joerg/net-http
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: joerg:9baa804bc24bfd3433322ad3da4278828b765871
Branches Tags
joerg:main
joerg:4.8.1
joerg:4.8.0
joerg:4.7.1
joerg:5.7.1
joerg:4.7.0
joerg:4.6.0
joerg:4.5.1
joerg:4.4.4
joerg:4.4.3
joerg:4.4.2
joerg:4.4.1
joerg:4.4.0
joerg:4.3.0
joerg:4.2.0
joerg:4.1.2
joerg:4.1.1
joerg:4.1.0
joerg:4.0.10
joerg:4.0.9
joerg:4.0.8
joerg:4.0.7
joerg:4.0.6
joerg:4.0.5
joerg:4.0.4
joerg:4.0.3
joerg:4.0.2
joerg:4.0.1
joerg:4.0.0
joerg:3.7.2
joerg:3.7.1
joerg:3.7.0
joerg:3.6.2
joerg:3.6.1
joerg:3.6.0
joerg:3.5.0
joerg:3.4.2
joerg:3.4.1
joerg:3.3.2
joerg:3.3.1
joerg:3.2.0
joerg:3.1.0
joerg:3.0.5
joerg:3.0.1
..
compare: joerg:ab9cba9d99dfc9c6d93337e927c991e354ac5f6a
Branches Tags
joerg:main
joerg:4.8.1
joerg:4.8.0
joerg:4.7.1
joerg:5.7.1
joerg:4.7.0
joerg:4.6.0
joerg:4.5.1
joerg:4.4.4
joerg:4.4.3
joerg:4.4.2
joerg:4.4.1
joerg:4.4.0
joerg:4.3.0
joerg:4.2.0
joerg:4.1.2
joerg:4.1.1
joerg:4.1.0
joerg:4.0.10
joerg:4.0.9
joerg:4.0.8
joerg:4.0.7
joerg:4.0.6
joerg:4.0.5
joerg:4.0.4
joerg:4.0.3
joerg:4.0.2
joerg:4.0.1
joerg:4.0.0
joerg:3.7.2
joerg:3.7.1
joerg:3.7.0
joerg:3.6.2
joerg:3.6.1
joerg:3.6.0
joerg:3.5.0
joerg:3.4.2
joerg:3.4.1
joerg:3.3.2
joerg:3.3.1
joerg:3.2.0
joerg:3.1.0
joerg:3.0.5
joerg:3.0.1

10 commits
9baa804bc2 ... ab9cba9d99

Author SHA1 Message Date
Jörg Prante
ab9cba9d99 update to netty 4.1.111 2024-07-04 08:34:46 +02:00
Jörg Prante
4d844e4347 add user profile refresh after changing effective user id 2024-06-10 18:24:13 +02:00
Jörg Prante
be8f6ef4b3 allow parameter evaluation in j2html resources 2024-06-05 17:34:31 +02:00
Jörg Prante
f0d743642a do not break if userprofile store can not be found 2024-06-05 14:34:54 +02:00
Jörg Prante
7d8205dd7a persist correctly session and user profile 2024-06-04 15:33:30 +02:00
Jörg Prante
1ad8f686df add user profile persistence, for adding user preferences 2024-06-03 19:13:29 +02:00
Jörg Prante
b7417c9798 update net to 4.6.0 2024-05-28 09:51:32 +02:00
Jörg Prante
6b774d3a4d update netty to 4.1.110, update jackson to 2.17.1, update datastructures to 5.1.0 2024-05-23 10:28:32 +02:00
Jörg Prante
2e83b1754c update to gradle 8.7 2024-04-29 15:19:13 +02:00
Jörg Prante
54ce2c8074 do not break if we do not have a host name for cookie domain 2024-04-26 14:37:29 +02:00
42 changed files with 865 additions and 240 deletions
Show stats Expand all files Collapse all files

2
gradle.properties
View file

@ -1,3 +1,3 @@
group = org.xbib
name = net-http
version = 4.5.0
version = 4.8.1

BIN
gradle/wrapper/gradle-wrapper.jar vendored
View file

Binary file not shown.

2
gradle/wrapper/gradle-wrapper.properties vendored
View file

@ -1,6 +1,6 @@
distributionBase=GRADLE_USER_HOME
distributionPath=wrapper/dists
distributionUrl=https\://services.gradle.org/distributions/gradle-8.5-all.zip
distributionUrl=https\://services.gradle.org/distributions/gradle-8.7-bin.zip
networkTimeout=10000
validateDistributionUrl=true
zipStoreBase=GRADLE_USER_HOME

20
gradlew.bat vendored
View file

@ -43,11 +43,11 @@ set JAVA_EXE=java.exe
%JAVA_EXE% -version >NUL 2>&1
if %ERRORLEVEL% equ 0 goto execute
echo.
echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
echo.
echo Please set the JAVA_HOME variable in your environment to match the
echo location of your Java installation.
echo. 1>&2
echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 1>&2
echo. 1>&2
echo Please set the JAVA_HOME variable in your environment to match the 1>&2
echo location of your Java installation. 1>&2
goto fail
@ -57,11 +57,11 @@ set JAVA_EXE=%JAVA_HOME%/bin/java.exe
if exist "%JAVA_EXE%" goto execute
echo.
echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
echo.
echo Please set the JAVA_HOME variable in your environment to match the
echo location of your Java installation.
echo. 1>&2
echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% 1>&2
echo. 1>&2
echo Please set the JAVA_HOME variable in your environment to match the 1>&2
echo location of your Java installation. 1>&2
goto fail

41
net-http-j2html/src/main/java/org/xbib/net/http/j2html/BadRequestHandler.java Normal file
View file

@ -0,0 +1,41 @@
package org.xbib.net.http.j2html;
import org.xbib.net.ParameterException;
import org.xbib.net.Resource;
import org.xbib.net.http.HttpResponseStatus;
import org.xbib.net.http.server.resource.HtmlTemplateResourceHandler;
import org.xbib.net.http.server.route.HttpRouterContext;
import java.io.IOException;
import static org.xbib.j2html.TagCreator.body;
import static org.xbib.j2html.TagCreator.h1;
import static org.xbib.j2html.TagCreator.html;
public class BadRequestHandler extends J2HtmlResourceHandler {
@Override
protected Resource createResource(HttpRouterContext httpRouterContext)
throws IOException, ParameterException {
return new UnauthorizedResource(this, httpRouterContext);
}
protected static class UnauthorizedResource extends J2HtmlResource {
protected UnauthorizedResource(HtmlTemplateResourceHandler templateResourceHandler,
HttpRouterContext httpRouterContext)
throws IOException, ParameterException {
super(templateResourceHandler, httpRouterContext);
}
@Override
protected HttpResponseStatus getResponseStatus() {
return HttpResponseStatus.BAD_REQUEST;
}
@Override
protected String renderHtml(HttpRouterContext httpRouterContext) {
return html(body(h1("Bad request"))).render();
}
}
}

7
net-http-j2html/src/main/java/org/xbib/net/http/j2html/InternalServerErrorHandler.java
View file

@ -1,6 +1,7 @@
package org.xbib.net.http.j2html;
import org.xbib.net.Attributes;
import org.xbib.net.ParameterException;
import org.xbib.net.Resource;
import org.xbib.net.http.HttpResponseStatus;
import org.xbib.net.http.server.resource.HtmlTemplateResourceHandler;
@ -19,14 +20,16 @@ import static org.xbib.j2html.TagCreator.pre;
public class InternalServerErrorHandler extends J2HtmlResourceHandler {
@Override
protected Resource createResource(HttpRouterContext httpRouterContext) throws IOException {
protected Resource createResource(HttpRouterContext httpRouterContext)
throws IOException, ParameterException {
return new InternalServerErrorResource(this, httpRouterContext);
}
protected static class InternalServerErrorResource extends J2HtmlResource {
protected InternalServerErrorResource(HtmlTemplateResourceHandler templateResourceHandler,
HttpRouterContext httpRouterContext) throws IOException {
HttpRouterContext httpRouterContext)
throws IOException, ParameterException {
super(templateResourceHandler, httpRouterContext);
}

49
net-http-j2html/src/main/java/org/xbib/net/http/j2html/J2HtmlResource.java
View file

@ -1,6 +1,8 @@
package org.xbib.net.http.j2html;
import org.xbib.net.ParameterException;
import org.xbib.net.buffer.DataBuffer;
import org.xbib.net.http.HttpHeaderValues;
import org.xbib.net.http.HttpResponseStatus;
import org.xbib.net.http.server.HttpRequest;
import org.xbib.net.http.server.resource.HtmlTemplateResource;
@ -11,6 +13,8 @@ import java.io.IOException;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.util.Objects;
import java.util.logging.Level;
import java.util.logging.Logger;
import static org.xbib.j2html.TagCreator.body;
import static org.xbib.j2html.TagCreator.document;
@ -20,29 +24,40 @@ import static org.xbib.net.http.HttpHeaderNames.CONTENT_TYPE;
public class J2HtmlResource extends HtmlTemplateResource {
private static final Logger logger = Logger.getLogger(J2HtmlResource.class.getName());
protected HttpRequest request;
public J2HtmlResource(HtmlTemplateResourceHandler templateResourceHandler,
HttpRouterContext httpRouterContext) throws IOException {
HttpRouterContext httpRouterContext) throws IOException, ParameterException {
super(templateResourceHandler, httpRouterContext);
}
@Override
public void render(HttpRouterContext context) throws IOException {
this.request = context.getRequest();
Objects.requireNonNull(responseBuilder);
DataBuffer dataBuffer = context.getDataBufferFactory().allocateBuffer();
dataBuffer.write(renderHtml(context), getCharset());
HttpResponseStatus httpResponseStatus = responseBuilder.getResponseStatus();
if (httpResponseStatus == null) {
httpResponseStatus = getResponseStatus();
public void render(HttpRouterContext context)
throws IOException {
try {
this.request = context.getRequest();
Objects.requireNonNull(responseBuilder);
DataBuffer dataBuffer = context.getDataBufferFactory().allocateBuffer();
dataBuffer.write(renderHtml(context), getCharset());
HttpResponseStatus httpResponseStatus = responseBuilder.getResponseStatus();
if (httpResponseStatus == null) {
httpResponseStatus = getResponseStatus();
}
context.status(httpResponseStatus)
.setHeader("cache-control", "no-cache")
.setHeader("content-length", Integer.toString(dataBuffer.writePosition()))
.setHeader(CONTENT_TYPE, "text/html; charset=" + getCharset().displayName())
.body(dataBuffer)
.done();
} catch (ParameterException e) {
logger.log(Level.WARNING, e.getMessage(), e);
context.status(HttpResponseStatus.BAD_REQUEST)
.setHeader(CONTENT_TYPE, HttpHeaderValues.TEXT_PLAIN)
.body(e.getMessage())
.done();
}
context.status(httpResponseStatus)
.setHeader("cache-control", "no-cache")
.setHeader("content-length", Integer.toString(dataBuffer.writePosition()))
.setHeader(CONTENT_TYPE, "text/html; charset=" + getCharset().displayName())
.body(dataBuffer)
.done();
}
protected HttpResponseStatus getResponseStatus() {
@ -54,14 +69,14 @@ public class J2HtmlResource extends HtmlTemplateResource {
}
/**
* Rendering.
* By subclassing this handler, this method should be overridden by custom j2html code.
* The HTML is here is just a greeting as an example.
*
* @param context the router context
* @return the body string fo the HTTP response
*/
protected String renderHtml(HttpRouterContext context) {
protected String renderHtml(HttpRouterContext context)
throws IOException, ParameterException {
return document(html(body(h1("Hello World"))));
}
}

