hudson.util.HttpResponses Java Examples

@Override
public Object getDynamic(final String token, final StaplerRequest req, final StaplerResponse rsp) {
    try {
        final Build item = getRun(Combination.fromString(token));
        if (item != null) {
            if (item.getNumber() == this.getNumber()) {
                return item;
            } else {
                // redirect the user to the correct URL
                String url = Functions.joinPath(item.getUrl(), req.getRestOfPath());
                final String qs = req.getQueryString();
                if (qs != null) {
                    url += '?' + qs;
                }
                throw HttpResponses.redirectViaContextPath(url);
            }
        }
    } catch (final IllegalArgumentException e) {
        // failed to parse the token as Combination. Must be something else
    }
    return super.getDynamic(token, req, rsp);
}
 

public Job<?, ?> getProject( String job, StaplerRequest req, StaplerResponse rsp )
    throws HttpResponses.HttpResponseException
{
    Job<?, ?> p;

    SecurityContext orig = ACL.impersonate( ACL.SYSTEM );
    try
    {
        p = Jenkins.getInstance().getItemByFullName( job, Job.class );
    }
    finally
    {
        SecurityContextHolder.setContext( orig );
    }

    if ( p == null )
    {
        throw org.kohsuke.stapler.HttpResponses.notFound();
    }

    return p;
}
 

public void execute() {
    if (pushHook.getRepository() != null && pushHook.getRepository().getUrl() == null) {
        LOGGER.log(Level.WARNING, "No repository url found.");
        return;
    }

    if (project instanceof Job<?, ?>) {
        ACL.impersonate(ACL.SYSTEM, new TriggerNotifier(project, secretToken, Jenkins.getAuthentication()) {
            @Override
            protected void performOnPost(GitLabPushTrigger trigger) {
                trigger.onPost(pushHook);
            }
        });
        throw HttpResponses.ok();
    }
    if (project instanceof SCMSourceOwner) {
        ACL.impersonate(ACL.SYSTEM, new SCMSourceOwnerNotifier());
        throw HttpResponses.ok();
    }
    throw HttpResponses.errorWithoutStack(409, "Push Hook is not supported for this project");
}
 

@Override
protected void writeStatusBody(StaplerResponse response, Run<?, ?> build, BuildStatus status) {
    try {
        response.setHeader("Expires", "Fri, 01 Jan 1984 00:00:00 GMT");
        response.setHeader("Cache-Control", "no-cache, private");
        response.setHeader("Content-Type", "image/png");
        IOUtils.copy(getStatusImage(status), response.getOutputStream());
        response.flushBuffer();
    } catch (Exception e) {
        throw HttpResponses.error(500, "Could not generate response.");
    }
}
 

public void execute() {
    if (!(project instanceof Job<?, ?>)) {
        throw HttpResponses.errorWithoutStack(409, "Merge Request Hook is not supported for this project");
    }
    ACL.impersonate(ACL.SYSTEM, new TriggerNotifier(project, secretToken, Jenkins.getAuthentication()) {
        @Override
        protected void performOnPost(GitLabPushTrigger trigger) {
            trigger.onPost(mergeRequestHook);
        }
    });
    throw HttpResponses.ok();
}
 

public void execute(StaplerResponse response) {
    if (!(project instanceof Job<?, ?>)) {
        throw HttpResponses.errorWithoutStack(409, "Note Hook is not supported for this project");
    }
    ACL.impersonate(ACL.SYSTEM, new BuildWebHookAction.TriggerNotifier(project, secretToken, Jenkins.getAuthentication()) {
        @Override
        protected void performOnPost(GitLabPushTrigger trigger) {
            trigger.onPost(noteHook);
        }
    });
    throw HttpResponses.ok();
}
 

private void checkPermission(Permission permission, Item project) {
    if (((GitLabConnectionConfig) Jenkins.get().getDescriptor(GitLabConnectionConfig.class)).isUseAuthenticatedEndpoint()) {
        if (!project.getACL().hasPermission(authentication, permission)) {
            String message =  String.format("%s is missing the %s/%s permission", authentication.getName(), permission.group.title, permission.name);
            LOGGER.finest("Unauthorized (Did you forget to add API Token to the web hook ?)");
            throw HttpResponses.errorWithoutStack(403, message);
        }
    }
}
 

