Java Code Examples for javax.ws.rs.core.HttpHeaders#AUTHORIZATION
The following examples show how to use
javax.ws.rs.core.HttpHeaders#AUTHORIZATION .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: OpenShiftResource.java From launchpad-missioncontrol with Apache License 2.0 | 6 votes |
|
@GET
@Path("/clusters")
@Produces(MediaType.APPLICATION_JSON)
public JsonArray getSupportedOpenShiftClusters(@HeaderParam(HttpHeaders.AUTHORIZATION) final String authorization,
@Context HttpServletRequest request) {
JsonArrayBuilder arrayBuilder = Json.createArrayBuilder();
Set<OpenShiftCluster> clusters = clusterRegistry.getClusters();
if (request.getParameterMap().containsKey("all") || useDefaultIdentities()) {
// Return all clusters
clusters
.stream()
.map(OpenShiftCluster::getId)
.forEach(arrayBuilder::add);
} else {
final KeycloakService keycloakService = this.keycloakServiceInstance.get();
clusters.parallelStream().map(OpenShiftCluster::getId)
.forEach(clusterId ->
keycloakService.getIdentity(clusterId, authorization)
.ifPresent(token -> arrayBuilder.add(clusterId)));
}
return arrayBuilder.build();
}
Example 2
| Source File: RoleResource.java From io with Apache License 2.0 | 6 votes |
|
/**
* Roleリソースのルート.
* Boxの一覧を返す。
* @param authzHeader Authorization ヘッダ
* @return JAX-RS Response Object
*/
@Path("")
@GET
public final Response list(
@HeaderParam(HttpHeaders.AUTHORIZATION) final String authzHeader) {
// アクセス制御
this.davRsCmp.checkAccessContext(this.davRsCmp.getAccessContext(), CellPrivilege.AUTH_READ);
EntitiesResponse er = op.getEntities(Box.EDM_TYPE_NAME, null);
List<OEntity> loe = er.getEntities();
List<String> sl = new ArrayList<String>();
sl.add(BOX_PATH_CELL_LEVEL);
for (OEntity oe : loe) {
OProperty<String> nameP = oe.getProperty("Name", String.class);
sl.add(nameP.getValue());
}
StringBuilder sb = new StringBuilder();
for (String s : sl) {
sb.append(s + "<br/>");
}
return Response.ok().entity(sb.toString()).build();
}
Example 3
| Source File: ClientsManagementService.java From keycloak with Apache License 2.0 | 5 votes |
|
/**
* URL invoked by adapter to register new client cluster node. Each application cluster node will invoke this URL once it joins cluster
*
* @param authorizationHeader
* @param formData
* @return
*/
@Path("register-node")
@POST
@Produces(MediaType.APPLICATION_JSON)
public Response registerNode(@HeaderParam(HttpHeaders.AUTHORIZATION) String authorizationHeader, final MultivaluedMap<String, String> formData) {
if (!checkSsl()) {
throw new ForbiddenException("HTTPS required");
}
event.event(EventType.REGISTER_NODE);
if (!realm.isEnabled()) {
event.error(Errors.REALM_DISABLED);
throw new NotAuthorizedException("Realm not enabled");
}
ClientModel client = authorizeClient();
String nodeHost = getClientClusterHost(formData);
event.client(client).detail(Details.NODE_HOST, nodeHost);
logger.debugf("Registering cluster host '%s' for client '%s'", nodeHost, client.getClientId());
try {
client.registerNode(nodeHost, Time.currentTime());
} catch (RuntimeException e) {
event.error(e.getMessage());
throw e;
}
event.success();
return Response.noContent().build();
}
Example 4
| Source File: ValidationResource.java From launchpad-missioncontrol with Apache License 2.0 | 5 votes |
|
@HEAD
@Path("/token/github")
public Response gitHubTokenExists(@HeaderParam(HttpHeaders.AUTHORIZATION) final String authorization) {
boolean tokenExists;
try {
tokenExists = getGitHubIdentity(authorization) != null;
} catch (IllegalArgumentException | IllegalStateException e) {
tokenExists = false;
}
if (tokenExists) {
return Response.ok().build();
} else {
return Response.status(Response.Status.NOT_FOUND).build();
}
}
Example 5
| Source File: MissionControlResource.java From launchpad-missioncontrol with Apache License 2.0 | 5 votes |
|
@GET
@Path(PATH_LAUNCH)
@Produces(MediaType.APPLICATION_JSON)
@Deprecated
public JsonObject fling(
@Context final HttpServletRequest request,
@NotNull @QueryParam(QUERY_PARAM_SOURCE_REPO) final String sourceGitHubRepo,
@NotNull @QueryParam(QUERY_PARAM_GIT_REF) final String gitRef,
