use of org.codelibs.fess.exception.InvalidAccessTokenException in project fess by codelibs.
the class SuggestApiManager method process.
@Override
public void process(final HttpServletRequest request, final HttpServletResponse response, final FilterChain chain) throws IOException, ServletException {
int status = 0;
String errMsg = StringUtil.EMPTY;
// TODO replace response stream
final StringBuilder buf = new StringBuilder(255);
final RoleQueryHelper roleQueryHelper = ComponentUtil.getRoleQueryHelper();
final SearchService searchService = ComponentUtil.getComponent(SearchService.class);
try {
final RequestParameter parameter = RequestParameter.parse(request);
final String[] langs = searchService.getLanguages(request, parameter);
final SuggestHelper suggestHelper = ComponentUtil.getSuggestHelper();
final SuggestRequestBuilder builder = suggestHelper.suggester().suggest();
builder.setQuery(parameter.getQuery());
stream(parameter.getSuggestFields()).of(stream -> stream.forEach(builder::addField));
roleQueryHelper.build(SearchRequestType.SUGGEST).stream().forEach(builder::addRole);
builder.setSize(parameter.getNum());
stream(langs).of(stream -> stream.forEach(builder::addLang));
builder.addKind(SuggestItem.Kind.USER.toString());
if (ComponentUtil.getFessConfig().isSuggestSearchLog()) {
builder.addKind(SuggestItem.Kind.QUERY.toString());
}
if (ComponentUtil.getFessConfig().isSuggestDocuments()) {
builder.addKind(SuggestItem.Kind.DOCUMENT.toString());
}
final SuggestResponse suggestResponse = builder.execute().getResponse();
buf.append("\"result\":{");
buf.append("\"took\":\"").append(suggestResponse.getTookMs()).append('\"');
buf.append(",\"total\":\"").append(suggestResponse.getTotal()).append('\"');
buf.append(",\"num\":\"").append(suggestResponse.getNum()).append('\"');
if (!suggestResponse.getItems().isEmpty()) {
buf.append(",\"hits\":[");
boolean first = true;
for (final SuggestItem item : suggestResponse.getItems()) {
if (!first) {
buf.append(',');
}
first = false;
buf.append("{\"text\":\"").append(StringEscapeUtils.escapeJson(item.getText())).append('\"');
buf.append(",\"tags\":[");
for (int i = 0; i < item.getTags().length; i++) {
if (i > 0) {
buf.append(',');
}
buf.append('\"').append(StringEscapeUtils.escapeJson(item.getTags()[i])).append('\"');
}
buf.append(']');
buf.append('}');
}
buf.append(']');
}
buf.append('}');
} catch (final Exception e) {
status = 1;
errMsg = e.getMessage();
if (errMsg == null) {
errMsg = e.getClass().getName();
}
if (logger.isDebugEnabled()) {
logger.debug("Failed to process a suggest request.", e);
}
if (e instanceof InvalidAccessTokenException) {
final InvalidAccessTokenException iate = (InvalidAccessTokenException) e;
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
response.setHeader("WWW-Authenticate", "Bearer error=\"" + iate.getType() + "\"");
}
}
writeJsonResponse(status, buf.toString(), errMsg);
}
use of org.codelibs.fess.exception.InvalidAccessTokenException in project fess by codelibs.
the class BaseJsonApiManager method writeJsonResponse.
protected void writeJsonResponse(final int status, final String body, final Throwable t) {
if (t == null) {
writeJsonResponse(status, body, (String) null);
return;
}
if (t instanceof InvalidAccessTokenException) {
final InvalidAccessTokenException e = (InvalidAccessTokenException) t;
final HttpServletResponse response = LaResponseUtil.getResponse();
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
response.setHeader("WWW-Authenticate", "Bearer error=\"" + e.getType() + "\"");
}
final StringBuilder sb = new StringBuilder();
if (StringUtil.isBlank(t.getMessage())) {
sb.append(t.getClass().getName());
} else {
sb.append(t.getMessage());
}
final StringWriter sw = new StringWriter();
t.printStackTrace(new PrintWriter(sw));
sb.append(" [ ").append(sw.toString()).append(" ]");
try {
sw.close();
} catch (final IOException ignore) {
}
writeJsonResponse(status, body, sb.toString());
}
use of org.codelibs.fess.exception.InvalidAccessTokenException in project fess by codelibs.
the class GsaApiManager method processSearchRequest.