public void run() {
    GitLabPushTrigger trigger = GitLabPushTrigger.getFromJob((Job<?, ?>) project);
    if (trigger != null) {
        if (StringUtils.isEmpty(trigger.getSecretToken())) {
            checkPermission(Item.BUILD, project);
        } else if (!StringUtils.equals(trigger.getSecretToken(), secretToken)) {
            throw HttpResponses.errorWithoutStack(401, "Invalid token");
        }
        performOnPost(trigger);
    }
}
 

void execute() {
    if (!(project instanceof Job<?, ?>)) {
        throw HttpResponses.errorWithoutStack(409, "Pipeline Hook is not supported for this project");
    }
    ACL.impersonate(ACL.SYSTEM, new TriggerNotifier(project, secretToken, Jenkins.getAuthentication()) {
        @Override
        protected void performOnPost(GitLabPushTrigger trigger) {
            trigger.onPost(pipelineBuildHook);
        }
    });
    throw HttpResponses.ok();
}
 

private String getRequestBody(StaplerRequest request) {
    String requestBody;
    try {
        Charset charset = request.getCharacterEncoding() == null ?  UTF_8 : Charset.forName(request.getCharacterEncoding());
        requestBody = IOUtils.toString(request.getInputStream(), charset);
    } catch (IOException e) {
        throw HttpResponses.error(500, "Failed to read request body");
    }
    return requestBody;
}
 

public WebHookAction resolve(final String projectName, StaplerRequest request) {
    Iterator<String> restOfPathParts = Splitter.on('/').omitEmptyStrings().split(request.getRestOfPath()).iterator();
    Item project = resolveProject(projectName, restOfPathParts);
    if (project == null) {
        throw HttpResponses.notFound();
    }
    return resolveAction(project, Joiner.on('/').join(restOfPathParts), request);
}
 

public void execute(StaplerResponse response) {
    SCMTriggerItem item = SCMTriggerItem.SCMTriggerItems.asSCMTriggerItem(project);
    if (!hasGitSCM(item)) {
        throw HttpResponses.error(409, "The project has no GitSCM configured");
    }
    writeStatusBody(response, build, getStatus(build));
}
 

@Override
protected void writeStatusBody(StaplerResponse response, Run<?, ?> build, BuildStatus status) {
    try {
        JSONObject object = new JSONObject();
        object.put("sha", sha1);
        if (build != null) {
            object.put("id", build.getNumber());
        }
        object.put("status", status.getValue());
        writeBody(response, object);
    } catch (IOException e) {
        throw HttpResponses.error(500, "Failed to generate response");
    }
}
 

public HttpResponse doPost(StaplerRequest request) throws IOException, GitLabApiException {
    if (!request.getMethod().equals("POST")) {
        return HttpResponses
            .error(HttpServletResponse.SC_BAD_REQUEST,
                "Only POST requests are supported, this was a " + request.getMethod()
                    + " request");
    }
    if (!"application/json".equals(request.getContentType())) {
        return HttpResponses
            .error(HttpServletResponse.SC_BAD_REQUEST,
                "Only application/json content is supported, this was " + request
                    .getContentType());
    }
    String type = request.getHeader("X-Gitlab-Event");
    if (StringUtils.isBlank(type)) {
        return HttpResponses.error(HttpServletResponse.SC_BAD_REQUEST,
            "Expecting a GitLab event, missing expected X-Gitlab-Event header");
    }
    String secretToken = request.getHeader("X-Gitlab-Token");
    if(!isValidToken(secretToken)) {
        return HttpResponses.error(HttpServletResponse.SC_UNAUTHORIZED,
            "Expecting a valid secret token");
    }
    String origin = SCMEvent.originOf(request);
    WebHookManager webHookManager = new WebHookManager();
    webHookManager.addListener(new GitLabWebHookListener(origin));
    webHookManager.handleEvent(request);
    return HttpResponses.ok(); // TODO find a better response
}
 

public void execute(StaplerResponse response) {
    if (build != null) {
        try {
            response.sendRedirect2(Jenkins.getInstance().getRootUrl() + build.getUrl());
        } catch (IOException e) {
            try {
                response.sendRedirect2(Jenkins.getInstance().getRootUrl() + build.getBuildStatusUrl());
            } catch (IOException e1) {
                throw HttpResponses.error(500, "Failed to redirect to build page");
            }
        }
    }
}
 