@NotNull @QueryParam(QUERY_PARAM_PIPELINE_TEMPLATE_PATH) final String pipelineTemplatePath,
@NotNull @HeaderParam(HttpHeaders.AUTHORIZATION) final String authorization) {
Identity githubIdentity;
Identity openShiftIdentity;
if (useDefaultIdentities()) {
githubIdentity = getDefaultGithubIdentity();
openShiftIdentity = getDefaultOpenShiftIdentity();
} else {
KeycloakService keycloakService = this.keycloakServiceInstance.get();
githubIdentity = keycloakService.getGitHubIdentity(authorization);
openShiftIdentity = keycloakService.getOpenShiftIdentity(authorization);
}
ForkProjectile projectile = ProjectileBuilder.newInstance()
.gitHubIdentity(githubIdentity)
.openShiftIdentity(openShiftIdentity)
.forkType()
.sourceGitHubRepo(sourceGitHubRepo)
.gitRef(gitRef)
.pipelineTemplatePath(pipelineTemplatePath)
.build();
// Fling it
executorService.submit(() -> missionControl.launch(projectile));
return Json.createObjectBuilder()
.add("uuid", projectile.getId().toString())
.add("uuid_link", PATH_STATUS + "/" + projectile.getId().toString())
.build();
}
Example 6
| Source File: ValidationResource.java From launchpad-missioncontrol with Apache License 2.0 | 5 votes |
|
@HEAD
@Path("/project/{project}")
public Response projectExists(@HeaderParam(HttpHeaders.AUTHORIZATION) final String authorization,
@NotNull @PathParam("project") String project,
@QueryParam("cluster") String cluster) {
Identity openShiftIdentity = getOpenShiftIdentity(authorization, cluster);
Optional<OpenShiftCluster> openShiftCluster = clusterRegistry.findClusterById(cluster);
assert openShiftCluster.isPresent() : "Cluster not found: " + cluster;
OpenShiftService openShiftService = openShiftServiceFactory.create(openShiftCluster.get(), openShiftIdentity);
if (openShiftService.projectExists(project)) {
return Response.ok().build();
} else {
return Response.status(Response.Status.NOT_FOUND).build();
}
}
Example 7
| Source File: TokenController.java From che with Eclipse Public License 2.0 | 5 votes |
|
@GET
@Path("/github")
public Response getGitHubToken(@HeaderParam(HttpHeaders.AUTHORIZATION) String keycloakToken)
throws ForbiddenException, NotFoundException, ConflictException, BadRequestException,
ServerException, UnauthorizedException, IOException {
String token = null;
try {
validator.validate(keycloakToken);
token = tokenProvider.obtainGitHubToken(keycloakToken);
} catch (KeycloakException e) {
return Response.status(Response.Status.BAD_REQUEST).entity(e.getMessage()).build();
}
return Response.ok(token).build();
}
Example 8
| Source File: OpenShiftResource.java From launchpad-missioncontrol with Apache License 2.0 | 5 votes |
|
@GET
@Path("/projects")
@Produces(MediaType.APPLICATION_JSON)
public JsonArray projectList(@HeaderParam(HttpHeaders.AUTHORIZATION) final String authorization,
@QueryParam("cluster") String cluster) {
Identity openShiftIdentity = getOpenShiftIdentity(authorization, cluster);
Optional<OpenShiftCluster> openShiftCluster = clusterRegistry.findClusterById(cluster);
assert openShiftCluster.isPresent() : "Cluster not found: " + cluster;
OpenShiftService openShiftService = openShiftServiceFactory.create(openShiftCluster.get(), openShiftIdentity);
JsonArrayBuilder arrayBuilder = Json.createArrayBuilder();
openShiftService.listProjects().stream().map(OpenShiftProject::getName).forEach(arrayBuilder::add);
return arrayBuilder.build();
}
Example 9
| Source File: TestService.java From che with Eclipse Public License 2.0 | 5 votes |
|
@POST
@Path("/token")
public void checkAuthorization(@HeaderParam(HttpHeaders.AUTHORIZATION) String token)
throws UnauthorizedException {
if (!EnvironmentContext.getCurrent().getSubject().getToken().equals(token)) {
throw new UnauthorizedException(
"Token '" + token + "' it is different from token in EnvironmentContext");
}
}
Example 10
| Source File: PushedAuthReqEndpoint.java From java-oauth-server with Apache License 2.0 | 5 votes |
|
/**
* The pushed authorization request endpoint. This uses the
* {@code POST} method and the same client authentication as
* is available on the Token Endpoint.
