@With({UserCredentialWrapFilter.class, ConnectToDBFilter.class}) @BodyParser.Of(BodyParser.Json.class) public static Result changePassword() { Logger.trace("Method Start"); Http.RequestBody body = request().body(); JsonNode bodyJson = body.asJson(); Logger.trace("changePassword bodyJson: " + bodyJson); if (bodyJson == null) return badRequest( "The body payload cannot be empty. Hint: put in the request header Content-Type: application/json"); // check and validate input if (!bodyJson.has("old")) return badRequest("The 'old' field is missing"); if (!bodyJson.has("new")) return badRequest("The 'new' field is missing"); String currentPassword = DbHelper.getCurrentHTTPPassword(); String oldPassword = (String) bodyJson.findValuesAsText("old").get(0); String newPassword = (String) bodyJson.findValuesAsText("new").get(0); if (!oldPassword.equals(currentPassword)) { return badRequest("The old password does not match with the current one"); } UserService.changePasswordCurrentUser(newPassword); Logger.trace("Method End"); return ok(); }
@With({ AdminCredentialWrapFilter.class, ConnectToDBFilter.class, }) @BodyParser.Of(BodyParser.Json.class) public static Result signUp() { Logger.trace("Method Start"); Http.RequestBody body = request().body(); JsonNode bodyJson = body.asJson(); Logger.trace("signUp bodyJson: " + bodyJson); if (bodyJson == null) return badRequest( "The body payload cannot be empty. Hint: put in the request header Content-Type: application/json"); // check and validate input if (!bodyJson.has("username")) return badRequest("The 'username' field is missing"); if (!bodyJson.has("password")) return badRequest("The 'password' field is missing"); // extract mandatory fields JsonNode nonAppUserAttributes = bodyJson.get(UserDao.ATTRIBUTES_VISIBLE_BY_ANONYMOUS_USER); JsonNode privateAttributes = bodyJson.get(UserDao.ATTRIBUTES_VISIBLE_ONLY_BY_THE_USER); JsonNode friendsAttributes = bodyJson.get(UserDao.ATTRIBUTES_VISIBLE_BY_FRIENDS_USER); JsonNode appUsersAttributes = bodyJson.get(UserDao.ATTRIBUTES_VISIBLE_BY_REGISTERED_USER); String username = (String) bodyJson.findValuesAsText("username").get(0); String password = (String) bodyJson.findValuesAsText("password").get(0); if (privateAttributes != null && privateAttributes.has("email")) { // check if email address is valid if (!Util.validateEmail((String) privateAttributes.findValuesAsText("email").get(0))) return badRequest("The email address must be valid."); } // try to signup new user try { UserService.signUp( username, password, nonAppUserAttributes, privateAttributes, friendsAttributes, appUsersAttributes); } catch (UserAlreadyExistsException e) { Logger.debug("signUp", e); return badRequest(username + " already exists"); } catch (Throwable e) { Logger.warn("signUp", e); if (Play.isDev()) return internalServerError(ExceptionUtils.getFullStackTrace(e)); else return internalServerError(e.getMessage()); } Logger.trace("Method End"); return created(); }
public XMLContentProcessor(Http.RequestBody body) { String[] parts = body.toString().split("Some\\("); if (parts.length > 0) { String[] parts2 = parts[1].split("\\)\\,"); if (parts2.length > 0) { this.body = parts2[0]; } } }
@Override public Map<String, String[]> getRequestParameters() { final Http.RequestBody body = request.body(); final Map<String, String[]> formParameters; if (body != null) { formParameters = body.asFormUrlEncoded(); } else { formParameters = new HashMap<>(); } final Map<String, String[]> urlParameters = request.queryString(); final Map<String, String[]> parameters = new HashMap<>(); if (formParameters != null) { parameters.putAll(formParameters); } if (urlParameters != null) { parameters.putAll(urlParameters); } return parameters; }
