiService(io.gravitee.rest.api.service.ApiService) Inject(javax.inject.Inject) List(java.util.List) MediaType(io.gravitee.common.http.MediaType) ApiInformation(io.gravitee.rest.api.portal.rest.model.ApiInformation) Response(javax.ws.rs.core.Response) Request(javax.ws.rs.core.Request) ApiHeaderEntity(io.gravitee.rest.api.model.api.header.ApiHeaderEntity) Collections(java.util.Collections) ApiQuery(io.gravitee.rest.api.model.api.ApiQuery) ApiHeaderEntity(io.gravitee.rest.api.model.api.header.ApiHeaderEntity) ApiNotFoundException(io.gravitee.rest.api.service.exceptions.ApiNotFoundException) ApiEntity(io.gravitee.rest.api.model.api.ApiEntity) ApiInformation(io.gravitee.rest.api.portal.rest.model.ApiInformation) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET) RequirePortalAuth(io.gravitee.rest.api.portal.rest.security.RequirePortalAuth)

Example 73 with Context

use of javax.ws.rs.core.Context in project gravitee-management-rest-api by gravitee-io.

the class CurrentUserResource method login.

@POST
@Path("/login")
@ApiOperation(value = "Login")
@Produces(MediaType.APPLICATION_JSON)
public Response login(@Context final javax.ws.rs.core.HttpHeaders headers, @Context final HttpServletResponse servletResponse) {
    final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    if (authentication != null && authentication.getPrincipal() instanceof UserDetails) {
        // JWT signer
        final Map<String, Object> claims = new HashMap<>();
        claims.put(Claims.ISSUER, environment.getProperty("jwt.issuer", DEFAULT_JWT_ISSUER));
        final UserDetails userDetails = (UserDetails) authentication.getPrincipal();
        // Manage authorities, initialize it with dynamic permissions from the IDP
        List<Map<String, String>> authorities = userDetails.getAuthorities().stream().map(authority -> Maps.<String, String>builder().put("authority", authority.getAuthority()).build()).collect(Collectors.toList());
        // We must also load permissions from repository for configured management or portal role
        Set<RoleEntity> roles = membershipService.getRoles(MembershipReferenceType.ORGANIZATION, GraviteeContext.getCurrentOrganization(), MembershipMemberType.USER, userDetails.getUsername());
        if (!roles.isEmpty()) {
            roles.forEach(role -> authorities.add(Maps.<String, String>builder().put("authority", role.getScope().toString() + ':' + role.getName()).build()));
        }
        this.environmentService.findByOrganization(GraviteeContext.getCurrentOrganization()).stream().flatMap(env -> membershipService.getRoles(MembershipReferenceType.ENVIRONMENT, env.getId(), MembershipMemberType.USER, userDetails.getUsername()).stream()).filter(Objects::nonNull).forEach(role -> authorities.add(Maps.<String, String>builder().put("authority", role.getScope().toString() + ':' + role.getName()).build()));
        // JWT signer
        Algorithm algorithm = Algorithm.HMAC256(environment.getProperty("jwt.secret"));
        Date issueAt = new Date();
        Instant expireAt = issueAt.toInstant().plus(Duration.ofSeconds(environment.getProperty("jwt.expire-after", Integer.class, DEFAULT_JWT_EXPIRE_AFTER)));
        final String token = JWT.create().withIssuer(environment.getProperty("jwt.issuer", DEFAULT_JWT_ISSUER)).withIssuedAt(issueAt).withExpiresAt(Date.from(expireAt)).withSubject(userDetails.getUsername()).withClaim(JWTHelper.Claims.PERMISSIONS, authorities).withClaim(JWTHelper.Claims.EMAIL, userDetails.getEmail()).withClaim(JWTHelper.Claims.FIRSTNAME, userDetails.getFirstname()).withClaim(JWTHelper.Claims.LASTNAME, userDetails.getLastname()).withJWTId(UUID.randomUUID().toString()).sign(algorithm);
        final TokenEntity tokenEntity = new TokenEntity();
        tokenEntity.setType(BEARER);
        tokenEntity.setToken(token);
        final Cookie bearerCookie = cookieGenerator.generate(TokenAuthenticationFilter.AUTH_COOKIE_NAME, "Bearer%20" + token);
        servletResponse.addCookie(bearerCookie);
        return ok(tokenEntity).build();
    }
    return ok().build();
}
