entaxy/entaxy-public
14
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

release version 1.10.0

Browse Source
This commit is contained in:
Валерия Бородина
2024-12-14 04:07:49 +03:00
parent a5088587f7
commit c6b3d793c4
1916 changed files with 254306 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
platform/runtime/core/objects-implementations/service-implementation/service-producing/src/main/resources/ru/entaxy/templates/service-components/generateLoggingKey.ftl Normal file
View File

@ -0,0 +1,19 @@
[#ftl attributes={"generated.type":"blueprint"}]
[#if properties.generateLoggingKey?? && properties.generateLoggingKey]
<setProperty name="service">
<constant>[=objectId]</constant>
</setProperty>
<setProperty name="operation">
<simple>${headers.CamelHttpMethod}</simple>
</setProperty>
<setProperty name="objectId">
<simple>${headers.ENTAXY_MessageUUID}</simple>
</setProperty>
<setProperty name="receiver">
<simple>${headers.ENTAXY_Destination}</simple>
</setProperty>
<setProperty name="sender">
<simple>${headers.X-User}</simple>
</setProperty>
<to uri="direct-vm:fill-logging-key"/>
[/#if]

21
platform/runtime/core/objects-implementations/service-implementation/service-producing/src/main/resources/ru/entaxy/templates/service-resources-openapi/operationRouterConnector.bak.ftl Normal file
View File

@ -0,0 +1,21 @@
[#ftl attributes={"generated.type":"blueprint.fragment"}]
<route>
<from uri="direct:pre-route" />
<operation-router>
[#if properties.service??]
[#if properties.service.operations??]
[#list properties.service.operations as path, operationData]
[#list operationData as verb, operation]
<operation name="[=operation.operationIdCamelCase]">
<!-- path: [=path]; verb: [=verb]; operationId: [=operation.original!"isn't set"]-->
<log message="Called operation: ${headers.operationName}" loggingLevel="INFO"/>
</operation>
[/#list]
[/#list]
<unknown-operation>
<log message="Unknown operation: ${headers.operationName}" loggingLevel="WARN"/>
</unknown-operation>
[/#if]
[/#if]
</operation-router>
</route>

23
platform/runtime/core/objects-implementations/service-implementation/service-producing/src/main/resources/ru/entaxy/templates/service-resources-openapi/operationRouterProtected.bak.ftl Normal file
View File

@ -0,0 +1,23 @@
[#ftl attributes={"generated.type":"blueprint.fragment"}]
<?xml version="1.0" encoding="UTF-8"?>
<route>
<operation-router-start />
<operation-router>
[#if properties.service??]
[#if properties.service.operations??]
[#list properties.service.operations as path, operationData]
[#list operationData as verb, operation]
<operation name="[=operation.operationIdCamelCase]">
<!-- path: [=path]; verb: [=verb]; operationId: [=operation.original!"isn't set"]-->
<log message="Called operation: ${headers.operationName}" loggingLevel="INFO"/>
<connector direction="in" />
</operation>
[/#list]
[/#list]
<unknown-operation>
<log message="Unknown operation: ${headers.operationName}" loggingLevel="WARN"/>
</unknown-operation>
[/#if]
[/#if]
</operation-router>
</route>

22
platform/runtime/core/objects-implementations/service-implementation/service-producing/src/main/resources/ru/entaxy/templates/service-resources-openapi/operationRouterPublic.bak.ftl Normal file
View File

@ -0,0 +1,22 @@
[#ftl attributes={"generated.type":"blueprint.fragment"}]
<?xml version="1.0" encoding="UTF-8"?>
<route>
<operation-router-start />
<operation-router>
[#if properties.service??]
[#if properties.service.operations??]
[#list properties.service.operations as path, operationData]
[#list operationData as verb, operation]
<operation name="[=operation.operationIdCamelCase]">
<!-- path: [=path]; verb: [=verb]; operationId: [=operation.original!"isn't set"]-->
<log message="Called operation: ${headers.operationName}" loggingLevel="INFO"/>
</operation>
[/#list]
[/#list]
<unknown-operation>
<log message="Unknown operation: ${headers.operationName}" loggingLevel="WARN"/>
</unknown-operation>
[/#if]
[/#if]
</operation-router>
</route>

18
platform/runtime/core/objects-implementations/service-implementation/service-producing/src/main/resources/ru/entaxy/templates/service-resources-soap/operationRouterConnector.bak.ftl Normal file
View File

@ -0,0 +1,18 @@
[#ftl attributes={"generated.type":"blueprint.fragment"}]
<route>
<from uri="direct:pre-route" />
<operation-router>
[#if properties.service??]
[#if properties.service.port??]
[#list properties.service.port.operations as operation]
<operation name="[=operation]">
<log message="Called operation: ${headers.operationName}" loggingLevel="INFO"/>
</operation>
[/#list]
<unknown-operation>
<log message="Unknown operation: ${headers.operationName}" loggingLevel="WARN"/>
</unknown-operation>
[/#if]
[/#if]
</operation-router>
</route>