protected void processSearchRequest(final HttpServletRequest request, final HttpServletResponse response, final FilterChain chain) {
final SearchService searchService = ComponentUtil.getComponent(SearchService.class);
final FessConfig fessConfig = ComponentUtil.getFessConfig();
int status = 0;
String errMsg = StringUtil.EMPTY;
String query = null;
// TODO replace response stream
final StringBuilder buf = new StringBuilder(1000);
request.setAttribute(Constants.SEARCH_LOG_ACCESS_TYPE, Constants.SEARCH_LOG_ACCESS_TYPE_XML);
boolean xmlDtd = false;
try {
final SearchRenderData data = new SearchRenderData();
final GsaRequestParams params = new GsaRequestParams(request, fessConfig);
query = params.getQuery();
request.setAttribute(Constants.REQUEST_QUERIES, query);
searchService.search(params, data, OptionalThing.empty());
final String execTime = data.getExecTime();
final long allRecordCount = data.getAllRecordCount();
final List<Map<String, Object>> documentItems = data.getDocumentItems();
final List<String> getFields = new ArrayList<>();
// meta tags should be returned
final String getFieldsParam = request.getParameter("getfields");
if (StringUtil.isNotBlank(getFieldsParam)) {
getFields.addAll(Arrays.asList(getFieldsParam.split("\\.")));
}
// DTD
if ("xml".equals(request.getParameter("output"))) {
xmlDtd = true;
}
final StringBuilder requestUri = new StringBuilder(request.getRequestURI());
if (request.getQueryString() != null) {
requestUri.append("?").append(request.getQueryString());
}
final String uriQueryString = requestUri.toString();
// Input/Output encoding
final String ie = request.getCharacterEncoding();
final String oe = "UTF-8";
// IP address
final String ip = ComponentUtil.getViewHelper().getClientIp(request);
final String start = request.getParameter("start");
long startNumber = 1;
if (StringUtil.isNotBlank(start)) {
startNumber = Long.parseLong(start) + 1;
}
long endNumber = startNumber + data.getPageSize() - 1;
if (endNumber > allRecordCount) {
endNumber = allRecordCount;
}
buf.append("<Q>");
buf.append(escapeXml(query));
buf.append("</Q>");
buf.append("<TM>");
buf.append(execTime);
buf.append("</TM>");
for (final Entry<String, String[]> entry : request.getParameterMap().entrySet()) {
final String[] values = entry.getValue();
if (values == null) {
continue;
}
final String key = entry.getKey();
for (final String value : values) {
buf.append("<PARAM name=\"");
buf.append(key);
buf.append("\" value=\"");
buf.append(value);
buf.append("\" original_value=\"");
buf.append(URLEncoder.encode(value, Constants.UTF_8));
buf.append("\"/>");
}
}
buf.append("<PARAM name=\"ie\" value=\"");
buf.append(ie);
buf.append("\" original_value=\"");
buf.append(URLEncoder.encode(ie, Constants.UTF_8));
buf.append("\"/>");
buf.append("<PARAM name=\"oe\" value=\"");
buf.append(oe);
buf.append("\" original_value=\"");
buf.append(URLEncoder.encode(ie, Constants.UTF_8));
buf.append("\"/>");
buf.append("<PARAM name=\"ip\" value=\"");
buf.append(ip);
buf.append("\" original_value=\"");
buf.append(URLEncoder.encode(ie, Constants.UTF_8));
buf.append("\"/>");
if (!documentItems.isEmpty()) {
buf.append("<RES SN=\"");
buf.append(startNumber);
buf.append("\" EN=\"");
buf.append(endNumber);
buf.append("\">");
buf.append("<M>");
buf.append(allRecordCount);
buf.append("</M>");
if (endNumber < allRecordCount) {
buf.append("<NB>");
buf.append("<NU>");
buf.append(escapeXml(uriQueryString.replaceFirst("start=([^&]+)", "start=" + endNumber)));
buf.append("</NU>");
buf.append("</NB>");
}
long recordNumber = startNumber;
for (final Map<String, Object> document : documentItems) {
buf.append("<R N=\"");
buf.append(recordNumber);
buf.append("\">");
final String url = (String) document.remove("url");
document.put("UE", url);
document.put("U", URLDecoder.decode(url, Constants.UTF_8));
document.put("T", document.remove("title"));
final float score = Float.parseFloat((String) document.remove("boost"));
document.put("RK", (int) (score * 10));
document.put("S", ((String) document.remove("content_description")).replaceAll("<(/*)em>", "<$1b>"));
document.put("LANG", document.remove("lang"));
