Example usage for io.netty.handler.codec.http HttpHeaderNames ACCESS_CONTROL_REQUEST_METHOD

List of usage examples for io.netty.handler.codec.http HttpHeaderNames ACCESS_CONTROL_REQUEST_METHOD

  1. HOME
  2. Java
  3. io.netty
  4. io.netty.handler.codec.http.*
  5. HttpHeaderNames
  6. ACCESS_CONTROL_REQUEST_METHOD

Introduction

In this page you can find the example usage for io.netty.handler.codec.http HttpHeaderNames ACCESS_CONTROL_REQUEST_METHOD.

Prototype

AsciiString ACCESS_CONTROL_REQUEST_METHOD

To view the source code for io.netty.handler.codec.http HttpHeaderNames ACCESS_CONTROL_REQUEST_METHOD.

Click Source Link

Document

"access-control-request-method"

Usage

From source file:org.ballerinalang.net.http.CorsHeaderGenerator.java

License:Open Source License

private static Map<String, String> processPreflightRequest(String originValue, HttpCarbonMessage cMsg) {
    Map<String, String> responseHeaders = new HashMap<>();
    //6.2.1 - request must have origin, must have one origin.
    List<String> requestOrigins = getOriginValues(originValue);
    if (requestOrigins == null || requestOrigins.size() != 1) {
        bLog.info("{} origin header field parsing failed", ACTION);
        return null;
    }// w  ww  .ja v a 2s  .co  m
    String origin = requestOrigins.get(0);
    //6.2.3 - request must have access-control-request-method, must be single-valued
    List<String> requestMethods = getHeaderValues(HttpHeaderNames.ACCESS_CONTROL_REQUEST_METHOD.toString(),
            cMsg);
    if (requestMethods == null || requestMethods.size() != 1) {
        String error = requestMethods == null ? "Access-Control-Request-Method header is unavailable"
                : "Access-Control-Request-Method header value must be single-valued";
        bLog.info("{} {}", ACTION, error);
        return null;
    }
    String requestMethod = requestMethods.get(0);
    CorsHeaders resourceCors = getResourceCors(cMsg, requestMethod);
    if (resourceCors == null || !resourceCors.isAvailable()) {
        String error = resourceCors == null ? "access control request method not allowed"
                : "CORS headers not declared properly";
        bLog.info("{} {}", ACTION, error);
        return null;
    }
    if (!isEffectiveMethod(requestMethod, resourceCors.getAllowMethods())) {
        bLog.info("{} access control request method not allowed", ACTION);
        return null;
    }
    //6.2.2 - request origin must be on the list or match with *.
    if (!isEffectiveOrigin(Arrays.asList(origin), resourceCors.getAllowOrigins())) {
        bLog.info("{} origin not allowed", ACTION);
        return null;
    }
    //6.2.4 - get list of request headers.
    List<String> requestHeaders = getHeaderValues(HttpHeaderNames.ACCESS_CONTROL_REQUEST_HEADERS.toString(),
            cMsg);
    if (!isEffectiveHeader(requestHeaders, resourceCors.getAllowHeaders())) {
        bLog.info("{} header field parsing failed", ACTION);
        return null;
    }
    //6.2.7 - set origin and credentials
    setAllowOriginAndCredentials(Arrays.asList(origin), resourceCors, responseHeaders);
    //6.2.9 - set allow-methods
    responseHeaders.put(HttpHeaderNames.ACCESS_CONTROL_ALLOW_METHODS.toString(), requestMethod);
    //6.2.10 - set allow-headers
    if (requestHeaders != null) {
        responseHeaders.put(HttpHeaderNames.ACCESS_CONTROL_ALLOW_HEADERS.toString(),
                DispatcherUtil.concatValues(requestHeaders, false));
    }
    //6.2.8 - set max-age
    responseHeaders.put(HttpHeaderNames.ACCESS_CONTROL_MAX_AGE.toString(),
            String.valueOf(resourceCors.getMaxAge()));
    return responseHeaders;
}

From source file:org.ballerinalang.stdlib.services.cors.HTTPCorsTest.java

License:Open Source License

@Test(description = "Test for CORS override at two levels with preflight")
public void testPreFlightReqServiceResourceCorsOverride() {
    String path = "/hello1/test1";
    HTTPTestRequest cMsg = MessageUtils.generateHTTPMessage(path, "OPTIONS", "Hello there");
    cMsg.setHeader(HttpHeaderNames.ORIGIN.toString(), "http://www.wso2.com");
    cMsg.setHeader(HttpHeaderNames.ACCESS_CONTROL_REQUEST_METHOD.toString(), HttpConstants.HTTP_METHOD_POST);
    cMsg.setHeader(HttpHeaderNames.ACCESS_CONTROL_REQUEST_HEADERS.toString(), "X-PINGOTHER");
    HttpCarbonMessage response = Services.invokeNew(complieResult, TEST_EP, cMsg);

