下面列出了javax.servlet.http.HttpServletRequestWrapper#javax.servlet.ServletRequest 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
throws IOException, ServletException {
Object apiGwContext = servletRequest.getAttribute(RequestReader.API_GATEWAY_CONTEXT_PROPERTY);
if (apiGwContext == null) {
log.warn("API Gateway context is null");
filterChain.doFilter(servletRequest, servletResponse);
}
if (!AwsProxyRequestContext.class.isAssignableFrom(apiGwContext.getClass())) {
log.warn("API Gateway context object is not of valid type");
filterChain.doFilter(servletRequest, servletResponse);
}
AwsProxyRequestContext ctx = (AwsProxyRequestContext)apiGwContext;
if (ctx.getIdentity() == null) {
log.warn("Identity context is null");
filterChain.doFilter(servletRequest, servletResponse);
}
String cognitoIdentityId = ctx.getIdentity().getCognitoIdentityId();
if (cognitoIdentityId == null || "".equals(cognitoIdentityId.trim())) {
log.warn("Cognito identity id in request is null");
}
servletRequest.setAttribute(COGNITO_IDENTITY_ATTRIBUTE, cognitoIdentityId);
filterChain.doFilter(servletRequest, servletResponse);
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest httpRequest = (HttpServletRequest) request;
String requestURI = httpRequest.getRequestURI();
if (requestURI.contains(".nocache.")) {
Date now = new Date();
HttpServletResponse httpResponse = (HttpServletResponse) response;
httpResponse.setDateHeader("Date", now.getTime());
// one day old
httpResponse.setDateHeader("Expires", now.getTime() - 86400000L);
httpResponse.setHeader("Pragma", "no-cache");
httpResponse.setHeader("Cache-control", "no-cache, no-store, must-revalidate");
}
filterChain.doFilter(request, response);
}
@Test
public void testNonHttpRequest() throws Exception {
FilterChain chain = Mockito.mock(FilterChain.class);
ServletRequest nonHttpRequest = Mockito.mock(ServletRequest.class);
ServletResponse nonHttpResponse = Mockito.mock(ServletResponse.class);
HttpServletRequest httpRequest = Mockito.mock(HttpServletRequest.class);
ServletResponse httpResponse = Mockito.mock(HttpServletResponse.class);
filter.doFilter(nonHttpRequest, nonHttpResponse, chain);
Mockito.verify(chain, Mockito.times(1)).doFilter(nonHttpRequest, nonHttpResponse);
filter.doFilter(nonHttpRequest, httpResponse, chain);
Mockito.verify(chain, Mockito.times(1)).doFilter(nonHttpRequest, httpResponse);
filter.doFilter(httpRequest, nonHttpResponse, chain);
Mockito.verify(chain, Mockito.times(1)).doFilter(httpRequest, nonHttpResponse);
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse res = (HttpServletResponse) response;
String uri = req.getRequestURI();
this.context.log("Requested Resource::"+uri);
HttpSession session = req.getSession(false);
if(session == null && !(uri.endsWith("html") || uri.endsWith("LoginServlet"))){
this.context.log("Unauthorized access request");
res.sendRedirect("login.html");
}else{
// pass the request along the filter chain
chain.doFilter(request, response);
}
}
@Test
public void createToken_should_create_token() throws Exception {
X509Certificate certificate = mock(X509Certificate.class);
ServletRequest request = mock(ServletRequest.class);
ServletResponse response = mock(ServletResponse.class);
when(request.getAttribute("javax.servlet.request.X509Certificate")).thenReturn(
new X509Certificate[]{certificate});
AuthenticationToken token = underTest.createToken(request, response);
assertThat(token).isInstanceOf(AuthenticationTokenWrapper.class);
AuthenticationTokenWrapper w = (AuthenticationTokenWrapper) token;
assertThat(w.getSeedToken()).isInstanceOf(X509CertificateToken.class);
X509CertificateToken x = (X509CertificateToken) w.getSeedToken();
assertThat(x.getAuthenticatingCertificates()).containsExactly(certificate);
}
/**
* Creates a encoded URL query string with the parameters from the given request. If the
* request is a GET, then the returned query string will simply consist of the query
* string from the request. If the request is a POST, the returned query string will
* consist of the form variables.
* <p>
* <strong>Note</strong>: This method does not support multi-value parameters.
*
* @param request The request for which the query string will be generated.
*
* @return An encoded URL query string with the parameters from the given request.
