[Ils-source] r1572 - in trunk/webapp: WEB-INF api api/auth api/auth/session api/auth/session/check api/auth/session/close api/auth/session/open
scribe at crosswire.org
scribe at crosswire.org
Tue May 29 06:41:12 MST 2018
Author: scribe
Date: 2018-05-29 06:41:12 -0700 (Tue, 29 May 2018)
New Revision: 1572
Added:
trunk/webapp/WEB-INF/dirlist.xsl
trunk/webapp/api/auth/
trunk/webapp/api/auth/session/
trunk/webapp/api/auth/session/check/
trunk/webapp/api/auth/session/check/index.jsp
trunk/webapp/api/auth/session/close/
trunk/webapp/api/auth/session/close/index.jsp
trunk/webapp/api/auth/session/open/
trunk/webapp/api/auth/session/open/index.jsp
trunk/webapp/api/style.css
Modified:
trunk/webapp/WEB-INF/web.xml
Log:
Added auth API and dirlist and API styling
Added: trunk/webapp/WEB-INF/dirlist.xsl
===================================================================
--- trunk/webapp/WEB-INF/dirlist.xsl (rev 0)
+++ trunk/webapp/WEB-INF/dirlist.xsl 2018-05-29 13:41:12 UTC (rev 1572)
@@ -0,0 +1,88 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--###########################################################################
+ # Unpublished work. Copyright 2010-2017 VidScale, Inc. #
+ # VIDSCALE CONFIDENTIAL #
+ # #
+ ###########################################################################-->
+
+<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="3.0">
+ <xsl:output method="html" html-version="5.0" encoding="UTF-8" indent="no" doctype-system="about:legacy-compat"/>
+ <xsl:template match="listing">
+ <html>
+ <head>
+ <title>Ericsson UDN Web Services at:
+ <xsl:value-of select="@directory"/>/
+ </title>
+ <STYLE>
+ H1 {padding:10px 5px 7px
+ 5px;font-family:Tahoma,Arial,sans-serif;color:white;background-color:#bbbbbb;font-size:22px;}
+ H2 {padding:7px 5px 5px
+ 5px;font-family:Tahoma,Arial,sans-serif;color:white;background-color:#bbbbbb;font-size:16px;}
+ H3 {padding:5px 5px 3px
+ 5px;font-family:Tahoma,Arial,sans-serif;color:white;background-color:#bbbbbb;font-size:14px;}
+ BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;}
+ B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#bbbbbb;}
+ P {font-family:Tahoma,Arial,sans-serif;background:white;color:black}
+ td > A {color : black;}
+ td > A.name {color : black;}
+ .line {height: 1px; background-color: #525D76; border: none;}
+ tr:nth-child(odd) { background: #eeeeee; }
+ </STYLE>
+ </head>
+ <body>
+ <h1>Ericsson UDN Web Services
+ <span style="margin-left:4em;font-size:80%;color:white;">at:<xsl:value-of select="@directory"/>/
+ </span>
+ <a style="margin-left:4em;color:white;font-size:70%;" href="..">Up One Level</a>
+ <dev style="margin-top:7px;float:right;font-size:60%;">v0.1</dev>
+ </h1>
+ <HR size="1" noshade="noshade"/>
+ <table width="100%" cellspacing="0" cellpadding="5" align="center">
+ <tr style="background:#ffffff;">
+ <td align="left">
+ <font size="+1">
+ <strong>Services</strong>
+ </font>
+ </td>
+ </tr>
+ <xsl:apply-templates select="entries"/>
+ </table>
+ <xsl:apply-templates select="readme"/>
+ <hr style="height: 1px;"/>
+ </body>
+ </html>
+ </xsl:template>
+
+
+ <xsl:template match="entries">
+ <xsl:apply-templates select="entry[@type='dir']"/>
+ </xsl:template>
+
+ <xsl:template match="readme">
+ <hr style="height: 1px;"/>
+ <xsl:value-of select="." disable-output-escaping="yes"/>
+ </xsl:template>
+
+ <xsl:template match="entry[@type='dir']">
+ <xsl:choose>
+ <xsl:when test="text()!='private/' and text()!='examples/'">
+ <!--Here goes the code-->
+ <tr>
+ <td align="left">  
+ <xsl:variable name="urlPath" select="@urlPath"/>
+ <a href="{$urlPath}">
+ <tt>
+ <xsl:apply-templates/>
+ </tt>
+ </a>
+ </td>
+ </tr>
+ </xsl:when>
+ <xsl:otherwise>
