@Test
public void shouldNotHaveUserHeader() {
when(request.getRequestURI()).thenReturn(URIFAIL);
FilterDirector result = handler.handleRequest(request, response);
Set<String> values =
result
.requestHeaderManager()
.headersToAdd()
.get(HeaderName.wrap(PowerApiHeader.USER.toString()));
assertTrue(
"Should not have " + PowerApiHeader.USER.toString() + " header set.",
values == null || values.isEmpty());
}
@Test
public void shouldSetTheUserHeaderToThe2ndRegexResult() {
when(request.getRequestURI()).thenReturn(URI2);
FilterDirector result = handler.handleRequest(request, response);
Set<String> values =
result
.requestHeaderManager()
.headersToAdd()
.get(HeaderName.wrap(PowerApiHeader.USER.toString()));
assertFalse(
"Should have " + PowerApiHeader.USER.toString() + " header set.",
values == null || values.isEmpty());
String userName = values.iterator().next();
assertEquals("Should find user name in header", USER2 + QUALITY_VALUE, userName);
}
@Override
public FilterDirector handleRequest(
HttpServletRequest request, ReadableHttpServletResponse response) {
final FilterDirector director = new FilterDirectorImpl();
MutableHttpServletRequest mutableRequest = MutableHttpServletRequest.wrap(request);
MediaRangeProcessor processor =
new MediaRangeProcessor(
mutableRequest.getPreferredHeaders(CommonHttpHeader.ACCEPT.toString(), DEFAULT_TYPE));
List<MediaType> mediaTypes = processor.process();
if (requestHasExpectedHeaders(request)) {
originalPreferredAccept = getPreferredMediaType(mediaTypes);
MediaType preferredMediaType = originalPreferredAccept;
final String requestUri = request.getRequestURI();
// request now considered valid with user.
director.setFilterAction(FilterAction.PASS);
// Record limits
final boolean pass = recordLimitedRequest(request, director);
// Does the request match the configured getCurrentLimits API call endpoint?
if (pass && describeLimitsUriPattern.matcher(requestUri).matches()) {
describeLimitsForRequest(request, director, preferredMediaType);
}
} else {
LOG.warn(
"Expected header: "
+ PowerApiHeader.USER.toString()
+ " was not supplied in the request. Rate limiting requires this header to operate.");
// Auto return a 401 if the request does not meet expectations
director.setResponseStatus(HttpStatusCode.UNAUTHORIZED);
director.setFilterAction(FilterAction.RETURN);
}
return director;
}
private boolean requestHasExpectedHeaders(HttpServletRequest request) {
return request.getHeader(PowerApiHeader.USER.toString()) != null;
}