*/
public static String requestParamsToQueryString(ServletRequest request) {
StringBuffer queryString = new StringBuffer();
String paramName = null;
String paramValue = null;
Enumeration paramNames = request.getParameterNames();
while (paramNames.hasMoreElements()) {
paramName = (String)paramNames.nextElement();
paramValue = request.getParameter(paramName);
queryString.append(encode(paramName)).append("=").append(encode(paramValue))
.append("&");
}
if (endsWith(queryString, '&')) {
queryString.deleteCharAt(queryString.length() - 1);
}
return queryString.toString();
}
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
String domain = request.getHeader("Origin");
if (permissionFilterService.haveHeaderPermission(request)) {
response.setHeader("Access-Control-Allow-Origin", domain);
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", " X-Requested-With, Content-Type,X-Requested-With, Content-Type, X-File-Name,token,Access-Control-Allow-Origin,Access-Control-Allow-Methods,Access-Control-Max-Age,authorization");
chain.doFilter(req, res);
} else {
request.setAttribute("gunjianpan", "Error");
// response.sendError(ErrorCodeConsts.STATUS_FORBIDDEN);
chain.doFilter(req, res);
}
}
/**
* Determine filter execution conditions
*/
protected final boolean preFilter(final ServletRequest servletRequest, final ServletResponse servletResponse, final FilterChain filterChain)
throws IOException, ServletException {
final HttpServletRequest request = (HttpServletRequest) servletRequest;
final HttpSession session = request.getSession(false);
final OAuthData oAuthData = session != null ? (OAuthData) session.getAttribute(Configuration.SESSION_OAUTH_DATA) : null;
if (oAuthData != null) {
return false;
}
final String code = getParameter(request, Configuration.OAUTH_CODE);
log.trace("code value: " + code);
if (StringHelper.isNotEmpty(code)) {
return false;
}
return true;
}
/**
* Binds the request or response to the current thread.
*
* @param instance
* The request/response
* @throws IllegalStateException
* if there is already an instance bound to the thread
*/
void bind(Type instance)
{
if (isBound())
{
// ignore forwards - Tomcat calls #requestInitialized two times with form authentication
if (instance instanceof ServletRequest)
{
ServletRequest servletRequest = (ServletRequest) instance;
if (servletRequest.getAttribute("javax.servlet.forward.request_uri") != null)
{
return;
}
}
throw new IllegalStateException("There is already an instance bound to this thread.");
}
threadLocal.set(instance);
}
@Override
protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
boolean existSession = SecurityUtils.getSubject().isAuthenticated();
if (!existSession) {
return false;
} else {
Session session = SecurityUtils.getSubject().getSession(false);
if (session != null) {
Serializable id = session.getId();
if (id != null) {
if (redisClient.get((String) id) != null) {
return true;
}
}
}
return false;
}
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException,
ServletException {
try {
Subject subject = WSSubject.getCallerSubject();
if (subject != null) {
FedizResponse fedResponse = getCachedFederationResponse(subject);
LOG.info("Security token found for user: {}", fedResponse.getUsername());
Element el = fedResponse.getToken();
if (el != null) {
SecurityTokenThreadLocal.setToken(el);
LOG.debug("Setting Security Token to SecurityTokenThreadLocal");
}
}
chain.doFilter(request, response);
} catch (WSSecurityException e) {
LOG.warn("No caller Subject/Principal found in request.");
chain.doFilter(request, response);
} finally {
SecurityTokenThreadLocal.setToken(null);
}
}
private String translateUserAgent(ServletRequest request) {
if( ! (request instanceof HttpServletRequest)
|| ((HttpServletRequest)request).getHeader("User-Agent") == null) {
return null;
}
String agent = ((HttpServletRequest)request).getHeader("User-Agent");
// Translate User-Agent header into client key by finding match using rules in clientKeyMap.
for(Entry<String, String> entry :clientKeyMap.entrySet()) {
if(agent.matches(entry.getKey())) {
return entry.getValue();
}
}
return agent;
}
/**
* Sets the slf4j <code>MDC</code> and delegates the request to the chain.
*
* @param request servlet request.
* @param response servlet response.
* @param chain filter chain.
*
* @throws IOException thrown if an IO error occurrs.
* @throws ServletException thrown if a servet error occurrs.
*/
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
try {
MDC.clear();
String hostname = HostnameFilter.get();
if (hostname != null) {
MDC.put("hostname", HostnameFilter.get());
}
Principal principal = ((HttpServletRequest) request).getUserPrincipal();
String user = (principal != null) ? principal.getName() : null;
if (user != null) {
MDC.put("user", user);
}
MDC.put("method", ((HttpServletRequest) request).getMethod());
MDC.put("path", ((HttpServletRequest) request).getPathInfo());
chain.doFilter(request, response);
} finally {
MDC.clear();
}
}
@Test
public void testMultiValueParams() throws Exception {
class ParamHandler implements PrintServlet.RequestHandler {
private String[] paramValues;
public void handleRequest(ServletRequest req) {
paramValues = req.getParameterValues("multi_value");
}
}
ParamHandler handler = new ParamHandler();
PrintServlet.setRequestHandler(handler);
final Queue queue = QueueFactory.getQueue("tasks-queue");
queue.add(
withUrl(URL)
.param("multi_value", "param_value1")
.param("multi_value", "param_value2"));
sync();
assertNotNull(handler.paramValues);
assertEquals(
new HashSet<>(Arrays.asList("param_value1", "param_value2")),
new HashSet<>(Arrays.asList(handler.paramValues)));
}
/**
* Merge URI variables into the property values to use for data binding.