20
platform/runtime/core/objects-implementations/service-implementation/service-producing/src/main/resources/ru/entaxy/templates/service-resources-soap/operationRouterProtected.bak.ftl Normal file
View File

@ -0,0 +1,20 @@
[#ftl attributes={"generated.type":"blueprint.fragment"}]
<?xml version="1.0" encoding="UTF-8"?>
<route>
<operation-router-start />
<operation-router>
[#if properties.service??]
[#if properties.service.port??]
[#list properties.service.port.operations as operation]
<operation name="[=operation]">
<log message="Called operation: ${headers.operationName}" loggingLevel="INFO"/>
<connector direction="in" />
</operation>
[/#list]
<unknown-operation>
<log message="Unknown operation: ${headers.operationName}" loggingLevel="WARN"/>
</unknown-operation>
[/#if]
[/#if]
</operation-router>
</route>

19
platform/runtime/core/objects-implementations/service-implementation/service-producing/src/main/resources/ru/entaxy/templates/service-resources-soap/operationRouterPublic.bak.ftl Normal file
View File

@ -0,0 +1,19 @@
[#ftl attributes={"generated.type":"blueprint.fragment"}]
<?xml version="1.0" encoding="UTF-8"?>
<route>
<operation-router-start />
<operation-router>
[#if properties.service??]
[#if properties.service.port??]
[#list properties.service.port.operations as operation]
<operation name="[=operation]">
<log message="Called operation: ${headers.operationName}" loggingLevel="INFO"/>
</operation>
[/#list]
<unknown-operation>
<log message="Unknown operation: ${headers.operationName}" loggingLevel="WARN"/>
</unknown-operation>
[/#if]
[/#if]
</operation-router>
</route>

63
platform/runtime/core/objects-implementations/service-implementation/service-runtime/src/main/java/ru/entaxy/platform/services/runtime/interceptor/DisableWSDLGetInterceptor.java Normal file
View File

@ -0,0 +1,63 @@
/*-
* ~~~~~~licensing~~~~~~
* service-runtime
* ==========
* Copyright (C) 2020 - 2024 EmDev LLC
* ==========
* You may not use this file except in accordance with the License Terms of the Copyright
* Holder located at: https://entaxy.ru/eula . All copyrights, all intellectual property
* rights to the Software and any copies are the property of the Copyright Holder. Unless
* it is explicitly allowed the Copyright Holder, the User is prohibited from using the
* Software for commercial purposes to provide services to third parties.
*
* The Copyright Holder hereby declares that the Software is provided on an "AS IS".
* Under no circumstances does the Copyright Holder guarantee or promise that the
* Software provided by him will be suitable or not suitable for the specific purposes
* of the User, that the Software will meet all commercial and personal subjective
* expectations of the User, that the Software will work properly, without technical
* errors, quickly and uninterruptedly.
*
* Under no circumstances shall the Copyright Holder or its Affiliates is not liable
* to the User for any direct or indirect losses of the User, his expenses or actual
* damage, including, downtime; loss of bussines; lost profit; lost earnings; loss
* or damage to data, property, etc.
* ~~~~~~/licensing~~~~~~
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one or more contributor license
* agreements. See the NOTICE file distributed with this work for additional information regarding
* copyright ownership. The ASF licenses this file to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance with the License. You may obtain a
* copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software distributed under the License
* is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
* or implied. See the License for the specific language governing permissions and limitations under
* the License.
*/
package ru.entaxy.platform.services.runtime.interceptor;
import org.apache.cxf.frontend.WSDLGetInterceptor;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.message.Message;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
public class DisableWSDLGetInterceptor extends AbstractPhaseInterceptor<Message> {
public static final DisableWSDLGetInterceptor INSTANCE = new DisableWSDLGetInterceptor();
public static final String DOCUMENT_HOLDER = DisableWSDLGetInterceptor.class.getName() + ".documentHolder";
public DisableWSDLGetInterceptor() {
super(Phase.READ);
getBefore().remove(WSDLGetInterceptor.class.getName());
getAfter().remove(WSDLGetInterceptor.class.getName());
}
public void handleMessage(Message message) throws Fault {
message.getInterceptorChain().remove(WSDLGetInterceptor.INSTANCE);
return;
}
}

162
platform/runtime/core/objects-implementations/service-implementation/service-runtime/src/main/java/ru/entaxy/platform/services/runtime/interceptor/PostAuthWSDLGetInterceptor.java Normal file
View File

