/** * Create a ServerAuthorization object. * * @param obj * @param respHdrs * @return */ public final ServerAuthorization create(ServerAuthorization serverAuth, @Headers Map<String, Object> reqHdrs, @OutHeaders Map<String, Object> respHdrs) { final String serverUrl = serverAuth.getServerUrl(); if (serverUrl != null && !serverUrl.isEmpty()) { // Don't honor the incoming id value, if any serverAuth.setId(UUID.randomUUID().toString()); final ServerAuthorization serverAuthResp = processServerAuthRequest( serverAuth, reqHdrs, respHdrs); return serverAuthResp; } return null; }
/** * This method handle our order input and return the order * * @param in the in headers * @param payload the in payload * @param out the out headers * @return the out payload * @throws OrderFailedException is thrown if the order cannot be processed */ public Object handleOrder(@Headers Map<?, ?> in, @Body String payload, @OutHeaders Map<String, Object> out) throws OrderFailedException { out.put("customerid", in.get("customerid")); if ("Order: kaboom".equals(payload)) { throw new OrderFailedException("Cannot order: kaboom"); } else { out.put("orderid", "123"); return "Order OK"; } }
public String doSomething(@Body String body, @Headers Map<?, ?> headers, @OutHeaders Map<String, Object> outHeaders) { if (outHeaders != null) { outHeaders.put("out", 123); } return "Hello!"; }
/** * This method handle our order input and return the order * * @param in the in headers * @param payload the in payload * @param out the out headers * @return the out payload * @throws OrderFailedException is thrown if the order cannot be processed */ public Object handleOrder(@Headers Map<String, Object> in, @Body String payload, @OutHeaders Map<String, Object> out) throws OrderFailedException { out.put("customerid", in.get("customerid")); if ("Order: kaboom".equals(payload)) { throw new OrderFailedException("Cannot order: kaboom"); } else { out.put("orderid", "123"); return "Order OK"; } }
public void setArgs(@OutHeaders Map headers, @Body Notification notification) { ArrayList<String> args = new ArrayList<String>(); Event event = notification.getEvent(); args.add("msend.pl"); args.add("-o"); args.add(event.getSource().getName()); args.add("-r"); args.add(event.getSeverity().toString()); headers.put(EXEC_COMMAND_ARGS, args); headers.put(EXEC_COMMAND_EXECUTABLE, "echo"); }
/** * Process a request to create a Server Authorization (i.e., request to grant * ptmatchadapter authorization to access a particular fhir server) * * @param serverAuth * @param reqHdrs * @param respHdrs * @return */ private final ServerAuthorization processServerAuthRequest( ServerAuthorization serverAuth, @Headers Map<String, Object> reqHdrs, @OutHeaders Map<String, Object> respHdrs) { final String serverUrl = serverAuth.getServerUrl(); final String accessToken = serverAuth.getAccessToken(); // if request doesn't contain a server URL, it is an error if (serverUrl == null || serverUrl.isEmpty()) { respHdrs.put(Exchange.HTTP_RESPONSE_CODE, 400); // BAD REQUEST return null; } // else if the request body doesn't include an access token, redirect user // to an authorization server else if (accessToken == null || accessToken.isEmpty()) { // create a state identifier final String stateKey = newStateKey(); respHdrs.put(STATE_PARAM, stateKey); final AuthorizationRequestInfo requestInfo = new AuthorizationRequestInfo(); requestInfo.put(SERVER_AUTH, serverAuth); sessionData.put(stateKey, requestInfo); // Construct URL we will invoke on authorization server // GET /authorize?response_type=code&client_id=s6BhdRkqt3&state=xyz // &redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcb final StringBuilder authUrl = new StringBuilder(100); if (getAuthorizationServer() != null) { authUrl.append(getAuthorizationServer()); } authUrl.append(getAuthorizationEndpoint()); authUrl.append("?"); authUrl.append("response_type=code&client_id="); try { authUrl.append(URLEncoder.encode(getClientId(), "UTF-8")); authUrl.append("&"); authUrl.append(STATE_PARAM); authUrl.append("="); authUrl.append(stateKey); authUrl.append("&redirect_uri="); final HttpServletRequest req = (HttpServletRequest) reqHdrs .get(Exchange.HTTP_SERVLET_REQUEST); final String redirectUri = URLEncoder.encode( getClientAuthRedirectUri(req.getScheme(), req.getServerName(), req.getServerPort()), "UTF-8"); authUrl.append(redirectUri); // we need to provide redirect uri with access token request, so save it requestInfo.put("redirectUri", redirectUri); } catch (UnsupportedEncodingException e) { // Should never happen, which is why I wrap all above once LOG.error("Usupported encoding used on authorization redirect", e); } respHdrs.put(Exchange.HTTP_RESPONSE_CODE, 302); // FOUND respHdrs.put(Exchange.CONTENT_TYPE, "text/plain"); respHdrs.put("Location", authUrl.toString()); return null; } else { LOG.warn("NOT IMPLEMENTED"); return null; } }
