Search in sources :

Example 51 with PostMethod

use of org.apache.commons.httpclient.methods.PostMethod in project spatial-portal by AtlasOfLivingAustralia.

the class LayerLegendScatterplotController method onSelect$cbHighlightArea.

public void onSelect$cbHighlightArea(Event event) {
    if (cbHighlightArea.getSelectedItem() != null) {
        if (cbHighlightArea.getSelectedItem().getValue() instanceof MapLayer) {
            MapLayer ml = cbHighlightArea.getSelectedItem().getValue();
            SelectedArea sa = new SelectedArea(ml, ml.getFacets() == null ? ml.getWKT() : null);
            data.setHighlightSa(sa);
        } else {
            String wkt = cbHighlightArea.getSelectedItem().getValue();
            SelectedArea sa = new SelectedArea(null, wkt);
            data.setHighlightSa(sa);
        }
    } else {
        data.setHighlightSa(null);
    }
    try {
        HttpClient client = new HttpClient();
        PostMethod post = new PostMethod(CommonData.getSatServer() + "/ws/scatterplot/style/" + data.getId());
        //add style parameters (highlight area)
        if (data.getHighlightSa() != null) {
            post.addParameter(StringConstants.HIGHLIGHT_WKT, data.getHighlightSa().getWkt());
        } else {
            post.addParameter(StringConstants.HIGHLIGHT_WKT, "");
        }
        post.addRequestHeader(StringConstants.ACCEPT, StringConstants.APPLICATION_JSON);
        client.executeMethod(post);
    } catch (Exception e) {
        LOGGER.error("error getting a new scatterplot id", e);
    }
    data.setImagePath(null);
    redraw();
}
Also used : PostMethod(org.apache.commons.httpclient.methods.PostMethod) HasMapLayer(au.org.emii.portal.menu.HasMapLayer) MapLayer(au.org.emii.portal.menu.MapLayer) SelectedArea(au.org.emii.portal.menu.SelectedArea) HttpClient(org.apache.commons.httpclient.HttpClient)

Example 52 with PostMethod

use of org.apache.commons.httpclient.methods.PostMethod in project zm-mailbox by Zimbra.

the class ProxyServlet method doProxy.