10
net-http-j2html/src/main/java/org/xbib/net/http/j2html/J2HtmlResourceHandler.java
View file

@ -1,5 +1,6 @@
package org.xbib.net.http.j2html;
import org.xbib.net.ParameterException;
import org.xbib.net.Resource;
import org.xbib.net.http.server.resource.HtmlTemplateResourceHandler;
import org.xbib.net.http.server.route.HttpRouterContext;
@ -7,9 +8,6 @@ import org.xbib.net.http.server.route.HttpRouterContext;
import java.io.IOException;
import java.nio.file.Path;
import static org.xbib.j2html.TagCreator.body;
import static org.xbib.j2html.TagCreator.h1;
public class J2HtmlResourceHandler extends HtmlTemplateResourceHandler {
public J2HtmlResourceHandler() {
@ -21,13 +19,15 @@ public class J2HtmlResourceHandler extends HtmlTemplateResourceHandler {
}
@Override
protected Resource createResource(HttpRouterContext httpRouterContext) throws IOException {
protected Resource createResource(HttpRouterContext httpRouterContext)
throws IOException, ParameterException {
return httpRouterContext.isAuthenticated() ?
new J2HtmlResource(this, httpRouterContext) :
createUnauthenticatedResource(httpRouterContext);
}
protected Resource createUnauthenticatedResource(HttpRouterContext httpRouterContext) throws IOException {
protected Resource createUnauthenticatedResource(HttpRouterContext httpRouterContext)
throws IOException, ParameterException {
return new J2HtmlResource(this, httpRouterContext);
}
}

7
net-http-j2html/src/main/java/org/xbib/net/http/j2html/NotFoundHandler.java
View file

@ -1,5 +1,6 @@
package org.xbib.net.http.j2html;
import org.xbib.net.ParameterException;
import org.xbib.net.Resource;
import org.xbib.net.http.HttpResponseStatus;
import org.xbib.net.http.server.resource.HtmlTemplateResourceHandler;
@ -14,14 +15,16 @@ import static org.xbib.j2html.TagCreator.html;
public class NotFoundHandler extends J2HtmlResourceHandler {
@Override
protected Resource createResource(HttpRouterContext httpRouterContext) throws IOException {
protected Resource createResource(HttpRouterContext httpRouterContext)
throws IOException, ParameterException {
return new UnauthorizedResource(this, httpRouterContext);
}
protected static class UnauthorizedResource extends J2HtmlResource {
protected UnauthorizedResource(HtmlTemplateResourceHandler templateResourceHandler,
HttpRouterContext httpRouterContext) throws IOException {
HttpRouterContext httpRouterContext)
throws IOException, ParameterException {
super(templateResourceHandler, httpRouterContext);
}

7
net-http-j2html/src/main/java/org/xbib/net/http/j2html/UnauthorizedHandler.java
View file

@ -1,5 +1,6 @@
package org.xbib.net.http.j2html;
import org.xbib.net.ParameterException;
import org.xbib.net.Resource;
import org.xbib.net.http.HttpResponseStatus;
import org.xbib.net.http.server.resource.HtmlTemplateResourceHandler;
@ -14,14 +15,16 @@ import static org.xbib.j2html.TagCreator.html;
public class UnauthorizedHandler extends J2HtmlResourceHandler {
@Override
protected Resource createResource(HttpRouterContext httpRouterContext) throws IOException {
protected Resource createResource(HttpRouterContext httpRouterContext)
throws IOException, ParameterException {
return new UnauthorizedResource(this, httpRouterContext);
}
protected static class UnauthorizedResource extends J2HtmlResource {
protected UnauthorizedResource(HtmlTemplateResourceHandler templateResourceHandler,
HttpRouterContext httpRouterContext) throws IOException {
HttpRouterContext httpRouterContext)
throws IOException, ParameterException {
super(templateResourceHandler, httpRouterContext);
}

9
net-http-server-application-web/src/main/java/org/xbib/net/http/server/application/web/WebApplication.java
View file

@ -3,11 +3,13 @@ package org.xbib.net.http.server.application.web;
import java.nio.file.Paths;
import java.time.Duration;
import org.xbib.net.UserProfile;
import org.xbib.net.http.server.application.BaseApplication;
import org.xbib.net.http.server.route.HttpRouterContext;
import org.xbib.net.http.server.persist.Codec;
import org.xbib.net.http.server.session.Session;
import org.xbib.net.http.server.session.file.FileJsonSessionCodec;
import org.xbib.net.http.server.session.FileJsonSessionCodec;
import org.xbib.net.http.server.auth.FileJsonUserProfileCodec;
public class WebApplication extends BaseApplication {
@ -28,4 +30,9 @@ public class WebApplication extends BaseApplication {
return new FileJsonSessionCodec(sessionName, this, 1024, Duration.ofDays(1),
Paths.get("/var/tmp/session"));
}
@Override
protected Codec<UserProfile> newUserProfileCodec(HttpRouterContext httpRouterContext) {
return new FileJsonUserProfileCodec(Paths.get("/var/tmp/userprofile"));
}
}

19
net-http-server-application-web/src/main/java/org/xbib/net/http/server/application/web/j2html/Bootstrap.java
View file

@ -5,15 +5,19 @@ import org.xbib.config.ConfigLogger;
import org.xbib.config.ConfigParams;
import org.xbib.config.SystemConfigLogger;
import org.xbib.net.NetworkClass;
import org.xbib.net.ParameterException;
import org.xbib.net.Resource;
import org.xbib.net.http.HttpHeaderNames;
import org.xbib.net.http.HttpHeaderValues;
import org.xbib.net.http.HttpResponseStatus;
import org.xbib.net.http.HttpVersion;
import org.xbib.net.http.j2html.BadRequestHandler;
import org.xbib.net.http.j2html.InternalServerErrorHandler;
import org.xbib.net.http.j2html.J2HtmlResource;
import org.xbib.net.http.j2html.J2HtmlResourceHandler;
import org.xbib.net.http.j2html.J2HtmlService;
import org.xbib.net.http.j2html.NotFoundHandler;
import org.xbib.net.http.j2html.UnauthorizedHandler;
import org.xbib.net.http.server.application.web.WebApplication;
import org.xbib.net.http.server.auth.BasicAuthenticationHandler;
import org.xbib.net.http.server.auth.FormAuthenticationHandler;
@ -141,6 +145,9 @@ public final class Bootstrap {
.build();
HttpRouter httpRouter = BaseHttpRouter.builder()
.setHandler(401, new UnauthorizedHandler())
.setHandler(403, new BadRequestHandler())
.setHandler(404, new NotFoundHandler())
.setHandler(500, new InternalServerErrorHandler())
.addDomain(BaseHttpDomain.builder()
.setHttpAddress(httpsAddress)
@ -206,12 +213,14 @@ public final class Bootstrap {
static class MyResourceHandler extends J2HtmlResourceHandler {
@Override
protected Resource createResource(HttpRouterContext httpRouterContext) throws IOException {
protected Resource createResource(HttpRouterContext httpRouterContext)
throws IOException, ParameterException {
return new DemoResource(this, httpRouterContext);
}
@Override
protected Resource createUnauthenticatedResource(HttpRouterContext httpRouterContext) throws IOException {
protected Resource createUnauthenticatedResource(HttpRouterContext httpRouterContext)
throws IOException, ParameterException {
return new UnauthenticatedDemoResource(this, httpRouterContext);
}
}
@ -219,7 +228,8 @@ public final class Bootstrap {
static class DemoResource extends J2HtmlResource {
public DemoResource(HtmlTemplateResourceHandler templateResourceHandler,
HttpRouterContext httpRouterContext) throws IOException {
HttpRouterContext httpRouterContext)
throws IOException, ParameterException {
super(templateResourceHandler, httpRouterContext);
}
@ -233,7 +243,8 @@ public final class Bootstrap {
static class UnauthenticatedDemoResource extends J2HtmlResource {
public UnauthenticatedDemoResource(HtmlTemplateResourceHandler templateResourceHandler,
HttpRouterContext httpRouterContext) throws IOException {
HttpRouterContext httpRouterContext)
throws IOException, ParameterException {
super(templateResourceHandler, httpRouterContext);
}

