@Override
protected int beforeHandle(Request request, Response response) {
Cookie cookie = request.getCookies().getFirst("Credentials");
if (cookie != null) {
// Extract the challenge response from the cookie
String[] credentials = cookie.getValue().split("=");
if (credentials.length == 2) {
String identifier = credentials[0];
String secret = credentials[1];
request.setChallengeResponse(
new ChallengeResponse(ChallengeScheme.HTTP_COOKIE, identifier, secret));
}
} else if (Method.POST.equals(request.getMethod())
&& request.getResourceRef().getQueryAsForm().getFirst("login") != null) {
// Intercepting a login form
Form credentials = new Form(request.getEntity());
String identifier = credentials.getFirstValue("identifier");
String secret = credentials.getFirstValue("secret");
request.setChallengeResponse(
new ChallengeResponse(ChallengeScheme.HTTP_COOKIE, identifier, secret));
// Continue call processing to return the target representation if
// authentication is successful or a new login page
request.setMethod(Method.GET);
}
return super.beforeHandle(request, response);
}
public void testCookies() throws IOException {
final Request request = createGetRequest("cookies/cookieName");
request.getCookies().add(new Cookie("cookieName", "cookie-value"));
final Response response = accessServer(request);
assertEquals(Status.SUCCESS_OK, response.getStatus());
assertEquals("cookieName=cookie-value", response.getEntity().getText());
}
@Override
protected void afterHandle(Request request, Response response) {
super.afterHandle(request, response);
Cookie cookie = request.getCookies().getFirst("Credentials");
if (request.getClientInfo().isAuthenticated() && (cookie == null)) {
String identifier = request.getChallengeResponse().getIdentifier();
String secret = new String(request.getChallengeResponse().getSecret());
CookieSetting cookieSetting = new CookieSetting("Credentials", identifier + "=" + secret);
cookieSetting.setAccessRestricted(true);
cookieSetting.setPath("/");
cookieSetting.setComment("Unsecured cookie based authentication");
cookieSetting.setMaxAge(30);
response.getCookieSettings().add(cookieSetting);
}
}
private String extractTokenFromRequest(Request request) {
String token = null;
if (request != null) {
log.debug(request);
if (request.getResourceRef() != null && request.getResourceRef().getQueryAsForm() != null) {
token = request.getResourceRef().getQueryAsForm().getFirstValue("token");
log.trace("Found token from query string: " + token);
} else {
log.info("ResourceRef is null");
}
for (Cookie cookie : request.getCookies()) {
log.trace(cookie.getName() + " - " + cookie.getValue());
if (RestAuthenticationService.ES_DMS_TICKET.equals(cookie.getName())) {
token = cookie.getValue();
log.trace("Found token from cookie: " + token);
break;
}
}
}
return token;
}
/**
* ShareResource
*
* @param context
* @param request
* @param response
* @throws UnsupportedEncodingException
*/
@Override
public void doInit() {
Request request = this.getRequest();
Map<String, Object> attributes = request.getAttributes();
urlStr = request.getResourceRef().toString();
// Every user must pass in their cookies
cookie = request.getCookies().getFirstValue("infinitecookie", true);
// Method.POST
if (request.getMethod() == Method.POST) {
if (RESTTools.decodeRESTParam("id", attributes) != null)
id = RESTTools.decodeRESTParam("id", attributes);
if (RESTTools.decodeRESTParam("type", attributes) != null)
type = RESTTools.decodeRESTParam("type", attributes);
if (RESTTools.decodeRESTParam("title", attributes) != null)
title = RESTTools.decodeRESTParam("title", attributes);
if (RESTTools.decodeRESTParam("description", attributes) != null)
description = RESTTools.decodeRESTParam("description", attributes);
}
// Method.GET
if (request.getMethod() == Method.GET) {
// Method.GET
Map<String, String> queryOptions = this.getQuery().getValuesMap();