private static Optional<JsonNode> getValidJson(Http.RequestBody body) { JsonNode json = body.asJson(); logger.debug("received json: {}", json); try { // validates json Json.fromJson(json, Message.class); } catch (Exception e) { logger.warn("Invalid json ({})", e.getCause().getMessage()); return Optional.empty(); } return Optional.of(json); }
public F.Promise<Result> call(Http.Context ctx) throws Throwable { try { return delegate.call(ctx); } catch (Exception e) { e.printStackTrace(); StringBuilder sb = new StringBuilder(); sb.append("Error for request at " + ctx.request().uri() + "\n"); sb.append("Headers: \n"); Map<String, String[]> headers = ctx.request().headers(); for (String key : headers.keySet()) { sb.append(" " + key + " --> "); for (String val : headers.get(key)) { sb.append(val + "|||"); } sb.append("\n"); } sb.append("Cookies: \n"); for (Http.Cookie cookie : ctx.request().cookies()) { sb.append(" " + cookie.name() + " --> " + cookie.value() + "\n"); } Http.RequestBody body = ctx.request().body(); Map<String, String[]> body_vals = body.asFormUrlEncoded(); if (body_vals != null) { sb.append("Body (as form URL encoded): \n"); for (String key : body_vals.keySet()) { sb.append(" " + key + " --> "); for (String val : body_vals.get(key)) { sb.append(val + "|||"); } sb.append("\n"); } } Logger.error(sb.toString()); throw e; } }
@With({UserCredentialWrapFilter.class, ConnectToDBFilter.class}) @BodyParser.Of(BodyParser.Json.class) public static Result changeUserName() throws UserNotFoundException { Http.RequestBody body = request().body(); JsonNode bodyJson = body.asJson(); if (BaasBoxLogger.isTraceEnabled()) BaasBoxLogger.trace("updateuserName bodyJson: " + bodyJson); if (bodyJson == null) return badRequest( "The body payload cannot be empty. Hint: put in the request header Content-Type: application/json"); if (bodyJson.get("username") == null || !bodyJson.get("username").isTextual()) return badRequest("'username' field must be a String"); String newUsername = bodyJson.get("username").asText(); try { UserService.changeUsername(DbHelper.getCurrentHTTPUsername(), newUsername); } catch (OpenTransactionException e) { return internalServerError(ExceptionUtils.getMessage(e)); } catch (SqlInjectionException e) { return badRequest("Username not valid"); } return ok(); }
@With({UserCredentialWrapFilter.class, ConnectToDBFilter.class}) @BodyParser.Of(BodyParser.Json.class) public static Result updateProfile() { Logger.trace("Method Start"); Http.RequestBody body = request().body(); JsonNode bodyJson = body.asJson(); Logger.trace("updateProfile bodyJson: " + bodyJson); if (bodyJson == null) return badRequest( "The body payload cannot be empty. Hint: put in the request header Content-Type: application/json"); // extract the profile fields JsonNode nonAppUserAttributes = bodyJson.get(UserDao.ATTRIBUTES_VISIBLE_BY_ANONYMOUS_USER); JsonNode privateAttributes = bodyJson.get(UserDao.ATTRIBUTES_VISIBLE_ONLY_BY_THE_USER); JsonNode friendsAttributes = bodyJson.get(UserDao.ATTRIBUTES_VISIBLE_BY_FRIENDS_USER); JsonNode appUsersAttributes = bodyJson.get(UserDao.ATTRIBUTES_VISIBLE_BY_REGISTERED_USER); if (privateAttributes.has("email")) { // check if email address is valid if (!Util.validateEmail((String) privateAttributes.findValuesAsText("email").get(0))) return badRequest("The email address must be valid."); } ODocument profile; try { profile = UserService.updateCurrentProfile( nonAppUserAttributes, privateAttributes, friendsAttributes, appUsersAttributes); } catch (Throwable e) { Logger.warn("updateProfile", e); if (Play.isDev()) return internalServerError(ExceptionUtils.getFullStackTrace(e)); else return internalServerError(e.getMessage()); } Logger.trace("Method End"); return ok(prepareResponseToJson(profile)); } // updateProfile
