@ -16,6 +16,9 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse ;
import javax.servlet.http.HttpServletResponse ;
import javax.ws.rs.* ;
import javax.ws.rs.* ;
import javax.ws.rs.core.Context ;
import javax.ws.rs.core.Context ;
import java.util.Arrays ;
import java.util.LinkedList ;
import java.util.List ;
@Path ( "/" )
@Path ( "/" )
@ -76,50 +79,75 @@ public class GatewayResource {
@GET
@GET
@Path ( "{name}/{ path:.*}" )
@Path ( "{path:.*}" )
@SecurityRequirement ( name = "apiKey" )
@SecurityRequirement ( name = "apiKey" )
public HttpServletResponse getPathByName ( @PathParam ( "name" ) String name ,
public HttpServletResponse getPath ( @PathParam ( "path" ) String inPath ) {
@PathParam ( "path" ) String inPath ) {
// Block requests from localhost, to prevent websites/apps from running javascript that fetches unvetted data
// Block requests from localhost, to prevent websites/apps from running javascript that fetches unvetted data
Security . disallowLoopbackRequests ( request ) ;
Security . disallowLoopbackRequests ( request ) ;
return this . get ( name , ResourceIdType . NAME , Service . WEBSITE , null , inPath , null , "" , true , true ) ;
return this . parsePath ( inPath , "gateway" , null , "" , true , true ) ;
}
}
@GET
@Path ( "{name}" )
private HttpServletResponse parsePath ( String inPath , String qdnContext , String secret58 , String prefix , boolean usePrefix , boolean async ) {
@SecurityRequirement ( name = "apiKey" )
public HttpServletResponse getIndexByName ( @PathParam ( "name" ) String name ) {
if ( inPath = = null | | inPath . equals ( "" ) ) {
// Block requests from localhost, to prevent websites/apps from running javascript that fetches unvetted data
// Assume not a real file
Security . disallowLoopbackRequests ( request ) ;
return ArbitraryDataRenderer . getResponse ( response , 404 , "Error 404: File Not Found" ) ;
return this . get ( name , ResourceIdType . NAME , Service . WEBSITE , null , "/" , null , "" , true , true ) ;
}
}
// Default service is WEBSITE
Service service = Service . WEBSITE ;
String name = null ;
String identifier = null ;
String outPath = "" ;
// Optional /site alternative for backwards support
if ( ! inPath . contains ( "/" ) ) {
// Assume entire inPath is a registered name
name = inPath ;
}
else {
// Parse the path to determine what we need to load
List < String > parts = new LinkedList < > ( Arrays . asList ( inPath . split ( "/" ) ) ) ;
@GET
// Check if the first element is a service
@Path ( "/site/{name}/{path:.*}" )
try {
public HttpServletResponse getSitePathByName ( @PathParam ( "name" ) String name ,
Service parsedService = Service . valueOf ( parts . get ( 0 ) . toUpperCase ( ) ) ;
@PathParam ( "path" ) String inPath ) {
if ( parsedService ! = null ) {
// Block requests from localhost, to prevent websites/apps from running javascript that fetches unvetted data
// First element matches a service, so we can assume it is one
Security . disallowLoopbackRequests ( request ) ;
service = parsedService ;
return this . get ( name , ResourceIdType . NAME , Service . WEBSITE , null , inPath , null , "/site" , true , true ) ;
parts . remove ( 0 ) ;
}
} catch ( IllegalArgumentException e ) {
// Not a service
}
}
@GET
if ( parts . isEmpty ( ) ) {
@Path ( "/site/{name}" )
// We need more than just a service
public HttpServletResponse getSiteIndexByName ( @PathParam ( "name" ) String name ) {
return ArbitraryDataRenderer . getResponse ( response , 404 , "Error 404: File Not Found" ) ;
// Block requests from localhost, to prevent websites/apps from running javascript that fetches unvetted data
Security . disallowLoopbackRequests ( request ) ;
return this . get ( name , ResourceIdType . NAME , Service . WEBSITE , null , "/" , null , "/site" , true , true ) ;
}
}
// Service is removed, so assume first element is now a registered name
name = parts . get ( 0 ) ;
parts . remove ( 0 ) ;
if ( ! parts . isEmpty ( ) ) {
// Name is removed, so check if the first element is now an identifier
ArbitraryResourceStatus status = this . getStatus ( service , name , parts . get ( 0 ) , false ) ;
if ( status . getTotalChunkCount ( ) > 0 ) {
// Matched service, name and identifier combination - so assume this is an identifier and can be removed
identifier = parts . get ( 0 ) ;
parts . remove ( 0 ) ;
}
}
private HttpServletResponse get ( String resourceId , ResourceIdType resourceIdType , Service service , String identifier ,
if ( ! parts . isEmpty ( ) ) {
String inPath , String secret58 , String prefix , boolean usePrefix , boolean async ) {
// outPath can be built by combining any remaining parts
outPath = String . join ( "/" , parts ) ;
}
}
ArbitraryDataRenderer renderer = new ArbitraryDataRenderer ( resourceId , resourceIdType , service , identifier , inPath ,
ArbitraryDataRenderer renderer = new ArbitraryDataRenderer ( name , ResourceIdType . NAME , service , identifier , out Path,
secret58 , prefix , usePrefix , async , "gateway" , request , response , context ) ;
secret58 , prefix , usePrefix , async , qdnContext , request , response , context ) ;
return renderer . render ( ) ;
return renderer . render ( ) ;
}
}