2
net-http-server/src/main/java/module-info.java
View file

@ -27,8 +27,6 @@ module org.xbib.net.http.server {
exports org.xbib.net.http.server.route;
exports org.xbib.net.http.server.service;
exports org.xbib.net.http.server.session;
exports org.xbib.net.http.server.session.file;
exports org.xbib.net.http.server.session.memory;
exports org.xbib.net.http.server.validate;
exports org.xbib.net.http.server.executor;
}

4
net-http-server/src/main/java/org/xbib/net/http/server/application/ApplicationBuilder.java
View file

@ -3,6 +3,8 @@ package org.xbib.net.http.server.application;
import java.nio.file.Path;
import java.time.ZoneId;
import java.util.Locale;
import org.xbib.net.http.server.domain.HttpSecurityDomain;
import org.xbib.net.http.server.executor.Executor;
import org.xbib.net.http.server.route.HttpRouter;
import org.xbib.net.mime.MimeTypeService;
@ -15,6 +17,8 @@ public interface ApplicationBuilder {
ApplicationBuilder setSecret(String hexSecret);
ApplicationBuilder setSecurityDomain(HttpSecurityDomain securityDomain);
ApplicationBuilder setSessionsEnabled(boolean sessionsEnabled);
ApplicationBuilder setLocale(Locale locale);

33
net-http-server/src/main/java/org/xbib/net/http/server/application/BaseApplication.java
View file

@ -15,9 +15,11 @@ import java.util.logging.Level;
import java.util.logging.Logger;
import org.xbib.net.Attributes;
import org.xbib.net.UserProfile;
import org.xbib.net.http.HttpAddress;
import org.xbib.net.http.cookie.SameSite;
import org.xbib.net.http.server.auth.BaseAttributes;
import org.xbib.net.http.server.auth.PersistUserProfileHandler;
import org.xbib.net.http.server.route.BaseHttpRouterContext;
import org.xbib.net.http.server.HttpHandler;
import org.xbib.net.http.server.HttpRequestBuilder;
@ -34,7 +36,8 @@ import org.xbib.net.http.server.session.IncomingContextHandler;
import org.xbib.net.http.server.session.OutgoingContextHandler;
import org.xbib.net.http.server.session.PersistSessionHandler;
import org.xbib.net.http.server.session.Session;
import org.xbib.net.http.server.session.memory.MemoryPropertiesSessionCodec;
import org.xbib.net.http.server.session.MemoryPropertiesSessionCodec;
import org.xbib.net.http.server.auth.MemoryPropertiesUserProfileCodec;
import org.xbib.net.http.server.validate.HttpRequestValidator;
import org.xbib.net.mime.MimeTypeService;
import org.xbib.net.util.RandomUtil;
@ -168,12 +171,16 @@ public class BaseApplication implements Application {
HttpRouterContext httpRouterContext = new BaseHttpRouterContext(this, domain, requestBuilder, responseBuilder);
httpRouterContext.addOpenHandler(newRequestValidator());
httpRouterContext.addOpenHandler(newIncomingCookieHandler());
if (builder.sessionsEnabled) {
Codec<Session> sessionCodec = newSessionCodec(httpRouterContext);
Codec<UserProfile> userProfileCodec = newUserProfileCodec(httpRouterContext);
httpRouterContext.getAttributes().put("userprofilecodec", userProfileCodec);
Codec<Session> sessionCodec = builder.sessionsEnabled ? newSessionCodec(httpRouterContext) : null;
if (sessionCodec != null) {
httpRouterContext.getAttributes().put("sessioncodec", sessionCodec);
httpRouterContext.addOpenHandler(newIncomingContextHandler(sessionCodec));
httpRouterContext.addCloseHandler(newOutgoingContextHandler());
httpRouterContext.addCloseHandler(newPersistHandler(sessionCodec));
}
httpRouterContext.addOpenHandler(newIncomingContextHandler(userProfileCodec, sessionCodec));
httpRouterContext.addCloseHandler(newOutgoingContextHandler());
for (HttpHandler httpHandler : newPersistHandlers(userProfileCodec, sessionCodec)) {
httpRouterContext.addCloseHandler(httpHandler);
}
httpRouterContext.addCloseHandler(newOutgoingCookieHandler());
return httpRouterContext;
@ -212,8 +219,12 @@ public class BaseApplication implements Application {
return new MemoryPropertiesSessionCodec(sessionName,this, 1024, Duration.ofDays(1));
}
protected HttpHandler newIncomingContextHandler(Codec<Session> sessionCodec) {
return new IncomingContextHandler(
protected Codec<UserProfile> newUserProfileCodec(HttpRouterContext httpRouterContext) {
return new MemoryPropertiesUserProfileCodec();
}
protected HttpHandler newIncomingContextHandler(Codec<UserProfile> userProfileCodec, Codec<Session> sessionCodec) {
return new IncomingContextHandler(userProfileCodec,
getSecret(),
"HmacSHA1",
sessionName,
@ -235,8 +246,10 @@ public class BaseApplication implements Application {
);
}
protected HttpHandler newPersistHandler(Codec<Session> sessionCodec) {
return new PersistSessionHandler(sessionCodec);
protected Collection<HttpHandler> newPersistHandlers(Codec<UserProfile> userProfileCodec,
Codec<Session> sessionCodec) {
return List.of(new PersistSessionHandler(sessionCodec),
new PersistUserProfileHandler(userProfileCodec, builder.securityDomain));
}
@Override

9
net-http-server/src/main/java/org/xbib/net/http/server/application/BaseApplicationBuilder.java
View file

@ -7,6 +7,7 @@ import java.util.Locale;
import java.util.Objects;
import java.util.Set;
import org.xbib.net.http.server.domain.HttpSecurityDomain;
import org.xbib.net.http.server.executor.BaseExecutor;
import org.xbib.net.http.server.executor.Executor;
import org.xbib.net.http.server.route.HttpRouter;
@ -32,6 +33,8 @@ public class BaseApplicationBuilder implements ApplicationBuilder {
protected String secret;
protected HttpSecurityDomain securityDomain;
protected boolean sessionsEnabled;
protected Locale locale;
@ -87,6 +90,12 @@ public class BaseApplicationBuilder implements ApplicationBuilder {
return this;
}
@Override
public ApplicationBuilder setSecurityDomain(HttpSecurityDomain securityDomain) {
this.securityDomain = securityDomain;
return this;
}
@Override
public ApplicationBuilder setSessionsEnabled(boolean sessionsEnabled) {
this.sessionsEnabled = sessionsEnabled;

117
net-http-server/src/main/java/org/xbib/net/http/server/auth/BaseUserProfile.java
View file

@ -26,12 +26,15 @@ public class BaseUserProfile implements UserProfile {
private Collection<String> effectivePermissions;
private boolean refresh;
public BaseUserProfile() {
this.attributes = new BaseAttributes();
this.roles = new ArrayList<>();
this.effectiveRoles = new ArrayList<>();
this.permissions = new ArrayList<>();
this.effectivePermissions = new ArrayList<>();
this.refresh = false;
}
@Override
@ -129,6 +132,21 @@ public class BaseUserProfile implements UserProfile {
this.attributes = attributes;
}
@Override
public void updateAttribute(String key, Object value) {
attributes.put(key, value);
}
@Override
public void triggerRefresh(boolean refresh) {
this.refresh = refresh;
}
@Override
public boolean isRefreshTriggered() {
return refresh;
}
@Override
public Attributes getAttributes() {
return attributes;
@ -137,31 +155,23 @@ public class BaseUserProfile implements UserProfile {
@Override
public Map<String, Object> asMap() {
TinyMap.Builder<String, Object> builder = TinyMap.builder();
builder.put("name", getName());
String userId = getUserId();
if (userId == null) {
userId = "";
}
builder.put("user_id", userId);
String eUserId = getEffectiveUserId();
if (eUserId == null) {
eUserId = "";
}
builder.put("e_user_id", eUserId);
builder.putIfNotNull(NAME, getName());
builder.putIfNotNull(USER_ID, getUserId());
builder.putIfNotNull(EFFECTIVE_USER_ID, getEffectiveUserId());
if (getRoles() != null && !getRoles().isEmpty()) {
builder.put("roles", getRoles());
builder.put(ROLES, getRoles());
}
if (getEffectiveRoles() != null && !getEffectiveRoles().isEmpty()) {
builder.put("e_roles", getEffectiveRoles());
builder.put(EFFECTIVE_ROLES, getEffectiveRoles());
}
if (getPermissions() != null && !getPermissions().isEmpty()) {
builder.put("perms", getPermissions());
builder.put(PERMISSIONS, getPermissions());
}
if (getEffectivePermissions() != null && !getEffectivePermissions().isEmpty()) {
builder.put("e_perms", getEffectivePermissions());
builder.put(EFFECTIVE_PERMISSIONS, getEffectivePermissions());
}
if (getAttributes() != null && !getAttributes().isEmpty()) {
builder.put("attrs", getAttributes());
builder.put(ATTRIBUTES, getAttributes());
}
return builder.build();
}
@ -169,39 +179,66 @@ public class BaseUserProfile implements UserProfile {
@SuppressWarnings("unchecked")
public static UserProfile fromMap(Map<String, Object> map) {
BaseUserProfile userProfile = new BaseUserProfile();
if (map.containsKey("name")) {
userProfile.setName((String) map.get("name"));
if (map.containsKey(NAME)) {
userProfile.setName((String) map.get(NAME));
}
if (map.containsKey("user_id")) {
String userId = (String) map.get("user_id");
// empty user ID for better map transport, change it to null
if (userId != null && userId.isEmpty()) {
userId = null;
}
if (map.containsKey(USER_ID)) {
String userId = (String) map.get(USER_ID);
userProfile.setUserId(userId);
}
if (map.containsKey("e_user_id")) {
String eUserId = (String) map.get("e_user_id");
// empty effective user ID for better map transport, change it to null
if (eUserId != null && eUserId.isEmpty()) {
eUserId = null;
}
if (map.containsKey(EFFECTIVE_USER_ID)) {
String eUserId = (String) map.get(EFFECTIVE_USER_ID);
userProfile.setEffectiveUserId(eUserId);
}
if (map.containsKey("roles")) {
userProfile.setRoles((Collection<String>) map.get("roles"));
if (map.containsKey(ROLES)) {
userProfile.setRoles((Collection<String>) map.get(ROLES));
}
if (map.containsKey("e_roles")) {
userProfile.setEffectiveRoles((Collection<String>) map.get("e_roles"));
if (map.containsKey(EFFECTIVE_ROLES)) {
userProfile.setEffectiveRoles((Collection<String>) map.get(EFFECTIVE_ROLES));
}
if (map.containsKey("perms")) {
userProfile.setPermissions((Collection<String>) map.get("perms"));
if (map.containsKey(PERMISSIONS)) {
userProfile.setPermissions((Collection<String>) map.get(PERMISSIONS));
}
if (map.containsKey("e_perms")) {
userProfile.setEffectivePermissions((Collection<String>) map.get("e_perms"));
if (map.containsKey(EFFECTIVE_PERMISSIONS)) {
userProfile.setEffectivePermissions((Collection<String>) map.get(EFFECTIVE_PERMISSIONS));
}
if (map.containsKey("attrs")) {
userProfile.setAttributes(new BaseAttributes((Map<String, Object>) map.get("attrs")));
if (map.containsKey(ATTRIBUTES)) {
userProfile.setAttributes(new BaseAttributes((Map<String, Object>) map.get(ATTRIBUTES)));
}
return userProfile;
}
@SuppressWarnings("unchecked")
public static UserProfile fromMap(UserProfile userProfile, Map<String, Object> map) {
if (map.containsKey(NAME)) {
userProfile.setName((String) map.get(NAME));
}
if (map.containsKey(USER_ID)) {
userProfile.setUserId((String) map.get(USER_ID));
}
if (map.containsKey(EFFECTIVE_USER_ID)) {
userProfile.setEffectiveUserId((String) map.get(EFFECTIVE_USER_ID));
}
if (map.containsKey(ROLES)) {
userProfile.setRoles((Collection<String>) map.get(ROLES));
}
if (map.containsKey(EFFECTIVE_ROLES)) {
userProfile.setEffectiveRoles((Collection<String>) map.get(EFFECTIVE_ROLES));
}
if (map.containsKey(PERMISSIONS)) {
userProfile.setPermissions((Collection<String>) map.get(PERMISSIONS));
}
if (map.containsKey(EFFECTIVE_PERMISSIONS)) {
userProfile.setEffectivePermissions((Collection<String>) map.get(EFFECTIVE_PERMISSIONS));
}
if (map.containsKey(ATTRIBUTES)) {
if (userProfile.getAttributes() == null || userProfile.getAttributes().isEmpty()) {
userProfile.setAttributes(new BaseAttributes((Map<String, Object>) map.get(ATTRIBUTES)));
} else {
for (Map.Entry<String, Object> entry : ((Map<String, Object>) map.get(ATTRIBUTES)).entrySet()) {
userProfile.updateAttribute(entry.getKey(), entry.getValue());
}
}
}
return userProfile;
}