/** * Processes a form-based request to create a ServerAuthorization * * @param body * Body of the request (unused since form parameters are expected in * the request header * @param reqHdrs * @param respHdrs * @return */ public final ServerAuthorization createFromForm(@Body String body, @Headers Map<String, Object> reqHdrs, @OutHeaders Map<String, Object> respHdrs) { final String serverUrl = (String) reqHdrs.get("serverUrl"); if (serverUrl != null && !serverUrl.isEmpty()) { final ServerAuthorization serverAuth = new ServerAuthorization(); serverAuth.setId(UUID.randomUUID().toString()); serverAuth.setTitle((String) reqHdrs.get("title")); serverAuth.setServerUrl(serverUrl); // look for evidence of CORS header (header is case-insensitive String origin = (String) reqHdrs.get("Origin"); if (origin == null) { origin = (String) reqHdrs.get("origin"); } LOG.debug("handleOptions: origin {}", origin); // Section 3.2 of RFC 7230 (https://tools.ietf.org/html/rfc7230#section-3.2) // says header fields are case-insensitive if (origin != null) { // Firefox on Linux wan'ts exact value of origin in response; * is being rejected respHdrs.put("Access-Control-Allow-Origin", origin); respHdrs.put("Access-Control-Allow-Credentials", "true"); } // Redirect caller to authorization server to get an authorization code final ServerAuthorization serverAuthResp = processServerAuthRequest( serverAuth, reqHdrs, respHdrs); // Retrieve the state key from the query parameters final String stateKey = (String) respHdrs.get(STATE_PARAM); final AuthorizationRequestInfo requestInfo = (AuthorizationRequestInfo) sessionData .get(stateKey); // Annotate request info so we know to return html later requestInfo.setResponseType("html"); return serverAuthResp; } else { // missing required parameter respHdrs.put(Exchange.HTTP_RESPONSE_CODE, 400); // BAD REQUEST respHdrs.put(Exchange.CONTENT_LENGTH, 0); } return null; }
/** * Processes authorization code response from the OAuth 2.0 Authorization * Server. * * @param body * @param reqHdrs * @param respHdrs * @return */ public String processAuthorizationCode(@Body String body, @Headers Map<String, Object> reqHdrs, @OutHeaders Map<String, Object> respHdrs) { // Retrieve the state key from the query parameters final String stateKey = (String) reqHdrs.get(STATE_PARAM); if (stateKey == null) { final String msg = "Redirect from authorization server is missing state parameter"; LOG.error(msg); throw new IllegalStateException(msg); } LOG.info("process redirect, state {}", stateKey); for (String key : sessionData.keySet()) { LOG.info("redirect session state key: {}", key); } final HttpServletRequest req = (HttpServletRequest) reqHdrs .get(Exchange.HTTP_SERVLET_REQUEST); final String authCode = (String) reqHdrs.get(CODE_PARAM); // - - - - - - - - - - - - - - - - - - - - - - - - - - // Request an Access Token from the OAuth Authorization Server // - - - - - - - - - - - - - - - - - - - - - - - - - - final ServerAuthorization serverAuth = requestAccessToken(req, stateKey, authCode); if (serverAuth != null) { getServerAuthorizations().add(serverAuth); LOG.info("process AuthCodeResp, serverUrl {}", serverAuth.getServerUrl()); LOG.info("process AuthCodeResp, # server auths {}", serverAuthorizations.size()); } final AuthorizationRequestInfo requestInfo = (AuthorizationRequestInfo) sessionData .remove(stateKey); if (requestInfo.getResponseType().equalsIgnoreCase("html")) { // redirect user to page of server authorizations respHdrs.put(Exchange.HTTP_RESPONSE_CODE, 302); // FOUND respHdrs.put(Exchange.CONTENT_LENGTH, 0); respHdrs.put("Location", "/"); return ""; } else { respHdrs.put(Exchange.HTTP_RESPONSE_CODE, 201); // Created respHdrs.put(Exchange.CONTENT_TYPE, "application/json"); return "{\"code\": \"success\"}"; } }
/** * This method creates the response to the caller if the order could not be processed * @param in the in headers * @param payload the in payload * @param out the out headers * @return the out payload */ public Object orderFailed(@Headers Map<?, ?> in, @Body String payload, @OutHeaders Map<String, Object> out) { out.put("customerid", in.get("customerid")); out.put("orderid", "failed"); return "Order ERROR"; }
/** * This method creates the response to the caller if the order could not be * processed * * @param in the in headers * @param payload the in payload * @param out the out headers * @return the out payload */ public Object orderFailed(@Headers Map<String, Object> in, @Body String payload, @OutHeaders Map<String, Object> out) { out.put("customerid", in.get("customerid")); out.put("orderid", "failed"); return "Order ERROR"; }