for (final Map.Entry<String, Object> entry : document.entrySet()) {
final String name = entry.getKey();
if (StringUtil.isNotBlank(name) && entry.getValue() != null && ComponentUtil.getQueryHelper().isApiResponseField(name)) {
if (name.startsWith(gsaMetaPrefix)) {
final String tagName = name.replaceAll("^" + gsaMetaPrefix, "").replaceAll(GSA_META_SUFFIX + "\\z", "");
if (getFields != null && getFields.contains(tagName)) {
buf.append("<MT N=\"");
buf.append(tagName);
buf.append("\" V=\"");
buf.append(escapeXml(entry.getValue().toString()));
buf.append("\"/>");
}
} else {
final String tagName = name;
buf.append('<');
buf.append(tagName);
buf.append('>');
buf.append(escapeXml(entry.getValue()));
buf.append("</");
buf.append(tagName);
buf.append('>');
}
}
}
buf.append("<HAS>");
buf.append("<L/>");
buf.append("<C SZ=\"");
buf.append(Long.parseLong((String) document.remove("content_length")) / 1000);
buf.append("k\" CID=\"");
buf.append(document.remove("doc_id"));
buf.append("\" ENC=\"");
String charset = (String) document.remove("charset_s");
if (StringUtil.isNotBlank(charset)) {
buf.append(charset);
} else {
charset = (String) document.remove("contentType_s");
if (StringUtil.isNotBlank(charset)) {
final Matcher m = Pattern.compile(".*;\\s*charset=(.+)").matcher(charset);
if (m.matches()) {
charset = m.group(1);
buf.append(charset);
}
}
}
buf.append("\"/>");
buf.append("</HAS>");
buf.append("</R>");
recordNumber++;
}
buf.append("</RES>");
}
} catch (final Exception e) {
status = 1;
errMsg = e.getMessage();
if (errMsg == null) {
errMsg = e.getClass().getName();
}
if (logger.isDebugEnabled()) {
logger.debug("Failed to process a search request.", e);
}
if (e instanceof InvalidAccessTokenException) {
final InvalidAccessTokenException iate = (InvalidAccessTokenException) e;
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
response.setHeader("WWW-Authenticate", "Bearer error=\"" + iate.getType() + "\"");
}
}
writeXmlResponse(status, xmlDtd, buf.toString(), errMsg);
}
use of org.codelibs.fess.exception.InvalidAccessTokenException in project fess by codelibs.
the class RoleQueryHelper method build.
public Set<String> build(final SearchRequestType searchRequestType) {
final Set<String> roleSet = new HashSet<>();
final HttpServletRequest request = LaRequestUtil.getOptionalRequest().orElse(null);
final FessConfig fessConfig = ComponentUtil.getFessConfig();
final boolean isApiRequest = !SearchRequestType.SEARCH.equals(searchRequestType) && !SearchRequestType.ADMIN_SEARCH.equals(searchRequestType);
if (request != null) {
@SuppressWarnings("unchecked") final Set<String> list = (Set<String>) request.getAttribute(USER_ROLES);
if (list != null) {
return list;
}
// request parameter
if (StringUtil.isNotBlank(parameterKey)) {
processParameter(request, roleSet);
}
// request header
if (StringUtil.isNotBlank(headerKey)) {
processHeader(request, roleSet);
}
// cookie
if (StringUtil.isNotBlank(cookieKey)) {
processCookie(request, roleSet);
}
// cookie mapping
if (cookieNameMap != null) {
buildByCookieNameMapping(request, roleSet);
}
final boolean hasAccessToken = processAccessToken(request, roleSet, isApiRequest);
final RequestManager requestManager = ComponentUtil.getRequestManager();
try {
requestManager.findUserBean(FessUserBean.class).ifPresent(fessUserBean -> stream(fessUserBean.getPermissions()).of(stream -> stream.forEach(roleSet::add))).orElse(() -> {
if (isApiRequest && ComponentUtil.getFessConfig().getApiAccessTokenRequiredAsBoolean()) {
throw new InvalidAccessTokenException("invalid_token", "Access token is requried.");
}
if (!hasAccessToken || roleSet.isEmpty()) {
roleSet.addAll(fessConfig.getSearchGuestPermissionList());
}
});
} catch (final RuntimeException e) {
try {
requestManager.findLoginManager(FessUserBean.class).ifPresent(LoginManager::logout);
} catch (final Exception e1) {
// ignore
}
throw e;
}
}
if (defaultRoleList != null) {
roleSet.addAll(defaultRoleList);
}
if (logger.isDebugEnabled()) {
logger.debug("roleSet: {}", roleSet);
}
if (request != null) {
request.setAttribute(USER_ROLES, roleSet);
}
return roleSet;
}
Aggregations