Example 46 with HttpResponseStatus
use of org.apache.flink.shaded.netty4.io.netty.handler.codec.http.HttpResponseStatus in project xipki by xipki.
the class HttpScepServlet method service.
@Override
public FullHttpResponse service(FullHttpRequest request, ServletURI servletUri, SSLSession sslSession, SslReverseProxyMode sslReverseProxyMode) throws Exception {
HttpVersion version = request.protocolVersion();
HttpMethod method = request.method();
boolean viaPost;
if (method == HttpMethod.POST) {
viaPost = true;
} else if (method == HttpMethod.GET) {
viaPost = false;
} else {
return createErrorResponse(version, HttpResponseStatus.METHOD_NOT_ALLOWED);
}
String scepName = null;
String certProfileName = null;
if (servletUri.getPath().length() > 1) {
String scepPath = servletUri.getPath();
if (scepPath.endsWith(CGI_PROGRAM)) {
// skip also the first char (which is always '/')
String path = scepPath.substring(1, scepPath.length() - CGI_PROGRAM_LEN);
String[] tokens = path.split("/");
if (tokens.length == 2) {
scepName = tokens[0];
certProfileName = tokens[1].toLowerCase();
}
}
// end if
}
if (scepName == null || certProfileName == null) {
return createErrorResponse(version, HttpResponseStatus.NOT_FOUND);
}
AuditService auditService = auditServiceRegister.getAuditService();
AuditEvent event = new AuditEvent(new Date());
event.setApplicationName("SCEP");
event.setName(CaAuditConstants.NAME_PERF);
event.addEventData(CaAuditConstants.NAME_SCEP_name, scepName + "/" + certProfileName);
event.addEventData(CaAuditConstants.NAME_reqType, RequestType.SCEP.name());
String msgId = RandomUtil.nextHexLong();
event.addEventData(CaAuditConstants.NAME_mid, msgId);
AuditLevel auditLevel = AuditLevel.INFO;
AuditStatus auditStatus = AuditStatus.SUCCESSFUL;
String auditMessage = null;
try {
if (responderManager == null) {
auditMessage = "responderManager in servlet not configured";
LOG.error(auditMessage);
auditLevel = AuditLevel.ERROR;
auditStatus = AuditStatus.FAILED;
return createErrorResponse(version, HttpResponseStatus.INTERNAL_SERVER_ERROR);
}
Scep responder = responderManager.getScep(scepName);
if (responder == null || !responder.isOnService() || !responder.supportsCertProfile(certProfileName)) {
auditMessage = "unknown SCEP '" + scepName + "/" + certProfileName + "'";
LOG.warn(auditMessage);
auditStatus = AuditStatus.FAILED;
return createErrorResponse(version, HttpResponseStatus.NOT_FOUND);
}
String operation = servletUri.getParameter("operation");
event.addEventData(CaAuditConstants.NAME_SCEP_operation, operation);
if ("PKIOperation".equalsIgnoreCase(operation)) {
CMSSignedData reqMessage;
// parse the request
try {
byte[] content;
if (viaPost) {
content = readContent(request);
} else {
String b64 = servletUri.getParameter("message");
content = Base64.decode(b64);
}
reqMessage = new CMSSignedData(content);
} catch (Exception ex) {
final String msg = "invalid request";
LogUtil.error(LOG, ex, msg);
auditMessage = msg;
auditStatus = AuditStatus.FAILED;
return createErrorResponse(version, HttpResponseStatus.BAD_REQUEST);
}
ContentInfo ci;
try {
ci = responder.servicePkiOperation(reqMessage, certProfileName, msgId, event);
} catch (MessageDecodingException ex) {
final String msg = "could not decrypt and/or verify the request";
LogUtil.error(LOG, ex, msg);
auditMessage = msg;
auditStatus = AuditStatus.FAILED;
return createErrorResponse(version, HttpResponseStatus.BAD_REQUEST);
} catch (OperationException ex) {