Also used : PagedResult(io.gravitee.rest.api.management.rest.model.PagedResult) BEARER(io.gravitee.rest.api.management.rest.model.TokenType.BEARER) TechnicalException(io.gravitee.repository.exceptions.TechnicalException) LoggerFactory(org.slf4j.LoggerFactory) UserNotFoundException(io.gravitee.rest.api.service.exceptions.UserNotFoundException) Valid(javax.validation.Valid) ApiOperation(io.swagger.annotations.ApiOperation) Algorithm(com.auth0.jwt.algorithms.Algorithm) CookieGenerator(io.gravitee.rest.api.security.cookies.CookieGenerator) TokenEntity(io.gravitee.rest.api.management.rest.model.TokenEntity) Duration(java.time.Duration) Response.status(javax.ws.rs.core.Response.status) AbstractResource(io.gravitee.rest.api.management.rest.resource.AbstractResource) URI(java.net.URI) UserDetailRole(io.gravitee.rest.api.idp.api.authentication.UserDetailRole) SecurityContextHolder(org.springframework.security.core.context.SecurityContextHolder) Context(javax.ws.rs.core.Context) GroupRepository(io.gravitee.repository.management.api.GroupRepository) Instant(java.time.Instant) NotNull(javax.validation.constraints.NotNull) UserDetails(io.gravitee.rest.api.idp.api.authentication.UserDetails) Collectors(java.util.stream.Collectors) GrantedAuthority(org.springframework.security.core.GrantedAuthority) MediaType(io.gravitee.common.http.MediaType) InvalidImageException(io.gravitee.rest.api.exception.InvalidImageException) javax.ws.rs(javax.ws.rs) Response(javax.ws.rs.core.Response) Response.ok(javax.ws.rs.core.Response.ok) DEFAULT_JWT_EXPIRE_AFTER(io.gravitee.rest.api.service.common.JWTHelper.DefaultValues.DEFAULT_JWT_EXPIRE_AFTER) Request(javax.ws.rs.core.Request) Authentication(org.springframework.security.core.Authentication) JWT(com.auth0.jwt.JWT) io.gravitee.rest.api.service(io.gravitee.rest.api.service) java.util(java.util) ByteArrayOutputStream(java.io.ByteArrayOutputStream) GraviteeContext(io.gravitee.rest.api.service.common.GraviteeContext) ApiResponses(io.swagger.annotations.ApiResponses) Inject(javax.inject.Inject) ConfigurableEnvironment(org.springframework.core.env.ConfigurableEnvironment) Claims(io.gravitee.rest.api.service.common.JWTHelper.Claims) io.gravitee.rest.api.model(io.gravitee.rest.api.model) TokensResource(io.gravitee.rest.api.management.rest.resource.TokensResource) Api(io.swagger.annotations.Api) Cookie(javax.servlet.http.Cookie) Logger(org.slf4j.Logger) ImageUtils(io.gravitee.rest.api.security.utils.ImageUtils) HttpServletResponse(javax.servlet.http.HttpServletResponse) Group(io.gravitee.repository.management.model.Group) EntityTag(javax.ws.rs.core.EntityTag) Maps(io.gravitee.common.util.Maps) TimeUnit(java.util.concurrent.TimeUnit) DEFAULT_JWT_ISSUER(io.gravitee.rest.api.service.common.JWTHelper.DefaultValues.DEFAULT_JWT_ISSUER) TokenAuthenticationFilter(io.gravitee.rest.api.security.filter.TokenAuthenticationFilter) ApiResponse(io.swagger.annotations.ApiResponse) ResourceContext(javax.ws.rs.container.ResourceContext) JWTHelper(io.gravitee.rest.api.service.common.JWTHelper) Cookie(javax.servlet.http.Cookie) Instant(java.time.Instant) Algorithm(com.auth0.jwt.algorithms.Algorithm) UserDetails(io.gravitee.rest.api.idp.api.authentication.UserDetails) Authentication(org.springframework.security.core.Authentication) TokenEntity(io.gravitee.rest.api.management.rest.model.TokenEntity) ApiOperation(io.swagger.annotations.ApiOperation)

Aggregations

Context (javax.ws.rs.core.Context)73 Response (javax.ws.rs.core.Response)54 Path (javax.ws.rs.Path)49 PathParam (javax.ws.rs.PathParam)42 GET (javax.ws.rs.GET)40 List (java.util.List)39 MediaType (javax.ws.rs.core.MediaType)36 POST (javax.ws.rs.POST)35 Produces (javax.ws.rs.Produces)32 UriInfo (javax.ws.rs.core.UriInfo)32 Inject (javax.inject.Inject)29 PUT (javax.ws.rs.PUT)29 HttpServletRequest (javax.servlet.http.HttpServletRequest)27 QueryParam (javax.ws.rs.QueryParam)27 Collectors (java.util.stream.Collectors)26 Map (java.util.Map)25 Api (io.swagger.annotations.Api)24 ApiOperation (io.swagger.annotations.ApiOperation)24 IOException (java.io.IOException)24 URI (java.net.URI)24