[DEV] set generic authorisation element
This commit is contained in:
parent
1cebe69872
commit
4e4ac74948
@ -70,13 +70,21 @@ public class AuthenticationFilter implements ContainerRequestFilter {
|
|||||||
// Get the Authorization header from the request
|
// Get the Authorization header from the request
|
||||||
String authorizationHeader = requestContext.getHeaderString(HttpHeaders.AUTHORIZATION);
|
String authorizationHeader = requestContext.getHeaderString(HttpHeaders.AUTHORIZATION);
|
||||||
System.out.println("authorizationHeader: " + authorizationHeader);
|
System.out.println("authorizationHeader: " + authorizationHeader);
|
||||||
|
|
||||||
if(authorizationHeader == null && method.isAnnotationPresent(PermitTokenInURI.class)) {
|
if(authorizationHeader == null && method.isAnnotationPresent(PermitTokenInURI.class)) {
|
||||||
// TODO: ...
|
MultivaluedMap<String, String> quaryparam = requestContext.getUriInfo().getQueryParameters();
|
||||||
|
for (Entry<String, List<String>> item: quaryparam.entrySet()) {
|
||||||
|
if (item.getKey().equals(HttpHeaders.AUTHORIZATION)) {
|
||||||
|
if (!item.getValue().isEmpty()) {
|
||||||
|
authorizationHeader = item.getValue().get(0);
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
System.out.println("authorizationHeader: " + authorizationHeader);
|
||||||
|
|
||||||
|
|
||||||
|
/*
|
||||||
System.out.println(" -------------------------------");
|
System.out.println(" -------------------------------");
|
||||||
// this get the parameters inside the pre-parsed element in the request ex: @Path("thumbnail/{id}") generate a map with "id"
|
// this get the parameters inside the pre-parsed element in the request ex: @Path("thumbnail/{id}") generate a map with "id"
|
||||||
MultivaluedMap<String, String> pathparam = requestContext.getUriInfo().getPathParameters();
|
MultivaluedMap<String, String> pathparam = requestContext.getUriInfo().getPathParameters();
|
||||||
@ -85,7 +93,7 @@ public class AuthenticationFilter implements ContainerRequestFilter {
|
|||||||
}
|
}
|
||||||
System.out.println(" -------------------------------");
|
System.out.println(" -------------------------------");
|
||||||
// need to add "@QueryParam("p") String token, " in the model
|
// need to add "@QueryParam("p") String token, " in the model
|
||||||
MultivaluedMap<String, String> quaryparam = requestContext.getUriInfo().getQueryParameters();
|
//MultivaluedMap<String, String> quaryparam = requestContext.getUriInfo().getQueryParameters();
|
||||||
for (Entry<String, List<String>> item: quaryparam.entrySet()) {
|
for (Entry<String, List<String>> item: quaryparam.entrySet()) {
|
||||||
System.out.println(" query: " + item.getKey() + " ==>" + item.getValue());
|
System.out.println(" query: " + item.getKey() + " ==>" + item.getValue());
|
||||||
}
|
}
|
||||||
@ -100,7 +108,7 @@ public class AuthenticationFilter implements ContainerRequestFilter {
|
|||||||
System.out.println(" headers: " + item.getKey() + " ==>" + item.getValue());
|
System.out.println(" headers: " + item.getKey() + " ==>" + item.getValue());
|
||||||
}
|
}
|
||||||
System.out.println(" -------------------------------");
|
System.out.println(" -------------------------------");
|
||||||
|
*/
|
||||||
// Validate the Authorization header data Model "Yota userId:token"
|
// Validate the Authorization header data Model "Yota userId:token"
|
||||||
if (!isTokenBasedAuthentication(authorizationHeader)) {
|
if (!isTokenBasedAuthentication(authorizationHeader)) {
|
||||||
System.out.println("REJECTED unauthorized: " + requestContext.getUriInfo().getPath());
|
System.out.println("REJECTED unauthorized: " + requestContext.getUriInfo().getPath());
|
||||||
@ -110,7 +118,7 @@ public class AuthenticationFilter implements ContainerRequestFilter {
|
|||||||
|
|
||||||
// Extract the token from the Authorization header (Remove "Yota ")
