Example 36 with MultivaluedMap
use of javax.ws.rs.core.MultivaluedMap in project cxf by apache.
the class JwtRequestCodeFilter method process.
@Override
public MultivaluedMap<String, String> process(MultivaluedMap<String, String> params, UserSubject endUser, Client client) {
String requestToken = params.getFirst(REQUEST_PARAM);
String requestUri = params.getFirst(REQUEST_URI_PARAM);
if (requestToken == null) {
if (isRequestUriValid(client, requestUri)) {
requestToken = WebClient.create(requestUri).accept(REQUEST_URI_CONTENT_TYPE).get(String.class);
}
} else if (requestUri != null) {
LOG.warning("It is not valid to specify both a request and request_uri value");
throw new SecurityException();
}
if (requestToken != null) {
JweDecryptionProvider theDecryptor = super.getInitializedDecryptionProvider(client.getClientSecret());
JwsSignatureVerifier theSigVerifier = getInitializedSigVerifier(client);
JwtToken jwt = getJwtToken(requestToken, theDecryptor, theSigVerifier);
JwtClaims claims = jwt.getClaims();
// Check issuer
String iss = issuer != null ? issuer : client.getClientId();
if (!iss.equals(claims.getIssuer())) {
throw new SecurityException();
}
// Check client_id - if present it must match the client_id specified in the request
if (claims.getClaim(OAuthConstants.CLIENT_ID) != null && !claims.getStringProperty(OAuthConstants.CLIENT_ID).equals(client.getClientId())) {
throw new SecurityException();
}
// Check response_type - if present it must match the response_type specified in the request
String tokenResponseType = (String) claims.getClaim(OAuthConstants.RESPONSE_TYPE);
if (tokenResponseType != null && !tokenResponseType.equals(params.getFirst(OAuthConstants.RESPONSE_TYPE))) {
throw new SecurityException();
}
MultivaluedMap<String, String> newParams = new MetadataMap<>(params);
Map<String, Object> claimsMap = claims.asMap();
for (Map.Entry<String, Object> entry : claimsMap.entrySet()) {
String key = entry.getKey();
Object value = entry.getValue();
if (value instanceof Map) {
Map<String, Object> map = CastUtils.cast((Map<?, ?>) value);
value = jsonHandler.toJson(map);
} else if (value instanceof List) {
List<Object> list = CastUtils.cast((List<?>) value);
value = jsonHandler.toJson(list);
}
newParams.putSingle(key, value.toString());
}
return newParams;
}
return params;
}
Also used :
JwtClaims(org.apache.cxf.rs.security.jose.jwt.JwtClaims)
JwsSignatureVerifier(org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier)
JwtToken(org.apache.cxf.rs.security.jose.jwt.JwtToken)
MetadataMap(org.apache.cxf.jaxrs.impl.MetadataMap)
JweDecryptionProvider(org.apache.cxf.rs.security.jose.jwe.JweDecryptionProvider)
List(java.util.List)
MetadataMap(org.apache.cxf.jaxrs.impl.MetadataMap)
MultivaluedMap(javax.ws.rs.core.MultivaluedMap)
Map(java.util.Map)
Example 37 with MultivaluedMap
use of javax.ws.rs.core.MultivaluedMap in project cxf by apache.
the class AbstractClient method retryInvoke.
@SuppressWarnings("unchecked")
protected Object[] retryInvoke(BindingOperationInfo oi, Object[] params, Map<String, Object> context, Exchange exchange) throws Exception {
try {
Object body = params.length == 0 ? null : params[0];
Map<String, Object> reqContext = CastUtils.cast((Map<?, ?>) context.get(REQUEST_CONTEXT));
MultivaluedMap<String, String> headers = (MultivaluedMap<String, String>) reqContext.get(Message.PROTOCOL_HEADERS);
URI newRequestURI = calculateNewRequestURI(reqContext);
// TODO: if failover conduit selector fails to find a failover target
// then it will revert to the previous endpoint; that is not very likely
// but possible - thus ideally we need to resert base and current URI only
// if we get the same ConduitInitiatior endpoint instance before and after
// retryInvoke.
Object response = retryInvoke(newRequestURI, headers, body, exchange, context);
exchange.put(List.class, getContentsList(response));
return new Object[] { response };
} catch (Exception ex) {
exchange.put(Exception.class, ex);
} catch (Throwable t) {
exchange.put(Exception.class, new Exception(t));
}
return null;
}
Also used :
MultivaluedMap(javax.ws.rs.core.MultivaluedMap)
URI(java.net.URI)
ProcessingException(javax.ws.rs.ProcessingException)
WebApplicationException(javax.ws.rs.WebApplicationException)
ResponseProcessingException(javax.ws.rs.client.ResponseProcessingException)
IOException(java.io.IOException)
Example 38 with MultivaluedMap
use of javax.ws.rs.core.MultivaluedMap in project cxf by apache.
the class CrossOriginResourceSharingFilter method getResourceMethod.