ErrorCode code = ex.getErrorCode();
HttpResponseStatus httpCode;
switch(code) {
case ALREADY_ISSUED:
case CERT_REVOKED:
case CERT_UNREVOKED:
httpCode = HttpResponseStatus.FORBIDDEN;
break;
case BAD_CERT_TEMPLATE:
case BAD_REQUEST:
case BAD_POP:
case INVALID_EXTENSION:
case UNKNOWN_CERT:
case UNKNOWN_CERT_PROFILE:
httpCode = HttpResponseStatus.BAD_REQUEST;
break;
case NOT_PERMITTED:
httpCode = HttpResponseStatus.UNAUTHORIZED;
break;
case SYSTEM_UNAVAILABLE:
httpCode = HttpResponseStatus.SERVICE_UNAVAILABLE;
break;
case CRL_FAILURE:
case DATABASE_FAILURE:
case SYSTEM_FAILURE:
httpCode = HttpResponseStatus.INTERNAL_SERVER_ERROR;
break;
default:
httpCode = HttpResponseStatus.INTERNAL_SERVER_ERROR;
break;
}
auditMessage = ex.getMessage();
LogUtil.error(LOG, ex, auditMessage);
auditStatus = AuditStatus.FAILED;
return createErrorResponse(version, httpCode);
}
byte[] bodyBytes = ci.getEncoded();
return createOKResponse(version, CT_RESPONSE, bodyBytes);
} else if (Operation.GetCACaps.getCode().equalsIgnoreCase(operation)) {
// CA-Ident is ignored
byte[] caCapsBytes = responder.getCaCaps().getBytes();
return createOKResponse(version, ScepConstants.CT_TEXT_PLAIN, caCapsBytes);
} else if (Operation.GetCACert.getCode().equalsIgnoreCase(operation)) {
// CA-Ident is ignored
byte[] respBytes = responder.getCaCertResp().getBytes();
return createOKResponse(version, ScepConstants.CT_X509_CA_RA_CERT, respBytes);
} else if (Operation.GetNextCACert.getCode().equalsIgnoreCase(operation)) {
auditMessage = "SCEP operation '" + operation + "' is not permitted";
auditStatus = AuditStatus.FAILED;
return createErrorResponse(version, HttpResponseStatus.FORBIDDEN);
} else {
auditMessage = "unknown SCEP operation '" + operation + "'";
auditStatus = AuditStatus.FAILED;
return createErrorResponse(version, HttpResponseStatus.BAD_REQUEST);
}
} catch (Throwable th) {
if (th instanceof EOFException) {
final String msg = "connection reset by peer";
if (LOG.isWarnEnabled()) {
LogUtil.warn(LOG, th, msg);
}
LOG.debug(msg, th);
} else {
LOG.error("Throwable thrown, this should not happen!", th);
}
auditLevel = AuditLevel.ERROR;
auditStatus = AuditStatus.FAILED;
auditMessage = "internal error";
return createErrorResponse(version, HttpResponseStatus.INTERNAL_SERVER_ERROR);
} finally {
audit(auditService, event, auditLevel, auditStatus, auditMessage);
}
}
Also used :
HttpResponseStatus(io.netty.handler.codec.http.HttpResponseStatus)
AuditLevel(org.xipki.audit.AuditLevel)
CMSSignedData(org.bouncycastle.cms.CMSSignedData)
Date(java.util.Date)
MessageDecodingException(org.xipki.scep.exception.MessageDecodingException)
IOException(java.io.IOException)
EOFException(java.io.EOFException)
OperationException(org.xipki.ca.api.OperationException)
AuditStatus(org.xipki.audit.AuditStatus)
MessageDecodingException(org.xipki.scep.exception.MessageDecodingException)
ContentInfo(org.bouncycastle.asn1.cms.ContentInfo)
EOFException(java.io.EOFException)
AuditEvent(org.xipki.audit.AuditEvent)
ErrorCode(org.xipki.ca.api.OperationException.ErrorCode)
Scep(org.xipki.ca.server.api.Scep)
HttpVersion(io.netty.handler.codec.http.HttpVersion)
AuditService(org.xipki.audit.AuditService)
HttpMethod(io.netty.handler.codec.http.HttpMethod)
OperationException(org.xipki.ca.api.OperationException)
Example 47 with HttpResponseStatus
use of org.apache.flink.shaded.netty4.io.netty.handler.codec.http.HttpResponseStatus in project xipki by xipki.
the class HealthCheckServlet method service0.