*/
@POST
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
public Response post(
@HeaderParam(HttpHeaders.AUTHORIZATION) String authorization,
MultivaluedMap<String, String> parameters,
@Context HttpServletRequest request)
{
String[] clientCertificates = extractClientCertificateChain(request);
return handle(AuthleteApiFactory.getDefaultApi(),
parameters, authorization, clientCertificates);
}
Example 11
| Source File: RoleResource.java From io with Apache License 2.0 | 5 votes |
|
/**
* Box単位のRoleリソースのルート.
* Boxに紐付いたロール一覧を返す。
* Box名として__を指定されたときは、Cellレベルのロールとみなす。
* @param boxName boxName
* @param authzHeader authzHeader
* @return JAXRS Response
*/
@Path("{box}")
@GET
public final Response cellRole(
@PathParam("box") String boxName,
@HeaderParam(HttpHeaders.AUTHORIZATION) final String authzHeader) {
// アクセス制御
this.davRsCmp.checkAccessContext(this.davRsCmp.getAccessContext(), CellPrivilege.AUTH_READ);
// BoxパスがCell Levelであれば、Cell レベルロールを検索して一覧で返す。
if (BOX_PATH_CELL_LEVEL.equals(boxName)) {
// TODO Bodyの生成
// EntitiesResponse er = this.op.getEntities(Role.EDM_TYPE_NAME, null);
return Response.ok().entity(boxName).build();
}
try {
// EntityResponse boxEr = op.getEntity(Box.EDM_TYPE_NAME, OEntityKey.create(boxName), null);
// EntitiesResponse rolesEr = (EntitiesResponse) op.getNavProperty(Role.EDM_TYPE_NAME,
// OEntityKey.create(boxName),
// "_role", null);
// TODO Bodyの生成
return Response.ok().entity(boxName).build();
} catch (DcCoreException dce) {
if (DcCoreException.OData.NO_SUCH_ENTITY == dce) {
throw DcCoreException.Dav.BOX_NOT_FOUND;
}
throw dce;
}
}
Example 12
| Source File: ClientsManagementService.java From keycloak with Apache License 2.0 | 5 votes |
|
/**
* URL invoked by adapter to register new client cluster node. Each application cluster node will invoke this URL once it joins cluster
*
* @param authorizationHeader
* @param formData
* @return
*/
@Path("unregister-node")
@POST
@Produces(MediaType.APPLICATION_JSON)
public Response unregisterNode(@HeaderParam(HttpHeaders.AUTHORIZATION) String authorizationHeader, final MultivaluedMap<String, String> formData) {
if (!checkSsl()) {
throw new ForbiddenException("HTTPS required");
}
event.event(EventType.UNREGISTER_NODE);
if (!realm.isEnabled()) {
event.error(Errors.REALM_DISABLED);
throw new NotAuthorizedException("Realm not enabled");
}
ClientModel client = authorizeClient();
String nodeHost = getClientClusterHost(formData);
event.client(client).detail(Details.NODE_HOST, nodeHost);
logger.debugf("Unregistering cluster host '%s' for client '%s'", nodeHost, client.getClientId());
client.unregisterNode(nodeHost);
event.success();
return Response.noContent().build();
}
Example 13
| Source File: ClientRegistrationEndpoint.java From java-oauth-server with Apache License 2.0 | 5 votes |
|
/**
* Dynamic client registration management endpoint, "get" functionality.