145
net-http-server/src/main/java/org/xbib/net/http/server/auth/FileJsonUserProfileCodec.java Normal file
View file

@ -0,0 +1,145 @@
package org.xbib.net.http.server.auth;
import org.xbib.net.PercentEncoder;
import org.xbib.net.PercentEncoders;
import org.xbib.net.UserProfile;
import org.xbib.net.http.server.persist.Codec;
import org.xbib.net.util.JsonUtil;
import java.io.IOException;
import java.io.UncheckedIOException;
import java.io.Writer;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.attribute.FileTime;
import java.time.Duration;
import java.time.Instant;
import java.util.Map;
import java.util.Objects;
import java.util.concurrent.locks.ReentrantReadWriteLock;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.stream.Stream;
public class FileJsonUserProfileCodec implements Codec<UserProfile> {
private static final Logger logger = Logger.getLogger(FileJsonUserProfileCodec.class.getName());
private final ReentrantReadWriteLock lock;
private final Path path;
public FileJsonUserProfileCodec(Path path) {
this.path = path;
this.lock = new ReentrantReadWriteLock();
}
@Override
public UserProfile create(String userId) throws IOException {
Objects.requireNonNull(userId, "user id must not be null");
BaseUserProfile baseUserProfile = new BaseUserProfile();
baseUserProfile.setUserId(userId);
return baseUserProfile;
}
@Override
public UserProfile read(String key) throws IOException {
Objects.requireNonNull(key, "key must not be null");
ReentrantReadWriteLock.ReadLock readLock = lock.readLock();
try {
readLock.lock();
PercentEncoder percentEncoder = PercentEncoders.getUnreservedEncoder(StandardCharsets.UTF_8);
Path p = path.resolve(percentEncoder.encode(key));
Map<String, Object> map = JsonUtil.toMap(Files.readString(p));
return BaseUserProfile.fromMap(map);
} finally {
readLock.unlock();
}
}
@Override
public void write(String key, UserProfile userProfile) throws IOException {
Objects.requireNonNull(key, "key must not be null");
ReentrantReadWriteLock.WriteLock writeLock = lock.writeLock();
try {
writeLock.lock();
createPath();
PercentEncoder percentEncoder = PercentEncoders.getUnreservedEncoder(StandardCharsets.UTF_8);
try (Writer writer = Files.newBufferedWriter(path.resolve(percentEncoder.encode(key)))) {
writer.write(JsonUtil.toString(userProfile.asMap()));
}
} finally {
writeLock.unlock();
}
}
@Override
public void remove(String key) {
ReentrantReadWriteLock.WriteLock writeLock = lock.writeLock();
try {
writeLock.lock();
PercentEncoder percentEncoder = PercentEncoders.getUnreservedEncoder(StandardCharsets.UTF_8);
Files.deleteIfExists(path.resolve(percentEncoder.encode(key)));
} catch (IOException e) {
throw new UncheckedIOException(e);
} finally {
writeLock.unlock();
}
}
@Override
public void purge(long expiredAfterSeconds) {
if (path != null && expiredAfterSeconds > 0L) {
Instant instant = Instant.now();
try (Stream<Path> stream = Files.walk(path)) {
stream.forEach(p -> {
try {
FileTime fileTime = Files.getLastModifiedTime(p);
Duration duration = Duration.between(fileTime.toInstant(), instant);
if (duration.toSeconds() > expiredAfterSeconds) {
Files.delete(p);
}
} catch (IOException e) {
logger.log(Level.WARNING, "i/o error while purge: " + e.getMessage(), e);
}
});
} catch (IOException e) {
logger.log(Level.WARNING, "i/o error while purge: " + e.getMessage(), e);
}
}
}
@Override
public void destroy() {
try (Stream<Path> stream = Files.walk(path)) {
stream.forEach(p -> {
try {
if (!path.equals(p)) {
Files.delete(p);
}
} catch (IOException e) {
logger.log(Level.WARNING, "i/o error while destroy: " + e.getMessage(), e);
}
});
} catch (IOException e) {
logger.log(Level.WARNING, "i/o error while destroy: " + e.getMessage(), e);
}
try {
Files.delete(path);
} catch (IOException e) {
logger.log(Level.WARNING, "i/o error while destroy: " + e.getMessage(), e);
}
}
private void createPath() {
try {
if (!Files.exists(path)) {
Files.createDirectories(path);
}
} catch (IOException e) {
logger.log(Level.SEVERE, e.getMessage(), e);
throw new UncheckedIOException(e);
}
}
}

56
net-http-server/src/main/java/org/xbib/net/http/server/auth/LoginAuthenticationHandler.java
View file

@ -1,7 +1,9 @@
package org.xbib.net.http.server.auth;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import java.util.Objects;
import java.util.logging.Level;
import java.util.logging.Logger;
@ -54,6 +56,20 @@ public class LoginAuthenticationHandler implements HttpHandler {
logger.log(Level.FINE, "no user profile found in context");
return;
}
if (userProfile.isRefreshTriggered()) {
try {
List<String> roles = new ArrayList<>();
userProfile.setRoles(roles);
List<String> effectiveRoles = new ArrayList<>();
userProfile.setEffectiveRoles(effectiveRoles);
loadRoles(userProfile);
} catch (Exception e) {
logger.log(Level.SEVERE, e.getMessage(), e);
} finally {
userProfile.triggerRefresh(false);
}
return;
}
if (userProfile.getUserId() != null) {
logger.log(Level.FINE, "user id already set");
return;
@ -77,7 +93,10 @@ public class LoginAuthenticationHandler implements HttpHandler {
}
}
protected boolean authenticate(UserProfile userProfile, String username, String password, Request request) {
protected boolean authenticate(UserProfile userProfile,
String username,
String password,
Request request) {
if (username == null) {
logger.log(Level.FINE, "no username given for check, doing nothing");
return false;
@ -89,21 +108,38 @@ public class LoginAuthenticationHandler implements HttpHandler {
Authenticator auth = securityRealm.getAuthenticator();
Authenticator.Context authContext = new Authenticator.Context(username, password, request);
if (auth.authenticate(authContext)) {
logger.log(Level.FINE, "authenticated, augmenting user profile with " + authContext.getUsername());
logger.log(Level.FINE, "authenticated as " + authContext.getUsername());
userProfile.setUserId(authContext.getUsername());
UsersProvider.Context userContext = new UsersProvider.Context(username, null);
UsersProvider.Context userContext = new UsersProvider.Context(authContext.getUsername(), null);
UserDetails userDetails = securityRealm.getUsersProvider().getUserDetails(userContext);
userProfile.setEffectiveUserId(userDetails.getEffectiveUserId());
userProfile.setName(userDetails.getName());
GroupsProvider.Context groupContext = new GroupsProvider.Context(username, null);
Collection<String> groups = securityRealm.getGroupsProvider().getGroups(groupContext);
for (String group : groups) {
userProfile.addRole(group);
if (userDetails.getEffectiveUserId() != null) {
userProfile.setEffectiveUserId(userDetails.getEffectiveUserId());
} else {
userProfile.setEffectiveUserId(authContext.getUsername());
}
logger.log(Level.FINE, "authentication success: userProfile = " + userProfile);
loadRoles(userProfile);
return true;
}
logger.log(Level.FINE, "authentication failure");
logger.log(Level.FINE, "authentication failure for user " + username);
return false;
}
private void loadRoles(UserProfile userProfile) {
GroupsProvider.Context groupContext = new GroupsProvider.Context(userProfile.getUserId(), null);
Collection<String> groups = securityRealm.getGroupsProvider().getGroups(groupContext);
for (String group : groups) {
userProfile.addRole(group);
}
if (!userProfile.getUserId().equals(userProfile.getEffectiveUserId())) {
GroupsProvider.Context effectiveGroupContext = new GroupsProvider.Context(userProfile.getEffectiveUserId(), null);
for (String group : securityRealm.getGroupsProvider().getGroups(effectiveGroupContext)) {
userProfile.addEffectiveRole(group);
}
} else {
for (String group : groups) {
userProfile.addEffectiveRole(group);
}
}
}
}

