Java Code Examples for javax.ws.rs.core.HttpHeaders#getCookies()
The following examples show how to use
javax.ws.rs.core.HttpHeaders#getCookies() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: JwtAuthenticationService.java From Alpine with Apache License 2.0 | 6 votes |
/** * Returns the token (as a String), if it exists, otherwise returns null. * * @param headers the HttpHeader to inspect to find the Authorization-Token * cookie or Authorization Bearer header * @return the token if found, otherwise null * @since 1.0.0 */ private String getAuthorizationToken(final HttpHeaders headers) { if (headers.getCookies() != null) { for (Map.Entry<String, Cookie> entry : headers.getCookies().entrySet()) { if (AuthorizationTokenCookie.COOKIE_NAME.equals(entry.getValue().getName())) { return entry.getValue().getValue(); } } } final List<String> header = headers.getRequestHeader("Authorization"); if (header != null) { final String bearer = header.get(0); if (bearer != null && bearer.startsWith("Bearer ")) { return bearer.substring("Bearer ".length()); } } return null; }
Example 2
Source File: HttpHeadersImplTest.java From cxf with Apache License 2.0 | 5 votes |
@Test public void testGetCookies() throws Exception { Message m = createMessage(createHeader(HttpHeaders.COOKIE, "a=$b;c=d")); HttpHeaders h = new HttpHeadersImpl(m); Map<String, Cookie> cookies = h.getCookies(); assertEquals(2, cookies.size()); assertEquals("$b", cookies.get("a").getValue()); assertEquals("d", cookies.get("c").getValue()); }
Example 3
Source File: HttpHeadersImplTest.java From cxf with Apache License 2.0 | 5 votes |
@Test public void testGetCookieWithAttributes() throws Exception { Message m = createMessage(createHeader(HttpHeaders.COOKIE, "$Version=1;a=b")); HttpHeaders h = new HttpHeadersImpl(m); Map<String, Cookie> cookies = h.getCookies(); assertEquals(1, cookies.size()); Cookie cookie = cookies.get("a"); assertEquals("b", cookie.getValue()); assertEquals(1, cookie.getVersion()); }
Example 4
Source File: HttpHeadersImplTest.java From cxf with Apache License 2.0 | 5 votes |
@Test public void testGetCookiesWithAttributes() throws Exception { Message m = createMessage(createHeader(HttpHeaders.COOKIE, "$Version=1;a=b, $Version=1;c=d")); HttpHeaders h = new HttpHeadersImpl(m); Map<String, Cookie> cookies = h.getCookies(); assertEquals(2, cookies.size()); Cookie cookieA = cookies.get("a"); assertEquals("b", cookieA.getValue()); assertEquals(1, cookieA.getVersion()); Cookie cookieC = cookies.get("c"); assertEquals("d", cookieC.getValue()); assertEquals(1, cookieA.getVersion()); }
Example 5
Source File: HttpHeadersImplTest.java From cxf with Apache License 2.0 | 5 votes |
@Test public void testGetCookiesWithComma() throws Exception { Message m = createMessage(createHeader(HttpHeaders.COOKIE, "a=b,c=d")); Exchange ex = new ExchangeImpl(); ex.setInMessage(m); ex.put(HttpHeadersImpl.COOKIE_SEPARATOR_PROPERTY, ","); m.setExchange(ex); HttpHeaders h = new HttpHeadersImpl(m); Map<String, Cookie> cookies = h.getCookies(); assertEquals(2, cookies.size()); assertEquals("b", cookies.get("a").getValue()); assertEquals("d", cookies.get("c").getValue()); }
Example 6
Source File: HttpHeadersImplTest.java From cxf with Apache License 2.0 | 5 votes |
@Test public void testGetCookiesWithCRLF() throws Exception { Message m = createMessage(createHeader(HttpHeaders.COOKIE, "a=b\r\nc=d")); Exchange ex = new ExchangeImpl(); ex.setInMessage(m); ex.put(HttpHeadersImpl.COOKIE_SEPARATOR_PROPERTY, "crlf"); m.setExchange(ex); HttpHeaders h = new HttpHeadersImpl(m); Map<String, Cookie> cookies = h.getCookies(); assertEquals(2, cookies.size()); assertEquals("b", cookies.get("a").getValue()); assertEquals("d", cookies.get("c").getValue()); }
Example 7
Source File: HttpHeadersImplTest.java From cxf with Apache License 2.0 | 5 votes |
@Test(expected = InternalServerErrorException.class) public void testInvalidCookieSeparator() throws Exception { Message m = createMessage(createHeader(HttpHeaders.COOKIE, "a=b,c=d")); Exchange ex = new ExchangeImpl(); ex.setInMessage(m); ex.put(HttpHeadersImpl.COOKIE_SEPARATOR_PROPERTY, "(e+)+"); m.setExchange(ex); HttpHeaders h = new HttpHeadersImpl(m); h.getCookies(); }
Example 8
Source File: AbstractServiceProviderFilter.java From cxf with Apache License 2.0 | 5 votes |
protected boolean checkSecurityContext(Message m) { HttpHeaders headers = new HttpHeadersImpl(m); Map<String, Cookie> cookies = headers.getCookies(); Cookie securityContextCookie = cookies.get(SSOConstants.SECURITY_CONTEXT_TOKEN); ResponseState responseState = getValidResponseState(securityContextCookie, m); if (responseState == null) { return false; } if (!isSupportUnsolicited()) { Cookie relayStateCookie = cookies.get(SSOConstants.RELAY_STATE); if (relayStateCookie == null) { reportError("MISSING_RELAY_COOKIE"); return false; } String originalRelayState = responseState.getRelayState(); if (!originalRelayState.equals(relayStateCookie.getValue())) { // perhaps the response state should also be removed reportError("INVALID_RELAY_STATE"); return false; } } try { String assertion = responseState.getAssertion(); SamlAssertionWrapper assertionWrapper = new SamlAssertionWrapper( StaxUtils.read(new StringReader(assertion)).getDocumentElement()); setSecurityContext(m, assertionWrapper); } catch (Exception ex) { reportError("INVALID_RESPONSE_STATE"); return false; } return true; }
Example 9
Source File: AbstractServiceProviderFilter.java From cxf-fediz with Apache License 2.0 | 4 votes |
protected boolean checkSecurityContext(FedizContext fedConfig, Message m, MultivaluedMap<String, String> params) { HttpHeaders headers = new HttpHeadersImpl(m); Map<String, Cookie> cookies = headers.getCookies(); Cookie securityContextCookie = cookies.get(SECURITY_CONTEXT_TOKEN); ResponseState responseState = getValidResponseState(securityContextCookie, fedConfig, m); if (responseState == null) { return false; } Cookie relayStateCookie = cookies.get(SECURITY_CONTEXT_STATE); if (fedConfig.isRequestStateValidation()) { if (relayStateCookie == null) { reportError("MISSING_RELAY_COOKIE"); return false; } String originalRelayState = responseState.getState(); if (!originalRelayState.equals(relayStateCookie.getValue())) { // perhaps the response state should also be removed reportError("INVALID_RELAY_STATE"); return false; } // Check to see if a CSRF-style attack is being mounted String state = getState(fedConfig, params); if (state != null && !state.equals(responseState.getState())) { LOG.error("wctx parameter does not match stored value"); throw ExceptionUtils.toForbiddenException(null, null); } } // Create SecurityContext try { Element token = StaxUtils.read(new StringReader(responseState.getAssertion())).getDocumentElement(); setSecurityContext(responseState, m, token); } catch (Exception ex) { reportError("INVALID_RESPONSE_STATE"); return false; } return true; }