private FullHttpResponse service0(FullHttpRequest request, ServletURI servletUri, SSLSession sslSession) {
HttpVersion version = request.protocolVersion();
HttpMethod method = request.method();
if (method != HttpMethod.GET) {
return createErrorResponse(version, HttpResponseStatus.METHOD_NOT_ALLOWED);
}
try {
if (responderManager == null) {
LOG.error("responderManager in servlet is not configured");
return createErrorResponse(version, HttpResponseStatus.INTERNAL_SERVER_ERROR);
}
String caName = null;
X509CaCmpResponder responder = null;
if (servletUri.getPath().length() > 1) {
// skip the first char which is always '/'
String caAlias = servletUri.getPath().substring(1);
caName = responderManager.getCaNameForAlias(caAlias);
if (caName == null) {
caName = caAlias.toLowerCase();
}
responder = responderManager.getX509CaResponder(caName);
}
if (caName == null || responder == null || !responder.isOnService()) {
String auditMessage;
if (caName == null) {
auditMessage = "no CA is specified";
} else if (responder == null) {
auditMessage = "unknown CA '" + caName + "'";
} else {
auditMessage = "CA '" + caName + "' is out of service";
}
LOG.warn(auditMessage);
return createErrorResponse(version, HttpResponseStatus.NOT_FOUND);
}
HealthCheckResult healthResult = responder.healthCheck();
HttpResponseStatus status = healthResult.isHealthy() ? HttpResponseStatus.OK : HttpResponseStatus.INTERNAL_SERVER_ERROR;
byte[] respBytes = healthResult.toJsonMessage(true).getBytes();
return createResponse(version, status, HealthCheckServlet.CT_RESPONSE, respBytes);
} catch (Throwable th) {
if (th instanceof EOFException) {
LogUtil.warn(LOG, th, "connection reset by peer");
} else {
LOG.error("Throwable thrown, this should not happen!", th);
}
return createErrorResponse(version, HttpResponseStatus.INTERNAL_SERVER_ERROR);
}
}
Also used :
X509CaCmpResponder(org.xipki.ca.server.api.X509CaCmpResponder)
HttpResponseStatus(io.netty.handler.codec.http.HttpResponseStatus)
EOFException(java.io.EOFException)
HealthCheckResult(org.xipki.common.HealthCheckResult)
HttpVersion(io.netty.handler.codec.http.HttpVersion)
HttpMethod(io.netty.handler.codec.http.HttpMethod)
Example 48 with HttpResponseStatus
use of org.apache.flink.shaded.netty4.io.netty.handler.codec.http.HttpResponseStatus in project xipki by xipki.
the class HttpRestServlet method service.
@Override
public FullHttpResponse service(FullHttpRequest request, ServletURI servletUri, SSLSession sslSession, SslReverseProxyMode sslReverseProxyMode) {
HttpVersion version = request.protocolVersion();
HttpMethod method = request.method();
if (method != HttpMethod.POST && method != HttpMethod.GET) {
return createErrorResponse(version, HttpResponseStatus.METHOD_NOT_ALLOWED);
}
AuditEvent event = new AuditEvent(new Date());
try {
Rest rest = responderManager.getRest();
HttpRequestMetadataRetriever httpRetriever = new HttpRequestMetadataRetrieverImpl(request, servletUri, sslSession, sslReverseProxyMode);
byte[] requestBytes = readContent(request);
RestResponse response = rest.service(servletUri.getPath(), event, requestBytes, httpRetriever);
HttpResponseStatus status = HttpResponseStatus.valueOf(response.getStatusCode());
FullHttpResponse resp = createResponse(version, status, response.getContentType(), response.getBody());
for (String headerName : response.getHeaders().keySet()) {
resp.headers().add(headerName, response.getHeaders().get(headerName));
}
return resp;
} finally {
event.finish();
auditServiceRegister.getAuditService().logEvent(event);
}
}
Also used :
HttpRequestMetadataRetriever(org.xipki.ca.server.api.HttpRequestMetadataRetriever)
Rest(org.xipki.ca.server.api.Rest)
RestResponse(org.xipki.ca.server.api.RestResponse)
HttpResponseStatus(io.netty.handler.codec.http.HttpResponseStatus)
AuditEvent(org.xipki.audit.AuditEvent)
FullHttpResponse(io.netty.handler.codec.http.FullHttpResponse)
HttpVersion(io.netty.handler.codec.http.HttpVersion)
HttpMethod(io.netty.handler.codec.http.HttpMethod)
Date(java.util.Date)
Example 49 with HttpResponseStatus
use of org.apache.flink.shaded.netty4.io.netty.handler.codec.http.HttpResponseStatus in project ratpack by ratpack.
the class DefaultDevelopmentErrorHandler method error.