92
net-http-server/src/main/java/org/xbib/net/http/server/auth/MemoryPropertiesUserProfileCodec.java Normal file
View file

@ -0,0 +1,92 @@
package org.xbib.net.http.server.auth;
import org.xbib.net.UserProfile;
import org.xbib.net.http.server.persist.Codec;
import java.io.IOException;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.Properties;
import java.util.concurrent.locks.ReentrantReadWriteLock;
public class MemoryPropertiesUserProfileCodec implements Codec<UserProfile> {
private static final Map<String, Object> store = new HashMap<>();
private final ReentrantReadWriteLock lock;
public MemoryPropertiesUserProfileCodec() {
this.lock = new ReentrantReadWriteLock();
}
@Override
public UserProfile create(String key) throws IOException {
BaseUserProfile baseUserProfile = new BaseUserProfile();
baseUserProfile.setUserId(key);
return baseUserProfile;
}
@Override
public UserProfile read(String key) throws IOException {
ReentrantReadWriteLock.ReadLock readLock = lock.readLock();
try {
readLock.lock();
Properties properties = new Properties();
if (store.containsKey(key)) {
properties.putAll((Map<?, ?>) store.get(key));
}
return toUserProfile(key, properties);
} finally {
readLock.unlock();
}
}
@Override
public void write(String key, UserProfile userProfile) throws IOException {
ReentrantReadWriteLock.WriteLock writeLock = lock.writeLock();
try {
writeLock.lock();
Properties properties = toProperties(userProfile.asMap());
store.put(key, properties);
} finally {
writeLock.unlock();
}
}
private UserProfile toUserProfile(String key, Properties properties) {
Map<String, Object> map = new LinkedHashMap<>();
properties.forEach((k, v) -> map.put(k.toString(), v));
return BaseUserProfile.fromMap(map);
}
private Properties toProperties(Map<String, Object> map) {
Properties properties = new Properties();
map.forEach((k,v) -> {
// filter non-null keys and values for properties semantics
if (k != null && v != null) {
properties.put(k, v);
}
});
return properties;
}
@Override
public void remove(String key) throws IOException {
store.remove(key);
}
@Override
public void purge(long expiredAfterSeconds) throws IOException {
if (expiredAfterSeconds > 0L) {
for (Map.Entry<String, Object> entry : store.entrySet()) {
remove(entry.getKey());
}
}
}
@Override
public void destroy() {
store.clear();
}
}

91
net-http-server/src/main/java/org/xbib/net/http/server/auth/PersistUserProfileHandler.java Normal file
View file

@ -0,0 +1,91 @@
package org.xbib.net.http.server.auth;
import org.xbib.net.GroupsProvider;
import org.xbib.net.SecurityRealm;
import org.xbib.net.UserProfile;
import org.xbib.net.http.HttpResponseStatus;
import org.xbib.net.http.server.HttpException;
import org.xbib.net.http.server.HttpHandler;
import org.xbib.net.http.server.domain.HttpSecurityDomain;
import org.xbib.net.http.server.persist.Codec;
import org.xbib.net.http.server.route.HttpRouterContext;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
public class PersistUserProfileHandler implements HttpHandler {
private static final Logger logger = Logger.getLogger(PersistUserProfileHandler.class.getName());
private final Codec<UserProfile> userProfileCodec;
private final HttpSecurityDomain securityDomain;
public PersistUserProfileHandler(Codec<UserProfile> userProfileCodec,
HttpSecurityDomain securityDomain) {
this.userProfileCodec = userProfileCodec;
this.securityDomain = securityDomain;
}
@Override
public void handle(HttpRouterContext context) throws IOException {
UserProfile userProfile = context.getAttributes().get(UserProfile.class, "userprofile");
if (userProfile != null && userProfile.getUserId() != null) {
if (userProfile.isRefreshTriggered()) {
if (securityDomain == null) {
logger.log(Level.FINE, "unable to refresh, security domain is null");
return;
}
if (securityDomain.getRealm() == null) {
logger.log(Level.FINE, "unable to refresh, security realm is null");
return;
}
try {
// reset roles and load again
List<String> roles = new ArrayList<>();
userProfile.setRoles(roles);
List<String> effectiveRoles = new ArrayList<>();
userProfile.setEffectiveRoles(effectiveRoles);
loadRoles(userProfile, securityDomain.getRealm());
} catch (Exception e) {
logger.log(Level.SEVERE, e.getMessage(), e);
} finally {
userProfile.triggerRefresh(false);
}
}
try {
logger.log(Level.FINEST, "writing user profile id = " + userProfile.getUserId());
userProfileCodec.write(userProfile.getUserId(), userProfile);
} catch (Exception e) {
logger.log(Level.SEVERE, e.getMessage(), e);
throw new HttpException("unable to write user profile data", context, HttpResponseStatus.INTERNAL_SERVER_ERROR);
}
} else {
logger.log(Level.FINEST, "not writing user profile " + userProfile + " user id + " +
(userProfile != null ? userProfile.getUserId() : null));
}
}
private void loadRoles(UserProfile userProfile, SecurityRealm securityRealm) {
String username = userProfile.getUserId();
GroupsProvider.Context groupContext = new GroupsProvider.Context(username, null);
Collection<String> groups = securityRealm.getGroupsProvider().getGroups(groupContext);
for (String group : groups) {
userProfile.addRole(group);
}
if (!userProfile.getUserId().equals(userProfile.getEffectiveUserId())) {
GroupsProvider.Context effectiveGroupContext = new GroupsProvider.Context(userProfile.getEffectiveUserId(), null);
for (String group : securityRealm.getGroupsProvider().getGroups(effectiveGroupContext)) {
userProfile.addEffectiveRole(group);
}
} else {
for (String group : groups) {
userProfile.addEffectiveRole(group);
}
}
}
}

3
net-http-server/src/main/java/org/xbib/net/http/server/cookie/IncomingCookieHandler.java
View file

@ -10,8 +10,6 @@ import org.xbib.net.http.server.route.HttpRouterContext;
public class IncomingCookieHandler implements HttpHandler {
private static final Logger logger = Logger.getLogger(IncomingCookieHandler.class.getName());
public IncomingCookieHandler() {
}
@ -30,7 +28,6 @@ public class IncomingCookieHandler implements HttpHandler {
}
if (!cookieBox.isEmpty()) {
context.getAttributes().put("incomingcookies", cookieBox);
}
}
}

1
net-http-server/src/main/java/org/xbib/net/http/server/domain/HttpSecurityDomain.java
View file

@ -2,6 +2,7 @@ package org.xbib.net.http.server.domain;
import java.util.List;
import org.xbib.net.SecurityDomain;
import org.xbib.net.UserProfile;
import org.xbib.net.http.server.HttpHandler;
public interface HttpSecurityDomain extends SecurityDomain {

2
net-http-server/src/main/java/org/xbib/net/http/server/persist/Codec.java
View file

@ -13,4 +13,6 @@ public interface Codec<D> {
void remove(String key) throws IOException;
void purge(long expiredAfterSeconds) throws IOException;
void destroy();
}

5
net-http-server/src/main/java/org/xbib/net/http/server/persist/file/FileJsonCodec.java
View file

@ -67,6 +67,11 @@ public class FileJsonCodec implements Codec<Map<String, Object>> {
// unable to purge
}
@Override
public void destroy() {
// unable to destroy
}
private Path openOrCreate(String key) throws IOException {
Path path = Paths.get(root);
Files.createDirectories(path);

4
net-http-server/src/main/java/org/xbib/net/http/server/persist/file/FileJsonPersistenceStore.java
View file

@ -7,10 +7,6 @@ import org.xbib.net.http.server.persist.Codec;
@SuppressWarnings("serial")
public class FileJsonPersistenceStore extends AbstractPersistenceStore {
public FileJsonPersistenceStore(String name) {
this("/var/tmp/net-http-server-store", name);
}
public FileJsonPersistenceStore(String root, String storeName) {
this(new FileJsonCodec(root), storeName);
}

5
net-http-server/src/main/java/org/xbib/net/http/server/persist/file/FilePropertiesCodec.java
View file

@ -76,6 +76,11 @@ public class FilePropertiesCodec implements Codec<Map<String, Object>> {
// unable to purge
}
@Override
public void destroy() {
// unable to destroy
}
private Path openOrCreate(String key) throws IOException {
Path path = Paths.get(root);
Files.createDirectories(path);

5
net-http-server/src/main/java/org/xbib/net/http/server/persist/memory/MemoryPropertiesCodec.java
View file

@ -58,6 +58,11 @@ public class MemoryPropertiesCodec implements Codec<Map<String, Object>> {
// unable to purge
}
@Override
public void destroy() {
store.clear();
}
private Map<String, Object> toMap(Properties properties) {
Map<String, Object> map = new LinkedHashMap<>();
properties.forEach((k, v) -> map.put(k.toString(), v));