*/
@GET
@Path("/{id}")
public Response get(
@HeaderParam(HttpHeaders.AUTHORIZATION) String authorization,
@PathParam("id") String clientId,
@Context HttpServletRequest httpServletRequest)
{
return handleGet(AuthleteApiFactory.getDefaultApi(), clientId, authorization);
}
Example 14
| Source File: UserInfoEndpoint.java From java-resource-server with Apache License 2.0 | 5 votes |
|
/**
* The userinfo endpoint for {@code GET} method.
*
* @see <a href="http://openid.net/specs/openid-connect-core-1_0.html#UserInfoRequest"
* >OpenID Connect Core 1.0, 5.3.1. UserInfo Request</a>
*/
@GET
public Response get(
@HeaderParam(HttpHeaders.AUTHORIZATION) String authorization,
@HeaderParam("DPoP") String dpop,
@QueryParam("access_token") String accessToken,
@Context HttpServletRequest request)
{
// Select either the access token embedded in the Authorization header
// or the access token in the query component.
accessToken = extractAccessToken(authorization, accessToken);
// Handle the userinfo request.
return handle(request, accessToken, dpop);
}
Example 15
| Source File: FapiResourceEndpoint.java From java-resource-server with Apache License 2.0 | 5 votes |
|
@GET
public Response get(
@HeaderParam(HttpHeaders.AUTHORIZATION) String authorization,
@HeaderParam("x-fapi-financial-id") @DefaultValue("") String financialId,
@HeaderParam("x-fapi-interaction-id") @DefaultValue("") String interactionId,
@HeaderParam("x-fapi-auth-date") @DefaultValue("") String authDate,
@HeaderParam("x-fapi-customer-ip-address") @DefaultValue("") String customerIpAddress,
@Context HttpServletRequest request)
{
// Extract an access token from the Authorization header (note we don't pass in the query parameter)
String token = extractAccessToken(authorization, null);
return process(token, financialId, interactionId, authDate, customerIpAddress, extractClientCertificate(request));
}
Example 16
| Source File: UserInfoEndpoint.java From java-resource-server with Apache License 2.0 | 5 votes |
|
/**
* The userinfo endpoint for {@code POST} method.
*
* @see <a href="http://openid.net/specs/openid-connect-core-1_0.html#UserInfoRequest"
* >OpenID Connect Core 1.0, 5.3.1. UserInfo Request</a>
*/
@POST
public Response post(
@HeaderParam(HttpHeaders.AUTHORIZATION) String authorization,
@HeaderParam("DPoP") String dpop,
@Context HttpServletRequest request, String body)
{
// '@Consumes(MediaType.APPLICATION_FORM_URLENCODED)' and
// '@FormParam("access_token") are not used here because clients may send
// a request without 'Content-Type' even if the HTTP method is 'POST'.
//
// See Issue 1137 in openid/connect for details.
//
// Is content-type application/x-www-form-urlencoded required
// when calling user info endpoint with empty body?
//
// https://bitbucket.org/openid/connect/issues/1137/is-content-type-application-x-www-form
//
// Extract "access_token" from the request body if the Content-Type of
// the request is 'application/x-www-form-urlencoded'.
String accessToken = extractFormParameter(request, body, "access_token");
// Select either the access token embedded in the Authorization header
// or the access token in the request body.
accessToken = extractAccessToken(authorization, accessToken);
// Handle the userinfo request.
