/**
* Returns an array with all accepted content types. if the root directory was specified.
*
* @return database
*/
public String[] produces() {
final String accept = req.getHeader("Accept");
if (accept == null) return new String[0];
final String[] acc = accept.split("\\s*,\\s*");
final int as = acc.length;
for (int a = 0; a < as; a++) {
if (acc[a].indexOf(';') != -1) acc[a] = acc[a].replaceAll("\\w*;.*", "");
}
return acc;
}
/**
* Constructor.
*
* @param rq request
* @param rs response
* @param servlet calling servlet instance
* @throws IOException I/O exception
*/
public HTTPContext(
final HttpServletRequest rq, final HttpServletResponse rs, final BaseXServlet servlet)
throws IOException {
req = rq;
res = rs;
params = new HTTPParams(this);
method = rq.getMethod();
final StringBuilder uri = new StringBuilder(req.getRequestURL());
final String qs = req.getQueryString();
if (qs != null) uri.append('?').append(qs);
log('[' + method + "] " + uri, null);
// set UTF8 as default encoding (can be overwritten)
res.setCharacterEncoding(UTF8);
segments = decode(toSegments(req.getPathInfo()));
// adopt servlet-specific credentials or use global ones
final GlobalOptions mprop = context().globalopts;
user = servlet.user != null ? servlet.user : mprop.get(GlobalOptions.USER);
pass = servlet.pass != null ? servlet.pass : mprop.get(GlobalOptions.PASSWORD);
// overwrite credentials with session-specific data
final String auth = req.getHeader(AUTHORIZATION);
if (auth != null) {
final String[] values = auth.split(" ");
if (values[0].equals(BASIC)) {
final String[] cred = org.basex.util.Base64.decode(values[1]).split(":", 2);
if (cred.length != 2) throw new LoginException(NOPASSWD);
user = cred[0];
pass = cred[1];
} else {
throw new LoginException(WHICHAUTH, values[0]);
}
}
}
/**
* Authenticate the user and returns a new client {@link Context} instance.
*
* @return client context
* @throws LoginException login exception
*/
public Context authenticate() throws LoginException {
final byte[] address = token(req.getRemoteAddr());
try {
if (user == null || user.isEmpty() || pass == null || pass.isEmpty())
throw new LoginException(NOPASSWD);
final Context ctx = new Context(context(), null);
ctx.user = ctx.users.get(user);
if (ctx.user == null || !ctx.user.password.equals(md5(pass))) throw new LoginException();
context.blocker.remove(address);
return ctx;
} catch (final LoginException ex) {
// delay users with wrong passwords
for (int d = context.blocker.delay(address); d > 0; d--) Performance.sleep(100);
throw ex;
}
}
/**
* Returns a string with the remote user address.
*
* @return user address
*/
private String address() {
return req.getRemoteAddr() + ':' + req.getRemotePort();
}
/**
* Returns the content type extension of a request (without an optional encoding).
*
* @return content type
*/
public String contentTypeExt() {
final String ct = req.getContentType();
return ct != null ? ct.replaceFirst("^.*?;\\s*", "") : null;
}
