@Override public Action createAction(Http.Request request, Method actionMethod) { String token = BaseController.getToken(request).orElse(""); Session session = cache.get(BaseController.SITNET_CACHE_KEY + token); boolean temporalStudent = session != null && session.isTemporalStudent(); User user = session == null ? null : Ebean.find(User.class, session.getUserId()); AuditLogger.log(request, user); // logout, no further processing if (request.path().equals("/app/logout")) { return propagateAction(); } return validateSession(session, token).orElseGet(() -> { updateSession(request, session, token); if ((user == null || !user.hasRole("STUDENT", session)) && !temporalStudent) { // propagate further right away return propagateAction(); } else { // requests are candidates for extra processing return propagateAction(getReservationHeaders(request, user)); } }); }
private Optional<Action> validateSession(Session session, String token) { if (session == null) { if (token == null) { Logger.debug("User not logged in"); } else { Logger.info("Session with token {} not found", token); } return Optional.of(propagateAction()); } else if (!session.getValid()) { Logger.warn("Session #{} is marked as invalid", token); return Optional.of(new Action.Simple() { @Override public CompletionStage<Result> call(final Http.Context ctx) { return CompletableFuture.supplyAsync(() -> { ctx.response().getHeaders().put(SITNET_FAILURE_HEADER_KEY, "Invalid token"); return Action.badRequest("Token has expired / You have logged out, please close all browser windows and login again."); } ); } }); } else { return Optional.empty(); } }
@Override public CompletionStage<Result> call(Http.Context ctx) { if (configuration.value().length > 0) { int actions = configuration.value().length; List<Action<ApiBodyParam>> actionList = new ArrayList<>(); for (int i = 0; i < actions; i++) { ApiBodyParamAction apiBodyParamAction = new ApiBodyParamAction(); apiBodyParamAction.configuration = configuration.value()[i]; actionList.add(apiBodyParamAction); } actionList.get(actions - 1).delegate = delegate; for (int i = 0; i < actions - 1; i++) { actionList.get(i).delegate = actionList.get(i + 1); } return actionList.get(0).call(ctx); } else { return delegate.call(ctx); } }
@Override public CompletionStage<Result> call(Http.Context ctx) { if (configuration.value().length > 0) { int actions = configuration.value().length; List<Action<SecureEndPoint>> actionList = new ArrayList<>(); for (int i = 0; i < actions; i++) { AuthorizationAction authorizationAction = new AuthorizationAction(injector, authorizationCheck); authorizationAction.configuration = configuration.value()[i]; actionList.add(authorizationAction); } actionList.get(actions - 1).delegate = delegate; for (int i = 0; i < actions - 1; i++) { actionList.get(i).delegate = actionList.get(i + 1); } return actionList.get(0).call(ctx); } else { return delegate.call(ctx); } }
@Override public Action<Void> createAction(Request request, Method actionMethod) { return new Action.Simple() { @Override public Promise<Result> call(Context ctx) throws Throwable { // Inject the required services into the context injectCommonServicesIncontext(ctx); final Language language = new Language(request.getQueryString("lang")); if (messagesPlugin.isLanguageValid(language.getCode())) { Logger.debug("change language to: " + language.getCode()); ctx.changeLang(language.getCode()); // Update the CAS language cookie which is relying on Spring // framework (not really solid yet works) Utilities.setSsoLanguage(ctx, language.getCode()); } return delegate.call(ctx); } }; }
@Override public Promise<Result> apply(Request request, Method method, Context context, Action<?> action) throws Throwable { String token = getAuthorizationToken(request); if (token == null) { token = request.getQueryString(OAuth2AccessToken.ACCESS_TOKEN); } if (token == null) { logger.info("Authentication skipped"); } else { Authentication authRequest = new PreAuthenticatedAuthenticationToken(token, ""); Authentication authResult = oauth2AuthenticationManager.authenticate(authRequest); SecurityContextHolder.getContext().setAuthentication(authResult); logger.info("Authenticated successfully"); } return action.call(context); }
/** * This method will be called on each request. * * @param request Request * @param actionMethod Method * @return Action */ @SuppressWarnings("rawtypes") public Action onRequest(Request request, Method actionMethod) { String messageId = request.getHeader(JsonKey.MESSAGE_ID); ProjectLogger.log("method call start.." + request.path() + " " + actionMethod + " " + messageId, LoggerEnum.INFO.name()); if (ProjectUtil.isStringNullOREmpty(messageId)) { UUID uuid = UUID.randomUUID(); messageId = uuid.toString(); ProjectLogger.log("message id is not provided by client.." + messageId); } ExecutionContext.setRequestId(messageId); return new ActionWrapper(super.onRequest(request, actionMethod)); }
private Action propagateAction(Map<String, String> headers) { return new Action.Simple() { @Override public CompletionStage<Result> call(Http.Context ctx) { CompletionStage<Result> result = delegate.call(ctx); Http.Response response = ctx.response(); response.setHeader("Cache-Control", "no-cache;no-store"); response.setHeader("Pragma", "no-cache"); for (Map.Entry<String, String> entry : headers.entrySet()) { response.setHeader(entry.getKey(), entry.getValue()); } return result; } }; }
@Override public CompletionStage<Result> doCheck(Http.Context ctx, Action<?> delegate) { String[] auths = ctx.request().headers().get(Http.HeaderNames.AUTHORIZATION); if ((auths.length == 1) && (auths[0].equals("pet"))) return delegate.call(ctx); else return CompletableFuture.completedFuture(unauthorized()); }
@Override public Action<Void> onRequest(Request request, Method actionMethod) { return new Action.Simple() { @Override public Promise<Result> call(Context context) throws Throwable { if (authenticateAll) { return OAuth2AuthenticationAction.authorizeAndCall(context, delegate); } else { return delegate.call(context); } } }; }
@Override public Action onRequest(Http.Request request, Method actionMethod) { return super.onRequest(request, actionMethod); }
public ActionWrapper(Action<?> action) { this.delegate = action; }
private Action propagateAction() { return propagateAction(Collections.emptyMap()); }
@Override public CompletionStage<Result> doCheck(Http.Context ctx, Action<?> delegate) { return delegate.call(ctx); }
public Action<?> onRequest(Http.Request request, java.lang.reflect.Method actionMethod) { return new ActionWrapper(super.onRequest(request, actionMethod)); }
@Override public Action onRequest(Http.Request request, Method method) { return super.onRequest(request, method); }
@Override public Action createAction(Http.Request request, Method actionMethod) { return new AppAction(applicationProvider.get(), actionMethod); }
@Override public Action onRequest(Http.Request request, Method actionMethod) { logger.debug("onRequest uri {} to method {}", request.uri(), actionMethod); // return applicationContext.getBean(SpringSecurityAction.class); return super.onRequest(request, actionMethod); }
@Override public Promise<Result> apply(Request request, Method method, Context context, Action<?> action) throws Throwable { return action.call(context); }
@Override public Action<?> onRequest(Request request, Method method) { return filterChain.getAction(request, method); }
public Promise<Result> apply(Request request, Method method, Context context, Action<?> action) throws Throwable;
@Override public Action onRequest(Request arg0, Method arg1) { // TODO Auto-generated method stub return super.onRequest(arg0, arg1); }
@Override public Action onRequest(Http.Request request, Method actionMethod) { return new User(actionMethod); }
/** * Performs a check. * * @param ctx * @param delegate * @return delegate.call(ctx) if everything went OK. CompletionStage<Result> with the result otherwise */ public CompletionStage<Result> doCheck(Http.Context ctx, Action<?> delegate);