@Override
public void handleRequest(HttpServerExchange exchange) throws Exception {
final String incomingSessionId = servletContext.getSessionConfig().findSessionId(exchange);
if (incomingSessionId == null || !data.containsKey(incomingSessionId)) {
next.handleRequest(exchange);
return;
}
// we have some old data
PersistentSession result = data.remove(incomingSessionId);
if (result != null) {
long time = System.currentTimeMillis();
if (time < result.getExpiration().getTime()) {
final HttpSessionImpl session = servletContext.getSession(exchange, true);
final HttpSessionEvent event = new HttpSessionEvent(session);
for (Map.Entry<String, Object> entry : result.getSessionData().entrySet()) {
if (entry.getValue() instanceof HttpSessionActivationListener) {
((HttpSessionActivationListener) entry.getValue()).sessionDidActivate(event);
}
if (entry.getKey().startsWith(HttpSessionImpl.IO_UNDERTOW)) {
session.getSession().setAttribute(entry.getKey(), entry.getValue());
} else {
session.setAttribute(entry.getKey(), entry.getValue());
}
}
}
}
next.handleRequest(exchange);
}
@Override
public void handleRequest(HttpServerExchange exchange) throws Exception {
UndertowHttpFacade facade = new OIDCServletUndertowHttpFacade(exchange);
final ServletRequestContext servletRequestContext =
exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
SessionManagementBridge bridge =
new SessionManagementBridge(
userSessionManagement, servletRequestContext.getDeployment().getSessionManager());
PreAuthActionsHandler handler = new PreAuthActionsHandler(bridge, deploymentContext, facade);
if (handler.handleRequest()) return;
next.handleRequest(exchange);
}
@Override
public void parse(HttpHandler handler) throws Exception {
if (exchange.getAttachment(FORM_DATA) != null) {
handler.handleRequest(exchange);
return;
}
this.handler = handler;
StreamSourceChannel channel = exchange.getRequestChannel();
if (channel == null) {
throw new IOException(UndertowMessages.MESSAGES.requestChannelAlreadyProvided());
} else {
doParse(channel);
if (state != 4) {
channel.getReadSetter().set(this);
channel.resumeReads();
} else {
exchange.dispatch(SameThreadExecutor.INSTANCE, handler);
}
}
}
@Override
public void handleRequest(final HttpServerExchange exchange) throws Exception {
final ServletRequestContext servletRequestContext =
exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
ServletRequest request = servletRequestContext.getServletRequest();
if (request.getDispatcherType() == DispatcherType.REQUEST) {
List<SingleConstraintMatch> constraints = servletRequestContext.getRequiredConstrains();
SecurityContext sc = exchange.getSecurityContext();
if (!authorizationManager.canAccessResource(
constraints,
sc.getAuthenticatedAccount(),
servletRequestContext.getCurrentServlet().getManagedServlet().getServletInfo(),
servletRequestContext.getOriginalRequest(),
servletRequestContext.getDeployment())) {
HttpServletResponse response =
(HttpServletResponse) servletRequestContext.getServletResponse();
response.sendError(403);
return;
}
}
next.handleRequest(exchange);
}
public void handleRequest(final HttpServerExchange exchange) throws Exception {
final ProxyClient.ProxyTarget target = proxyClient.findTarget(exchange);
if (target == null) {
log.debugf("No proxy target for request to %s", exchange.getRequestURL());
next.handleRequest(exchange);
return;
}
final long timeout = maxRequestTime > 0 ? System.currentTimeMillis() + maxRequestTime : 0;
final ProxyClientHandler clientHandler =
new ProxyClientHandler(exchange, target, timeout, maxConnectionRetries);
if (timeout > 0) {
final XnioExecutor.Key key =
exchange
.getIoThread()
.executeAfter(
new Runnable() {
@Override
public void run() {
clientHandler.cancel(exchange);
}
},
maxRequestTime,
TimeUnit.MILLISECONDS);
exchange.putAttachment(TIMEOUT_KEY, key);
exchange.addExchangeCompleteListener(
new ExchangeCompletionListener() {
@Override
public void exchangeEvent(HttpServerExchange exchange, NextListener nextListener) {
key.remove();
nextListener.proceed();
}
});
}
exchange.dispatch(
exchange.isInIoThread() ? SameThreadExecutor.INSTANCE : exchange.getIoThread(),
clientHandler);
}
@Override
public void handleRequest(HttpServerExchange exchange) throws Exception {
HeaderMap requestHeaders = exchange.getRequestHeaders();
final String sessionId = requestHeaders.getFirst(SSL_SESSION_ID);
if (sessionId != null) {
final String cipher = requestHeaders.getFirst(SSL_CIPHER);
String clientCert = requestHeaders.getFirst(SSL_CLIENT_CERT);
// the proxy client replaces \n with ' '
if (clientCert != null && clientCert.length() > 28) {
StringBuilder sb = new StringBuilder(clientCert.length() + 1);
sb.append(Certificates.BEGIN_CERT);
sb.append('\n');
sb.append(
clientCert
.replace(' ', '\n')
.substring(28, clientCert.length() - 26)); // core certificate data
sb.append('\n');
sb.append(Certificates.END_CERT);
clientCert = sb.toString();
}
try {
SSLSessionInfo info = new BasicSSLSessionInfo(sessionId, cipher, clientCert);
exchange.setRequestScheme(HTTPS);
exchange.getConnection().setSslSessionInfo(info);
exchange.addExchangeCompleteListener(CLEAR_SSL_LISTENER);
} catch (java.security.cert.CertificateException e) {
UndertowLogger.REQUEST_LOGGER.debugf(
e, "Could not create certificate from header %s", clientCert);
} catch (CertificateException e) {
UndertowLogger.REQUEST_LOGGER.debugf(
e, "Could not create certificate from header %s", clientCert);
}
}
next.handleRequest(exchange);
}
@Override
public void handleRequest(final HttpServerExchange exchange) throws Exception {
exchange.setRelativePath(CanonicalPathUtils.canonicalize(exchange.getRelativePath()));
next.handleRequest(exchange);
}