// NOTE: this controller is called via a web form by a browser to reset the user's password // Filters to extract username/appcode/atc.. from the headers have no sense in this case public static Result resetPasswordStep3(String base64) { String tokenReceived = ""; String appCode = ""; String username = ""; String tokenId = ""; Map<String, String[]> bodyForm = null; try { // loads the received token and extracts data by the hashcode in the url tokenReceived = new String(Base64.decodeBase64(base64.getBytes())); Logger.debug("resetPasswordStep3 - sRandom: " + tokenReceived); // token format should be APP_Code%%%%Username%%%%ResetTokenId String[] tokens = tokenReceived.split("%%%%"); if (tokens.length != 3) return badRequest("The reset password code is invalid."); appCode = tokens[0]; username = tokens[1]; tokenId = tokens[2]; String adminUser = BBConfiguration.configuration.getString(IBBConfigurationKeys.ADMIN_USERNAME); String adminPassword = BBConfiguration.configuration.getString(IBBConfigurationKeys.ADMIN_PASSWORD); try { DbHelper.open(appCode, adminUser, adminPassword); } catch (InvalidAppCodeException e1) { throw new Exception("The code to reset the password seems to be invalid"); } if (!UserService.exists(username)) throw new Exception("User not found!"); boolean isTokenValid = ResetPwdDao.getInstance().verifyTokenStep2(base64, username); if (!isTokenValid) throw new Exception( "Reset Code not found or expired! Please repeat the reset password procedure"); Http.RequestBody body = request().body(); bodyForm = body.asFormUrlEncoded(); if (bodyForm == null) throw new Exception( "Error getting submitted data. Please repeat the reset password procedure"); } catch (Exception e) { ST pageTemplate = new ST(PasswordRecovery.PAGE_HTML_FEEDBACK_TEMPLATE.getValueAsString(), '$', '$'); pageTemplate.add("user_name", username); pageTemplate.add("error", e.getMessage()); pageTemplate.add( "application_name", com.baasbox.configuration.Application.APPLICATION_NAME.getValueAsString()); DbHelper.getConnection().close(); return badRequest(Html.apply(pageTemplate.render())); } // check and validate input String errorString = ""; if (bodyForm.get("password").length != 1) errorString = "The 'new password' field is missing"; if (bodyForm.get("repeat-password").length != 1) errorString = "The 'repeat password' field is missing"; String password = (String) bodyForm.get("password")[0]; String repeatPassword = (String) bodyForm.get("repeat-password")[0]; if (!password.equals(repeatPassword)) { errorString = "The new \"password\" field and the \"repeat password\" field must be the same."; } if (!errorString.isEmpty()) { ST pageTemplate = new ST(PasswordRecovery.PAGE_HTML_TEMPLATE.getValueAsString(), '$', '$'); pageTemplate.add( "form_template", "<form action='/user/password/reset/" + base64 + "' method='POST' id='reset_pwd_form'>" + "<label for='password'>New password</label>" + "<input type='password' id='password' name='password' />" + "<label for='repeat-password'>Repeat the new password</label>" + "<input type='password' id='repeat-password' name='repeat-password' />" + "<button type='submit' id='reset_pwd_submit'>Reset the password</button>" + "</form>"); pageTemplate.add("user_name", username); pageTemplate.add("link", "/user/password/reset/" + base64); pageTemplate.add("password", "password"); pageTemplate.add("repeat_password", "repeat-password"); pageTemplate.add( "application_name", com.baasbox.configuration.Application.APPLICATION_NAME.getValueAsString()); pageTemplate.add("error", errorString); DbHelper.getConnection().close(); return badRequest(Html.apply(pageTemplate.render())); } try { UserService.resetUserPasswordFinalStep(username, password); } catch (Throwable e) { Logger.warn("changeUserPassword", e); DbHelper.getConnection().close(); if (Play.isDev()) return internalServerError(ExceptionUtils.getFullStackTrace(e)); else return internalServerError(e.getMessage()); } Logger.trace("Method End"); String ok_message = "Password changed"; ST pageTemplate = new ST(PasswordRecovery.PAGE_HTML_FEEDBACK_TEMPLATE.getValueAsString(), '$', '$'); pageTemplate.add("user_name", username); pageTemplate.add("message", ok_message); pageTemplate.add( "application_name", com.baasbox.configuration.Application.APPLICATION_NAME.getValueAsString()); DbHelper.getConnection().close(); return ok(Html.apply(pageTemplate.render())); }
