org.xdi.oxauth.filter.CorsFilter クラス

org.xdi.oxauth.filter.CorsFilter の継承関係図

org.xdi.oxauth.filter.CorsFilter 連携図

公開メンバ関数
	CorsFilter ()
void	init (final FilterConfig filterConfig) throws ServletException
void	doFilter (ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException

非公開変数類
ConfigurationFactory	configurationFactory
AppConfiguration	appConfiguration
ClientService	clientService

詳解

CORS Filter to support both Tomcat and Jetty

著者

Yuriy Movchan

Javier Rojas Blum

バージョン

March 20, 2018

構築子と解体子

CorsFilter()

org.xdi.oxauth.filter.CorsFilter.CorsFilter ( )

inline

                        {
        super();
    }

関数詳解

doFilter()

void org.xdi.oxauth.filter.CorsFilter.doFilter ( ServletRequest  servletRequest, ServletResponse  servletResponse, FilterChain  filterChain  ) throws IOException, ServletException

inline

                                                                                                                                                       {
        Collection<String> globalAllowedOrigins = getAllowedOrigins();

        if (StringHelper.isNotEmpty(servletRequest.getParameter("client_id"))) {
            String clientId = servletRequest.getParameter("client_id");
            Client client = clientService.getClient(clientId);
            if (client != null) {
                String[] authorizedOriginsArray = client.getAuthorizedOrigins();
                if (authorizedOriginsArray != null && authorizedOriginsArray.length > 0) {
                    List<String> clientAuthorizedOrigins = Arrays.asList(authorizedOriginsArray);
                    setAllowedOrigins(clientAuthorizedOrigins);
                }
            }
        } else {
            final HttpServletRequest httpRequest = (HttpServletRequest) servletRequest;
            String header = httpRequest.getHeader("Authorization");
            if (httpRequest.getRequestURI().endsWith("/token")) {
                if (header != null && header.startsWith("Basic ")) {
                    String base64Token = header.substring(6);
                    String token = new String(Base64.decodeBase64(base64Token), Util.UTF8_STRING_ENCODING);

                    String username = "";
                    int delim = token.indexOf(":");

                    if (delim != -1) {
                        username = URLDecoder.decode(token.substring(0, delim), Util.UTF8_STRING_ENCODING);
                    }

                    Client client = clientService.getClient(username);

                    if (client != null) {
                        String[] authorizedOriginsArray = client.getAuthorizedOrigins();
                        if (authorizedOriginsArray != null && authorizedOriginsArray.length > 0) {
                            List<String> clientAuthorizedOrigins = Arrays.asList(authorizedOriginsArray);
                            setAllowedOrigins(clientAuthorizedOrigins);
                        }
                    }
                }
            }
        }

        super.doFilter(servletRequest, servletResponse, filterChain);

        setAllowedOrigins(globalAllowedOrigins);
    }

init()

void org.xdi.oxauth.filter.CorsFilter.init ( final FilterConfig  filterConfig ) throws ServletException

inline

                                                                              {
        // Initialize defaults
        parseAndStore(DEFAULT_ALLOWED_ORIGINS, DEFAULT_ALLOWED_HTTP_METHODS,
                DEFAULT_ALLOWED_HTTP_HEADERS, DEFAULT_EXPOSED_HEADERS,
                DEFAULT_SUPPORTS_CREDENTIALS, DEFAULT_PREFLIGHT_MAXAGE,
                DEFAULT_DECORATE_REQUEST);

        AppConfiguration appConfiguration = configurationFactory.getAppConfiguration();

        if (filterConfig != null) {
            String filterName = filterConfig.getFilterName();
            CorsFilterConfig corsFilterConfig = new CorsFilterConfig(filterName, appConfiguration);

            String configAllowedOrigins = corsFilterConfig
                    .getInitParameter(PARAM_CORS_ALLOWED_ORIGINS);
            String configAllowedHttpMethods = corsFilterConfig
                    .getInitParameter(PARAM_CORS_ALLOWED_METHODS);
            String configAllowedHttpHeaders = corsFilterConfig
                    .getInitParameter(PARAM_CORS_ALLOWED_HEADERS);
            String configExposedHeaders = corsFilterConfig
                    .getInitParameter(PARAM_CORS_EXPOSED_HEADERS);
            String configSupportsCredentials = corsFilterConfig
                    .getInitParameter(PARAM_CORS_SUPPORT_CREDENTIALS);
            String configPreflightMaxAge = corsFilterConfig
                    .getInitParameter(PARAM_CORS_PREFLIGHT_MAXAGE);
            String configDecorateRequest = corsFilterConfig
                    .getInitParameter(PARAM_CORS_REQUEST_DECORATE);

            parseAndStore(configAllowedOrigins, configAllowedHttpMethods,
                    configAllowedHttpHeaders, configExposedHeaders,
                    configSupportsCredentials, configPreflightMaxAge,
                    configDecorateRequest);
        }
    }

メンバ詳解

appConfiguration

AppConfiguration org.xdi.oxauth.filter.CorsFilter.appConfiguration

private

clientService

ClientService org.xdi.oxauth.filter.CorsFilter.clientService

private

configurationFactory

ConfigurationFactory org.xdi.oxauth.filter.CorsFilter.configurationFactory

private

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/OpenId/gluu/src/oxAuth/Server/src/main/java/org/xdi/oxauth/filter/CorsFilter.java