public String getAdminToken() { String adminToken = curAdminToken != null && curAdminToken.isValid() ? curAdminToken.getToken() : null; if (adminToken == null) { final ServiceClientResponse<AuthenticateResponse> serviceResponse = client.post(authUrl + "/tokens", requestBody, MediaType.APPLICATION_XML_TYPE); switch (HttpStatusCode.fromInt(serviceResponse.getStatusCode())) { case OK: final AuthenticateResponse authenticateResponse = marshaller.unmarshall(serviceResponse.getData(), AuthenticateResponse.class); Token token = authenticateResponse.getToken(); curAdminToken = new AdminToken(token.getId(), token.getExpires().toGregorianCalendar()); adminToken = curAdminToken.getToken(); break; default: LOG.error( "Unable to get admin token. Verify admin credentials. " + serviceResponse.getStatusCode()); curAdminToken = null; break; } } return adminToken; }
@Override public FilterDirector handleResponse( HttpServletRequest request, ReadableHttpServletResponse response) { FilterDirector myDirector = new FilterDirectorImpl(); /// The WWW Authenticate header can be used to communicate to the client // (since we are a proxy) how to correctly authenticate itself final String wwwAuthenticateHeader = response.getHeader(CommonHttpHeader.WWW_AUTHENTICATE.toString()); switch (HttpStatusCode.fromInt(response.getStatus())) { // NOTE: We should only mutate the WWW-Authenticate header on a // 401 (unauthorized) or 403 (forbidden) response from the origin service case UNAUTHORIZED: case FORBIDDEN: myDirector = updateHttpResponse(myDirector, wwwAuthenticateHeader); break; case NOT_IMPLEMENTED: if ((!StringUtilities.isBlank(wwwAuthenticateHeader) && wwwAuthenticateHeader.contains("Delegated"))) { myDirector.setResponseStatus(HttpStatusCode.INTERNAL_SERVER_ERROR); LOG.error( "Repose authentication component is configured as delegetable but origin service does not support delegated mode."); } else { myDirector.setResponseStatus(HttpStatusCode.NOT_IMPLEMENTED); } break; } return myDirector; }