private void doProxy(HttpServletRequest req, HttpServletResponse resp) throws IOException {
    ZimbraLog.clearContext();
    boolean isAdmin = isAdminRequest(req);
    AuthToken authToken = isAdmin ? getAdminAuthTokenFromCookie(req, resp, true) : getAuthTokenFromCookie(req, resp, true);
    if (authToken == null) {
        String zAuthToken = req.getParameter(QP_ZAUTHTOKEN);
        if (zAuthToken != null) {
            try {
                authToken = AuthProvider.getAuthToken(zAuthToken);
                if (authToken.isExpired()) {
                    resp.sendError(HttpServletResponse.SC_UNAUTHORIZED, "authtoken expired");
                    return;
                }
                if (!authToken.isRegistered()) {
                    resp.sendError(HttpServletResponse.SC_UNAUTHORIZED, "authtoken is invalid");
                    return;
                }
                if (isAdmin && !authToken.isAdmin()) {
                    resp.sendError(HttpServletResponse.SC_UNAUTHORIZED, "permission denied");
                    return;
                }
            } catch (AuthTokenException e) {
                resp.sendError(HttpServletResponse.SC_UNAUTHORIZED, "unable to parse authtoken");
                return;
            }
        }
    }
    if (authToken == null) {
        resp.sendError(HttpServletResponse.SC_UNAUTHORIZED, "no authtoken cookie");
        return;
    }
    // get the posted body before the server read and parse them.
    byte[] body = copyPostedData(req);
    // sanity check
    String target = req.getParameter(TARGET_PARAM);
    if (target == null) {
        resp.sendError(HttpServletResponse.SC_BAD_REQUEST);
        return;
    }
    // check for permission
    URL url = new URL(target);
    if (!isAdmin && !checkPermissionOnTarget(url, authToken)) {
        resp.sendError(HttpServletResponse.SC_FORBIDDEN);
        return;
    }
    // determine whether to return the target inline or store it as an upload
    String uploadParam = req.getParameter(UPLOAD_PARAM);
    boolean asUpload = uploadParam != null && (uploadParam.equals("1") || uploadParam.equalsIgnoreCase("true"));
    HttpMethod method = null;
    try {
        HttpClient client = ZimbraHttpConnectionManager.getExternalHttpConnMgr().newHttpClient();
        HttpProxyUtil.configureProxy(client);
        String reqMethod = req.getMethod();
        if (reqMethod.equalsIgnoreCase("GET")) {
            method = new GetMethod(target);
        } else if (reqMethod.equalsIgnoreCase("POST")) {
            PostMethod post = new PostMethod(target);
            if (body != null)
                post.setRequestEntity(new ByteArrayRequestEntity(body, req.getContentType()));
            method = post;
        } else if (reqMethod.equalsIgnoreCase("PUT")) {
            PutMethod put = new PutMethod(target);
            if (body != null)
                put.setRequestEntity(new ByteArrayRequestEntity(body, req.getContentType()));
            method = put;
        } else if (reqMethod.equalsIgnoreCase("DELETE")) {
            method = new DeleteMethod(target);
        } else {
            ZimbraLog.zimlet.info("unsupported request method: " + reqMethod);
            resp.sendError(HttpServletResponse.SC_METHOD_NOT_ALLOWED);
            return;
        }
        // handle basic auth
        String auth, user, pass;
        auth = req.getParameter(AUTH_PARAM);
        user = req.getParameter(USER_PARAM);
        pass = req.getParameter(PASS_PARAM);
        if (auth != null && user != null && pass != null) {
            if (!auth.equals(AUTH_BASIC)) {
                ZimbraLog.zimlet.info("unsupported auth type: " + auth);
                resp.sendError(HttpServletResponse.SC_BAD_REQUEST);
                return;
            }
            HttpState state = new HttpState();
            state.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(user, pass));
            client.setState(state);
            method.setDoAuthentication(true);
        }
        Enumeration headers = req.getHeaderNames();
        while (headers.hasMoreElements()) {
            String hdr = (String) headers.nextElement();
            ZimbraLog.zimlet.debug("incoming: " + hdr + ": " + req.getHeader(hdr));
            if (canProxyHeader(hdr)) {
                ZimbraLog.zimlet.debug("outgoing: " + hdr + ": " + req.getHeader(hdr));
                if (hdr.equalsIgnoreCase("x-host"))
                    method.getParams().setVirtualHost(req.getHeader(hdr));
                else
                    method.addRequestHeader(hdr, req.getHeader(hdr));
            }
        }
        try {
            if (!(reqMethod.equalsIgnoreCase("POST") || reqMethod.equalsIgnoreCase("PUT"))) {
                method.setFollowRedirects(true);
            }
            HttpClientUtil.executeMethod(client, method);
        } catch (HttpException ex) {
            ZimbraLog.zimlet.info("exception while proxying " + target, ex);
            resp.sendError(HttpServletResponse.SC_NOT_FOUND);
            return;
        }
        int status = method.getStatusLine() == null ? HttpServletResponse.SC_INTERNAL_SERVER_ERROR : method.getStatusCode();
        // workaround for Alexa Thumbnails paid web service, which doesn't bother to return a content-type line
        Header ctHeader = method.getResponseHeader("Content-Type");
        String contentType = ctHeader == null || ctHeader.getValue() == null ? DEFAULT_CTYPE : ctHeader.getValue();
        InputStream targetResponseBody = method.getResponseBodyAsStream();
        if (asUpload) {
            String filename = req.getParameter(FILENAME_PARAM);
            if (filename == null || filename.equals(""))
                filename = new ContentType(contentType).getParameter("name");
            if ((filename == null || filename.equals("")) && method.getResponseHeader("Content-Disposition") != null)
                filename = new ContentDisposition(method.getResponseHeader("Content-Disposition").getValue()).getParameter("filename");
            if (filename == null || filename.equals(""))
                filename = "unknown";
            List<Upload> uploads = null;
            if (targetResponseBody != null) {
                try {
                    Upload up = FileUploadServlet.saveUpload(targetResponseBody, filename, contentType, authToken.getAccountId());
                    uploads = Arrays.asList(up);
                } catch (ServiceException e) {
                    if (e.getCode().equals(MailServiceException.UPLOAD_REJECTED))
                        status = HttpServletResponse.SC_REQUEST_ENTITY_TOO_LARGE;
                    else
                        status = HttpServletResponse.SC_INTERNAL_SERVER_ERROR;
                }
            }
            resp.setStatus(status);
            FileUploadServlet.sendResponse(resp, status, req.getParameter(FORMAT_PARAM), null, uploads, null);
        } else {
            resp.setStatus(status);
            resp.setContentType(contentType);
            for (Header h : method.getResponseHeaders()) if (canProxyHeader(h.getName()))
                resp.addHeader(h.getName(), h.getValue());
            if (targetResponseBody != null)
                ByteUtil.copy(targetResponseBody, true, resp.getOutputStream(), true);
        }
    } finally {
        if (method != null)
            method.releaseConnection();
    }
}
Also used : ContentType(com.zimbra.common.mime.ContentType) PostMethod(org.apache.commons.httpclient.methods.PostMethod) HttpState(org.apache.commons.httpclient.HttpState) Upload(com.zimbra.cs.service.FileUploadServlet.Upload) URL(java.net.URL) HttpException(org.apache.commons.httpclient.HttpException) DeleteMethod(org.apache.commons.httpclient.methods.DeleteMethod) Enumeration(java.util.Enumeration) InputStream(java.io.InputStream) UsernamePasswordCredentials(org.apache.commons.httpclient.UsernamePasswordCredentials) Header(org.apache.commons.httpclient.Header) ContentDisposition(com.zimbra.common.mime.ContentDisposition) ServiceException(com.zimbra.common.service.ServiceException) MailServiceException(com.zimbra.cs.mailbox.MailServiceException) AuthTokenException(com.zimbra.cs.account.AuthTokenException) HttpClient(org.apache.commons.httpclient.HttpClient) GetMethod(org.apache.commons.httpclient.methods.GetMethod) AuthToken(com.zimbra.cs.account.AuthToken) PutMethod(org.apache.commons.httpclient.methods.PutMethod) HttpMethod(org.apache.commons.httpclient.HttpMethod) ByteArrayRequestEntity(org.apache.commons.httpclient.methods.ByteArrayRequestEntity)

