Example usage for org.springframework.http HttpHeaders REFERER

Introduction

In this page you can find the example usage for org.springframework.http HttpHeaders REFERER.

Prototype

String REFERER

To view the source code for org.springframework.http HttpHeaders REFERER.

Click Source Link

Document

The HTTP Referer header field name.

Usage

From source file:com.muk.services.security.DefaultUaaLoginService.java

@SuppressWarnings("unchecked")
@Override/*from www.ja va 2  s . c o m*/
public Map<String, Object> loginForClient(String username, String password, String clientId,
        UriComponents inUrlComponents) {
    final Map<String, Object> responsePayload = new HashMap<String, Object>();

    final HttpHeaders headers = new HttpHeaders();
    headers.setAccept(Collections.singletonList(MediaType.APPLICATION_JSON_UTF8));

    final UriComponentsBuilder uriBuilder = UriComponentsBuilder.fromUriString(cfgService.getOauthServer());

    // login for csrf
    final UriComponents loginUri = uriBuilder.cloneBuilder().pathSegment("login").build();

    ResponseEntity<String> response = exchangeForType(loginUri.toUriString(), HttpMethod.GET, null, headers,
            String.class);

    final List<String> cookies = new ArrayList<String>();
    cookies.addAll(response.getHeaders().get(HttpHeaders.SET_COOKIE));

    final MultiValueMap<String, String> formData = new LinkedMultiValueMap<>();
    formData.add("username", username);
    formData.add("password", password);
    formData.add(CSRF, getCsrf(cookies));

    headers.put(HttpHeaders.COOKIE, translateInToOutCookies(cookies));
    headers.add(HttpHeaders.REFERER, loginUri.toUriString());

    // login.do
    response = exchangeForType(uriBuilder.cloneBuilder().pathSegment("login.do").build().toUriString(),
            HttpMethod.POST, formData, headers, String.class);

    if (response.getStatusCode() != HttpStatus.FOUND
            || response.getHeaders().getFirst(HttpHeaders.LOCATION).contains("login")) {
        responsePayload.put("error", "bad credentials");
        return responsePayload;
    }

    removeCookie(cookies, "X-Uaa-Csrf");
    cookies.addAll(response.getHeaders().get(HttpHeaders.SET_COOKIE));
    removeExpiredCookies(cookies);
    headers.remove(HttpHeaders.REFERER);
    headers.put(HttpHeaders.COOKIE, translateInToOutCookies(cookies));

    // authorize
    final ResponseEntity<JsonNode> authResponse = exchangeForType(
            uriBuilder.cloneBuilder().pathSegment("oauth").pathSegment("authorize")
                    .queryParam("response_type", "code").queryParam("client_id", clientId)
                    .queryParam("redirect_uri", inUrlComponents.toUriString()).build().toUriString(),
            HttpMethod.GET, null, headers, JsonNode.class);

    if (authResponse.getStatusCode() == HttpStatus.OK) {
        removeCookie(cookies, "X-Uaa-Csrf");
        cookies.addAll(authResponse.getHeaders().get(HttpHeaders.SET_COOKIE));
        // return approval data
        final List<HttpCookie> parsedCookies = new ArrayList<HttpCookie>();

        for (final String cookie : cookies) {
            parsedCookies.add(HttpCookie.parse(cookie).get(0));
        }

        responsePayload.put(HttpHeaders.SET_COOKIE, new ArrayList<String>());

        for (final HttpCookie parsedCookie : parsedCookies) {
            if (!parsedCookie.getName().startsWith("Saved-Account")) {
                parsedCookie.setPath(inUrlComponents.getPath());
                ((List<String>) responsePayload.get(HttpHeaders.SET_COOKIE))
                        .add(httpCookieToString(parsedCookie));
            }
        }

        responsePayload.put("json", authResponse.getBody());
    } else {
        // get auth_code from Location Header
        responsePayload.put("code", authResponse.getHeaders().getLocation().getQuery().split("=")[1]);
    }

    return responsePayload;
}

---

From source file:org.egov.restapi.filter.ApiFilter.java

private boolean validateRequest(final MultiReadHttpServletRequest httpServletRequest) {
    final String referer = httpServletRequest.getHeader(HttpHeaders.REFERER);
    if (LOG.isInfoEnabled()) {
        LOG.info("The calling request URL:referer= " + referer);
        LOG.info("Host = " + httpServletRequest.getHeader("Host"));
        LOG.info("X-Forwarded-For = " + httpServletRequest.getHeader("X-Forwarded-For"));
        LOG.info("RequestURL = " + httpServletRequest.getRequestURL());
        LOG.info("X-RemoteHost = " + httpServletRequest.getRequest().getRemoteHost());
    }/*from   w  w  w .  ja va 2  s  .c  om*/
    final List<String> apOnlineIpAddress = restAPIApplicationProperties.aponlineIPAddress();
    final List<String> esevaIpAddress = restAPIApplicationProperties.esevaIPAddress();
    final List<String> softtechIpAddress = restAPIApplicationProperties.softtechIPAddress();
    if (apOnlineIpAddress != null && referer != null)
        for (final String aponlineIp : apOnlineIpAddress)
            if (!aponlineIp.equals("") && referer.contains(aponlineIp)) {
                httpServletRequest.getSession().setAttribute(SOURCE, Source.APONLINE);
                return true;
            }
    if (esevaIpAddress != null && referer != null)
        for (final String esevaIp : esevaIpAddress)
            if (!esevaIp.equals("") && referer.contains(esevaIp)) {
                httpServletRequest.getSession().setAttribute(SOURCE, Source.ESEVA);
                return true;
            }
    if (softtechIpAddress != null && referer != null)
        for (final String Ip : softtechIpAddress)
            if (!Ip.equals("") && referer.contains(Ip)) {
                httpServletRequest.getSession().setAttribute(SOURCE, Source.SOFTTECH);
                return true;
            }
    return false;
}

---