public String getAdminToken() {
String adminToken =
curAdminToken != null && curAdminToken.isValid() ? curAdminToken.getToken() : null;
if (adminToken == null) {
final ServiceClientResponse<AuthenticateResponse> serviceResponse =
client.post(authUrl + "/tokens", requestBody, MediaType.APPLICATION_XML_TYPE);
switch (HttpStatusCode.fromInt(serviceResponse.getStatusCode())) {
case OK:
final AuthenticateResponse authenticateResponse =
marshaller.unmarshall(serviceResponse.getData(), AuthenticateResponse.class);
Token token = authenticateResponse.getToken();
curAdminToken = new AdminToken(token.getId(), token.getExpires().toGregorianCalendar());
adminToken = curAdminToken.getToken();
break;
default:
LOG.error(
"Unable to get admin token. Verify admin credentials. "
+ serviceResponse.getStatusCode());
curAdminToken = null;
break;
}
}
return adminToken;
}
@Override
public FilterDirector handleResponse(
HttpServletRequest request, ReadableHttpServletResponse response) {
FilterDirector myDirector = new FilterDirectorImpl();
/// The WWW Authenticate header can be used to communicate to the client
// (since we are a proxy) how to correctly authenticate itself
final String wwwAuthenticateHeader =
response.getHeader(CommonHttpHeader.WWW_AUTHENTICATE.toString());
switch (HttpStatusCode.fromInt(response.getStatus())) {
// NOTE: We should only mutate the WWW-Authenticate header on a
// 401 (unauthorized) or 403 (forbidden) response from the origin service
case UNAUTHORIZED:
case FORBIDDEN:
myDirector = updateHttpResponse(myDirector, wwwAuthenticateHeader);
break;
case NOT_IMPLEMENTED:
if ((!StringUtilities.isBlank(wwwAuthenticateHeader)
&& wwwAuthenticateHeader.contains("Delegated"))) {
myDirector.setResponseStatus(HttpStatusCode.INTERNAL_SERVER_ERROR);
LOG.error(
"Repose authentication component is configured as delegetable but origin service does not support delegated mode.");
} else {
myDirector.setResponseStatus(HttpStatusCode.NOT_IMPLEMENTED);
}
break;
}
return myDirector;
}
