@Override
protected int beforeHandle(Request request, Response response) {
if (Method.OPTIONS.equals(request.getMethod())) {
Series<Header> requestHeaders =
(Series<Header>) request.getAttributes().get(HeaderConstants.ATTRIBUTE_HEADERS);
String origin = requestHeaders.getFirstValue("Origin", false, "*");
String rh = requestHeaders.getFirstValue("Access-Control-Request-Headers", false, "*");
Series<Header> responseHeaders =
(Series<Header>) response.getAttributes().get(HeaderConstants.ATTRIBUTE_HEADERS);
if (responseHeaders == null) {
responseHeaders = new Series<Header>(Header.class);
}
responseHeaders.add("Access-Control-Allow-Origin", origin);
responseHeaders.set("Access-Control-Expose-Headers", "Authorization, Link");
responseHeaders.add("Access-Control-Allow-Methods", "GET,POST,PUT,DELETE,OPTIONS");
responseHeaders.add("Access-Control-Allow-Headers", rh);
responseHeaders.add("Access-Control-Allow-Credentials", "true");
responseHeaders.add("Access-Control-Max-Age", "60");
response.getAttributes().put(HeaderConstants.ATTRIBUTE_HEADERS, responseHeaders);
response.setEntity(new EmptyRepresentation());
return SKIP;
}
return super.beforeHandle(request, response);
}
private void setHeader(Response ares) {
Series<Header> headers =
(Series<Header>) ares.getAttributes().get(RadonAttributeKey.ATTRIBUTE_HEADERS);
if (headers != null) {
for (Header header : headers) {
header(header.getName(), header.getValue());
}
}
Series<CookieSetting> cookies = ares.getCookieSettings();
for (CookieSetting c : cookies) {
cookie(new Cookie(c.getVersion(), c.getName(), c.getValue(), c.getPath(), c.getDomain()));
}
status(ares.getStatus().getCode());
if (ares.getLocationRef() != null) {
header(HeaderConstants.HEADER_LOCATION, ares.getLocationRef().toString());
}
}
/**
* Redirects a given call on the server-side to a next Restlet with a given target reference. In
* the default implementation, the request HTTP headers, stored in the request's attributes, are
* removed before dispatching. After dispatching, the response HTTP headers are also removed to
* prevent conflicts with the main call.
*
* @param next The next Restlet to forward the call to.
* @param targetRef The target reference with URI variables resolved.
* @param request The request to handle.
* @param response The response to update.
*/
protected void serverRedirect(
Restlet next, Reference targetRef, Request request, Response response) {
if (next == null) {
getLogger().warning("No next Restlet provided for server redirection to " + targetRef);
} else {
// Save the base URI if it exists as we might need it for
// redirections
Reference resourceRef = request.getResourceRef();
Reference baseRef = resourceRef.getBaseRef();
// Reset the protocol and let the dispatcher handle the protocol
request.setProtocol(null);
// Update the request to cleanly go to the target URI
request.setResourceRef(targetRef);
request.getAttributes().remove(HeaderConstants.ATTRIBUTE_HEADERS);
next.handle(request, response);
// Allow for response rewriting and clean the headers
response.setEntity(rewrite(response.getEntity()));
response.getAttributes().remove(HeaderConstants.ATTRIBUTE_HEADERS);
request.setResourceRef(resourceRef);
// In case of redirection, we may have to rewrite the redirect URI
if (response.getLocationRef() != null) {
Template rt = new Template(this.targetTemplate);
rt.setLogger(getLogger());
int matched = rt.parse(response.getLocationRef().toString(), request);
if (matched > 0) {
String remainingPart = (String) request.getAttributes().get("rr");
if (remainingPart != null) {
response.setLocationRef(baseRef.toString() + remainingPart);
}
}
}
}
}
@Override
protected int doHandle(final Request request, final Response response) {
int result = super.doHandle(request, response);
Map<String, Object> requestAttributes = request.getAttributes();
Map<String, Object> responseAttributes = response.getAttributes();
Series<Header> requestHeaders =
(Series<Header>)
requestAttributes.computeIfAbsent(
"org.restlet.http.headers", key -> new Series<Header>(Header.class));
Series<Header> responseHeaders =
(Series<Header>)
responseAttributes.computeIfAbsent(
"org.restlet.http.headers", key -> new Series<Header>(Header.class));
// TODO fix me
responseHeaders.add("Access-Control-Allow-Origin", requestHeaders.getFirstValue("Origin"));
responseHeaders.add("Access-Control-Allow-Credentials", "true");
responseHeaders.add(
"Access-Control-Allow-Methods", "HEAD, GET, PUT, POST, DELETE, OPTIONS, TRACE");
responseHeaders.add("Access-Control-Allow-Headers", "Content-Type, X-Requested-With");
return result;
}