Java Code Examples for javax.ws.rs.container.ContainerRequestContext#getCookies()

The following examples show how to use javax.ws.rs.container.ContainerRequestContext#getCookies() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: OpenAPIResourceController.java    From swagger-inflector with Apache License 2.0 6 votes vote down vote up
@Override
public Response apply(ContainerRequestContext arg0) {
    OpenAPISpecFilter filter = FilterFactory.getFilter();
    if(filter != null) {
        Map<String, Cookie> cookiesvalue = arg0.getCookies();
        Map<String, String> cookies = new HashMap<>();
        if(cookiesvalue != null) {
            for(String key: cookiesvalue.keySet()) {
                cookies.put(key, cookiesvalue.get(key).getValue());
            }
        }

        MultivaluedMap<String, String> headers = arg0.getHeaders();
        // since https://github.com/swagger-api/swagger-inflector/issues/305 filtering of inflector extensions is handled at init time by ExtensionsUtils, and VendorSpecFilter is not needed anymore
        return Response.ok().entity(getOpenAPI()).build();
    }
    return Response.ok().entity(getOpenAPI()).build();
}
 
Example 2
Source File: ThirdEyeAuthFilter.java    From incubator-pinot with Apache License 2.0 6 votes vote down vote up
private boolean isAuthenticated(ContainerRequestContext containerRequestContext, ThirdEyePrincipal principal) {
  Map<String, Cookie> cookies = containerRequestContext.getCookies();

  if (cookies != null && cookies.containsKey(AuthResource.AUTH_TOKEN_NAME)) {
    String sessionKey = cookies.get(AuthResource.AUTH_TOKEN_NAME).getValue();
    if (sessionKey.isEmpty()) {
      LOG.error("Empty sessionKey. Skipping.");
    } else {
      SessionDTO sessionDTO = this.sessionDAO.findBySessionKey(sessionKey);
      if (sessionDTO != null && System.currentTimeMillis() < sessionDTO.getExpirationTime()) {
        // session exist in database and has not expired
        principal.setName(sessionDTO.getPrincipal());
        principal.setSessionKey(sessionKey);
        LOG.info("Found valid session {} for user {}", sessionDTO.getSessionKey(), sessionDTO.getPrincipal());
        return true;
      }
    }
  }
  return false;
}
 
Example 3
Source File: ResourceAuthFilter.java    From tastjava with MIT License 5 votes vote down vote up
private boolean isAuthTokenValid(ContainerRequestContext containerRequestContext) {
    Map<String, Cookie> cookies = containerRequestContext.getCookies();

    if (cookies.get("jwt-authToken") != null) {
        String authToken = cookies.get("jwt-authToken").getValue();
        Logger.info(authToken);
        Integer uid = JWTProvider.verifyToken(authToken).getClaim("uid").asInt();
        Logger.info(uid);
        return true;
    }
    return false;
}
 
Example 4
Source File: JwtAuthFilter.java    From dropwizard-auth-jwt with Apache License 2.0 5 votes vote down vote up
private Optional<String> getTokenFromCookie(ContainerRequestContext requestContext) {
    final Map<String, Cookie> cookies = requestContext.getCookies();

    if (cookieName != null && cookies.containsKey(cookieName)) {
        final Cookie tokenCookie = cookies.get(cookieName);
        final String rawToken = tokenCookie.getValue();
        return Optional.of(rawToken);
    }

    return Optional.empty();
}
 
Example 5
Source File: RestSecurityInterceptor.java    From opensoc-streaming with Apache License 2.0 5 votes vote down vote up
@Override
public void filter(ContainerRequestContext requestContext) throws IOException {
	
	// get our token...		
	Map<String, Cookie> cookies = requestContext.getCookies();
	
	Cookie authTokenCookie = cookies.get( "authToken" );
	if( authTokenCookie == null )
	{
		requestContext.abortWith(ACCESS_DENIED );
		return;			
	}
	
	String authToken = authTokenCookie.getValue();
	try {
		
		if( ! AuthToken.validateToken(configProps, authToken) )
		{
			requestContext.abortWith(ACCESS_DENIED );
			return;	
		}
	} 
	catch (Exception e) {

		e.printStackTrace();
		requestContext.abortWith(ACCESS_DENIED );
		return;
	}

	// if the token is good, just return...
	
}
 
Example 6
Source File: TokenSecurityContextFilter.java    From openscoring with GNU Affero General Public License v3.0 4 votes vote down vote up
@Override
public void filter(ContainerRequestContext requestContext) throws IOException {
	SecurityContext requestSecurityContext = requestContext.getSecurityContext();

	SecurityContext securityContext = new SecurityContext(){

		@Override
		public Principal getUserPrincipal(){
			return Anonymous.INSTANCE;
		}

		@Override
		public boolean isUserInRole(String role){
			String token = getToken();

			String roleToken;

			switch(role){
				case Roles.USER:
					roleToken = getUserToken();
					break;
				case Roles.ADMIN:
					roleToken = getAdminToken();
					break;
				default:
					return false;
			}

			return (roleToken).equals(token) || (roleToken).equals("");
		}

		@Override
		public boolean isSecure(){
			return requestSecurityContext != null && requestSecurityContext.isSecure();
		}

		@Override
		public String getAuthenticationScheme(){
			return "TOKEN";
		}

		private String getToken(){
			Map<String, Cookie> cookies = requestContext.getCookies();
			MultivaluedMap<String, String> headers = requestContext.getHeaders();

			Cookie tokenCookie = cookies.get("token");
			if(tokenCookie != null){
				return tokenCookie.getValue();
			}

			String authorizationHeader = headers.getFirst(HttpHeaders.AUTHORIZATION);
			if(authorizationHeader != null && authorizationHeader.startsWith("Bearer ")){
				return authorizationHeader.substring("Bearer ".length());
			}

			return null;
		}
	};

	requestContext.setSecurityContext(securityContext);
}