[DEV] try securing...
This commit is contained in:
parent
dba3562c14
commit
1f199e3496
@ -8,9 +8,12 @@ import javax.ws.rs.Priorities;
|
||||
import javax.ws.rs.container.ContainerRequestContext;
|
||||
import javax.ws.rs.container.ContainerRequestFilter;
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.MultivaluedMap;
|
||||
import javax.ws.rs.core.Response;
|
||||
import javax.ws.rs.ext.Provider;
|
||||
import java.io.IOException;
|
||||
import java.util.List;
|
||||
import java.util.Map.Entry;
|
||||
// https://stackoverflow.com/questions/26777083/best-practice-for-rest-token-based-authentication-with-jax-rs-and-jersey
|
||||
// https://stackoverflow.com/questions/26777083/best-practice-for-rest-token-based-authentication-with-jax-rs-and-jersey/45814178#45814178
|
||||
// https://stackoverflow.com/questions/32817210/how-to-access-jersey-resource-secured-by-rolesallowed
|
||||
@ -32,8 +35,12 @@ public class AuthenticationFilter implements ContainerRequestFilter {
|
||||
System.out.println("-----------------------------------------------------");
|
||||
// Get the Authorization header from the request
|
||||
String authorizationHeader = requestContext.getHeaderString(HttpHeaders.AUTHORIZATION);
|
||||
|
||||
System.out.println("authorizationHeader: " + authorizationHeader);
|
||||
|
||||
MultivaluedMap<String, String> pathparam = requestContext.getUriInfo().getPathParameters();
|
||||
for (Entry<String, List<String>> item: pathparam.entrySet()) {
|
||||
System.out.println(" map element: " + item.getKey() + " ==>" + item.getValue());
|
||||
}
|
||||
// Validate the Authorization header
|
||||
if (!isTokenBasedAuthentication(authorizationHeader)) {
|
||||
abortWithUnauthorized(requestContext);
|
||||
|
@ -367,10 +367,10 @@ public class DataResource {
|
||||
}
|
||||
return buildStream(ConfigVariable.getMediaDataFolder() + File.separator + id + File.separator + "data", range, value.mimeType);
|
||||
}
|
||||
//@Secured
|
||||
//@Secu1ed
|
||||
@GET
|
||||
@Path("thumbnail/{id}")
|
||||
//@RolesAllowed("USER")
|
||||
@RolesAllowed("USER")
|
||||
@Produces(MediaType.APPLICATION_OCTET_STREAM)
|
||||
public Response retriveDataThumbnailId(@Context SecurityContext sc, @HeaderParam("Range") String range, @PathParam("id") Long id) throws Exception {
|
||||
GenericContext gc = (GenericContext) sc.getUserPrincipal();
|
||||
|
@ -4,6 +4,7 @@
|
||||
* @license PROPRIETARY (see license file)
|
||||
*/
|
||||
import { Injectable, Component, OnInit, Input, ElementRef, ViewChild } from '@angular/core';
|
||||
import { ModelResponseHttp } from '../../service/http-wrapper';
|
||||
import { DataService } from '../../service/data';
|
||||
|
||||
@Component({
|
||||
@ -28,19 +29,26 @@ export class ElementDataImageComponent implements OnInit {
|
||||
|
||||
}
|
||||
ngOnInit() {
|
||||
/*
|
||||
let canvas = this.imageCanvas.nativeElement;
|
||||
let ctx = canvas.getContext("2d");
|
||||
*/
|
||||
console.log(`Request thumnail for ---> ${this.id}`);
|
||||
this.dataService.getImageThumbnail(this.id)
|
||||
.then((result) => {
|
||||
.then((result:ModelResponseHttp) => {
|
||||
console.log(`plop ---> ${result.status}`);
|
||||
const response = result.data as Response;
|
||||
response.blob().then((value:Blob) => {
|
||||
let img = new Image();
|
||||
img.onload = function() {
|
||||
//ctx.drawImage(img, 0, 0)
|
||||
}
|
||||
let imageUrl = URL.createObjectURL(value);
|
||||
img.src = imageUrl;
|
||||
})
|
||||
|
||||
}).catch(()=>{
|
||||
console.log("plop ---> ");
|
||||
});
|
||||
|
||||
//let img = new Image();
|
||||
//img.src = "../../assets/aCRF-PRV111_CLN-001 v1.4-images/aCRF-PRV111_CLN-001 v1.4-blank_0.jpg";
|
||||
//ctx.drawImage(img, 10, 10, 250, 250);
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user