    Assert.assertNotNull(response);/*from   ww  w.j av a2  s  .  c  o  m*/
    assertEqualsCorsResponse(response, 200, "http://www.wso2.com", "true", "X-PINGOTHER", "POST", "-1");
}

From source file:org.ballerinalang.stdlib.services.cors.HTTPCorsTest.java

License:Open Source License

@Test(description = "Test preflight without origin header")
public void testPreFlightReqwithNoOrigin() {
    String path = "/hello1/test1";
    HTTPTestRequest cMsg = MessageUtils.generateHTTPMessage(path, "OPTIONS", "Hello there");
    cMsg.setHeader(HttpHeaderNames.ACCESS_CONTROL_REQUEST_METHOD.toString(), HttpConstants.HTTP_METHOD_POST);
    cMsg.setHeader(HttpHeaderNames.ACCESS_CONTROL_REQUEST_HEADERS.toString(), "X-PINGOTHER");
    HttpCarbonMessage response = Services.invokeNew(complieResult, TEST_EP, cMsg);

    Assert.assertNotNull(response);//from  www . j av a  2  s  . c o m
    assertEqualsCorsResponse(response, 200, null, null, null, null, null);
}

From source file:org.ballerinalang.stdlib.services.cors.HTTPCorsTest.java

License:Open Source License

@Test(description = "Test preflight with unavailable HTTP methods")
public void testPreFlightReqwithUnavailableMethod() {
    String path = "/hello1/test1";
    HTTPTestRequest cMsg = MessageUtils.generateHTTPMessage(path, "OPTIONS", "Hello there");
    cMsg.setHeader(HttpHeaderNames.ORIGIN.toString(), "http://www.wso2.com");
    cMsg.setHeader(HttpHeaderNames.ACCESS_CONTROL_REQUEST_METHOD.toString(), HttpConstants.HTTP_METHOD_PUT);
    cMsg.setHeader(HttpHeaderNames.ACCESS_CONTROL_REQUEST_HEADERS.toString(), "X-PINGOTHER");
    HttpCarbonMessage response = Services.invokeNew(complieResult, TEST_EP, cMsg);

    Assert.assertNotNull(response);/*from  www .  ja  va  2  s .  com*/
    assertEqualsCorsResponse(response, 200, null, null, null, null, null);
}

From source file:org.ballerinalang.stdlib.services.cors.HTTPCorsTest.java

License:Open Source License

@Test(description = "Test for preflight with Head as request method to a GET method annotated resource")
public void testPreFlightReqwithHeadMethod() {
    String path = "/hello1/test2";
    HTTPTestRequest cMsg = MessageUtils.generateHTTPMessage(path, "OPTIONS", "Hello there");
    cMsg.setHeader(HttpHeaderNames.ORIGIN.toString(), "http://www.m3.com");
    cMsg.setHeader(HttpHeaderNames.ACCESS_CONTROL_REQUEST_METHOD.toString(), HttpConstants.HTTP_METHOD_HEAD);
    cMsg.setHeader(HttpHeaderNames.ACCESS_CONTROL_REQUEST_HEADERS.toString(), "CORELATION_ID");
    HttpCarbonMessage response = Services.invokeNew(complieResult, TEST_EP, cMsg);

    Assert.assertNotNull(response);/*from w  ww.  j av  a 2 s.c  om*/
    assertEqualsCorsResponse(response, 200, "http://www.m3.com", "true", "CORELATION_ID",
            HttpConstants.HTTP_METHOD_HEAD, "1");
}

From source file:org.ballerinalang.stdlib.services.cors.HTTPCorsTest.java

License:Open Source License

@Test(description = "Test preflight for invalid headers")
public void testPreFlightReqwithInvalidHeaders() {
    String path = "/hello1/test1";
    HTTPTestRequest cMsg = MessageUtils.generateHTTPMessage(path, "OPTIONS", "Hello there");
    cMsg.setHeader(HttpHeaderNames.ORIGIN.toString(), "http://www.wso2.com");
    cMsg.setHeader(HttpHeaderNames.ACCESS_CONTROL_REQUEST_METHOD.toString(), HttpConstants.HTTP_METHOD_POST);
    cMsg.setHeader(HttpHeaderNames.ACCESS_CONTROL_REQUEST_HEADERS.toString(), "WSO2");
    HttpCarbonMessage response = Services.invokeNew(complieResult, TEST_EP, cMsg);