+ <!--Other code -->
+ </xsl:otherwise>
+ </xsl:choose>
+
+ </xsl:template>
+
+</xsl:stylesheet>
Modified: trunk/webapp/WEB-INF/web.xml
===================================================================
--- trunk/webapp/WEB-INF/web.xml 2018-04-05 22:05:53 UTC (rev 1571)
+++ trunk/webapp/WEB-INF/web.xml 2018-05-29 13:41:12 UTC (rev 1572)
@@ -35,6 +35,33 @@
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
+ <servlet>
+ <servlet-name>default</servlet-name>
+ <servlet-class>
+ org.apache.catalina.servlets.DefaultServlet
+ </servlet-class>
+ <init-param>
+ <param-name>debug</param-name>
+ <param-value>0</param-value>
+ </init-param>
+ <init-param>
+ <param-name>listings</param-name>
+ <param-value>true</param-value>
+ </init-param>
+ <init-param>
+ <param-name>readmeFile</param-name>
+ <param-value>readme.html</param-value>
+ </init-param>
+ <init-param>
+ <param-name>showServerInfo</param-name>
+ <param-value>false</param-value>
+ </init-param>
+ <init-param>
+ <param-name>contextXsltFile</param-name>
+ <param-value>/WEB-INF/dirlist.xsl</param-value>
+ </init-param>
+ <load-on-startup>1</load-on-startup>
+ </servlet>
<filter>
<filter-name>ResourceFilter</filter-name>
<filter-class>
Added: trunk/webapp/api/auth/session/check/index.jsp
===================================================================
--- trunk/webapp/api/auth/session/check/index.jsp (rev 0)
+++ trunk/webapp/api/auth/session/check/index.jsp 2018-05-29 13:41:12 UTC (rev 1572)
@@ -0,0 +1,76 @@
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" %>
+<%@ page trimDirectiveWhitespaces="true" %>
+<%@ page import="com.vidscale.udn.RightsAndRoles.User" %>
+<%@ page import="org.slf4j.LoggerFactory" %>
+<%@ page import="org.slf4j.Logger" %>
+<%@ page import="com.vidscale.udn.webtools.annotation.Description" %>
+<%@ page import="com.vidscale.udn.webtools.Parameters" %>
+<%@ page import="java.util.Optional" %>
+<%@ page import="javax.validation.constraints.NotNull" %>
+<%@ page import="com.vidscale.udn.webtools.Serializer" %>
+
+<%--##########################################################################
+ # Unpublished work. Copyright 2010-2017 VidScale, Inc. #
+ # VIDSCALE CONFIDENTIAL #
+ # #
+ ##########################################################################--%>
+
+<%!
+static Logger logger = LoggerFactory.getLogger("session/open");
+
+ at Description(value = "Check if session is established and not stale. " +
+ "A session is opened with auth/session/open which returns" +
+ "a udnSession token and also sets a udnSession cookie in the caller's client. " +
+ "The udnSession token is used throughout calls to the UDN web services API to " +
+ "validate and identify the caller. It must be present either as " +
+ "a cookie (udnSession), as the value of a header (X-Auth-Token) " +
+ "or as parameter to each method (udnSession).", name = "auth/session/check")
+public static class MyParameters extends Parameters<MyParameters> {
+ @NotNull
+ @Description(value = "pass this parameter to force usage information for this web service", defaultValue = "false", example = "true")
+ public Boolean help = false;
+}
+%>
+<%
+ MyParameters params = new MyParameters().loadFromRequest(request, response, false);
+ if (params.getErrors().isEmpty() && !Optional.ofNullable(params.help).orElse(false)) {
+
+ User user = params.getUser();
+
+ if (user != null) {
+ if ("sessionHashOnly".equals(params.format)) {
+ response.setContentType("text/plain");
+ out.print(user.getSessionHash());
+ return;
+ }
+ else if ("json".equals(params.format)) {
+ response.setContentType("application/json");
+ out.print("{ \"udnSession\":\"" + params.getUser().getSessionHash() + "\",\"user\":");