76
net-http-server/src/main/java/org/xbib/net/http/server/resource/AbstractResourceHandler.java
View file

@ -18,12 +18,15 @@ import java.util.Arrays;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.xbib.net.ParameterException;
import org.xbib.net.Resource;
import org.xbib.net.URL;
import org.xbib.net.buffer.DataBuffer;
import org.xbib.net.buffer.DataBufferFactory;
import org.xbib.net.buffer.DataBufferUtil;
import org.xbib.net.http.HttpHeaderNames;
import org.xbib.net.http.HttpHeaderValues;
import org.xbib.net.http.HttpHeaders;
import org.xbib.net.http.HttpMethod;
import org.xbib.net.http.HttpResponseStatus;
@ -44,7 +47,8 @@ public abstract class AbstractResourceHandler implements HttpHandler {
public AbstractResourceHandler() {
}
protected abstract Resource createResource(HttpRouterContext httpRouterContext) throws IOException;
protected abstract Resource createResource(HttpRouterContext httpRouterContext)
throws IOException, ParameterException;
protected abstract boolean isETagEnabled();
@ -56,39 +60,47 @@ public abstract class AbstractResourceHandler implements HttpHandler {
@Override
public void handle(HttpRouterContext context) throws IOException {
logger.log(Level.FINEST, () -> "handle: before creating resource " + this.getClass().getName());
Resource resource = createResource(context);
logger.log(Level.FINEST, () -> "handle: resource = " + (resource != null ? resource.getClass().getName() + " " + resource : null));
if (resource instanceof HtmlTemplateResource) {
generateCacheableResource(context, resource);
return;
}
if (resource == null) {
throw new HttpException("resource not found", context, HttpResponseStatus.NOT_FOUND);
} else if (resource.isDirectory()) {
logger.log(Level.FINEST, "we have a directory request");
if (!resource.getResourcePath().isEmpty() && !resource.getResourcePath().endsWith("/")) {
URL url = context.getRequestBuilder().getUrl().resolve(resource.getName() + '/');
String loc = URL.builder(url)
.query(url.getQuery())
.fragment(url.getFragment())
.build()
.toString();
logger.log(Level.FINEST, "client must add a /, external redirect to = " + loc);
context.setHeader(HttpHeaderNames.LOCATION, loc)
.status(HttpResponseStatus.TEMPORARY_REDIRECT);
} else if (resource.isExistsIndexFile()) {
// internal redirect to default index file in this directory
logger.log(Level.FINEST, "internal redirect to default index file in this directory: " + resource.getIndexFileName());
try {
logger.log(Level.FINEST, () -> "handle: before creating resource " + this.getClass().getName());
Resource resource = createResource(context);
logger.log(Level.FINEST, () -> "handle: resource = " + (resource != null ? resource.getClass().getName() + " " + resource : null));
if (resource instanceof HtmlTemplateResource) {
generateCacheableResource(context, resource);
} else {
// send forbidden, we do not allow directory access
context.status(HttpResponseStatus.FORBIDDEN);
return;
}
context.done();
} else {
generateCacheableResource(context, resource);
context.done();
if (resource == null) {
throw new HttpException("resource not found", context, HttpResponseStatus.NOT_FOUND);
} else if (resource.isDirectory()) {
logger.log(Level.FINEST, "we have a directory request");
if (!resource.getResourcePath().isEmpty() && !resource.getResourcePath().endsWith("/")) {
URL url = context.getRequestBuilder().getUrl().resolve(resource.getName() + '/');
String loc = URL.builder(url)
.query(url.getQuery())
.fragment(url.getFragment())
.build()
.toString();
logger.log(Level.FINEST, "client must add a /, external redirect to = " + loc);
context.setHeader(HttpHeaderNames.LOCATION, loc)
.status(HttpResponseStatus.TEMPORARY_REDIRECT);
} else if (resource.isExistsIndexFile()) {
// internal redirect to default index file in this directory
logger.log(Level.FINEST, "internal redirect to default index file in this directory: " + resource.getIndexFileName());
generateCacheableResource(context, resource);
} else {
// send forbidden, we do not allow directory access
context.status(HttpResponseStatus.FORBIDDEN);
}
context.done();
} else {
generateCacheableResource(context, resource);
context.done();
}
} catch (ParameterException e) {
logger.log(Level.WARNING, e.getMessage(), e);
context.status(HttpResponseStatus.BAD_REQUEST)
.setHeader(CONTENT_TYPE, HttpHeaderValues.TEXT_PLAIN)
.body(e.getMessage())
.done();
}
}

5
net-http-server/src/main/java/org/xbib/net/http/server/resource/HtmlTemplateResourceHandler.java
View file

@ -2,6 +2,8 @@ package org.xbib.net.http.server.resource;
import java.io.IOException;
import java.nio.file.Path;
import org.xbib.net.ParameterException;
import org.xbib.net.Resource;
import org.xbib.net.http.server.route.HttpRouterContext;
@ -22,7 +24,8 @@ public class HtmlTemplateResourceHandler extends AbstractResourceHandler {
}
@Override
protected Resource createResource(HttpRouterContext httpRouterContext) throws IOException {
protected Resource createResource(HttpRouterContext httpRouterContext)
throws IOException, ParameterException {
return new HtmlTemplateResource(this, httpRouterContext);
}

13
net-http-server/src/main/java/org/xbib/net/http/server/route/BaseHttpRouter.java
View file

@ -95,9 +95,7 @@ public class BaseHttpRouter implements HttpRouter {
requestBuilder.getRequestPath(),
true);
builder.httpRouteResolver.resolve(httpRoute, httpRouteResolverResults::add);
HttpRouterContext httpRouterContext = application.createContext(httpDomain,
requestBuilder, responseBuilder);
// before open: invoke security, incoming cookie/session
HttpRouterContext httpRouterContext = application.createContext(httpDomain, requestBuilder, responseBuilder);
httpRouterContext.getOpenHandlers().forEach(h -> {
try {
h.handle(httpRouterContext);
@ -149,14 +147,10 @@ public class BaseHttpRouter implements HttpRouter {
setResolverResult(httpRouterContext, httpRouteResolverResult);
httpService = httpRouteResolverResult.getValue();
httpRequest = httpRouterContext.getRequest();
for (ApplicationModule module : application.getModules()) {
module.onOpen(httpRouterContext, httpService, httpRequest);
}
// second: security check, authentication etc.
if (httpService.getSecurityDomain() != null) {
logger.log(Level.FINEST, "handling security domain service " + httpService);
for (HttpHandler httpHandler : httpService.getSecurityDomain().getHandlers()) {
logger.log(Level.FINEST, () -> "handling security domain handler " + httpHandler);
logger.log(Level.FINEST, () -> "handling security handler " + httpHandler);
httpHandler.handle(httpRouterContext);
}
}
@ -164,6 +158,9 @@ public class BaseHttpRouter implements HttpRouter {
break;
}
// after security checks, accept service, open and execute service
for (ApplicationModule module : application.getModules()) {
module.onOpen(httpRouterContext, httpService, httpRequest);
}
httpRouterContext.getAttributes().put("service", httpService);
logger.log(Level.FINEST, "handling service " + httpService);
httpService.handle(httpRouterContext);

9
net-http-server/src/main/java/org/xbib/net/http/server/route/BaseHttpRouterContext.java
View file

@ -39,6 +39,8 @@ public class BaseHttpRouterContext implements HttpRouterContext {
private final Attributes attributes;
private final List<HttpHandler> securityHandlers;
private final List<HttpHandler> openHandlers;
private final List<HttpHandler> closeHandlers;
@ -66,6 +68,7 @@ public class BaseHttpRouterContext implements HttpRouterContext {
this.application = application;
this.httpRequestBuilder = httpRequestBuilder;
this.httpResponseBuilder = httpResponseBuilder;
this.securityHandlers = new LinkedList<>();
this.openHandlers = new LinkedList<>();
this.closeHandlers = new LinkedList<>();
this.releaseeHandlers = new LinkedList<>();
@ -304,6 +307,12 @@ public class BaseHttpRouterContext implements HttpRouterContext {
@Override
public void close() throws IOException {
for (HttpHandler httpHandler : securityHandlers) {
if (httpHandler instanceof Closeable) {
logger.log(Level.FINE, "closing handler " + httpHandler);
((Closeable) httpHandler).close();
}
}
for (HttpHandler httpHandler : openHandlers) {
if (httpHandler instanceof Closeable) {
logger.log(Level.FINE, "closing handler " + httpHandler);

45
net-http-server/src/main/java/org/xbib/net/http/server/session/file/FileJsonSessionCodec.java → net-http-server/src/main/java/org/xbib/net/http/server/session/FileJsonSessionCodec.java
View file

@ -1,4 +1,4 @@
package org.xbib.net.http.server.session.file;
package org.xbib.net.http.server.session;
import java.io.IOException;
import java.io.UncheckedIOException;
@ -17,9 +17,6 @@ import java.util.stream.Stream;
import org.xbib.net.PercentEncoder;
import org.xbib.net.PercentEncoders;
import org.xbib.net.http.server.persist.Codec;
import org.xbib.net.http.server.session.BaseSession;
import org.xbib.net.http.server.session.Session;
import org.xbib.net.http.server.session.SessionListener;
import org.xbib.net.util.JsonUtil;
public class FileJsonSessionCodec implements Codec<Session> {
@ -49,12 +46,6 @@ public class FileJsonSessionCodec implements Codec<Session> {
this.sessionCacheSize = sessionCacheSize;
this.sessionDuration = sessionDuration;
this.lock = new ReentrantReadWriteLock();
try {
Files.createDirectories(path);
} catch (IOException e) {
logger.log(Level.SEVERE, e.getMessage(), e);
throw new UncheckedIOException(e);
}
}
@Override
@ -83,6 +74,7 @@ public class FileJsonSessionCodec implements Codec<Session> {
ReentrantReadWriteLock.WriteLock writeLock = lock.writeLock();
try {
writeLock.lock();
createPath();
PercentEncoder percentEncoder = PercentEncoders.getUnreservedEncoder(StandardCharsets.UTF_8);
try (Writer writer = Files.newBufferedWriter(path.resolve(percentEncoder.encode(key)))) {
writer.write(JsonUtil.toString(session));
@ -127,4 +119,37 @@ public class FileJsonSessionCodec implements Codec<Session> {
}
}
}
@Override
public void destroy() {
try (Stream<Path> stream = Files.walk(path)) {
stream.forEach(p -> {
try {
if (!path.equals(p)) {
Files.delete(p);
}
} catch (IOException e) {
logger.log(Level.WARNING, "i/o error while destroy: " + e.getMessage(), e);
}
});
} catch (IOException e) {
logger.log(Level.WARNING, "i/o error while destroy: " + e.getMessage(), e);
}
try {
Files.delete(path);
} catch (IOException e) {
logger.log(Level.WARNING, "i/o error while destroy: " + e.getMessage(), e);
}
}
private void createPath() {
try {
if (!Files.exists(path)) {
Files.createDirectories(path);
}
} catch (IOException e) {
logger.log(Level.SEVERE, e.getMessage(), e);
throw new UncheckedIOException(e);
}
}
}