@ -0,0 +1,162 @@
/*-
* ~~~~~~licensing~~~~~~
* service-runtime
* ==========
* Copyright (C) 2020 - 2024 EmDev LLC
* ==========
* You may not use this file except in accordance with the License Terms of the Copyright
* Holder located at: https://entaxy.ru/eula . All copyrights, all intellectual property
* rights to the Software and any copies are the property of the Copyright Holder. Unless
* it is explicitly allowed the Copyright Holder, the User is prohibited from using the
* Software for commercial purposes to provide services to third parties.
*
* The Copyright Holder hereby declares that the Software is provided on an "AS IS".
* Under no circumstances does the Copyright Holder guarantee or promise that the
* Software provided by him will be suitable or not suitable for the specific purposes
* of the User, that the Software will meet all commercial and personal subjective
* expectations of the User, that the Software will work properly, without technical
* errors, quickly and uninterruptedly.
*
* Under no circumstances shall the Copyright Holder or its Affiliates is not liable
* to the User for any direct or indirect losses of the User, his expenses or actual
* damage, including, downtime; loss of bussines; lost profit; lost earnings; loss
* or damage to data, property, etc.
* ~~~~~~/licensing~~~~~~
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one or more contributor license
* agreements. See the NOTICE file distributed with this work for additional information regarding
* copyright ownership. The ASF licenses this file to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance with the License. You may obtain a
* copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software distributed under the License
* is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
* or implied. See the License for the specific language governing permissions and limitations under
* the License.
*/
package ru.entaxy.platform.services.runtime.interceptor;
import java.util.Iterator;
import java.util.Map;
import org.apache.cxf.binding.soap.interceptor.EndpointSelectionInterceptor;
import org.apache.cxf.common.util.StringUtils;
import org.apache.cxf.common.util.UrlUtils;
import org.apache.cxf.endpoint.Endpoint;
import org.apache.cxf.frontend.WSDLGetInterceptor;
import org.apache.cxf.frontend.WSDLGetOutInterceptor;
import org.apache.cxf.frontend.WSDLGetUtils;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.interceptor.Interceptor;
import org.apache.cxf.interceptor.MessageSenderInterceptor;
import org.apache.cxf.interceptor.OutgoingChainInterceptor;
import org.apache.cxf.interceptor.StaxOutInterceptor;
import org.apache.cxf.message.Message;
import org.apache.cxf.message.MessageImpl;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import org.apache.cxf.transport.common.gzip.GZIPOutInterceptor;
import org.w3c.dom.Document;
public class PostAuthWSDLGetInterceptor extends AbstractPhaseInterceptor<Message> {
public static final PostAuthWSDLGetInterceptor INSTANCE = new PostAuthWSDLGetInterceptor();
public static final String DOCUMENT_HOLDER = WSDLGetInterceptor.class.getName() + ".documentHolder";
private static final String TRANSFORM_SKIP = "transform.skip";
private Interceptor<Message> wsdlGetOutInterceptor = WSDLGetOutInterceptor.INSTANCE;
public PostAuthWSDLGetInterceptor() {
super(Phase.UNMARSHAL);
getBefore().remove(WSDLGetInterceptor.class.getName());
getAfter().add(EndpointSelectionInterceptor.class.getName());
}
public PostAuthWSDLGetInterceptor(Interceptor<Message> outInterceptor) {
this();
// Let people override the wsdlGetOutInterceptor
wsdlGetOutInterceptor = outInterceptor;
}
public void handleMessage(Message message) throws Fault {
String method = (String) message.get(Message.HTTP_REQUEST_METHOD);
String query = (String) message.get(Message.QUERY_STRING);
if (!"GET".equals(method) || StringUtils.isEmpty(query)) {
return;
}
String baseUri = (String) message.get(Message.REQUEST_URL);
String ctx = (String) message.get(Message.PATH_INFO);
WSDLGetUtils utils = (WSDLGetUtils) message.getContextualProperty(WSDLGetUtils.class.getName());
if (utils == null) {
utils = new WSDLGetUtils();
message.put(WSDLGetUtils.class, utils);
}
Map<String, String> map = UrlUtils.parseQueryString(query);
if (isRecognizedQuery(map)) {
Document doc = getDocument(utils, message, baseUri, map, ctx);
Endpoint e = message.getExchange().getEndpoint();
Message mout = new MessageImpl();
mout.setExchange(message.getExchange());
mout = e.getBinding().createMessage(mout);
mout.setInterceptorChain(OutgoingChainInterceptor.getOutInterceptorChain(message.getExchange()));
message.getExchange().setOutMessage(mout);
mout.put(DOCUMENT_HOLDER, doc);
mout.put(Message.CONTENT_TYPE, "text/xml");
// just remove the interceptor which should not be used
cleanUpOutInterceptors(mout);
// notice this is being added after the purge above, don't swap the order!
mout.getInterceptorChain().add(wsdlGetOutInterceptor);
message.getExchange().put(TRANSFORM_SKIP, Boolean.TRUE);
// skip the service executor and goto the end of the chain.
message.getInterceptorChain().doInterceptStartingAt(
message,
OutgoingChainInterceptor.class.getName());
}
}
protected void cleanUpOutInterceptors(Message outMessage) {
// TODO - how can I improve this to provide a specific interceptor chain that just has the
// stax, gzip and message sender components, while also ensuring that GZIP is only provided
// if its already configured for the endpoint.
Iterator<Interceptor<? extends Message>> iterator = outMessage.getInterceptorChain().iterator();
while (iterator.hasNext()) {
Interceptor<? extends Message> inInterceptor = iterator.next();
if (!inInterceptor.getClass().equals(StaxOutInterceptor.class)
&& !inInterceptor.getClass().equals(GZIPOutInterceptor.class)
&& !inInterceptor.getClass().equals(MessageSenderInterceptor.class)) {
outMessage.getInterceptorChain().remove(inInterceptor);
}
}
}
private Document getDocument(WSDLGetUtils utils,
Message message, String base,
Map<String, String> params, String ctxUri) {
// cannot have two wsdl's being generated for the same endpoint at the same
// time as the addresses may get mixed up
// For WSDL's the WSDLWriter does not share any state between documents.
// For XSD's, the WSDLGetUtils makes a copy of any XSD schema documents before updating
// any addresses and returning them, so for both WSDL and XSD this is the only part that
// needs
// to be synchronized.
synchronized (message.getExchange().getEndpoint()) {
return utils.getDocument(message, base, params, ctxUri,
message.getExchange().getEndpoint().getEndpointInfo());
}
}
private boolean isRecognizedQuery(Map<String, String> map) {
return map.containsKey("wsdl") || map.containsKey("xsd");
}
}