|
// Extract the token from the Authorization header (Remove "Yota ")
|
||||||
String token = authorizationHeader.substring(AUTHENTICATION_SCHEME.length()).trim();
|
String token = authorizationHeader.substring(AUTHENTICATION_SCHEME.length()).trim();
|
||||||
System.out.println("token: " + token);
|
//System.out.println("token: " + token);
|
||||||
|
|
||||||
|
|
||||||
User user = null;
|
User user = null;
|
||||||
|
|||||||
@ -350,7 +350,7 @@ public class DataResource {
|
|||||||
@PermitTokenInURI
|
@PermitTokenInURI
|
||||||
@RolesAllowed("USER")
|
@RolesAllowed("USER")
|
||||||
@Produces(MediaType.APPLICATION_OCTET_STREAM)
|
@Produces(MediaType.APPLICATION_OCTET_STREAM)
|
||||||
public Response retriveDataId(@Context SecurityContext sc, @QueryParam("Yota") String token, @HeaderParam("Range") String range, @PathParam("id") Long id) throws Exception {
|
public Response retriveDataId(@Context SecurityContext sc, @QueryParam(HttpHeaders.AUTHORIZATION) String token, @HeaderParam("Range") String range, @PathParam("id") Long id) throws Exception {
|
||||||
GenericContext gc = (GenericContext) sc.getUserPrincipal();
|
GenericContext gc = (GenericContext) sc.getUserPrincipal();
|
||||||
System.out.println("===================================================");
|
System.out.println("===================================================");
|
||||||
System.out.println("== DATA retriveDataId ? " + (gc==null?"null":gc.user));
|
System.out.println("== DATA retriveDataId ? " + (gc==null?"null":gc.user));
|
||||||
@ -370,7 +370,7 @@ public class DataResource {
|
|||||||
@RolesAllowed("USER")
|
@RolesAllowed("USER")
|
||||||
@PermitTokenInURI
|
@PermitTokenInURI
|
||||||
@Produces(MediaType.APPLICATION_OCTET_STREAM)
|
@Produces(MediaType.APPLICATION_OCTET_STREAM)
|
||||||
public Response retriveDataThumbnailId(@Context SecurityContext sc, @QueryParam("Yota") String token, @HeaderParam("Range") String range, @PathParam("id") Long id) throws Exception {
|
public Response retriveDataThumbnailId(@Context SecurityContext sc, @QueryParam(HttpHeaders.AUTHORIZATION) String token, @HeaderParam("Range") String range, @PathParam("id") Long id) throws Exception {
|
||||||
GenericContext gc = (GenericContext) sc.getUserPrincipal();
|
GenericContext gc = (GenericContext) sc.getUserPrincipal();
|
||||||
System.out.println("===================================================");
|
System.out.println("===================================================");
|
||||||
System.out.println("== DATA retriveDataThumbnailId ? " + (gc==null?"null":gc.user));
|
System.out.println("== DATA retriveDataThumbnailId ? " + (gc==null?"null":gc.user));
|
||||||
@ -418,7 +418,7 @@ public class DataResource {
|
|||||||
@PermitTokenInURI
|
@PermitTokenInURI
|
||||||
@RolesAllowed("USER")
|
@RolesAllowed("USER")
|
||||||
@Produces(MediaType.APPLICATION_OCTET_STREAM)
|
@Produces(MediaType.APPLICATION_OCTET_STREAM)
|
||||||
public Response retriveDataFull(@Context SecurityContext sc, @QueryParam("Yota") String token, @HeaderParam("Range") String range, @PathParam("id") Long id, @PathParam("name") String name) throws Exception {
|
public Response retriveDataFull(@Context SecurityContext sc, @QueryParam(HttpHeaders.AUTHORIZATION) String token, @HeaderParam("Range") String range, @PathParam("id") Long id, @PathParam("name") String name) throws Exception {
|
||||||
GenericContext gc = (GenericContext) sc.getUserPrincipal();
|
GenericContext gc = (GenericContext) sc.getUserPrincipal();
|
||||||
System.out.println("===================================================");
|
System.out.println("===================================================");
|
||||||
System.out.println("== DATA retriveDataFull ? " + (gc==null?"null":gc.user));
|
System.out.println("== DATA retriveDataFull ? " + (gc==null?"null":gc.user));
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user