*/
@Override
@SuppressWarnings("unchecked")
protected void addBindValues(MutablePropertyValues mpvs, ServletRequest request) {
String attr = HandlerMapping.URI_TEMPLATE_VARIABLES_ATTRIBUTE;
Map<String, String> uriVars = (Map<String, String>) request.getAttribute(attr);
if (uriVars != null) {
uriVars.forEach((name, value) -> {
if (mpvs.contains(name)) {
if (logger.isWarnEnabled()) {
logger.warn("Skipping URI variable '" + name +
"' because request contains bind value with same name.");
}
}
else {
mpvs.addPropertyValue(name, value);
}
});
}
}
@Override
public void service(final ServletRequest servletRequest, final ServletResponse servletResponse) throws ServletException, IOException {
if (list == null) {
servletResponse.getWriter().write("oops");
} else {
servletResponse.getWriter().write(list.toString());
}
}
/**
* @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)
*/
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
String requestURI = ((HttpServletRequest) request).getRequestURI();
String v = request.getParameter("v"); //$NON-NLS-1$
if (v == null){
v = ""; //$NON-NLS-1$
}
Date now = new Date();
HttpServletResponse httpResponse = (HttpServletResponse) response;
httpResponse.setDateHeader("Date", now.getTime()); //$NON-NLS-1$
// By default, cache aggressively. However, if a file contains '.nocache.' as part of its
// name, then tell the browser not to cache it. Also, if the version of the resource being
// requested contains 'SNAPSHOT' then don't cache.
if (requestURI.contains(".nocache.") //$NON-NLS-1$
|| v.contains("SNAPSHOT") //$NON-NLS-1$
|| "true".equals(System.getProperty("apiman.resource-caching.disabled", "false"))) //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
{
HttpCacheUtil.disableHttpCaching(httpResponse);
} else {
httpResponse.setDateHeader("Expires", expiresInOneYear(now)); //$NON-NLS-1$
// Cache for one year
httpResponse.setHeader("Cache-control", "public, max-age=31536000"); //$NON-NLS-1$ //$NON-NLS-2$
}
chain.doFilter(request, response);
}
public static Object makeExpressionPayload ( String expr ) throws IllegalArgumentException, IllegalAccessException, Exception {
FacesContextImpl fc = new FacesContextImpl((ServletContext) null, (ServletRequest) null, (ServletResponse) null);
ELContext elContext = new FacesELContext(new CompositeELResolver(), fc);
Reflections.getField(FacesContextImplBase.class, "_elContext").set(fc, elContext);
ExpressionFactory expressionFactory = ExpressionFactory.newInstance();
ValueExpression ve1 = expressionFactory.createValueExpression(elContext, expr, Object.class);
ValueExpressionMethodExpression e = new ValueExpressionMethodExpression(ve1);
ValueExpression ve2 = expressionFactory.createValueExpression(elContext, "${true}", Object.class);
ValueExpressionMethodExpression e2 = new ValueExpressionMethodExpression(ve2);
return Gadgets.makeMap(e2, e);
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
// Skip non-http request/response
if (!(request instanceof HttpServletRequest && response instanceof HttpServletResponse)) {
chain.doFilter(request, response);
return;
}
SessionManager.startSession((HttpServletRequest) request);
// do following part of chain
chain.doFilter(request, response);
SessionManager.endSession();
}
/**
* 获取登录密码
*/
@Override
protected String getPassword(ServletRequest request) {
String password = super.getPassword(request);
if (StringUtils.isBlank(password)){
password = StringUtils.toString(request.getAttribute(getPasswordParam()), StringUtils.EMPTY);
}
return password;
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
String id = increment(request);
try {
chain.doFilter(request, response);
} finally {
decrement(request, id);
}
}
/**
* 执行登录认证
*
* @param request
* @param response
* @param mappedValue
* @return
*/
@Override
protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
try {
executeLogin(request, response);
return true;
} catch (Exception e) {
throw new AuthenticationException("Token失效,请重新登录", e);
}
}
/**
* 对跨域提供支持
*/
@Override
protected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception {
HttpServletRequest httpServletRequest = (HttpServletRequest) request;
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
