List of usage examples for org.springframework.boot.actuate.autoconfigure.cloudfoundry CloudFoundryAuthorizationException CloudFoundryAuthorizationException
public CloudFoundryAuthorizationException(Reason reason, String message)
From source file:org.springframework.boot.actuate.autoconfigure.cloudfoundry.CloudFoundrySecurityInterceptor.java
SecurityResponse preHandle(HttpServletRequest request, String endpointId) {
if (CorsUtils.isPreFlightRequest(request)) {
return SecurityResponse.success();
}//from w w w . j a v a 2 s . co m
try {
if (!StringUtils.hasText(this.applicationId)) {
throw new CloudFoundryAuthorizationException(
CloudFoundryAuthorizationException.Reason.SERVICE_UNAVAILABLE,
"Application id is not available");
}
if (this.cloudFoundrySecurityService == null) {
throw new CloudFoundryAuthorizationException(
CloudFoundryAuthorizationException.Reason.SERVICE_UNAVAILABLE,
"Cloud controller URL is not available");
}
if (HttpMethod.OPTIONS.matches(request.getMethod())) {
return SUCCESS;
}
check(request, endpointId);
} catch (Exception ex) {
logger.error(ex);
if (ex instanceof CloudFoundryAuthorizationException) {
CloudFoundryAuthorizationException cfException = (CloudFoundryAuthorizationException) ex;
return new SecurityResponse(cfException.getStatusCode(),
"{\"security_error\":\"" + cfException.getMessage() + "\"}");
}
return new SecurityResponse(HttpStatus.INTERNAL_SERVER_ERROR, ex.getMessage());
}
return SecurityResponse.success();
}
From source file:org.springframework.boot.actuate.autoconfigure.cloudfoundry.CloudFoundrySecurityInterceptor.java
private void check(HttpServletRequest request, String path) throws Exception { Token token = getToken(request);//from ww w . j a v a 2s. co m this.tokenValidator.validate(token); AccessLevel accessLevel = this.cloudFoundrySecurityService.getAccessLevel(token.toString(), this.applicationId); if (!accessLevel.isAccessAllowed(path)) { throw new CloudFoundryAuthorizationException(CloudFoundryAuthorizationException.Reason.ACCESS_DENIED, "Access denied"); } accessLevel.put(request); }
From source file:org.springframework.boot.actuate.autoconfigure.cloudfoundry.CloudFoundrySecurityInterceptor.java
private Token getToken(HttpServletRequest request) { String authorization = request.getHeader("Authorization"); String bearerPrefix = "bearer "; if (authorization == null || !authorization.toLowerCase().startsWith(bearerPrefix)) { throw new CloudFoundryAuthorizationException( CloudFoundryAuthorizationException.Reason.MISSING_AUTHORIZATION, "Authorization header is missing or invalid"); }//w w w.j ava 2 s . co m return new Token(authorization.substring(bearerPrefix.length())); }
From source file:org.springframework.boot.actuate.autoconfigure.cloudfoundry.reactive.CloudFoundrySecurityInterceptor.java
Mono<SecurityResponse> preHandle(ServerWebExchange exchange, String endpointId) {
ServerHttpRequest request = exchange.getRequest();
if (CorsUtils.isPreFlightRequest(request)) {
return SUCCESS;
}//from ww w . j av a 2 s .com
if (!StringUtils.hasText(this.applicationId)) {
return Mono.error(new CloudFoundryAuthorizationException(Reason.SERVICE_UNAVAILABLE,
"Application id is not available"));
}
if (this.cloudFoundrySecurityService == null) {
return Mono.error(new CloudFoundryAuthorizationException(Reason.SERVICE_UNAVAILABLE,
"Cloud controller URL is not available"));
}
return check(exchange, endpointId).then(SUCCESS).doOnError(this::logError)
.onErrorResume(this::getErrorResponse);
}
From source file:org.springframework.boot.actuate.autoconfigure.cloudfoundry.reactive.CloudFoundrySecurityInterceptor.java