Example 53 with PostMethod

use of org.apache.commons.httpclient.methods.PostMethod in project zm-mailbox by Zimbra.

the class TestServiceServlet method testUnDeployAdminExtension.

@Test
public void testUnDeployAdminExtension() throws Exception {
    deployAdminVersionCheck();
    ZMailbox mbox = TestUtil.getZMailbox(USER_NAME);
    HttpClient client = new HttpClient();
    String url = baseURL + "undeployzimlet";
    PostMethod method = new PostMethod(url);
    addAuthTokenHeader(method, mbox.getAuthToken().getValue());
    method.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "com_zimbra_adminversioncheck");
    int respCode = HttpClientUtil.executeMethod(client, method);
    Assert.assertEquals("Should be getting error code with user's auth token", HttpStatus.SC_UNAUTHORIZED, respCode);
    method = new PostMethod(url);
    addAuthTokenHeader(method, getAdminAuthToken(delegatedAdminWithRights.getName()));
    method.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "com_zimbra_adminversioncheck");
    respCode = HttpClientUtil.executeMethod(client, method);
    Assert.assertEquals("Delegated admin should not be allowed to undeploy admin extensions even with deployZimlet right", HttpStatus.SC_UNAUTHORIZED, respCode);
    method = new PostMethod(url);
    addAuthTokenHeader(method, getAdminAuthToken(delegatedAdminWithoutRights.getName()));
    method.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "com_zimbra_adminversioncheck");
    respCode = HttpClientUtil.executeMethod(client, method);
    Assert.assertEquals("Delegated admin should not be allowed to undeploy admin extensions with or without deployZimlet right", HttpStatus.SC_UNAUTHORIZED, respCode);
    method = new PostMethod(url);
    addAuthTokenHeader(method, AuthProvider.getAdminAuthToken().getEncoded());
    method.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "com_zimbra_adminversioncheck");
    respCode = HttpClientUtil.executeMethod(client, method);
    Assert.assertEquals("Super admin should be able to undeploy com_zimbra_adminversioncheck admin extension", HttpStatus.SC_OK, respCode);
}
Also used : ZMailbox(com.zimbra.client.ZMailbox) PostMethod(org.apache.commons.httpclient.methods.PostMethod) HttpClient(org.apache.commons.httpclient.HttpClient) Test(org.junit.Test)

Example 54 with PostMethod

use of org.apache.commons.httpclient.methods.PostMethod in project zm-mailbox by Zimbra.

the class TestServiceServlet method testUnDeployBadZimletname.