public static Result postGenerate(String handler_json) { String oper = ""; RequestBody body = request().body(); if (body == null) { return ok(completeAnnotation.render("Error processing form: form appears to be empty.")); } String textBody = body.asText(); Properties p = new Properties(); try { p.load(new StringReader(textBody)); } catch (Exception e) { e.printStackTrace(); return ok(completeAnnotation.render("Error processing form: form appears to be empty.")); } System.out.println("Selection: " + p.getProperty("submitButton")); if (p.getProperty("submitButton") != null) oper = p.getProperty("submitButton"); if (oper.equals(OPER_FINISH)) { return ok(completeAnnotation.render("Annotation operation finished.")); } NameSpaces ns = NameSpaces.getInstance(); String preamble = FRAG_START_PREAMBLE; preamble += ns.printNameSpaceList(); preamble += "\n"; /* * Insert KB */ preamble += FRAG_KB_PART1; preamble += Play.application().configuration().getString("hadatac.console.kb"); preamble += FRAG_KB_PART2; try { handler_json = URLDecoder.decode(handler_json, "UTF-8"); } catch (Exception e) { e.printStackTrace(); } System.out.println(handler_json); ObjectMapper mapper = new ObjectMapper(); CSVAnnotationHandler handler = null; try { handler = mapper.readValue(handler_json, CSVAnnotationHandler.class); /* * Insert Data Set */ preamble += "<" + DataFactory.getNextURI(DataFactory.DATASET_ABBREV) + ">"; preamble += FRAG_DATASET; preamble += handler.getDataCollectionUri() + ">; "; int i = 0; int timeStampIndex = -1; ArrayList<Integer> mt = new ArrayList<Integer>(); for (String str : handler.getFields()) { // System.out.println(str); // System.out.println("get " + i + "-characteristic: [" + p.getProperty(i + // "-characteristic") + "]"); // System.out.println("get " + i + "-unit: [" + p.getProperty(i + "-unit") + "]"); if ((p.getProperty(i + "-characteristic") != null) && (!p.getProperty(i + "-characteristic").equals("")) && (p.getProperty(i + "-unit") != null) && (!p.getProperty(i + "-unit").equals(""))) { if (p.getProperty(i + "-unit").equals(FRAG_IN_DATE_TIME)) { timeStampIndex = i; } else { mt.add(i); } } i++; } preamble += FRAG_HAS_MEASUREMENT_TYPE; int aux = 0; for (Integer mt_count : mt) { preamble += FRAG_MT + aux++ + "> "; } preamble += ".\n\n"; /* * Insert measurement types */ aux = 0; for (Integer mt_count : mt) { preamble += FRAG_MT + aux; preamble += FRAG_MEASUREMENT_TYPE_PART1; if (timeStampIndex != -1) { preamble += FRAG_IN_DATE_TIME; preamble += FRAG_IN_DATE_TIME_SUFFIX; } preamble += FRAG_MEASUREMENT_TYPE_PART2; preamble += mt_count; preamble += FRAG_MEASUREMENT_TYPE_PART3; preamble += "<" + p.getProperty(mt_count + "-characteristic") + ">"; preamble += FRAG_MEASUREMENT_TYPE_PART4; preamble += "<" + p.getProperty(mt_count + "-unit") + ">"; preamble += " .\n"; } if (timeStampIndex != -1) { preamble += "\n"; preamble += FRAG_IN_DATE_TIME_STATEMENT + " " + timeStampIndex + " . \n"; } if (textBody == null) { badRequest("Expecting text/plain request body"); } } catch (Exception e) { // TODO Auto-generated catch block e.printStackTrace(); return ok(completeAnnotation.render("Error processing form. Please restart form.")); } preamble += FRAG_END_PREAMBLE; if (oper.equals(OPER_PREAMBLE)) { return ok(preamble).as("text/turtle"); } if (oper.equals(OPER_CCSV)) { File newFile = new File(handler.getDatasetName()); try { preamble += FileUtils.readFileToString(newFile, "UTF-8"); } catch (IOException e) { // TODO Auto-generated catch block e.printStackTrace(); return ok(completeAnnotation.render("Error reading cached CSV file. Please restart form.")); } return ok(preamble).as("text/turtle"); } if (oper.equals(OPER_UPLOAD)) {} return ok(completeAnnotation.render("Error processing form: unspecified download operation.")); }