+ out.print(Serializer.toJSON(params.getUser().getJson()));
+ out.print(" }");
+ return;
+ }
+ response.setContentType("text/xml");
+%>
+<%= params.getUser() %>
+<%
+ return;
+ }
+ else {
+ if ("json".equals(params.format)) {
+ response.setContentType("application/json");
+%>
+{ "result":"error","message":"No open session. Use auth/session/open to open a session","code":"-1" }
+<%
+ }
+ else {
+ response.setContentType("text/xml");
+%>
+<error message="No open session. Use auth/session/open to open a session" code="-1"/>
+<%
+ }
+ return;
+ }
+ }
+ Serializer.reportErrors(request, response, out, params, true);
+%>
Added: trunk/webapp/api/auth/session/close/index.jsp
===================================================================
--- trunk/webapp/api/auth/session/close/index.jsp (rev 0)
+++ trunk/webapp/api/auth/session/close/index.jsp 2018-05-29 13:41:12 UTC (rev 1572)
@@ -0,0 +1,58 @@
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" %>
+<%@ page trimDirectiveWhitespaces="true" %>
+<%@ page import="com.vidscale.udn.RightsAndRoles" %>
+<%@ page import="com.vidscale.udn.RightsAndRoles.User" %>
+
+<%--##########################################################################
+ # Unpublished work. Copyright 2010-2017 VidScale, Inc. #
+ # VIDSCALE CONFIDENTIAL #
+ # #
+ ##########################################################################--%>
+
+<%
+ if (request.getParameter("help") == null) {
+ String format = request.getParameter("format");
+ User user = RightsAndRoles.getInstance().getCurrentUser(request, response);
+ if (user != null && format == null) { format = user.getDefaultFormat(); }
+ response.setContentType("json".equals(format) ? "application/json" : "text/xml");
+ if (user != null) {
+ RightsAndRoles.getInstance().closeSession(user.getSessionHash(), response);
+ if ("json".equals(format)) {
+%>
+{ "result":"success","message":"Session <%=user.getSessionHash()%> closed" }
+<%
+}
+else {
+%>
+<success message="Session <%=user.getSessionHash()%> closed"/>
+<%
+ }
+}
+else {
+ if ("json".equals(format)) {
+%>
+{ "result":"error","message":"No open session. Use auth/session/open to open a session","code":"-1" }
+<%
+}
+else {
+%>
+<error message="No open session. Use auth/session/open to open a session" code="-1"/>
+<%
+ }
+ }
+ return;
+ }
+%>
+<html>
+<body>
+<h1>auth/session/close</h1>
+<p>Close a session</p>
+<h3>Parameters</h3>
+<table border="1">
+ <tr>
+ <td><b>udnSession</b></td>
+ <td>session hash given from auth/session/open</td>
+ </tr>
+</table>
+</body>
+</html>
Added: trunk/webapp/api/auth/session/open/index.jsp
===================================================================
--- trunk/webapp/api/auth/session/open/index.jsp (rev 0)
+++ trunk/webapp/api/auth/session/open/index.jsp 2018-05-29 13:41:12 UTC (rev 1572)
@@ -0,0 +1,110 @@
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" %>
+<%@ page trimDirectiveWhitespaces="true" %>
+<%@ page import="com.vidscale.udn.RightsAndRoles" %>
+<%@ page import="org.slf4j.Logger" %>
+<%@ page import="org.slf4j.LoggerFactory" %>
+<%@ page import="com.vidscale.udn.webtools.Serializer" %>
+<%@ page import="com.vidscale.udn.webtools.annotation.Description" %>
+<%@ page import="com.vidscale.udn.webtools.Parameters" %>
+<%@ page import="javax.validation.constraints.NotNull" %>
+<%@ page import="javax.validation.constraints.Pattern" %>
+<%@ page import="java.util.HashMap" %>
+<%@ page import="java.util.Map" %>
+
+
+<%--##########################################################################
+ # Unpublished work. Copyright 2010-2017 VidScale, Inc. #
+ # VIDSCALE CONFIDENTIAL #
+ # #
+ ##########################################################################--%>
+
+<%!