// Query String Values
if (queryOptions.get("id") != null) id = queryOptions.get("id");
if (queryOptions.get("skip") != null) skip = queryOptions.get("skip");
if (queryOptions.get("limit") != null) limit = queryOptions.get("limit");
if (queryOptions.get("searchby") != null) searchby = queryOptions.get("searchby");
if (queryOptions.get("json") != null) json = queryOptions.get("json");
if (queryOptions.get("type") != null) type = queryOptions.get("type");
if ((queryOptions.get("ignoreAdmin") != null)
&& (queryOptions.get("ignoreAdmin").equalsIgnoreCase("true"))) {
ignoreAdmin = true;
}
if ((queryOptions.get("nocontent") != null)
&& (queryOptions.get("nocontent").equalsIgnoreCase("true"))) {
returnContent = false;
}
if ((queryOptions.get("nometa") != null)
&& (queryOptions.get("nometa").equalsIgnoreCase("true"))) {
jsonOnly = true;
}
// Get Share by ID
if (urlStr.contains("/share/get/")) {
shareId = RESTTools.decodeRESTParam("id", attributes);
action = "getShare";
}
// Search Shares by Owner, Community, Type
else if (urlStr.contains("/share/search")) {
action = "searchShares";
}
// Save a JSON share object to the DB
// /social/share/save/json/{id}/{type}/{title}/{description}/?json={...}
else if (urlStr.contains("/share/save/json/")
|| urlStr.contains("/share/add/json/")
|| urlStr.contains("/share/update/json/")) {
if (RESTTools.decodeRESTParam("id", attributes) != null)
id = RESTTools.decodeRESTParam("id", attributes);
type = RESTTools.decodeRESTParam("type", attributes);
title = RESTTools.decodeRESTParam("title", attributes);
description = RESTTools.decodeRESTParam("description", attributes);
// Use URLDecoder on the json string
try {
json = URLDecoder.decode(json, "UTF-8");
action = "saveJson";
} catch (UnsupportedEncodingException e) {
// TODO can't throw exceptions
// set to failed so it doesn't run
// throw e;
action = "failed";
}
} else if (urlStr.contains("/share/add/binary/")) {
action = "addBinaryGET";
} else if (urlStr.contains("/share/update/binary/")) {
action = "updateBinaryGET";
}
// Add a Ref (Pointer to a record within a collection)
else if (urlStr.contains("/share/add/ref/")) {
type = RESTTools.decodeRESTParam("type", attributes);
documentId = RESTTools.decodeRESTParam("documentid", attributes);
title = RESTTools.decodeRESTParam("title", attributes);
description = RESTTools.decodeRESTParam("description", attributes);
action = "addRef";
}
// Add a Ref (Pointer to a record within a collection)
else if (urlStr.contains("/share/update/ref/")) {
id = RESTTools.decodeRESTParam("id", attributes);
type = RESTTools.decodeRESTParam("type", attributes);
documentId = RESTTools.decodeRESTParam("documentid", attributes);
title = RESTTools.decodeRESTParam("title", attributes);
description = RESTTools.decodeRESTParam("description", attributes);
action = "updateRef";
}
// Share - Remove a community from a share
else if (urlStr.contains("/share/remove/community/")) {
shareId = RESTTools.decodeRESTParam("shareid", attributes);
communityId = RESTTools.decodeRESTParam("communityid", attributes);
action = "removeCommunity";
}
// Remove share
else if (urlStr.contains("/share/remove/")) {
shareId = RESTTools.decodeRESTParam("shareid", attributes);
action = "removeShare";
}
// Endorse share
else if (urlStr.contains("/share/endorse/")) {
shareId = RESTTools.decodeRESTParam("shareid", attributes);
communityId = RESTTools.decodeRESTParam("communityid", attributes);
isEndorsed = Boolean.parseBoolean(RESTTools.decodeRESTParam("isendorsed", attributes));
action = "endorseShare";
}
// Share - Add a community so that members can view the share
else if (urlStr.contains("/share/add/community/")) {
shareId = RESTTools.decodeRESTParam("shareid", attributes);
communityId = RESTTools.decodeRESTParam("communityid", attributes);
comment = RESTTools.decodeRESTParam("comment", attributes);
action = "addCommunity";
}
}
}
