org.waarp.openr66.protocol.http.restv2.resthandlers

Class RestHandlerHook

java.lang.Object

org.waarp.openr66.protocol.http.restv2.resthandlers.RestHandlerHook

All Implemented Interfaces:

io.cdap.http.HandlerHook

public class RestHandlerHook
extends Object
implements io.cdap.http.HandlerHook

This class defines hooks called before and after the corresponding AbstractRestDbHandler when a request is made. These hooks check the user authentication and privileges, as well as the request content type.

Constructor Summary

Constructors

Constructor and Description
RestHandlerHook(boolean authenticated, HmacSha256 hmac, long delay) Creates a HandlerHook which will check for authentication and signature on incoming request depending on the parameters.

Method Summary

Modifier and Type	Method and Description
protected boolean	checkAuthorization(String user, Method method) Checks if the user given as argument is authorized to call the given method.
protected String	checkCredentials(io.netty.handler.codec.http.HttpRequest request) Checks if the user making the request does exist.
void	postCall(io.netty.handler.codec.http.HttpRequest httpRequest, io.netty.handler.codec.http.HttpResponseStatus httpResponseStatus, io.cdap.http.internal.HandlerInfo handlerInfo) Hook called after a request handler is called.
boolean	preCall(io.netty.handler.codec.http.HttpRequest request, io.cdap.http.HttpResponder responder, io.cdap.http.internal.HandlerInfo handlerInfo) Hook called before a request handler is called.
protected void	validateHMACCredentials(Host host, String authDate, String authUser, String authKey)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

RestHandlerHook

public RestHandlerHook(boolean authenticated,
                       HmacSha256 hmac,
                       long delay)

Creates a HandlerHook which will check for authentication and signature on incoming request depending on the parameters.

Parameters:

authenticated - specifies if the HandlerHook will check authentication

hmac - the key used for HMAC authentication

delay - the delay for which a HMAC signed request is valid

Method Detail

preCall

public final boolean preCall(io.netty.handler.codec.http.HttpRequest request,
                             io.cdap.http.HttpResponder responder,
                             io.cdap.http.internal.HandlerInfo handlerInfo)

Hook called before a request handler is called. Checks if the REST method is active in the CRUD configuration, checks the request's content type, and finally checks the user authentication (if activated).

Specified by:

preCall in interface io.cdap.http.HandlerHook

Parameters:

request - the HttpRequest currently being processed

responder - the HttpResponder sending the response

handlerInfo - the information about the handler to which the request will be sent for processing

Returns:

true if the request can be handed to the handler, or false if an error occurred and a response must be sent immediately.

checkCredentials

protected final String checkCredentials(io.netty.handler.codec.http.HttpRequest request)

Checks if the user making the request does exist. If the user does exist, this method returns the user's name, otherwise throws a NotAllowedException.

Parameters:

request - the request currently being processed

Returns:

the user's name

Throws:

InternalServerErrorException - if an unexpected error occurred

NotAllowedException - if the user making the request does not exist

validateHMACCredentials

protected final void validateHMACCredentials(Host host,
                                             String authDate,
                                             String authUser,
                                             String authKey)
                                      throws InternalServerErrorException

Throws:

InternalServerErrorException

checkAuthorization

protected final boolean checkAuthorization(String user,
                                           Method method)

Checks if the user given as argument is authorized to call the given method.

Parameters:

user - the name of the user making the request

method - the method called by the request

Returns:

true if the user is authorized to make the request, false otherwise.

postCall

public final void postCall(io.netty.handler.codec.http.HttpRequest httpRequest,
                           io.netty.handler.codec.http.HttpResponseStatus httpResponseStatus,
                           io.cdap.http.internal.HandlerInfo handlerInfo)

Hook called after a request handler is called.

Specified by:

postCall in interface io.cdap.http.HandlerHook

Parameters:

httpRequest - the request currently being processed

httpResponseStatus - the status of the http response generated by the request handler

handlerInfo - information about the handler to which the request was sent