return handle(request, accessToken, dpop);
}
Example 17
| Source File: TokenEndPointResource.java From io with Apache License 2.0 | 4 votes |
|
/**
* 認証のエンドポイント. <h2>トークンの発行しわけ</h2>
* <ul>
* <li>dc_targetにURLが書いてあれば、そのCELLをTARGETのCELLとしてtransCellTokenを発行する。</li>
* <li>scopeがなければCellLocalを発行する。</li>
* </ul>
* @param uriInfo URI情報
* @param authzHeader Authorization ヘッダ
* @param grantType クエリパラメタ
* @param username クエリパラメタ
* @param password クエリパラメタ
* @param dcTarget クエリパラメタ
* @param dcOwner クエリパラメタ
* @param assertion クエリパラメタ
* @param refreshToken クエリパラメタ
* @param clientId クエリパラメタ
* @param clientSecret クエリパラメタ
* @param dcCookie クエリパラメタ
* @param idToken IDトークン
* @param host Hostヘッダ
* @return JAX-RS Response Object
*/
@POST
public final Response auth(@Context final UriInfo uriInfo,
@HeaderParam(HttpHeaders.AUTHORIZATION) final String authzHeader,
@FormParam(Key.GRANT_TYPE) final String grantType,
@FormParam(Key.USERNAME) final String username,
@FormParam(Key.PASSWORD) final String password,
@FormParam(Key.TARGET) final String dcTarget,
@FormParam(Key.OWNER) final String dcOwner,
@FormParam(Key.ASSERTION) final String assertion,
@FormParam(Key.REFRESH_TOKEN) final String refreshToken,
@FormParam(Key.CLIENT_ID) final String clientId,
@FormParam(Key.CLIENT_SECRET) final String clientSecret,
@FormParam("dc_cookie") final String dcCookie,
@FormParam(Key.ID_TOKEN) final String idToken,
@HeaderParam(HttpHeaders.HOST) final String host) {
// Accept unit local scheme url.
String target = UriUtils.convertSchemeFromLocalUnitToHttp(cell.getUnitUrl(), dcTarget);
// dc_target がURLでない場合はヘッダInjectionの脆弱性を産んでしまう。(改行コードが入っているなど)
target = this.checkDcTarget(target);
if (null != dcTarget) {
issueCookie = false;
} else {
issueCookie = Boolean.parseBoolean(dcCookie);
requestURIInfo = uriInfo;
}
String schema = null;
// まずはClient認証したいのかを確認
// ScopeもauthzHeaderもclientIdもない場合はClient認証しないとみなす。
if (clientId != null || authzHeader != null) {
schema = this.clientAuth(clientId, clientSecret, authzHeader);
}
if (OAuth2Helper.GrantType.PASSWORD.equals(grantType)) {
// 通常のパスワード認証
Response response = this.handlePassword(target, dcOwner, host, schema, username, password);
// パスワード認証が成功した場合はアカウントの最終ログイン時刻を更新する
// パスワード認証が成功した場合のみ、ここを通る(handlePassword内でエラーが発生すると、例外がthrowされる)
if (DcCoreConfig.getAccountLastAuthenticatedEnable()) {
// Accountのスキーマ情報を取得する
DcODataProducer producer = ModelFactory.ODataCtl.cellCtl(cell);
EdmEntitySet esetAccount = producer.getMetadata().getEdmEntitySet(Account.EDM_TYPE_NAME);
OEntityKey originalKey = OEntityKey.parse("('" + username + "')");
// 最終ログイン時刻の変更をProducerに依頼(このメソッド内でロックを取得・解放)
producer.updateLastAuthenticated(esetAccount, originalKey, accountId);
}
return response;
} else if (OAuth2Helper.GrantType.SAML2_BEARER.equals(grantType)) {
return this.receiveSaml2(target, dcOwner, schema, assertion);
} else if (OAuth2Helper.GrantType.REFRESH_TOKEN.equals(grantType)) {
return this.receiveRefresh(target, dcOwner, host, refreshToken);
} else if (OAuth2Helper.GrantType.DC1_OIDC_GOOGLE.equals(grantType)) {
return this.receiveIdTokenGoogle(target, dcOwner, schema, username, idToken, host);
} else {
throw DcCoreAuthnException.UNSUPPORTED_GRANT_TYPE.realm(this.cell.getUrl());
}
}
Example 18
| Source File: MissionControlResource.java From launchpad-missioncontrol with Apache License 2.0 | 4 votes |
|
@POST
@Path(PATH_UPLOAD)
@Consumes(MediaType.MULTIPART_FORM_DATA)
@Produces(MediaType.APPLICATION_JSON)
public JsonObject upload(
@HeaderParam(HttpHeaders.AUTHORIZATION) final String authorization,