    Assert.assertNotNull(response);/*from w  w  w.  j a v  a 2  s  .  c om*/
    assertEqualsCorsResponse(response, 200, null, null, null, null, null);
}

From source file:org.ballerinalang.stdlib.services.cors.HTTPCorsTest.java

License:Open Source License

@Test(description = "Test preflight without headers")
public void testPreFlightReqwithNoHeaders() {
    String path = "/hello1/test1";
    HTTPTestRequest cMsg = MessageUtils.generateHTTPMessage(path, "OPTIONS", "Hello there");
    cMsg.setHeader(HttpHeaderNames.ORIGIN.toString(), "http://www.wso2.com");
    cMsg.setHeader(HttpHeaderNames.ACCESS_CONTROL_REQUEST_METHOD.toString(), HttpConstants.HTTP_METHOD_POST);
    HttpCarbonMessage response = Services.invokeNew(complieResult, TEST_EP, cMsg);

    Assert.assertNotNull(response);/*www.  j  a v a2  s.c om*/
    assertEqualsCorsResponse(response, 200, "http://www.wso2.com", "true", null, HttpConstants.HTTP_METHOD_POST,
            "-1");
}

From source file:org.ballerinalang.stdlib.services.cors.HTTPCorsTest.java

License:Open Source License

@Test(description = "Test preflight with method restriction at service level")
public void testPreFlightReqwithRestrictedMethodsServiceLevel() {
    String path = "/hello3/info1";
    HTTPTestRequest cMsg = MessageUtils.generateHTTPMessage(path, "OPTIONS", "Hello there");
    cMsg.setHeader(HttpHeaderNames.ORIGIN.toString(), "http://www.m3.com");
    cMsg.setHeader(HttpHeaderNames.ACCESS_CONTROL_REQUEST_METHOD.toString(), HttpConstants.HTTP_METHOD_POST);
    cMsg.setHeader(HttpHeaderNames.ACCESS_CONTROL_REQUEST_HEADERS.toString(), "X-PINGOTHER");
    HttpCarbonMessage response = Services.invokeNew(complieResult, TEST_EP, cMsg);

    Assert.assertNotNull(response);/* www  .jav  a  2 s .c o m*/
    assertEqualsCorsResponse(response, 200, null, null, null, null, null);
}

From source file:org.ballerinalang.stdlib.services.cors.HTTPCorsTest.java

License:Open Source License

@Test(description = "Test preflight with method restriction at resource level")
public void testPreFlightReqwithRestrictedMethodsResourceLevel() {
    String path = "/hello2/test2";
    HTTPTestRequest cMsg = MessageUtils.generateHTTPMessage(path, "OPTIONS", "Hello there");
    cMsg.setHeader(HttpHeaderNames.ORIGIN.toString(), "http://www.bbc.com");
    cMsg.setHeader(HttpHeaderNames.ACCESS_CONTROL_REQUEST_METHOD.toString(), HttpConstants.HTTP_METHOD_DELETE);
    cMsg.setHeader(HttpHeaderNames.ACCESS_CONTROL_REQUEST_HEADERS.toString(), "X-PINGOTHER");
    HttpCarbonMessage response = Services.invokeNew(complieResult, TEST_EP, cMsg);

    Assert.assertNotNull(response);//from w w w  .j av a  2s .c  o m
    assertEqualsCorsResponse(response, 200, null, null, null, null, null);
}

From source file:org.ballerinalang.stdlib.services.cors.HTTPCorsTest.java

License:Open Source License

@Test(description = "Test preflight with allowed method at service level")
public void testPreFlightReqwithAllowedMethod() {
    String path = "/hello3/info1";
    HTTPTestRequest cMsg = MessageUtils.generateHTTPMessage(path, "OPTIONS", "Hello there");
    cMsg.setHeader(HttpHeaderNames.ORIGIN.toString(), "http://www.m3.com");
    cMsg.setHeader(HttpHeaderNames.ACCESS_CONTROL_REQUEST_METHOD.toString(), HttpConstants.HTTP_METHOD_PUT);
    cMsg.setHeader(HttpHeaderNames.ACCESS_CONTROL_REQUEST_HEADERS.toString(), "X-PINGOTHER");
    HttpCarbonMessage response = Services.invokeNew(complieResult, TEST_EP, cMsg);

    Assert.assertNotNull(response);/*from   w  ww. jav a 2 s  . co  m*/
    assertEqualsCorsResponse(response, 200, "http://www.m3.com", "true", "X-PINGOTHER", "PUT", "1");
}