Example 1 with EncryptContext
use of org.apache.servicecomb.it.edge.encrypt.EncryptContext in project java-chassis by ServiceComb.
the class EdgeSignatureResponseFilter method beforeSendResponse.
@Override
public void beforeSendResponse(Invocation invocation, HttpServletResponseEx responseEx) {
if (invocation == null) {
return;
}
EncryptContext encryptContext = (EncryptContext) invocation.getHandlerContext().get(EdgeConst.ENCRYPT_CONTEXT);
if (encryptContext == null) {
return;
}
Hcr hcr = encryptContext.getHcr();
// bad practice: it's better to set signature in response header
Buffer bodyBuffer = responseEx.getBodyBuffer();
String body = bodyBuffer.toString();
if (body.endsWith("}")) {
Hasher hasher = Hashing.sha256().newHasher();
hasher.putString(hcr.getSignatureKey(), StandardCharsets.UTF_8);
hasher.putString(body, StandardCharsets.UTF_8);
String signature = hasher.hash().toString();
LOGGER.info("beforeSendResponse signature: {}", signature);
body = body.substring(0, body.length() - 1) + ",\"signature\":\"" + signature + "\"}";
responseEx.setBodyBuffer(Buffer.buffer(body));
}
}
Also used :
Buffer(io.vertx.core.buffer.Buffer)
Hasher(com.google.common.hash.Hasher)
Hcr(org.apache.servicecomb.it.authentication.encrypt.Hcr)
EncryptContext(org.apache.servicecomb.it.edge.encrypt.EncryptContext)
Example 2 with EncryptContext
use of org.apache.servicecomb.it.edge.encrypt.EncryptContext in project java-chassis by ServiceComb.
the class EdgeSignatureRequestFilter method afterReceiveRequest.
@Override
public Response afterReceiveRequest(Invocation invocation, HttpServletRequestEx requestEx) {
EncryptContext encryptContext = (EncryptContext) invocation.getHandlerContext().get(EdgeConst.ENCRYPT_CONTEXT);
if (encryptContext == null) {
return null;
}
Hcr hcr = encryptContext.getHcr();
// signature for query and form
List<String> names = Collections.list(requestEx.getParameterNames());
names.sort(Comparator.naturalOrder());
Hasher hasher = Hashing.sha256().newHasher();
hasher.putString(hcr.getSignatureKey(), StandardCharsets.UTF_8);
for (String name : names) {
hasher.putString(name, StandardCharsets.UTF_8);
hasher.putString(requestEx.getParameter(name), StandardCharsets.UTF_8);
}
LOGGER.info("afterReceiveRequest signature: {}", hasher.hash().toString());
return null;
}
Also used :
Hasher(com.google.common.hash.Hasher)
Hcr(org.apache.servicecomb.it.authentication.encrypt.Hcr)
EncryptContext(org.apache.servicecomb.it.edge.encrypt.EncryptContext)
Example 3 with EncryptContext
use of org.apache.servicecomb.it.edge.encrypt.EncryptContext in project java-chassis by ServiceComb.
the class UserIdFilter method afterReceiveRequest.
@Override
public Response afterReceiveRequest(Invocation invocation, HttpServletRequestEx requestEx) {
EncryptContext encryptContext = (EncryptContext) invocation.getHandlerContext().get(EdgeConst.ENCRYPT_CONTEXT);
if (encryptContext == null) {
return null;
}
String userId = encryptContext.getUserId();
if (userId != null) {
requestEx.setParameter("userId", userId);
}
return null;
}
Also used :
EncryptContext(org.apache.servicecomb.it.edge.encrypt.EncryptContext)
Example 4 with EncryptContext
use of org.apache.servicecomb.it.edge.encrypt.EncryptContext in project incubator-servicecomb-java-chassis by apache.
the class EdgeSignatureRequestFilter method afterReceiveRequest.
@Override
public Response afterReceiveRequest(Invocation invocation, HttpServletRequestEx requestEx) {
EncryptContext encryptContext = (EncryptContext) invocation.getHandlerContext().get(EdgeConst.ENCRYPT_CONTEXT);
if (encryptContext == null) {
return null;
}
Hcr hcr = encryptContext.getHcr();
// signature for query and form
List<String> names = Collections.list(requestEx.getParameterNames());
names.sort(Comparator.naturalOrder());
Hasher hasher = Hashing.sha256().newHasher();
hasher.putString(hcr.getSignatureKey(), StandardCharsets.UTF_8);
for (String name : names) {
hasher.putString(name, StandardCharsets.UTF_8);
hasher.putString(requestEx.getParameter(name), StandardCharsets.UTF_8);
}
LOGGER.info("afterReceiveRequest signature: {}", hasher.hash().toString());
return null;
}
Also used :
Hasher(com.google.common.hash.Hasher)
Hcr(org.apache.servicecomb.it.authentication.encrypt.Hcr)
EncryptContext(org.apache.servicecomb.it.edge.encrypt.EncryptContext)
Example 5 with EncryptContext
use of org.apache.servicecomb.it.edge.encrypt.EncryptContext in project incubator-servicecomb-java-chassis by apache.
the class EdgeSignatureResponseFilter method beforeSendResponse.
@Override
public void beforeSendResponse(Invocation invocation, HttpServletResponseEx responseEx) {
if (invocation == null) {
return;
}
EncryptContext encryptContext = (EncryptContext) invocation.getHandlerContext().get(EdgeConst.ENCRYPT_CONTEXT);
if (encryptContext == null) {
return;
}
Hcr hcr = encryptContext.getHcr();
// bad practice: it's better to set signature in response header
Buffer bodyBuffer = responseEx.getBodyBuffer();
String body = bodyBuffer.toString();
if (body.endsWith("}")) {
Hasher hasher = Hashing.sha256().newHasher();
hasher.putString(hcr.getSignatureKey(), StandardCharsets.UTF_8);
hasher.putString(body, StandardCharsets.UTF_8);
String signature = hasher.hash().toString();
LOGGER.info("beforeSendResponse signature: {}", signature);
body = body.substring(0, body.length() - 1) + ",\"signature\":\"" + signature + "\"}";
responseEx.setBodyBuffer(Buffer.buffer(body));
}
}
Also used :
Buffer(io.vertx.core.buffer.Buffer)
Hasher(com.google.common.hash.Hasher)
Hcr(org.apache.servicecomb.it.authentication.encrypt.Hcr)
EncryptContext(org.apache.servicecomb.it.edge.encrypt.EncryptContext)
Aggregations
EncryptContext (org.apache.servicecomb.it.edge.encrypt.EncryptContext)8
Hcr (org.apache.servicecomb.it.authentication.encrypt.Hcr)6
Hasher (com.google.common.hash.Hasher)4
Buffer (io.vertx.core.buffer.Buffer)2