@Test
public void testUnDeployBadZimletname() throws Exception {
    ZMailbox mbox = TestUtil.getZMailbox(USER_NAME);
    HttpClient client = new HttpClient();
    String url = baseURL + "undeployzimlet";
    PostMethod method = new PostMethod(url);
    addAuthTokenHeader(method, mbox.getAuthToken().getValue());
    method.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "../conf/nginx.key");
    int respCode = HttpClientUtil.executeMethod(client, method);
    Assert.assertEquals("Should be getting error code with user's auth token", HttpStatus.SC_UNAUTHORIZED, respCode);
    method = new PostMethod(url);
    addAuthTokenHeader(method, AuthProvider.getAdminAuthToken().getEncoded());
    method.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "../conf/nginx.key");
    respCode = HttpClientUtil.executeMethod(client, method);
    Assert.assertEquals("Should be getting code 400 with super admin's auth token", HttpStatus.SC_BAD_REQUEST, respCode);
}
Also used : ZMailbox(com.zimbra.client.ZMailbox) PostMethod(org.apache.commons.httpclient.methods.PostMethod) HttpClient(org.apache.commons.httpclient.HttpClient) Test(org.junit.Test)

Example 55 with PostMethod

use of org.apache.commons.httpclient.methods.PostMethod in project zm-mailbox by Zimbra.

the class TestServiceServlet method testDeployBadZimletName.

@Test
public void testDeployBadZimletName() throws Exception {
    ZMailbox mbox = TestUtil.getZMailbox(USER_NAME);
    HttpClient client = new HttpClient();
    String url = baseURL + "deployzimlet";
    PostMethod method = new PostMethod(url);
    addAuthTokenHeader(method, mbox.getAuthToken().getValue());
    method.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "../conf/nginx.key");
    //standard zimlet, should always be there. No harm in redeploying it
    File zimletFile = new File("/opt/zimbra/zimlets/com_zimbra_phone.zip");
    if (zimletFile.exists()) {
        InputStream targetStream = new FileInputStream(zimletFile);
        method.setRequestBody(targetStream);
    }
    int respCode = HttpClientUtil.executeMethod(client, method);
    Assert.assertEquals("Should be getting error code with user's auth token", HttpStatus.SC_UNAUTHORIZED, respCode);
    method = new PostMethod(url);
    addAuthTokenHeader(method, AuthProvider.getAdminAuthToken().getEncoded());
    method.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "../conf/nginx.key");
    if (zimletFile.exists()) {
        InputStream targetStream = new FileInputStream(zimletFile);
        method.setRequestBody(targetStream);
    }
    respCode = HttpClientUtil.executeMethod(client, method);
    Assert.assertEquals("Should be getting code 400 with super admin's auth token w/o upload", HttpStatus.SC_BAD_REQUEST, respCode);
}
Also used : ZMailbox(com.zimbra.client.ZMailbox) PostMethod(org.apache.commons.httpclient.methods.PostMethod) FileInputStream(java.io.FileInputStream) InputStream(java.io.InputStream) HttpClient(org.apache.commons.httpclient.HttpClient) File(java.io.File) FileInputStream(java.io.FileInputStream) Test(org.junit.Test)

Aggregations

PostMethod (org.apache.commons.httpclient.methods.PostMethod)203 HttpClient (org.apache.commons.httpclient.HttpClient)114 Test (org.junit.Test)55 IOException (java.io.IOException)32 MultipartRequestEntity (org.apache.commons.httpclient.methods.multipart.MultipartRequestEntity)28 Part (org.apache.commons.httpclient.methods.multipart.Part)25 NameValuePair (org.apache.commons.httpclient.NameValuePair)24 FilePart (org.apache.commons.httpclient.methods.multipart.FilePart)23 Map (java.util.Map)21 GetMethod (org.apache.commons.httpclient.methods.GetMethod)21 StringRequestEntity (org.apache.commons.httpclient.methods.StringRequestEntity)21 StringPart (org.apache.commons.httpclient.methods.multipart.StringPart)21 HttpMethod (org.apache.commons.httpclient.HttpMethod)17 Header (org.apache.commons.httpclient.Header)16 Note (org.apache.zeppelin.notebook.Note)13 HttpException (org.apache.commons.httpclient.HttpException)12 File (java.io.File)11 InputStream (java.io.InputStream)11 ByteArrayRequestEntity (org.apache.commons.httpclient.methods.ByteArrayRequestEntity)11 JSONParser (org.json.simple.parser.JSONParser)11