下面列出了javax.ws.rs.container.ContainerRequestContext#getCookies ( ) 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
@Override
public Response apply(ContainerRequestContext arg0) {
OpenAPISpecFilter filter = FilterFactory.getFilter();
if(filter != null) {
Map<String, Cookie> cookiesvalue = arg0.getCookies();
Map<String, String> cookies = new HashMap<>();
if(cookiesvalue != null) {
for(String key: cookiesvalue.keySet()) {
cookies.put(key, cookiesvalue.get(key).getValue());
}
}
MultivaluedMap<String, String> headers = arg0.getHeaders();
// since https://github.com/swagger-api/swagger-inflector/issues/305 filtering of inflector extensions is handled at init time by ExtensionsUtils, and VendorSpecFilter is not needed anymore
return Response.ok().entity(getOpenAPI()).build();
}
return Response.ok().entity(getOpenAPI()).build();
}
private boolean isAuthenticated(ContainerRequestContext containerRequestContext, ThirdEyePrincipal principal) {
Map<String, Cookie> cookies = containerRequestContext.getCookies();
if (cookies != null && cookies.containsKey(AuthResource.AUTH_TOKEN_NAME)) {
String sessionKey = cookies.get(AuthResource.AUTH_TOKEN_NAME).getValue();
if (sessionKey.isEmpty()) {
LOG.error("Empty sessionKey. Skipping.");
} else {
SessionDTO sessionDTO = this.sessionDAO.findBySessionKey(sessionKey);
if (sessionDTO != null && System.currentTimeMillis() < sessionDTO.getExpirationTime()) {
// session exist in database and has not expired
principal.setName(sessionDTO.getPrincipal());
principal.setSessionKey(sessionKey);
LOG.info("Found valid session {} for user {}", sessionDTO.getSessionKey(), sessionDTO.getPrincipal());
return true;
}
}
}
return false;
}
private boolean isAuthTokenValid(ContainerRequestContext containerRequestContext) {
Map<String, Cookie> cookies = containerRequestContext.getCookies();
if (cookies.get("jwt-authToken") != null) {
String authToken = cookies.get("jwt-authToken").getValue();
Logger.info(authToken);
Integer uid = JWTProvider.verifyToken(authToken).getClaim("uid").asInt();
Logger.info(uid);
return true;
}
return false;
}
private Optional<String> getTokenFromCookie(ContainerRequestContext requestContext) {
final Map<String, Cookie> cookies = requestContext.getCookies();
if (cookieName != null && cookies.containsKey(cookieName)) {
final Cookie tokenCookie = cookies.get(cookieName);
final String rawToken = tokenCookie.getValue();
return Optional.of(rawToken);
}
return Optional.empty();
}
@Override
public void filter(ContainerRequestContext requestContext) throws IOException {
// get our token...
Map<String, Cookie> cookies = requestContext.getCookies();
Cookie authTokenCookie = cookies.get( "authToken" );
if( authTokenCookie == null )
{
requestContext.abortWith(ACCESS_DENIED );
return;
}
String authToken = authTokenCookie.getValue();
try {
if( ! AuthToken.validateToken(configProps, authToken) )
{
requestContext.abortWith(ACCESS_DENIED );
return;
}
}
catch (Exception e) {
e.printStackTrace();
requestContext.abortWith(ACCESS_DENIED );
return;
}
// if the token is good, just return...
}
@Override
public void filter(ContainerRequestContext requestContext) throws IOException {
SecurityContext requestSecurityContext = requestContext.getSecurityContext();
SecurityContext securityContext = new SecurityContext(){
@Override
public Principal getUserPrincipal(){
return Anonymous.INSTANCE;
}
@Override
public boolean isUserInRole(String role){
String token = getToken();
String roleToken;
switch(role){
case Roles.USER:
roleToken = getUserToken();
break;
case Roles.ADMIN:
roleToken = getAdminToken();
break;
default:
return false;
}
return (roleToken).equals(token) || (roleToken).equals("");
}
@Override
public boolean isSecure(){
return requestSecurityContext != null && requestSecurityContext.isSecure();
}
@Override
public String getAuthenticationScheme(){
return "TOKEN";
}
private String getToken(){
Map<String, Cookie> cookies = requestContext.getCookies();
MultivaluedMap<String, String> headers = requestContext.getHeaders();
Cookie tokenCookie = cookies.get("token");
if(tokenCookie != null){
return tokenCookie.getValue();
}
String authorizationHeader = headers.getFirst(HttpHeaders.AUTHORIZATION);
if(authorizationHeader != null && authorizationHeader.startsWith("Bearer ")){
return authorizationHeader.substring("Bearer ".length());
}
return null;
}
};
requestContext.setSecurityContext(securityContext);
}