+ static Logger logger = LoggerFactory.getLogger("session/open");
+
+ @Description(value = "Authenticate to the system and establish a session. NOTE: In an effort to keep login credentials out of webserver logs, this method only accepts POST with no query string", name = "auth/session/open")
+ public static class MyParameters extends Parameters<MyParameters> {
+ @NotNull
+ @Description(value = "user name")
+ public String user_name;
+ @NotNull
+ @Description(value = "password")
+ public String passwd;
+ @NotNull
+ @Description(value = "Sets the default response format for this session. Possible values: xml, json", example = "xml", defaultValue = "json")
+ @Pattern(regexp = "^(json|xml|csv|gchart)([ +].+)?$", message = "Valid response formats: \"json\", \"xml\", \"csv\", or \"gchart\" (not all endpoints support gchart)")
+ public String format = "json";
+
+ @Override
+ protected void customValidation() {
+ boolean isPost = "POST".equals(request.getMethod());
+ String queryString = request.getQueryString();
+ if (!isPost || (queryString != null && !queryString.isEmpty())) {
+ addError(-2, "auth/session/open only accepts POST with no query string and not GET to discourage login credentials from ending up in server logs", 401);
+ }
+ else if (user_name != null && passwd != null) {
+ String userData = null;
+ try {
+ Map<String, String> userDataMap = new HashMap<>();
+ userDataMap.put("format", format);
+ userData = Serializer.toJSON(userDataMap);
+ }
+ catch (Exception e) {/* ignore format if we have troubles */ }
+ user = RightsAndRoles.getInstance().authenticateUser(user_name, passwd, userData);
+ if (user == null) {
+ addError(-1, "UDN web services auth/session/open: authentication failed for user: " + user_name, 401);
+ }
+ }
+ }
+ @Override
+ protected String[] getReturns() { return new String[] {
+ "udnSession token and user object.",
+ "udnSession must be passed to other web service endpoints as either a cookie ('udnSession'), a data parameter ('udnSession'), or as an HTTP Header ('X-Auth-Token') to authenticate.",
+ "For convenience, this method will include udnSession as a cookie in the response.",
+ "You can check if you have an active open session using the <a href=\"../check\">auth/session/check</a> method."
+ };}
+ @Override
+ protected String[] getExamples() { return new String[] {
+ "<form id=\"exampleLogin\" method=\"post\" action=\"\">" +
+ "login specifying preferred session response format: <a href=\"#\" onclick=\"document.getElementById('exampleLogin').submit()\">auth/session/open/?user_name=</a>" +
+ "<input name=\"user_name\"/>" +
+ "<a href=\"#\" onclick=\"document.getElementById('exampleLogin').submit()\">&passwd=</a>" +
+ "<input type=\"password\" name=\"passwd\"/>" +
+ "<a href=\"#\" onclick=\"document.getElementById('exampleLogin').submit()\">&format=</a>" +
+ "<select name=\"format\"><option>json</option><option>xml</option></select> <button>go</button></form>",
+ " ",
+ "curl, json return type: <tt>curl -X POST -d 'user_name=demo at vidscale.com' -d 'passwd=demo' -d 'format=json' 'https://api.ericssonudn.com/analytics/auth/session/open/'</tt>"
+ };}
+ }
+%>
+
+<%
+ MyParameters params = new MyParameters().loadFromRequest(request, response, false);
+ logger.info("Web Services auth/session/open attempt: user_name: " + params.user_name + "; passwd: " + (params.passwd != null ? "len(" + params.passwd.length() + ")" : params.passwd) + "; format: " + params.format);
+
+ if (params.getErrors().size() == 0) {
+
+ logger.info("UDN web services auth/session/open: authentication succeeded for user: " + params.user_name);
+
+ String sessionHash = RightsAndRoles.getInstance().openSession(params.getUser(), response);
+
+ if ("sessionHashOnly".equals(params.format)) {
+ response.setContentType("text/plain");
+ out.print(sessionHash);
+ return;
+ }
+ else if ("json".equals(params.format)) {
+ response.setContentType("application/json");
+ out.print("{ \"udnSession\":\"" + params.getUser().getSessionHash() + "\",\"user\":");
+ out.print(Serializer.toJSON(params.getUser().getJson()));
+ out.print(" }");
+ return;
+ }
+ response.setContentType("text/xml");
+%>
+<%= params.getUser() %>
+<%
+ return;
+ }
+ Serializer.reportErrors(request, response, out, params);
+%>
+
Added: trunk/webapp/api/style.css
===================================================================
--- trunk/webapp/api/style.css (rev 0)
+++ trunk/webapp/api/style.css 2018-05-29 13:41:12 UTC (rev 1572)
@@ -0,0 +1,30 @@
+/*#############################################################################
+ # Unpublished work. Copyright 2010-2017 VidScale, Inc. #
+ # VIDSCALE CONFIDENTIAL #
+ # #
+ #############################################################################*/
+
+thead tr {
+ background-color: rgb(240, 240, 240);
+}
+
+thead tr {
+ font-weight: bold;
+}
+
+th, td {
+ border-color: rgb(221, 221, 221);
+ border-style: solid;
+ border-width: 0.8px;
+ padding: 10px 7px 15px 7px;
+ text-align: left;
+}
+
+tbody th {
+ background-color: rgb(240, 240, 240);
+ font-weight: normal;
+}
+
+table {
+ border-collapse: collapse;
+}
More information about the Ils-source
mailing list