98
net-http-server/src/main/java/org/xbib/net/http/server/session/IncomingContextHandler.java
View file

@ -18,16 +18,19 @@ import org.xbib.net.http.cookie.Cookie;
import org.xbib.net.http.cookie.CookieBox;
import org.xbib.net.http.server.HttpException;
import org.xbib.net.http.server.HttpHandler;
import org.xbib.net.http.server.route.HttpRouterContext;
import org.xbib.net.http.server.auth.BaseUserProfile;
import org.xbib.net.http.server.route.HttpRouterContext;
import org.xbib.net.http.server.cookie.CookieSignatureException;
import org.xbib.net.http.server.cookie.CookieSignatureUtil;
import org.xbib.net.http.server.persist.Codec;
import org.xbib.net.util.ExceptionFormatter;
public class IncomingContextHandler implements HttpHandler {
private static final Logger logger = Logger.getLogger(IncomingContextHandler.class.getName());
private final Codec<UserProfile> userProfileCodec;
private final String sessionSecret;
private final String sessionCookieAlgorithm;
@ -40,12 +43,14 @@ public class IncomingContextHandler implements HttpHandler {
Supplier<String> sessionIdGenerator;
public IncomingContextHandler(String sessionSecret,
public IncomingContextHandler(Codec<UserProfile> userProfileCodec,
String sessionSecret,
String sessionCookieAlgorithm,
String sessionCookieName,
Codec<Session> sessionCodec,
Set<String> suffixes,
Supplier<String> sessionIdGenerator) {
this.userProfileCodec = userProfileCodec;
this.sessionSecret = sessionSecret;
this.sessionCookieAlgorithm = sessionCookieAlgorithm;
this.sessionCookieName = sessionCookieName;
@ -61,8 +66,8 @@ public class IncomingContextHandler implements HttpHandler {
return;
}
Map<String, Object> payload = null;
Session session = null;
UserProfile userProfile = null;
Session session = null;
CookieBox cookieBox = context.getAttributes().get(CookieBox.class, "incomingcookies");
if (cookieBox != null) {
for (Cookie cookie : cookieBox) {
@ -72,20 +77,21 @@ public class IncomingContextHandler implements HttpHandler {
try {
// extract payload from our cookie, must be not null, otherwise security problem with exception
payload = toPayload(cookie);
logger.log(Level.FINE, payload != null && !payload.isEmpty() ? "payload found" : "no payload found");
// extract session from payload and recover session from persistence store
session = toSession(payload);
// extract user profile from session
userProfile = toUserProfile(session);
// do not log explicit content of payload, session, userprofile to not leak sensitive info into log
logger.log(Level.FINE, (payload != null && !payload.isEmpty() ? "payload found" : "no payload") +
(session != null && !session.isEmpty() ? ", session found" : ", no session") +
(userProfile != null && userProfile.getUserId() != null ? ", user profile found (" + userProfile.getUserId() + ")" : ", no user profile"));
logger.log(Level.FINE, session != null && !session.isEmpty() ? "session found" : "no session found");
// extract userprofile from cookie info, use previous auth handler setup, recover attributes only
userProfile = recoverUserProfile(context, session, payload);
logger.log(Level.FINE, userProfile != null ? "user profile found" : "no user profile found");
} catch (CookieSignatureException e) {
// set exception in context to discard broken cookie later and render exception message
context.getAttributes().put("_throwable", e);
} catch (Exception e) {
logger.log(Level.SEVERE, e.getMessage(), e);
throw new HttpException("unable to create session", context, HttpResponseStatus.INTERNAL_SERVER_ERROR);
throw new HttpException("unable to create userprofile or session: " + ExceptionFormatter.format(e),
context, HttpResponseStatus.INTERNAL_SERVER_ERROR);
}
} else {
logger.log(Level.WARNING, "received extra session cookie of same name, something is wrong, ignoring");
@ -94,13 +100,14 @@ public class IncomingContextHandler implements HttpHandler {
}
}
if (session == null) {
session = newSession(context);
logger.log(Level.FINE, "new session created, id = " + session.id());
session = createSession(context);
if (session != null) {
logger.log(Level.FINE, "new session created, id = " + session.id());
}
}
context.getAttributes().put("session", session);
if (userProfile == null) {
userProfile = newUserProfile(payload);
logger.log(Level.FINE, "new user profile created");
userProfile = recoverUserProfile(context, session, payload);
}
context.getAttributes().put("userprofile", userProfile);
}
@ -127,11 +134,11 @@ public class IncomingContextHandler implements HttpHandler {
return Map.of("id", id, "payload", payload, "map", CookieSignatureUtil.toMap(payload));
}
protected Session toSession(Map<String, Object> map) {
if (map == null) {
protected Session toSession(Map<String, Object> payload) {
if (payload == null) {
return null;
}
String id = (String) map.get("id");
String id = (String) payload.get("id");
Session session = null;
try {
if (id != null) {
@ -139,7 +146,7 @@ public class IncomingContextHandler implements HttpHandler {
if (session != null) {
logger.log(Level.FINE, "session id " + id + " restored, valid = " + session.isValid() +
", age = " + session.getAge() + ", expired = " + session.isExpired());
session.putAll(map);
session.putAll(payload);
}
}
} catch (Exception e) {
@ -148,7 +155,7 @@ public class IncomingContextHandler implements HttpHandler {
return session;
}
protected Session newSession(HttpRouterContext context) throws HttpException {
protected Session createSession(HttpRouterContext context) throws HttpException {
try {
return sessionCodec.create(sessionIdGenerator.get());
} catch (IOException e) {
@ -158,32 +165,37 @@ public class IncomingContextHandler implements HttpHandler {
}
@SuppressWarnings("unchecked")
protected UserProfile toUserProfile(Session session) {
if (session == null) {
return null;
protected UserProfile recoverUserProfile(HttpRouterContext context,
Session session,
Map<String, Object> payload) {
// already in context from previous handler?
UserProfile userProfile = context.getAttributes().get(UserProfile.class, "userprofile");
if (userProfile != null) {
try {
return userProfileCodec.read(userProfile.getUserId());
} catch (IOException e) {
// ignore I/O error, leads to empty user profile
}
}
Map<String, Object> map = (Map<String, Object>) session.get("userprofile");
return map != null ? BaseUserProfile.fromMap(map) : null;
}
@SuppressWarnings("unchecked")
protected UserProfile newUserProfile(Map<String, Object> cookieMap) {
UserProfile userProfile = new BaseUserProfile();
// user_id, e_user_id are in cookie map
if (cookieMap != null) {
Map<String, Object> m = (Map<String, Object>) cookieMap.get("map");
if (m == null) {
// nothing found
return userProfile;
}
if (m.containsKey("user_id")) {
userProfile.setUserId((String) m.get("user_id"));
}
if (m.containsKey("e_user_id")) {
userProfile.setEffectiveUserId((String) m.get("e_user_id"));
}
// roles, permissions, attributes must be restored later
// initialize
Map<String, Object> map = null;
// is user profile present in session?
if (payload == null && session != null) {
// session has stored user profile? this is important for spanning HTTP request/response like in HTTP POST/FORWARD/GET
map = (Map<String, Object>) session.get("userprofile");
} else if (payload != null) {
// is a mini user profile otherwise present in our cookie?
map = (Map<String, Object>) payload.get("map");
}
return userProfile;
if (map != null && map.containsKey(UserProfile.USER_ID)) {
try {
return userProfileCodec.read(BaseUserProfile.fromMap(map).getUserId());
} catch (IOException e) {
// ignore I/O error, leads to incomplete user profile
}
} else {
logger.log(Level.FINE, "unable to find info for initialize user profile");
}
return null;
}
}

10
net-http-server/src/main/java/org/xbib/net/http/server/session/jdbc/JdbcSessionCodec.java → net-http-server/src/main/java/org/xbib/net/http/server/session/JdbcSessionCodec.java
View file

@ -1,4 +1,4 @@
package org.xbib.net.http.server.session.jdbc;
package org.xbib.net.http.server.session;
import java.io.IOException;
import java.io.UncheckedIOException;
@ -14,9 +14,6 @@ import java.util.List;
import java.util.Map;
import javax.sql.DataSource;
import org.xbib.net.http.server.persist.Codec;
import org.xbib.net.http.server.session.BaseSession;
import org.xbib.net.http.server.session.Session;
import org.xbib.net.http.server.session.SessionListener;
import org.xbib.net.util.JsonUtil;
public class JdbcSessionCodec implements Codec<Session> {
@ -132,6 +129,11 @@ public class JdbcSessionCodec implements Codec<Session> {
}
}
@Override
public void destroy() {
// TODO
}
private String readString(String key) throws SQLException {
List<String> list = new ArrayList<>();
Connection connection = dataSource.getConnection();