@With({AdminCredentialWrapFilter.class, ConnectToDBFilter.class}) @BodyParser.Of(BodyParser.Json.class) public static Result signUp() throws JsonProcessingException, IOException { if (BaasBoxLogger.isTraceEnabled()) BaasBoxLogger.trace("Method Start"); Http.RequestBody body = request().body(); JsonNode bodyJson = body.asJson(); if (BaasBoxLogger.isTraceEnabled()) BaasBoxLogger.trace("signUp bodyJson: " + bodyJson); if (bodyJson == null) return badRequest( "The body payload cannot be empty. Hint: put in the request header Content-Type: application/json"); // check and validate input if (!bodyJson.has("username")) return badRequest("The 'username' field is missing"); if (!bodyJson.has("password")) return badRequest("The 'password' field is missing"); // extract mandatory fields JsonNode nonAppUserAttributes = bodyJson.get(UserDao.ATTRIBUTES_VISIBLE_BY_ANONYMOUS_USER); JsonNode privateAttributes = bodyJson.get(UserDao.ATTRIBUTES_VISIBLE_ONLY_BY_THE_USER); JsonNode friendsAttributes = bodyJson.get(UserDao.ATTRIBUTES_VISIBLE_BY_FRIENDS_USER); JsonNode appUsersAttributes = bodyJson.get(UserDao.ATTRIBUTES_VISIBLE_BY_REGISTERED_USER); String username = (String) bodyJson.findValuesAsText("username").get(0); String password = (String) bodyJson.findValuesAsText("password").get(0); String appcode = (String) ctx().args.get("appcode"); if (privateAttributes != null && privateAttributes.has("email")) { // check if email address is valid if (!Util.validateEmail((String) privateAttributes.findValuesAsText("email").get(0))) return badRequest("The email address must be valid."); } if (StringUtils.isEmpty(password)) return status(422, "The password field cannot be empty"); // try to signup new user ODocument profile = null; try { UserService.signUp( username, password, null, nonAppUserAttributes, privateAttributes, friendsAttributes, appUsersAttributes, false); // due to issue 412, we have to reload the profile profile = UserService.getUserProfilebyUsername(username); } catch (InvalidJsonException e) { if (BaasBoxLogger.isDebugEnabled()) BaasBoxLogger.debug("signUp", e); return badRequest("One or more profile sections is not a valid JSON object"); } catch (UserAlreadyExistsException e) { if (BaasBoxLogger.isDebugEnabled()) BaasBoxLogger.debug("signUp", e); // Return a generic error message if the username is already in use. return badRequest("Error signing up"); } catch (EmailAlreadyUsedException e) { // Return a generic error message if the email is already in use. if (BaasBoxLogger.isDebugEnabled()) BaasBoxLogger.debug("signUp", e); return badRequest("Error signing up"); } catch (Throwable e) { BaasBoxLogger.warn("signUp", e); if (Play.isDev()) return internalServerError(ExceptionUtils.getFullStackTrace(e)); else return internalServerError(ExceptionUtils.getMessage(e)); } if (BaasBoxLogger.isTraceEnabled()) BaasBoxLogger.trace("Method End"); ImmutableMap<SessionKeys, ? extends Object> sessionObject = SessionTokenProvider.getSessionTokenProvider().setSession(appcode, username, password); response() .setHeader(SessionKeys.TOKEN.toString(), (String) sessionObject.get(SessionKeys.TOKEN)); String result = prepareResponseToJson(profile); ObjectMapper mapper = new ObjectMapper(); result = result.substring(0, result.lastIndexOf("}")) + ",\"" + SessionKeys.TOKEN.toString() + "\":\"" + (String) sessionObject.get(SessionKeys.TOKEN) + "\"}"; JsonNode jn = mapper.readTree(result); return created(jn); }