/**
 * This is where the user comes back to at the end of the OpenID redirect ping-pong.
 * @param request The user's request
 * @return an HttpResponse
*/
public HttpResponse doFinishLogin(StaplerRequest request) {
	OicSession currentSession = OicSession.getCurrent();
	if(currentSession==null) {
		LOGGER.fine("No session to resume (perhaps jenkins was restarted?)");
		return HttpResponses.errorWithoutStack(401, "Unauthorized");
	}
    return currentSession.doFinishLogin(request);
}
 

public HttpResponse doEscapeHatch(@QueryParameter("j_username") String username, @QueryParameter("j_password") String password) {
    randomWait(); // to slowdown brute forcing
    if(!isEscapeHatchEnabled()) {
        return HttpResponses.redirectViaContextPath("loginError");
    }
    if(this.escapeHatchUsername == null || this.escapeHatchSecret == null) {
        return HttpResponses.redirectViaContextPath("loginError");
    }
    if(escapeHatchUsername.equalsIgnoreCase(username) && escapeHatchSecret.getPlainText().equals(password)) {
        List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
        authorities.add(SecurityRealm.AUTHENTICATED_AUTHORITY);
        if(isNotBlank(escapeHatchGroup)) {
            authorities.add(new GrantedAuthorityImpl(escapeHatchGroup));
        }
        String userName = "escape-hatch-admin";
        GrantedAuthority[] grantedAuthorities = authorities.toArray(new GrantedAuthority[authorities.size()]);
        UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(
        		userName,
                "",
                grantedAuthorities
        );
        SecurityContextHolder.getContext().setAuthentication(token);
        OicUserDetails userDetails = new OicUserDetails(userName, grantedAuthorities);
        SecurityListener.fireAuthenticated(userDetails);
        return HttpRedirect.CONTEXT_ROOT;
    }
    return HttpResponses.redirectViaContextPath("loginError");
}
 

@DELETE
@WebMethod(name="")
public HttpResponse cancelClone(StaplerRequest req) {
    String repositoryUrl = req.getOriginalRestOfPath();
    CloneProgressMonitor progress = CloneProgressMonitor.get(repositoryUrl);
    if (progress != null) {
        progress.cancel();
    }
    return HttpResponses.ok();
}
 

@GET
@WebMethod(name="")
public HttpResponse getProgress(StaplerRequest req) {
    String repositoryUrl = req.getOriginalRestOfPath();
    CloneProgressMonitor progress = CloneProgressMonitor.get(repositoryUrl);
    if (progress == null) {
        return null;
    }
    return HttpResponses.okJSON(ImmutableMap.of("progress", progress.getPercentComplete()));
}
 

public HttpResponse doPost(StaplerRequest request) throws GitLabApiException {
    if (!request.getMethod().equals("POST")) {
        return HttpResponses
            .error(HttpServletResponse.SC_BAD_REQUEST,
                "Only POST requests are supported, this was a " + request.getMethod()
                    + " request");
    }
    if (!"application/json".equals(request.getContentType())) {
        return HttpResponses
            .error(HttpServletResponse.SC_BAD_REQUEST,
                "Only application/json content is supported, this was " + request
                    .getContentType());
    }
    String type = request.getHeader("X-Gitlab-Event");
    if (StringUtils.isBlank(type)) {
        return HttpResponses.error(HttpServletResponse.SC_BAD_REQUEST,
            "Expecting a GitLab event, missing expected X-Gitlab-Event header");
    }
    String secretToken = request.getHeader("X-Gitlab-Token");
    if(!isValidToken(secretToken)) {
        return HttpResponses.error(HttpServletResponse.SC_UNAUTHORIZED,
            "Expecting a valid secret token");
    }
    String origin = SCMEvent.originOf(request);
    SystemHookManager systemHookManager = new SystemHookManager();
    systemHookManager.addListener(new GitLabSystemHookListener(origin));
    systemHookManager.handleEvent(request);
    return HttpResponses.ok(); // TODO find a better response
}
 

public HttpResponse doIndex() {
    triggerCount++;
    return HttpResponses.plainText("triggered");
}
 

public void doDynamic(StaplerRequest req, StaplerResponse rsp) throws IOException, ServletException {

        if (LOGGER.isLoggable(Level.FINEST)) {
            LOGGER.log(Level.FINEST, "Serving " + req.getRestOfPath());
        }
        if (req.getRestOfPath().equals("")) {
            // serve the index page
            if (LOGGER.isLoggable(Level.FINEST)) {
                LOGGER.log(Level.FINEST, "Redirecting to index file");
            }
            throw HttpResponses.redirectTo(indexFile);
        }