11
net-http-server/src/main/java/org/xbib/net/http/server/session/memory/MemoryPropertiesSessionCodec.java → net-http-server/src/main/java/org/xbib/net/http/server/session/MemoryPropertiesSessionCodec.java
View file

@ -1,4 +1,4 @@
package org.xbib.net.http.server.session.memory;
package org.xbib.net.http.server.session;
import java.io.IOException;
import java.time.Duration;
@ -7,9 +7,6 @@ import java.util.Map;
import java.util.Properties;
import java.util.concurrent.locks.ReentrantReadWriteLock;
import org.xbib.net.http.server.persist.Codec;
import org.xbib.net.http.server.session.BaseSession;
import org.xbib.net.http.server.session.Session;
import org.xbib.net.http.server.session.SessionListener;
public class MemoryPropertiesSessionCodec implements Codec<Session> {
@ -101,4 +98,10 @@ public class MemoryPropertiesSessionCodec implements Codec<Session> {
}
}
}
@Override
public void destroy() {
store.clear();
}
}

24
net-http-server/src/main/java/org/xbib/net/http/server/session/OutgoingContextHandler.java
View file

@ -5,10 +5,11 @@ import java.nio.charset.StandardCharsets;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.time.Duration;
import java.util.Map;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.xbib.datastructures.tiny.TinyMap;
import org.xbib.net.PercentEncoder;
import org.xbib.net.PercentEncoders;
import org.xbib.net.UserProfile;
@ -85,10 +86,10 @@ public class OutgoingContextHandler implements HttpHandler {
cookieBox.add(createEmptyCookie(host, path));
return;
}
UserProfile userProfile = context.getAttributes().get(UserProfile.class, "userprofile");
Session session = context.getAttributes().get(Session.class, "session");
if (session != null) {
try {
UserProfile userProfile = context.getAttributes().get(UserProfile.class, "userprofile");
if (userProfile != null) {
session.put("userprofile", userProfile.asMap());
}
@ -127,17 +128,19 @@ public class OutgoingContextHandler implements HttpHandler {
session.invalidate();
return createEmptyCookie(host, path);
}
Map<String, Object> map = userProfile != null ?
Map.of("user_id", userProfile.getUserId() != null ? userProfile.getUserId() :"",
"e_user_id", userProfile.getEffectiveUserId() != null ? userProfile.getEffectiveUserId() : "") :
Map.of();
String payload = CookieSignatureUtil.toString(map);
TinyMap.Builder<String, Object> builder = TinyMap.builder();
if (userProfile != null) {
builder.putIfNotNull(UserProfile.USER_ID, userProfile.getUserId());
builder.putIfNotNull(UserProfile.EFFECTIVE_USER_ID, userProfile.getEffectiveUserId());
}
logger.log(Level.FINEST, "map for cookie payload = " + builder.build());
String payload = CookieSignatureUtil.toString(builder.build());
String sig = CookieSignatureUtil.hmac(payload, sessionSecret, sessionCookieAlgorithm);
String cookieValue = String.join(":", id, payload, sig);
PercentEncoder percentEncoder = PercentEncoders.getCookieEncoder(StandardCharsets.ISO_8859_1);
DefaultCookie cookie = new DefaultCookie(sessionCookieName, percentEncoder.encode(cookieValue));
String domain = extractDomain(host);
if ("localhost".equals(domain)) {
if (domain == null || "localhost".equals(domain)) {
logger.log(Level.WARNING, "localhost not set as a cookie domain");
} else {
cookie.setDomain('.' + domain);
@ -153,7 +156,7 @@ public class OutgoingContextHandler implements HttpHandler {
private Cookie createEmptyCookie(String host, String path) {
DefaultCookie cookie = new DefaultCookie(sessionCookieName);
String domain = extractDomain(host);
if ("localhost".equals(domain)) {
if (domain == null || "localhost".equals(domain)) {
logger.log(Level.WARNING, "localhost not set as a cookie domain");
} else {
cookie.setDomain('.' + domain);
@ -168,6 +171,9 @@ public class OutgoingContextHandler implements HttpHandler {
}
private static String extractDomain(String fqdn) {
if (fqdn == null) {
return null;
}
if ("localhost".equals(fqdn)) {
return fqdn;
}

4
net-http-server/src/main/java/org/xbib/net/http/server/session/PersistSessionHandler.java
View file

@ -3,6 +3,8 @@ package org.xbib.net.http.server.session;
import java.io.IOException;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.xbib.net.UserProfile;
import org.xbib.net.http.HttpResponseStatus;
import org.xbib.net.http.server.HttpException;
import org.xbib.net.http.server.HttpHandler;
@ -22,7 +24,7 @@ public class PersistSessionHandler implements HttpHandler {
@Override
public void handle(HttpRouterContext context) throws IOException {
Session session = context.getAttributes().get(Session.class, "session");
if (session != null) {
if (session != null && session.hasPayload()) {
try {
logger.log(Level.FINEST, "writing session id " + session.id() + " keys = " + session.keySet());
sessionCodec.write(session.id(), session);

2
net-http-server/src/test/java/module-info.java
View file

@ -6,7 +6,9 @@ module org.xbib.net.http.server.test {
exports org.xbib.net.http.server.test.base;
exports org.xbib.net.http.server.test.ldap;
exports org.xbib.net.http.server.test.session;
exports org.xbib.net.http.server.test.userprofile;
opens org.xbib.net.http.server.test.base;
opens org.xbib.net.http.server.test.ldap;
opens org.xbib.net.http.server.test.session;
opens org.xbib.net.http.server.test.userprofile;
}

14
net-http-server/src/test/java/org/xbib/net/http/server/test/session/JsonSessionTest.java
View file

@ -4,17 +4,16 @@ import java.io.IOException;
import java.nio.file.Paths;
import java.time.Duration;
import java.util.function.Supplier;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.junit.jupiter.api.Test;
import org.xbib.net.http.server.persist.Codec;
import org.xbib.net.http.server.session.Session;
import org.xbib.net.http.server.session.file.FileJsonSessionCodec;
import org.xbib.net.http.server.session.FileJsonSessionCodec;
import org.xbib.net.util.RandomUtil;
public class JsonSessionTest {
import static org.junit.jupiter.api.Assertions.assertEquals;
private static final Logger logger = Logger.getLogger(JsonSessionTest.class.getName());
public class JsonSessionTest {
@Test
void testJsonSession() throws IOException {
@ -23,12 +22,13 @@ public class JsonSessionTest {
session.put("a", "b");
sessionCodec.write(session.id(), session);
Session session1 = sessionCodec.read(session.id());
logger.log(Level.INFO, session1.get("a").toString());
assertEquals("b", session1.get("a").toString());
sessionCodec.destroy();
}
private Codec<Session> newSessionCodec() {
return new FileJsonSessionCodec("SESSION-TEST", null, 1024,
Duration.ofDays(1), Paths.get("/var/tmp/session-test"));
Duration.ofDays(1), Paths.get("build/session-test"));
}
private Session create(Codec<Session> sessionCodec, Supplier<String> sessionIdGenerator) throws IOException {

34
net-http-server/src/test/java/org/xbib/net/http/server/test/userprofile/JsonUserProfileTest.java Normal file
View file

@ -0,0 +1,34 @@
package org.xbib.net.http.server.test.userprofile;
import org.junit.jupiter.api.Test;
import org.xbib.net.UserProfile;
import org.xbib.net.http.server.persist.Codec;
import org.xbib.net.http.server.auth.FileJsonUserProfileCodec;
import java.io.IOException;
import java.nio.file.Paths;
import static org.junit.jupiter.api.Assertions.assertEquals;
public class JsonUserProfileTest {
@Test
void testJsonUserProfile() throws IOException {
Codec<UserProfile> userProfileCodec = newUserProfileCodec();
UserProfile userProfile = create(userProfileCodec);
userProfile.getAttributes().put("a", "b");
userProfileCodec.write(userProfile.getUserId(), userProfile);
UserProfile userProfile1 = userProfileCodec.read(userProfile.getUserId());
assertEquals("b", userProfile1.getAttributes().get("a").toString());
userProfileCodec.destroy();
}
private Codec<UserProfile> newUserProfileCodec() {
return new FileJsonUserProfileCodec(Paths.get("build/userprofile-test"));
}
private UserProfile create(Codec<UserProfile> userProfileCodec) throws IOException {
return userProfileCodec.create("1");
}
}

13
settings.gradle
View file

@ -1,12 +1,12 @@
dependencyResolutionManagement {
versionCatalogs {
libs {
version('gradle', '8.5')
version('groovy', '4.0.20')
version('netty', '4.1.109.Final')
version('gradle', '8.7')
version('groovy', '4.0.21')
version('netty', '4.1.111.Final')
version('netty-tcnative', '2.0.65.Final')
version('datastructures', '5.0.7')
version('net', '4.4.0')
version('datastructures', '5.1.1')
version('net', '4.8.0')
library('netty-codec-http2', 'io.netty', 'netty-codec-http2').versionRef('netty')
library('netty-handler', 'io.netty', 'netty-handler').versionRef('netty')
library('netty-handler-proxy', 'io.netty', 'netty-handler-proxy').versionRef('netty')
@ -14,8 +14,7 @@ dependencyResolutionManagement {
library('netty-kqueue', 'io.netty', 'netty-transport-native-kqueue').versionRef('netty')
library('netty-boringssl', 'io.netty', 'netty-tcnative-boringssl-static').versionRef('netty-tcnative')
library('conscrypt', 'org.conscrypt', 'conscrypt-openjdk-uber').version('2.5.2')
library('jackson', 'com.fasterxml.jackson.core', 'jackson-databind').version('2.16.0')
library('jna', 'net.java.dev.jna', 'jna').version('5.14.0')
library('jackson', 'com.fasterxml.jackson.core', 'jackson-databind').version('2.17.1')
library('groovy-templates', 'org.apache.groovy', 'groovy-templates').versionRef('groovy')
library('j2html', 'org.xbib', 'j2html').version('2.0.0')
library('webjars-bootstrap', 'org.webjars', 'bootstrap').version('5.1.0')