Example 6 with HttpHeadersImpl
use of org.apache.cxf.jaxrs.impl.HttpHeadersImpl in project tomee by apache.
the class JAXRSUtils method processCookieParam.
private static Object processCookieParam(Message m, String cookieName, Class<?> pClass, Type genericType, Annotation[] paramAnns, String defaultValue) {
Cookie c = new HttpHeadersImpl(m).getCookies().get(cookieName);
if (c == null && defaultValue != null) {
c = Cookie.valueOf(cookieName + '=' + defaultValue);
}
if (c == null) {
return null;
}
if (pClass.isAssignableFrom(Cookie.class)) {
return c;
}
String value = InjectionUtils.isSupportedCollectionOrArray(pClass) && InjectionUtils.getActualType(genericType) == Cookie.class ? c.toString() : c.getValue();
return InjectionUtils.createParameterObject(Collections.singletonList(value), pClass, genericType, paramAnns, null, false, ParameterType.COOKIE, m);
}
Also used :
Cookie(javax.ws.rs.core.Cookie)
HttpHeadersImpl(org.apache.cxf.jaxrs.impl.HttpHeadersImpl)
Example 7 with HttpHeadersImpl
use of org.apache.cxf.jaxrs.impl.HttpHeadersImpl in project cxf by apache.
the class AbstractServiceProviderFilter method checkSecurityContext.
protected boolean checkSecurityContext(Message m) {
HttpHeaders headers = new HttpHeadersImpl(m);
Map<String, Cookie> cookies = headers.getCookies();
Cookie securityContextCookie = cookies.get(SSOConstants.SECURITY_CONTEXT_TOKEN);
ResponseState responseState = getValidResponseState(securityContextCookie, m);
if (responseState == null) {
return false;
}
if (!isSupportUnsolicited()) {
Cookie relayStateCookie = cookies.get(SSOConstants.RELAY_STATE);
if (relayStateCookie == null) {
reportError("MISSING_RELAY_COOKIE");
return false;
}
String originalRelayState = responseState.getRelayState();
if (!originalRelayState.equals(relayStateCookie.getValue())) {
// perhaps the response state should also be removed
reportError("INVALID_RELAY_STATE");
return false;
}
}
try {
String assertion = responseState.getAssertion();
SamlAssertionWrapper assertionWrapper = new SamlAssertionWrapper(StaxUtils.read(new StringReader(assertion)).getDocumentElement());
setSecurityContext(m, assertionWrapper);
} catch (Exception ex) {
reportError("INVALID_RESPONSE_STATE");
return false;
}
return true;
}
Also used :
Cookie(javax.ws.rs.core.Cookie)
HttpHeaders(javax.ws.rs.core.HttpHeaders)
ResponseState(org.apache.cxf.rs.security.saml.sso.state.ResponseState)
StringReader(java.io.StringReader)
SamlAssertionWrapper(org.apache.wss4j.common.saml.SamlAssertionWrapper)
IOException(java.io.IOException)
HttpHeadersImpl(org.apache.cxf.jaxrs.impl.HttpHeadersImpl)
Example 8 with HttpHeadersImpl
use of org.apache.cxf.jaxrs.impl.HttpHeadersImpl in project cxf by apache.
the class JAXRSUtils method readFromMessageBodyReader.
@SuppressWarnings("unchecked")
public static Object readFromMessageBodyReader(List<ReaderInterceptor> readers, Class<?> targetTypeClass, Type parameterType, Annotation[] parameterAnnotations, InputStream is, MediaType mediaType, Message m) throws IOException, WebApplicationException {
// Verbose but avoids an extra context instantiation for the typical path
if (readers.size() > 1) {
ReaderInterceptor first = readers.remove(0);
ReaderInterceptorContext context = new ReaderInterceptorContextImpl(targetTypeClass, parameterType, parameterAnnotations, is, m, readers);
return first.aroundReadFrom(context);
}
MessageBodyReader<?> provider = ((ReaderInterceptorMBR) readers.get(0)).getMBR();
@SuppressWarnings("rawtypes") Class cls = targetTypeClass;
return provider.readFrom(cls, parameterType, parameterAnnotations, mediaType, new HttpHeadersImpl(m).getRequestHeaders(), is);
}
Also used :
ReaderInterceptor(javax.ws.rs.ext.ReaderInterceptor)
ReaderInterceptorContextImpl(org.apache.cxf.jaxrs.impl.ReaderInterceptorContextImpl)
ReaderInterceptorMBR(org.apache.cxf.jaxrs.impl.ReaderInterceptorMBR)
ReaderInterceptorContext(javax.ws.rs.ext.ReaderInterceptorContext)
HttpHeadersImpl(org.apache.cxf.jaxrs.impl.HttpHeadersImpl)
Example 9 with HttpHeadersImpl
use of org.apache.cxf.jaxrs.impl.HttpHeadersImpl in project cxf by apache.