        String fileName = req.getRestOfPath();
        if (fileName.startsWith("/")) {
            fileName = fileName.substring(1);
        }

        File file = new File(getRootDir(), fileName);

        if (!new File(getRootDir(), fileName).exists()) {
            if (LOGGER.isLoggable(Level.FINEST)) {
                LOGGER.log(Level.FINEST, "File does not exist: " + fileName);
            }

            throw HttpResponses.notFound();
        }

        if (isSafeFileType(fileName)) {
            // skip checksum check if the file's extension is whitelisted
            if (LOGGER.isLoggable(Level.FINEST)) {
                LOGGER.log(Level.FINEST, "Serving safe file: " + fileName);
            }

            serveFile(file, req, rsp);
            return;
        }

        // if we're here, we know it's not a safe file type based on name

        if (!fileChecksums.containsKey(fileName)) {
            // file had no checksum recorded -- dangerous
            if (LOGGER.isLoggable(Level.FINEST)) {
                LOGGER.log(Level.FINEST, "File exists but no checksum recorded: " + fileName);
            }

            throw HttpResponses.notFound();
        }

        // checksum recorded

        // do not serve files outside the archive directory
        if (!file.getAbsolutePath().startsWith(this.getRootDir().getAbsolutePath())) {
            // TODO symlinks and similar insanity?
            if (LOGGER.isLoggable(Level.FINEST)) {
                LOGGER.log(Level.FINEST, "File is outside archive directory: " + fileName);
            }

            throw HttpResponses.notFound();
        }

        // calculate actual file checksum
        String actualChecksum;
        try {
            actualChecksum = calculateChecksum(file);
        } catch (NoSuchAlgorithmException nse) {
            // cannot happen
            throw new IllegalStateException(nse);
        }

        String expectedChecksum = getChecksum(fileName);

        if (!expectedChecksum.equals(actualChecksum)) {
            if (LOGGER.isLoggable(Level.FINEST)) {
                LOGGER.log(Level.FINEST, "Checksum mismatch: recorded: " +
                    expectedChecksum + ", actual: " + actualChecksum + " for file: " + fileName);
            }

            throw HttpResponses.forbidden();
        }

        serveFile(file, req, rsp);

    }
 

/**
 * Handles the the securityRealm/commenceLogin resource and sends the user off to the IdP
 * @param from the relative URL to the page that the user has just come from
 * @param referer the HTTP referer header (where to redirect the user back to after login has finished)
 * @return an {@link HttpResponse} object
*/
public HttpResponse doCommenceLogin(@QueryParameter String from, @Header("Referer") final String referer) {
    final String redirectOnFinish = determineRedirectTarget(from, referer);

    final AuthorizationCodeFlow flow = new AuthorizationCodeFlow.Builder(
            BearerToken.queryParameterAccessMethod(),
            httpTransport,
            JSON_FACTORY,
            new GenericUrl(tokenServerUrl),
            new ClientParametersAuthentication(
                    clientId,
                    clientSecret.getPlainText()
            ),
            clientId,
            authorizationServerUrl
    )
        .setScopes(Arrays.asList(scopes))
        .build();

    return new OicSession(flow, from, buildOAuthRedirectUrl()) {
        @Override
        public HttpResponse onSuccess(String authorizationCode) {
            try {
                AuthorizationCodeTokenRequest tokenRequest = flow.newTokenRequest(authorizationCode)
                    .setRedirectUri(buildOAuthRedirectUrl());
                // Supplying scope is not allowed when obtaining an access token with an authorization code.
                tokenRequest.setScopes(Collections.<String>emptyList());

                IdTokenResponse response = IdTokenResponse.execute(tokenRequest);

                this.setIdToken(response.getIdToken());

                IdToken idToken = IdToken.parse(JSON_FACTORY, response.getIdToken());

                Object username;
                GenericJson userInfo = null;
                if (Strings.isNullOrEmpty(userInfoServerUrl)) {
                    username = getField(idToken.getPayload(), userNameField);
                    if(username == null) {
                        return HttpResponses.error(500,"no field '" + userNameField + "' was supplied in the token payload to be used as the username");
                    }
                } else {
                    userInfo = getUserInfo(flow, response.getAccessToken());
                    username = getField(userInfo, userNameField);
                    if(username == null) {
                        return HttpResponses.error(500,"no field '" + userNameField + "' was supplied by the UserInfo payload to be used as the username");
                    }
                }

                if(failedCheckOfTokenField(idToken)) {
                    return HttpResponses.errorWithoutStack(401, "Unauthorized");
                }

                flow.createAndStoreCredential(response, null);

                loginAndSetUserData(username.toString(), idToken, userInfo);

                return new HttpRedirect(redirectOnFinish);