httpServletResponse.setHeader("Access-control-Allow-Origin", httpServletRequest.getHeader("Origin"));
httpServletResponse.setHeader("Access-Control-Allow-Methods", "GET,POST,OPTIONS,PUT,DELETE");
httpServletResponse.setHeader("Access-Control-Allow-Headers", httpServletRequest.getHeader("Access-Control-Request-Headers"));
// 跨域时会首先发送一个option请求,这里我们给option请求直接返回正常状态
if (httpServletRequest.getMethod().equals(RequestMethod.OPTIONS.name())) {
httpServletResponse.setStatus(HttpStatus.OK.value());
return false;
}
return super.preHandle(request, response);
}
@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
PrintWriter out = response.getWriter();
out.print(getClass().getName());
chain.doFilter(request, response);
}
@Override
public String readAttribute(final HttpServerExchange exchange) {
ServletRequestContext context = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
if (context != null) {
ServletRequest req = context.getServletRequest();
if (req instanceof HttpServletRequest) {
HttpSession session = ((HttpServletRequest) req).getSession(false);
if (session != null) {
return session.getId();
}
}
}
return null;
}
public static <T> T convertRequestBody(ServletRequest request, Class<T> clazz) {
try {
String jsonStr = IOUtil.getStringInputStream(request.getInputStream());
return new Gson().fromJson(jsonStr, clazz);
} catch (Exception e) {
LOGGER.info("", e);
throw new RuntimeException(e);
}
}
private static void verifyUnauthorized(AuthenticationFilter filter,
HttpServletRequest request,
HttpServletResponse response,
FilterChain chain) throws
IOException,
ServletException {
final HashMap<String, String> cookieMap = new HashMap<String, String>();
Mockito.doAnswer(new Answer<Object>() {
@Override
public Object answer(InvocationOnMock invocation) throws Throwable {
String cookieHeader = (String) invocation.getArguments()[1];
parseCookieMap(cookieHeader, cookieMap);
return null;
}
}).when(response).addHeader(Mockito.eq("Set-Cookie"), Mockito.anyString());
filter.doFilter(request, response, chain);
Mockito.verify(response).sendError(Mockito.eq(HttpServletResponse
.SC_UNAUTHORIZED), Mockito.anyString());
Mockito.verify(chain, Mockito.never()).doFilter(Mockito.any
(ServletRequest.class), Mockito.any(ServletResponse.class));
Assert.assertTrue("cookie is missing",
cookieMap.containsKey(AuthenticatedURL.AUTH_COOKIE));
Assert.assertEquals("", cookieMap.get(AuthenticatedURL.AUTH_COOKIE));
}
@Override
public void doFilter(ServletRequest req, ServletResponse resp,
FilterChain chain) throws IOException, ServletException {
ProxyUtils.rejectNonHttpRequests(req);
HttpServletRequest httpReq = (HttpServletRequest)req;
HttpServletResponse httpResp = (HttpServletResponse)resp;
if (LOG.isDebugEnabled()) {
LOG.debug("Remote address for request is: {}", httpReq.getRemoteAddr());
}
if (!getProxyAddresses().contains(httpReq.getRemoteAddr())) {
String redirectUrl = findRedirectUrl();
String target = redirectUrl + httpReq.getRequestURI();
ProxyUtils.sendRedirect(httpReq, httpResp, target);
return;
}
String user = null;
if (httpReq.getCookies() != null) {
for(Cookie c: httpReq.getCookies()) {
if(WebAppProxyServlet.PROXY_USER_COOKIE_NAME.equals(c.getName())){
user = c.getValue();
break;
}
}
}
if (user == null) {
if (LOG.isDebugEnabled()) {
LOG.debug("Could not find " + WebAppProxyServlet.PROXY_USER_COOKIE_NAME
+ " cookie, so user will not be set");
}
chain.doFilter(req, resp);
} else {
final AmIpPrincipal principal = new AmIpPrincipal(user);
ServletRequest requestWrapper = new AmIpServletRequestWrapper(httpReq,
principal);
chain.doFilter(requestWrapper, resp);
}
}
/**
* Get an array of int parameters, return an empty array if not found.
* @param request current HTTP request
* @param name the name of the parameter with multiple possible values
*/
public static int[] getIntParameters(ServletRequest request, String name) {
try {
return getRequiredIntParameters(request, name);
}
catch (ServletRequestBindingException ex) {
return new int[0];
}
}
@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain filterChain) throws IOException, ServletException {
request.setCharacterEncoding("UTF-8");
response.setCharacterEncoding("UTF-8");
filterChain.doFilter(request, response);
}