the class JAXRSUtils method processCookieParam.
private static Object processCookieParam(Message m, String cookieName, Class<?> pClass, Type genericType, Annotation[] paramAnns, String defaultValue) {
Cookie c = new HttpHeadersImpl(m).getCookies().get(cookieName);
if (c == null && defaultValue != null) {
c = Cookie.valueOf(cookieName + '=' + defaultValue);
}
if (c == null) {
return null;
}
if (pClass.isAssignableFrom(Cookie.class)) {
return c;
}
String value = InjectionUtils.isSupportedCollectionOrArray(pClass) && InjectionUtils.getActualType(genericType) == Cookie.class ? c.toString() : c.getValue();
return InjectionUtils.createParameterObject(Collections.singletonList(value), pClass, genericType, paramAnns, null, false, ParameterType.COOKIE, m);
}
Also used :
Cookie(javax.ws.rs.core.Cookie)
HttpHeadersImpl(org.apache.cxf.jaxrs.impl.HttpHeadersImpl)
Example 10 with HttpHeadersImpl
use of org.apache.cxf.jaxrs.impl.HttpHeadersImpl in project cxf by apache.
the class JAASAuthenticationFilter method handleAuthenticationException.
protected Response handleAuthenticationException(SecurityException ex, Message m) {
HttpHeaders headers = new HttpHeadersImpl(m);
if (redirectURI != null && isRedirectPossible(headers)) {
final URI finalRedirectURI;
if (!redirectURI.isAbsolute()) {
String endpointAddress = HttpUtils.getEndpointAddress(m);
Object basePathProperty = m.get(Message.BASE_PATH);
if (ignoreBasePath && basePathProperty != null && !"/".equals(basePathProperty)) {
int index = endpointAddress.lastIndexOf(basePathProperty.toString());
if (index != -1) {
endpointAddress = endpointAddress.substring(0, index);
}
}
finalRedirectURI = UriBuilder.fromUri(endpointAddress).path(redirectURI.toString()).build();
} else {
finalRedirectURI = redirectURI;
}
return Response.status(getRedirectStatus()).header(HttpHeaders.LOCATION, finalRedirectURI).build();
}
ResponseBuilder builder = Response.status(Response.Status.UNAUTHORIZED);
StringBuilder sb = new StringBuilder();
List<String> authHeader = headers.getRequestHeader(HttpHeaders.AUTHORIZATION);
if (authHeader != null && !authHeader.isEmpty()) {
// should HttpHeadersImpl do it ?
String[] authValues = authHeader.get(0).split(" ");
if (authValues.length > 0) {
sb.append(authValues[0]);
}
} else {
sb.append("Basic");
}
if (realmName != null) {
sb.append(" realm=\"").append(realmName).append('"');
}
builder.header(HttpHeaders.WWW_AUTHENTICATE, sb.toString());
return builder.build();
}
Also used :
HttpHeaders(javax.ws.rs.core.HttpHeaders)
ResponseBuilder(javax.ws.rs.core.Response.ResponseBuilder)
URI(java.net.URI)
HttpHeadersImpl(org.apache.cxf.jaxrs.impl.HttpHeadersImpl)
Aggregations
HttpHeadersImpl (org.apache.cxf.jaxrs.impl.HttpHeadersImpl)11
HttpHeaders (javax.ws.rs.core.HttpHeaders)6
Cookie (javax.ws.rs.core.Cookie)3
URI (java.net.URI)2
ResponseBuilder (javax.ws.rs.core.Response.ResponseBuilder)2
UriInfo (javax.ws.rs.core.UriInfo)2
ReaderInterceptor (javax.ws.rs.ext.ReaderInterceptor)2
ReaderInterceptorContext (javax.ws.rs.ext.ReaderInterceptorContext)2
ReaderInterceptorContextImpl (org.apache.cxf.jaxrs.impl.ReaderInterceptorContextImpl)2
ReaderInterceptorMBR (org.apache.cxf.jaxrs.impl.ReaderInterceptorMBR)2
IOException (java.io.IOException)1
StringReader (java.io.StringReader)1
HashMap (java.util.HashMap)1
List (java.util.List)1
Map (java.util.Map)1
ServletRequest (javax.servlet.ServletRequest)1
WebApplicationException (javax.ws.rs.WebApplicationException)1
AsyncResponse (javax.ws.rs.container.AsyncResponse)1
MediaType (javax.ws.rs.core.MediaType)1
MultivaluedMap (javax.ws.rs.core.MultivaluedMap)1