private Mono<Void> check(ServerWebExchange exchange, String path) { try {//from w ww . ja va 2s .com Token token = getToken(exchange.getRequest()); return this.tokenValidator.validate(token) .then(this.cloudFoundrySecurityService.getAccessLevel(token.toString(), this.applicationId)) .filter((accessLevel) -> accessLevel.isAccessAllowed(path)) .switchIfEmpty(Mono .error(new CloudFoundryAuthorizationException(Reason.ACCESS_DENIED, "Access denied"))) .doOnSuccess( (accessLevel) -> exchange.getAttributes().put("cloudFoundryAccessLevel", accessLevel)) .then(); } catch (CloudFoundryAuthorizationException ex) { return Mono.error(ex); } }
From source file:org.springframework.boot.actuate.autoconfigure.cloudfoundry.reactive.CloudFoundrySecurityInterceptor.java
private Token getToken(ServerHttpRequest request) { String authorization = request.getHeaders().getFirst("Authorization"); String bearerPrefix = "bearer "; if (authorization == null || !authorization.toLowerCase(Locale.ENGLISH).startsWith(bearerPrefix)) { throw new CloudFoundryAuthorizationException(Reason.MISSING_AUTHORIZATION, "Authorization header is missing or invalid"); }/*w ww . ja va 2s.co m*/ return new Token(authorization.substring(bearerPrefix.length())); }
From source file:org.springframework.boot.actuate.autoconfigure.cloudfoundry.reactive.ReactiveCloudFoundrySecurityInterceptor.java
private Token getToken(ServerHttpRequest request) { String authorization = request.getHeaders().getFirst("Authorization"); String bearerPrefix = "bearer "; if (authorization == null || !authorization.toLowerCase().startsWith(bearerPrefix)) { throw new CloudFoundryAuthorizationException(Reason.MISSING_AUTHORIZATION, "Authorization header is missing or invalid"); }/*from w w w . jav a2s. c om*/ return new Token(authorization.substring(bearerPrefix.length())); }
From source file:org.springframework.boot.actuate.autoconfigure.cloudfoundry.servlet.CloudFoundrySecurityInterceptor.java
SecurityResponse preHandle(HttpServletRequest request, String endpointId) {
if (CorsUtils.isPreFlightRequest(request)) {
return SecurityResponse.success();
}//from ww w .ja va 2 s . c o m
try {
if (!StringUtils.hasText(this.applicationId)) {
throw new CloudFoundryAuthorizationException(Reason.SERVICE_UNAVAILABLE,
"Application id is not available");
}
if (this.cloudFoundrySecurityService == null) {
throw new CloudFoundryAuthorizationException(Reason.SERVICE_UNAVAILABLE,
"Cloud controller URL is not available");
}
if (HttpMethod.OPTIONS.matches(request.getMethod())) {
return SUCCESS;
}
check(request, endpointId);
} catch (Exception ex) {
logger.error(ex);
if (ex instanceof CloudFoundryAuthorizationException) {
CloudFoundryAuthorizationException cfException = (CloudFoundryAuthorizationException) ex;
return new SecurityResponse(cfException.getStatusCode(),
"{\"security_error\":\"" + cfException.getMessage() + "\"}");
}
return new SecurityResponse(HttpStatus.INTERNAL_SERVER_ERROR, ex.getMessage());
}
return SecurityResponse.success();
}
From source file:org.springframework.boot.actuate.autoconfigure.cloudfoundry.servlet.CloudFoundrySecurityInterceptor.java
private void check(HttpServletRequest request, String endpointId) throws Exception { Token token = getToken(request);/*from w w w . j a va2 s . co m*/ this.tokenValidator.validate(token); AccessLevel accessLevel = this.cloudFoundrySecurityService.getAccessLevel(token.toString(), this.applicationId); if (!accessLevel.isAccessAllowed(endpointId)) { throw new CloudFoundryAuthorizationException(Reason.ACCESS_DENIED, "Access denied"); } request.setAttribute(AccessLevel.REQUEST_ATTRIBUTE, accessLevel); }
From source file:org.springframework.boot.actuate.autoconfigure.cloudfoundry.servlet.CloudFoundrySecurityInterceptor.java
private Token getToken(HttpServletRequest request) { String authorization = request.getHeader("Authorization"); String bearerPrefix = "bearer "; if (authorization == null || !authorization.toLowerCase(Locale.ENGLISH).startsWith(bearerPrefix)) { throw new CloudFoundryAuthorizationException(Reason.MISSING_AUTHORIZATION, "Authorization header is missing or invalid"); }//from w w w . j av a2s . co m return new Token(authorization.substring(bearerPrefix.length())); }