private Method getResourceMethod(Message m, String httpMethod) {
String requestUri = HttpUtils.getPathToMatch(m, true);
List<ClassResourceInfo> resources = JAXRSUtils.getRootResources(m);
Map<ClassResourceInfo, MultivaluedMap<String, String>> matchedResources = JAXRSUtils.selectResourceClass(resources, requestUri, m);
if (matchedResources == null) {
return null;
}
MultivaluedMap<String, String> values = new MetadataMap<>();
OperationResourceInfo ori = findPreflightMethod(matchedResources, requestUri, httpMethod, values, m);
return ori == null ? null : ori.getAnnotatedMethod();
}
Also used :
MetadataMap(org.apache.cxf.jaxrs.impl.MetadataMap)
ClassResourceInfo(org.apache.cxf.jaxrs.model.ClassResourceInfo)
OperationResourceInfo(org.apache.cxf.jaxrs.model.OperationResourceInfo)
MultivaluedMap(javax.ws.rs.core.MultivaluedMap)
Example 39 with MultivaluedMap
use of javax.ws.rs.core.MultivaluedMap in project cxf by apache.
the class SseInterceptor method handleMessage.
public void handleMessage(Message message) {
// Not an SSE invocation, skipping it in favor of normal processing
if (message.get(SseEventSink.class) == null) {
return;
}
if (!isRequestor(message) && message.get(SseInterceptor.class) == null) {
message.put(SseInterceptor.class, this);
final Exchange exchange = message.getExchange();
OperationResourceInfo ori = (OperationResourceInfo) exchange.get(OperationResourceInfo.class.getName());
if (ori != null) {
Response.ResponseBuilder builder = Response.ok();
HttpServletResponse servletResponse = null;
final ServerProviderFactory providerFactory = ServerProviderFactory.getInstance(message);
final Object response = message.get(AbstractHTTPDestination.HTTP_RESPONSE);
if (response instanceof HttpServletResponse) {
servletResponse = (HttpServletResponse) response;
builder = Response.status(servletResponse.getStatus());
for (final String header : servletResponse.getHeaderNames()) {
final Collection<String> headers = servletResponse.getHeaders(header);
addHeader(builder, header, headers);
}
}
// Run the filters
try {
final ResponseImpl responseImpl = (ResponseImpl) builder.build();
final Message outMessage = getOutMessage(message);
JAXRSUtils.runContainerResponseFilters(providerFactory, responseImpl, outMessage, ori, ori.getAnnotatedMethod());
if (servletResponse != null) {
servletResponse.setStatus(responseImpl.getStatus());
final Map<String, List<String>> userHeaders = CastUtils.cast((Map<?, ?>) outMessage.get(Message.PROTOCOL_HEADERS));
if (userHeaders != null) {
for (Map.Entry<String, List<String>> entry : userHeaders.entrySet()) {
setHeader(servletResponse, entry);
}
}
final MultivaluedMap<String, String> headers = responseImpl.getStringHeaders();
if (headers != null) {
for (Map.Entry<String, List<String>> entry : headers.entrySet()) {
setHeader(servletResponse, entry);
}
}
}
} catch (Throwable ex) {
if (LOG.isLoggable(Level.FINE)) {
LOG.log(Level.FINE, ex.getMessage(), ex);
}
}
}
}
}
Also used :
ServerProviderFactory(org.apache.cxf.jaxrs.provider.ServerProviderFactory)
Message(org.apache.cxf.message.Message)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
ResponseImpl(org.apache.cxf.jaxrs.impl.ResponseImpl)
Exchange(org.apache.cxf.message.Exchange)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
Response(javax.ws.rs.core.Response)
SseEventSink(javax.ws.rs.sse.SseEventSink)
OperationResourceInfo(org.apache.cxf.jaxrs.model.OperationResourceInfo)
List(java.util.List)
MultivaluedMap(javax.ws.rs.core.MultivaluedMap)
Map(java.util.Map)
Example 40 with MultivaluedMap
use of javax.ws.rs.core.MultivaluedMap in project cxf by apache.
the class SamlFormOutInterceptor method getRequestForm.
@SuppressWarnings("unchecked")
protected Form getRequestForm(Message message) {
Object ct = message.get(Message.CONTENT_TYPE);
if (ct == null || !MediaType.APPLICATION_FORM_URLENCODED.equalsIgnoreCase(ct.toString())) {
return null;
}
MessageContentsList objs = MessageContentsList.getContentsList(message);
if (objs != null && objs.size() == 1) {
Object obj = objs.get(0);
if (obj instanceof Form) {
return (Form) obj;
} else if (obj instanceof MultivaluedMap) {
return new Form((MultivaluedMap<String, String>) obj);
}
}
return null;
}
Also used :
MessageContentsList(org.apache.cxf.message.MessageContentsList)
Form(javax.ws.rs.core.Form)
MultivaluedMap(javax.ws.rs.core.MultivaluedMap)
Aggregations
MultivaluedMap (javax.ws.rs.core.MultivaluedMap)135
Map (java.util.Map)67
List (java.util.List)51
HashMap (java.util.HashMap)45
MediaType (javax.ws.rs.core.MediaType)35
MultivaluedHashMap (javax.ws.rs.core.MultivaluedHashMap)28
MetadataMap (org.apache.cxf.jaxrs.impl.MetadataMap)27
ArrayList (java.util.ArrayList)24
IOException (java.io.IOException)23
Test (org.junit.Test)21
WebApplicationException (javax.ws.rs.WebApplicationException)19
LinkedHashMap (java.util.LinkedHashMap)18
Type (java.lang.reflect.Type)16
Response (javax.ws.rs.core.Response)16
InputStream (java.io.InputStream)14
OutputStream (java.io.OutputStream)14
ByteArrayInputStream (java.io.ByteArrayInputStream)13
ClassResourceInfo (org.apache.cxf.jaxrs.model.ClassResourceInfo)13
Method (java.lang.reflect.Method)11
Optional (java.util.Optional)11
