Package com.bradmcevoy.http

Source Code of com.bradmcevoy.http.HandlerHelper

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
package com.bradmcevoy.http;

import com.bradmcevoy.common.Path;
import com.bradmcevoy.http.AuthenticationService.AuthStatus;
import com.bradmcevoy.http.Request.Method;
import com.bradmcevoy.http.http11.Http11ResponseHandler;
import com.bradmcevoy.http.quota.StorageChecker;
import com.bradmcevoy.http.quota.StorageChecker.StorageErrorReason;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
*
* @author brad
*/
public class HandlerHelper {

    private final static Logger log = LoggerFactory.getLogger( HandlerHelper.class );
    private AuthenticationService authenticationService;
    private final List<StorageChecker> storageCheckers;

    private boolean enableExpectContinue = true;

    public HandlerHelper( AuthenticationService authenticationService, List<StorageChecker> storageCheckers ) {
        this.authenticationService = authenticationService;
        this.storageCheckers = storageCheckers;
    }

    /**
     * Checks the expect header, and responds if necessary
     *
     * @param resource
     * @param request
     * @param response
     * @return - true if the expect header is ok. ie process normally. false means that we
     * have sent a CONTINUE status and processing should stop until the request body is sent
     */
    public boolean checkExpects( Http11ResponseHandler responseHandler, Request request, Response response ) {
        if( enableExpectContinue ) {
            String s = request.getExpectHeader();
            if( s != null && s.length() > 0 ) {
                response.setStatus( Response.Status.SC_CONTINUE );
                return false;
            } else {
                return true;
            }
        } else {
            return true;
        }
    }

    public AuthStatus checkAuthentication( HttpManager manager, Resource resource, Request request ) {
        log.trace( "checkAuthentication" );
        AuthStatus authStatus = authenticationService.authenticate( resource, request ); //handler.authenticate( auth.user, auth.password );
        if( authStatus == null ) {
            log.trace("checkAuthentication: null authStatus");
            return null;
        } else {
            log.trace("checkAuthentication: authStatus.failed =" + authStatus.loginFailed);
            return authStatus;
        }
    }

    public boolean checkAuthorisation( HttpManager manager, Resource resource, Request request ) {
        log.trace("checkAuthorisation");
        AuthStatus authStatus = checkAuthentication( manager, resource, request );
       
        // a null authStatus means that no authentication was attempted, eg an anonymous request
        // it is up to the implementation to decide whether or not to allow anonymous access
        // however a failed login must always be rejected
        if( authStatus != null && authStatus.loginFailed ) {
            log.trace("checkAuthorisation: loginFailed");
            return false;
        }
        Auth auth;
        if( authStatus != null ) {
            log.trace("checkAuthorisation: got auth object");
            auth = authStatus.auth;
        } else {
            log.trace("checkAuthorisation: authStatus is null, no authentication was attempted");
            auth = null;
        }
        boolean authorised = resource.authorise( request, request.getMethod(), auth );
        if( !authorised ) {
            if( log.isWarnEnabled() ) {
                log.warn( "authorisation declined, requesting authentication: " + request.getAbsolutePath() + ". resource type: " + resource.getClass().getCanonicalName() );
            }
            if( auth != null ) {
                if( log.isTraceEnabled() ) {
                    log.trace( "  - auth: " + auth.getUser() + " tag: " + auth.getTag() );
                }
            } else {
                log.trace( "  - anonymous request" );
            }
            return false;
        } else {
            return true;
        }
    }

    public boolean doCheckRedirect( Http11ResponseHandler responseHandler, Request request, Response response, Resource resource ) {
        String redirectUrl = resource.checkRedirect( request );
        if( redirectUrl != null && redirectUrl.length() > 0 ) {
            responseHandler.respondRedirect( response, request, redirectUrl );
            return true;
        } else {
            return false;
        }
    }

    /**
     * TODO: move to webdav
     *
     * @param inRequest
     * @param inResource
     * @return
     */
    public boolean isLockedOut( Request inRequest, Resource inResource ) {
        if( inResource == null || !( inResource instanceof LockableResource ) ) {
            return false;
        }
        LockableResource lr = (LockableResource) inResource;
        LockToken token = lr.getCurrentLock();
        if( token != null ) {
            Auth auth = inRequest.getAuthorization();
            Object sUser = null;
            if( auth != null ) sUser = auth.getUser();
            String lockedByUser = token.info.lockedByUser;
            if( lockedByUser == null ) {
                log.warn( "Resource is locked with a null user. Ignoring the lock" );
                return false;
            } else if( !lockedByUser.equals( sUser ) ) {
                if( log.isInfoEnabled() ) {
                    if( auth == null ) {
                        log.trace( "lock owned by: " + lockedByUser );
                    } else {
                        log.trace( "lock owned by: " + lockedByUser + " not by " + auth.getUser() );
                    }
                }
                String value = inRequest.getIfHeader();
                if( value != null ) {
                    if( value.contains( "opaquelocktoken:" + token.tokenId + ">" ) ) {
                        log.trace( "Request contains valid token so operation is permitted" );
                        return false;
                    }
                }
                return true;
            }
        }
        return false;
    }

    public boolean missingLock( Request inRequest, Resource inParentcol ) {
        //make sure we are not requiring a lock
        String value = inRequest.getIfHeader();
        if( value != null ) {
            if( value.contains( "(<DAV:no-lock>)" ) ) {
                log.info( "Contained valid token. so is unlocked" );
                return true;
            }
        }

        return false;
    }

    public StorageErrorReason checkStorageOnReplace( Request request, CollectionResource parentCol, Resource replaced, String host ) {
        for( StorageChecker sc : storageCheckers ) {
            StorageErrorReason res = sc.checkStorageOnReplace( request, parentCol, replaced, host );
            if( res != null ) {
                log.warn( "insufficient storage reason: " + res + " reported by: " + sc.getClass() );
                return res;
            }
        }
        return null;
    }

    public StorageErrorReason checkStorageOnAdd( Request request, CollectionResource nearestParent, Path parentPath, String host ) {
        for( StorageChecker sc : storageCheckers ) {
            StorageErrorReason res = sc.checkStorageOnAdd( request, nearestParent, parentPath, host );
            if( res != null ) {
                log.warn( "insufficient storage reason: " + res + " reported by: " + sc.getClass() );
                return res;
            }
        }
        return null;
    }

    /**
     * Returns true to indicate that the given resource MUST NOT handle the
     * given method.
     *
     * A return value of false indicates that it might.
     *
     * @param r - the resource to check
     * @param m - the HTTP request method
     * @return - true to indicate the resource must not handle method m
     */
    public boolean isNotCompatible( Resource r, Method m ) {
        if( r instanceof ConditionalCompatibleResource ) {
            ConditionalCompatibleResource ccr = (ConditionalCompatibleResource) r;
            return !ccr.isCompatible( m );
        }
        return false;
    }

    public boolean isEnableExpectContinue() {
        return enableExpectContinue;
    }

    public void setEnableExpectContinue( boolean enableExpectContinue ) {
        this.enableExpectContinue = enableExpectContinue;
    }
}
TOP

Related Classes of com.bradmcevoy.http.HandlerHelper

  • com.bradmcevoy.http.AuthenticationService.AuthStatus
  • com.bradmcevoy.http.quota.StorageChecker.StorageErrorReason
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.