Search in sources :

Example 1 with EncryptContext

use of org.apache.servicecomb.demo.edge.service.encrypt.EncryptContext in project java-chassis by ServiceComb.

the class DecodeBodyFilter method afterReceiveRequest.

@Override
public Response afterReceiveRequest(Invocation invocation, HttpServletRequestEx requestEx) {
    EncryptContext encryptContext = (EncryptContext) invocation.getHandlerContext().get(EdgeConst.ENCRYPT_CONTEXT);
    if (encryptContext == null) {
        return null;
    }
    Hcr hcr = encryptContext.getHcr();
    String encodedBody = requestEx.getParameter("body");
    if (encodedBody == null) {
        return null;
    }
    encodedBody = encodedBody.substring(hcr.getBodyKey().length());
    try {
        Map<String, String[]> decodedBody = RestObjectMapperFactory.getRestObjectMapper().readValue(encodedBody, bodyType);
        requestEx.getParameterMap().putAll(decodedBody);
    } catch (Throwable e) {
        // should be a meaning exception response
        return Response.producerFailResp(e);
    }
    return null;
}
Also used : Hcr(org.apache.servicecomb.demo.edge.authentication.encrypt.Hcr) EncryptContext(org.apache.servicecomb.demo.edge.service.encrypt.EncryptContext)

Example 2 with EncryptContext

use of org.apache.servicecomb.demo.edge.service.encrypt.EncryptContext in project java-chassis by ServiceComb.

the class UserIdFilter method afterReceiveRequest.

@Override
public Response afterReceiveRequest(Invocation invocation, HttpServletRequestEx requestEx) {
    EncryptContext encryptContext = (EncryptContext) invocation.getHandlerContext().get(EdgeConst.ENCRYPT_CONTEXT);
    if (encryptContext == null) {
        return null;
    }
    String userId = encryptContext.getUserId();
    if (userId != null) {
        requestEx.setParameter("userId", userId);
    }
    return null;
}
Also used : EncryptContext(org.apache.servicecomb.demo.edge.service.encrypt.EncryptContext)

Example 3 with EncryptContext

use of org.apache.servicecomb.demo.edge.service.encrypt.EncryptContext in project incubator-servicecomb-java-chassis by apache.

the class EdgeSignatureResponseFilter method beforeSendResponse.

@Override
public void beforeSendResponse(Invocation invocation, HttpServletResponseEx responseEx) {
    if (invocation == null) {
        return;
    }
    EncryptContext encryptContext = (EncryptContext) invocation.getHandlerContext().get(EdgeConst.ENCRYPT_CONTEXT);
    if (encryptContext == null) {
        return;
    }
    Hcr hcr = encryptContext.getHcr();
    // bad practice: it's better to set signature in response header
    Buffer bodyBuffer = responseEx.getBodyBuffer();
    String body = bodyBuffer.toString();
    if (body.endsWith("}")) {
        Hasher hasher = Hashing.sha256().newHasher();
        hasher.putString(hcr.getSignatureKey(), StandardCharsets.UTF_8);
        hasher.putString(body, StandardCharsets.UTF_8);
        String signature = hasher.hash().toString();
        LOGGER.info("beforeSendResponse signature: {}", signature);
        body = body.substring(0, body.length() - 1) + ",\"signature\":\"" + signature + "\"}";
        responseEx.setBodyBuffer(Buffer.buffer(body));
    }
}
Also used : Buffer(io.vertx.core.buffer.Buffer) Hasher(com.google.common.hash.Hasher) Hcr(org.apache.servicecomb.demo.edge.authentication.encrypt.Hcr) EncryptContext(org.apache.servicecomb.demo.edge.service.encrypt.EncryptContext)

Example 4 with EncryptContext

use of org.apache.servicecomb.demo.edge.service.encrypt.EncryptContext in project incubator-servicecomb-java-chassis by apache.

the class EdgeSignatureRequestFilter method afterReceiveRequest.

@Override
public Response afterReceiveRequest(Invocation invocation, HttpServletRequestEx requestEx) {
    EncryptContext encryptContext = (EncryptContext) invocation.getHandlerContext().get(EdgeConst.ENCRYPT_CONTEXT);
    if (encryptContext == null) {
        return null;
    }
    Hcr hcr = encryptContext.getHcr();
    // signature for query and form
    List<String> names = Collections.list(requestEx.getParameterNames());
    names.sort(Comparator.naturalOrder());
    Hasher hasher = Hashing.sha256().newHasher();
    hasher.putString(hcr.getSignatureKey(), StandardCharsets.UTF_8);
    for (String name : names) {
        hasher.putString(name, StandardCharsets.UTF_8);
        hasher.putString(requestEx.getParameter(name), StandardCharsets.UTF_8);
    }
    LOGGER.info("afterReceiveRequest signature: {}", hasher.hash().toString());
    return null;
}
Also used : Hasher(com.google.common.hash.Hasher) Hcr(org.apache.servicecomb.demo.edge.authentication.encrypt.Hcr) EncryptContext(org.apache.servicecomb.demo.edge.service.encrypt.EncryptContext)

Example 5 with EncryptContext

use of org.apache.servicecomb.demo.edge.service.encrypt.EncryptContext in project incubator-servicecomb-java-chassis by apache.

the class UserIdFilter method afterReceiveRequest.

@Override
public Response afterReceiveRequest(Invocation invocation, HttpServletRequestEx requestEx) {
    EncryptContext encryptContext = (EncryptContext) invocation.getHandlerContext().get(EdgeConst.ENCRYPT_CONTEXT);
    if (encryptContext == null) {
        return null;
    }
    String userId = encryptContext.getUserId();
    if (userId != null) {
        requestEx.setParameter("userId", userId);
    }
    return null;
}
Also used : EncryptContext(org.apache.servicecomb.demo.edge.service.encrypt.EncryptContext)

Aggregations

EncryptContext (org.apache.servicecomb.demo.edge.service.encrypt.EncryptContext)8 Hcr (org.apache.servicecomb.demo.edge.authentication.encrypt.Hcr)6 Hasher (com.google.common.hash.Hasher)4 Buffer (io.vertx.core.buffer.Buffer)2