            } catch (IOException e) {
                return HttpResponses.error(500,e);
            }

        }
    }.doCommenceLogin();
}
 

/**
 * Get a localised resource bundle.
 * <p>
 * URL: {@code blueocean-i18n/$PLUGIN_NAME/$PLUGIN_VERSION/$BUNDLE_NAME/$LOCALE} (where {@code $LOCALE} is optional).
 *
 * @param request The request.
 * @return The JSON response.
 */
public HttpResponse doDynamic(StaplerRequest request) {
    String path = request.getOriginalRequestURI();
    String contextPath = request.getContextPath();
    BundleParams bundleParams;

    path = path.substring(contextPath.length());
    bundleParams = getBundleParameters(path);

    if (bundleParams == null) {
        return HttpResponses.errorJSON("All mandatory bundle identification parameters not specified: '$PLUGIN_NAME/$PLUGIN_VERSION/$BUNDLE_NAME' (and optional $LOCALE).");
    }

    try {
        Locale locale = bundleParams.getLocale();

        if (locale == null) {
            locale = request.getLocale();
        }

        BundleCacheEntry bundleCacheEntry = bundleCache.get(bundleParams);

        JSONObject bundle;
        if (bundleCacheEntry == null) {
            bundle = getBundle(bundleParams, locale);
            if (bundle == null) {
                bundle = BUNDLE_404;
            }
            bundleCacheEntry = new BundleCacheEntry(bundle, bundleParams);
            bundleCache.put(bundleParams, bundleCacheEntry);
        }

        if (bundleCacheEntry.bundleData == BUNDLE_404) {
            return JSONObjectResponse.errorJson("Unknown plugin or resource bundle: " + bundleParams.toString(), HttpServletResponse.SC_NOT_FOUND);
        } else {
            return JSONObjectResponse.okJson(bundleCacheEntry);
        }
    } catch (Exception e) {
        return HttpResponses.errorJSON(e.getMessage());
    }
}
 

public HttpResponse doPost(StaplerRequest request) throws IOException {
    String origin = SCMEvent.originOf(request);
    if (!request.getMethod().equals("POST")) {
        LOGGER.log(Level.FINE, "Received {0} request (expecting POST) from {1}",
                new Object[]{request.getMethod(), origin});
        return HttpResponses
                .error(HttpServletResponse.SC_BAD_REQUEST,
                        "Only POST requests are supported, this was a " + request.getMethod() + " request");
    }
    if (!"application/json".equals(request.getContentType())) {
        LOGGER.log(Level.FINE, "Received {0} body (expecting application/json) from {1}",
                new Object[]{request.getContentType(), origin});
        return HttpResponses
                .error(HttpServletResponse.SC_BAD_REQUEST,
                        "Only application/json content is supported, this was " + request.getContentType());
    }
    String type = request.getHeader("X-Gitea-Event");
    if (StringUtils.isBlank(type)) {
        LOGGER.log(Level.FINE, "Received request without X-Gitea-Event header from {1}",
                new Object[]{request.getContentType(), origin});
        return HttpResponses.error(HttpServletResponse.SC_BAD_REQUEST,
                "Expecting a Gitea event, missing expected X-Gitea-Event header");
    }
    LOGGER.log(Level.FINER, "Received {0} event from {1}", new Object[]{
            request.getContentType(), origin
    });
    boolean processed = false;
    for (GiteaWebhookHandler<?, ?> h : ExtensionList.lookup(GiteaWebhookHandler.class)) {
        if (h.matches(type)) {
            LOGGER.log(Level.FINER, "Processing {0} event from {1} with {2}",
                    new Object[]{type, origin, h});
            h.process(request.getInputStream(), origin);
            processed = true;
        }
    }
    if (!processed) {
        LOGGER.log(Level.INFO, "Received hook payload with unknown type: {0} from {1}",
                new Object[]{type, origin});
    }
    return HttpResponses.text(processed ? "Processed" : "Ignored");
}
 

/**
 * Should not be invoked by the test, otherwise Xxe attack is successful.
 *
 * @return the response
 */
public HttpResponse doIndex() {
    triggerCount++;
    return HttpResponses.text("triggered");
}