@MultipartForm UploadForm form) {
Identity githubIdentity = getGitHubIdentity(authorization);
Identity openShiftIdentity = getOpenShiftIdentity(authorization, form.getOpenShiftCluster());
try {
final java.nio.file.Path tempDir = Files.createTempDirectory("tmpUpload");
try (InputStream inputStream = form.getFile()) {
FileUploadHelper.unzip(inputStream, tempDir);
try (DirectoryStream<java.nio.file.Path> projects = Files.newDirectoryStream(tempDir)) {
java.nio.file.Path project = projects.iterator().next();
CreateProjectile projectile = ProjectileBuilder.newInstance()
.gitHubIdentity(githubIdentity)
.openShiftIdentity(openShiftIdentity)
.openShiftProjectName(form.getOpenShiftProjectName())
.openShiftClusterName(form.getOpenShiftCluster())
.createType()
.mission(form.getMission())
.runtime(form.getRuntime())
.gitHubRepositoryName(form.getGitHubRepositoryName())
.gitHubRepositoryDescription(form.getGitHubRepositoryDescription())
.projectLocation(project)
.build();
// Fling it
CompletableFuture.supplyAsync(() -> missionControl.launch(projectile), executorService)
.whenComplete((boom, ex) -> {
if (ex != null) {
event.fire(new StatusMessageEvent(projectile.getId(), ex));
log.log(Level.SEVERE, "Error while launching project", ex);
}
FileUploadHelper.deleteDirectory(tempDir);
});
return Json.createObjectBuilder()
.add("uuid", projectile.getId().toString())
.add("uuid_link", PATH_STATUS + "/" + projectile.getId().toString())
.build();
}
}
} catch (final IOException e) {
throw new WebApplicationException("could not unpack zip file into temp folder", e);
}
}
Example 19
| Source File: AuthzEndPointResource.java From io with Apache License 2.0 | 4 votes |
|
/**
* 認証のエンドポイント. <h2>トークンの発行しわけ</h2>
* <ul>
* <li>dc_targetにURLが書いてあれば、そのCELLをTARGETのCELLとしてtransCellTokenを発行する。</li>
* </ul>
* @param authzHeader Authorization ヘッダ
* @param dcOwner フォームパラメタ
* @param username フォームパラメタ
* @param password フォームパラメタ
* @param dcTarget フォームパラメタ
* @param assertion フォームパラメタ
* @param clientId フォームパラメタ
* @param responseType フォームパラメタ
* @param redirectUri フォームパラメタ
* @param host Hostヘッダ
* @param cookieRefreshToken クッキー
* @param keepLogin フォームパラメタ
* @param state フォームパラメタ
* @param isCancel Cancelフラグ
* @param uriInfo コンテキスト
* @return JAX-RS Response Object
*/
@POST
public final Response authPost(@HeaderParam(HttpHeaders.AUTHORIZATION) final String authzHeader,
@FormParam(Key.OWNER) final String dcOwner,
@FormParam(Key.USERNAME) final String username,
@FormParam(Key.PASSWORD) final String password,
@FormParam(Key.TARGET) final String dcTarget,
@FormParam(Key.ASSERTION) final String assertion,
@FormParam(Key.CLIENT_ID) final String clientId,
@FormParam(Key.RESPONSE_TYPE) final String responseType,
@FormParam(Key.REDIRECT_URI) final String redirectUri,
@HeaderParam(HttpHeaders.HOST) final String host,
@HeaderParam(Key.SESSION_ID) final String cookieRefreshToken,
@FormParam(Key.KEEPLOGIN) final String keepLogin,
@FormParam(Key.STATE) final String state,
@FormParam(Key.CANCEL_FLG) final String isCancel,
@Context final UriInfo uriInfo) {
return auth(dcOwner, username, password, dcTarget, assertion, clientId, responseType, redirectUri, host,
cookieRefreshToken, keepLogin, state, isCancel, uriInfo);
}
Example 20
| Source File: LogInLogOutResource.java From dremio-oss with Apache License 2.0 | 4 votes |
|
@DELETE
public void logout(@HeaderParam(HttpHeaders.AUTHORIZATION) String authHeader) {
tokenManager.invalidateToken(TokenUtils.getTokenFromAuthHeader(authHeader));
}
