private ModelNode parseResponse(HttpResponse response, boolean encoded) {
try {
String content = EntityUtils.toString(response.getEntity());
int status = response.getStatusLine().getStatusCode();
ModelNode modelResponse;
if (status == HttpStatus.SC_OK) {
if (encoded) {
modelResponse = ModelNode.fromBase64(new ByteArrayInputStream(content.getBytes()));
Assert.assertTrue(
response.getFirstHeader("Content-Type").getValue().contains(DMR_ENCODED));
} else {
modelResponse = ModelNode.fromJSONString(content);
}
} else {
modelResponse = new ModelNode();
modelResponse.get(OUTCOME).set(FAILED);
modelResponse.get(FAILURE_DESCRIPTION).set(content);
}
return modelResponse;
} catch (IOException e) {
throw new RuntimeException("Unable to read response content as String");
}
}
private ModelNode convertPostRequest(InputStream stream, boolean encode) throws IOException {
return encode ? ModelNode.fromBase64(stream) : ModelNode.fromJSONStream(stream);
}
@Override
public void handleRequest(final HttpServerExchange exchange) throws Exception {
final FormDataParser parser = formParserFactory.createParser(exchange);
if (parser == null) {
Common.UNSUPPORTED_MEDIA_TYPE.handleRequest(exchange);
}
// Prevent CSRF which can occur from standard a multipart/form-data submission from a standard
// HTML form.
// If the browser sends an Origin header (Chrome / Webkit) then the earlier origin check will
// have passed
// to reach this point. If the browser doesn't (FireFox), then only requests which came from
// Javascript,
// which enforces same-origin policy when no Origin header is present, should be allowed. The
// presence of
// a custom header indicates usage of XHR since simple forms can not set them.
HeaderMap headers = exchange.getRequestHeaders();
if (!headers.contains(Headers.ORIGIN) && !headers.contains(CLIENT_NAME)) {
ROOT_LOGGER.debug(
"HTTP Origin or X-Management-Client-Name header is required for all multipart form data posts.");
Common.UNAUTHORIZED.handleRequest(exchange);
return;
}
// Parse the form data
final FormData data = parser.parseBlocking();
final OperationParameter.Builder operationParameterBuilder =
new OperationParameter.Builder(false);
// Process the operation
final FormData.FormValue op = data.getFirst(OPERATION);
final ModelNode operation;
try {
String type = op.getHeaders().getFirst(Headers.CONTENT_TYPE);
if (Common.APPLICATION_DMR_ENCODED.equals(type)) {
try (InputStream stream = convertToStream(op)) {
operation = ModelNode.fromBase64(stream);
}
operationParameterBuilder.encode(true);
} else if (Common.APPLICATION_JSON.equals(stripSuffix(type))) {
try (InputStream stream = convertToStream(op)) {
operation = ModelNode.fromJSONStream(stream);
}
} else {
ROOT_LOGGER.debug("Content-type must be application/dmr-encoded or application/json");
Common.UNAUTHORIZED.handleRequest(exchange);
return;
}
} catch (Exception e) {
ROOT_LOGGER.errorf("Unable to construct ModelNode '%s'", e.getMessage());
Common.sendError(exchange, false, e.getLocalizedMessage());
return;
}
// Process the input streams
final OperationBuilder builder = OperationBuilder.create(operation, true);
final Iterator<String> i = data.iterator();
while (i.hasNext()) {
final String name = i.next();
final Deque<FormData.FormValue> contents = data.get(name);
if (contents != null && !contents.isEmpty()) {
for (final FormData.FormValue value : contents) {
if (value.isFile()) {
builder.addFileAsAttachment(value.getPath().toFile());
}
}
}
}
operationParameterBuilder.pretty(
operation.hasDefined("json.pretty") && operation.get("json.pretty").asBoolean());
// Response callback to handle the :reload operation
final OperationParameter opParam = operationParameterBuilder.build();
final ResponseCallback callback =
new ResponseCallback() {
@Override
void doSendResponse(final ModelNode response) {
if (response.hasDefined(OUTCOME) && FAILED.equals(response.get(OUTCOME).asString())) {
Common.sendError(exchange, opParam.isEncode(), response);
return;
}
writeResponse(exchange, 200, response, opParam);
}
};
final boolean sendPreparedResponse = sendPreparedResponse(operation);
final ModelController.OperationTransactionControl control =
sendPreparedResponse
? new ModelController.OperationTransactionControl() {
@Override
public void operationPrepared(
final ModelController.OperationTransaction transaction, final ModelNode result) {
transaction.commit();
// Fix prepared result
result.get(OUTCOME).set(SUCCESS);
result.get(RESULT);
callback.sendResponse(result);
}
}
: ModelController.OperationTransactionControl.COMMIT;
ModelNode response;
final Operation builtOp = builder.build();
try {
ModelNode opheaders = operation.get(OPERATION_HEADERS);
opheaders.get(ACCESS_MECHANISM).set(AccessMechanism.HTTP.toString());
opheaders.get(CALLER_TYPE).set(USER);
// Don't allow a domain-uuid operation header from a user call
if (opheaders.hasDefined(DOMAIN_UUID)) {
opheaders.remove(DOMAIN_UUID);
}
response =
modelController.execute(operation, OperationMessageHandler.DISCARD, control, builtOp);
} catch (Throwable t) {
ROOT_LOGGER.modelRequestError(t);
Common.sendError(exchange, opParam.isEncode(), t.getLocalizedMessage());
return;
} finally {
// Close any input streams that were open
if (builtOp.isAutoCloseStreams()) {
for (InputStream in : builtOp.getInputStreams()) {
IoUtils.safeClose(in);
}
}
}
callback.sendResponse(response);
}