/**
* Prints the string "Client error «statusCode»" to the response as text with the given status code.
*
* @param ctx The ctx
* @param statusCode The 4xx status code that explains the problem
*/
@Override
public void error(Context ctx, int statusCode) throws Exception {
HttpResponseStatus status = HttpResponseStatus.valueOf(statusCode);
Request request = ctx.getRequest();
LOGGER.error(statusCode + " client error for request to " + request.getRawUri());
ctx.getResponse().status(statusCode);
ctx.byContent(s -> s.plainText(() -> ctx.render("Client error " + statusCode)).html(() -> new ErrorPageRenderer() {
protected void render() {
render(ctx, status.reasonPhrase(), w -> messages(w, "Client Error", () -> meta(w, m -> m.put("URI:", request.getRawUri()).put("Method:", request.getMethod().getName()).put("Status Code:", status.code()).put("Phrase:", status.reasonPhrase()))));
}
}).noMatch("text/plain"));
}
Also used :
Request(ratpack.http.Request)
Logger(org.slf4j.Logger)
Context(ratpack.handling.Context)
LoggerFactory(org.slf4j.LoggerFactory)
Throwables(com.google.common.base.Throwables)
HttpResponseStatus(io.netty.handler.codec.http.HttpResponseStatus)
HttpResponseStatus(io.netty.handler.codec.http.HttpResponseStatus)
Request(ratpack.http.Request)
Example 50 with HttpResponseStatus
use of org.apache.flink.shaded.netty4.io.netty.handler.codec.http.HttpResponseStatus in project BRFS by zhangnianli.
the class DefaultNettyHandleResultCallback method completed.
@Override
public void completed(HandleResult result) {
HttpResponseStatus status = result.isSuccess() ? HttpResponseStatus.OK : HttpResponseStatus.INTERNAL_SERVER_ERROR;
byte[] errorBytes = result.getCause() != null ? BrStringUtils.toUtf8Bytes(result.getCause().toString()) : new byte[0];
byte[] dataBytes = result.getData() != null ? result.getData() : new byte[0];
ByteBuf content = Unpooled.wrappedBuffer(Bytes.concat(errorBytes, dataBytes));
FullHttpResponse response = new DefaultFullHttpResponse(HttpVersion.HTTP_1_1, status, content);
response.headers().set(HttpHeaderNames.CONTENT_TYPE, "text/plain");
response.headers().set(HttpHeaderNames.CONTENT_LENGTH, content.readableBytes());
ResponseSender.sendResponse(context, response);
}
Also used :
DefaultFullHttpResponse(io.netty.handler.codec.http.DefaultFullHttpResponse)
HttpResponseStatus(io.netty.handler.codec.http.HttpResponseStatus)
FullHttpResponse(io.netty.handler.codec.http.FullHttpResponse)
DefaultFullHttpResponse(io.netty.handler.codec.http.DefaultFullHttpResponse)
ByteBuf(io.netty.buffer.ByteBuf)
Aggregations
HttpResponseStatus (io.netty.handler.codec.http.HttpResponseStatus)73
DefaultFullHttpResponse (io.netty.handler.codec.http.DefaultFullHttpResponse)17
FullHttpResponse (io.netty.handler.codec.http.FullHttpResponse)16
ByteBuf (io.netty.buffer.ByteBuf)15
HttpMethod (io.netty.handler.codec.http.HttpMethod)11
IOException (java.io.IOException)11
HttpHeaders (io.netty.handler.codec.http.HttpHeaders)10
HttpResponse (io.netty.handler.codec.http.HttpResponse)10
HttpVersion (io.netty.handler.codec.http.HttpVersion)9
Map (java.util.Map)8
URI (java.net.URI)7
Test (org.junit.Test)7
URISyntaxException (java.net.URISyntaxException)6
Test (org.junit.jupiter.api.Test)6
Channel (io.netty.channel.Channel)5
ChannelHandlerContext (io.netty.channel.ChannelHandlerContext)5
HttpHeaderNames (io.netty.handler.codec.http.HttpHeaderNames)5
Duration (java.time.Duration)4
ArrayList (java.util.ArrayList)4
List (java.util.List)4