108
platform/runtime/core/objects-implementations/service-implementation/service-runtime/src/main/java/ru/entaxy/platform/services/runtime/interceptor/PublicOpenApiSchemaInterceptor.java Normal file
View File

@ -0,0 +1,108 @@
/*-
* ~~~~~~licensing~~~~~~
* service-runtime
* ==========
* Copyright (C) 2020 - 2024 EmDev LLC
* ==========
* You may not use this file except in accordance with the License Terms of the Copyright
* Holder located at: https://entaxy.ru/eula . All copyrights, all intellectual property
* rights to the Software and any copies are the property of the Copyright Holder. Unless
* it is explicitly allowed the Copyright Holder, the User is prohibited from using the
* Software for commercial purposes to provide services to third parties.
*
* The Copyright Holder hereby declares that the Software is provided on an "AS IS".
* Under no circumstances does the Copyright Holder guarantee or promise that the
* Software provided by him will be suitable or not suitable for the specific purposes
* of the User, that the Software will meet all commercial and personal subjective
* expectations of the User, that the Software will work properly, without technical
* errors, quickly and uninterruptedly.
*
* Under no circumstances shall the Copyright Holder or its Affiliates is not liable
* to the User for any direct or indirect losses of the User, his expenses or actual
* damage, including, downtime; loss of bussines; lost profit; lost earnings; loss
* or damage to data, property, etc.
* ~~~~~~/licensing~~~~~~
*/
package ru.entaxy.platform.services.runtime.interceptor;
import java.net.URL;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.regex.Pattern;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.message.Message;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import org.apache.cxf.security.SecurityContext;
import org.apache.cxf.transport.http.Headers;
import ru.entaxy.platform.core.support.runtime.cxf.security.AnonymousSecurityContext;
public class PublicOpenApiSchemaInterceptor extends AbstractPhaseInterceptor<Message> {
private static final Log LOG = LogFactory.getLog(PublicOpenApiSchemaInterceptor.class);
public static final List<String> SERVICE_SCHEMA_QUERY = new ArrayList<>();
public static final List<String> SERVICE_SCHEMA_FILE = new ArrayList<>();
static {
// SERVICE_SCHEMA_QUERY.add("wsdl");
SERVICE_SCHEMA_QUERY.add("wadl");
SERVICE_SCHEMA_QUERY.add("swagger.json");
SERVICE_SCHEMA_QUERY.add("open-api.json");
SERVICE_SCHEMA_QUERY.add("open-api.yaml");
SERVICE_SCHEMA_FILE.add(".*\\/openapi\\.json");
SERVICE_SCHEMA_FILE.add(".*\\/openapi\\.yaml");
SERVICE_SCHEMA_FILE.add(".*\\/favicon.*\\.png");
SERVICE_SCHEMA_FILE.add(".*api-docs");
SERVICE_SCHEMA_FILE.add(".*\\/swagger-ui[^.]*\\.\\w*");
}
public PublicOpenApiSchemaInterceptor() {
super(Phase.RECEIVE);
}
@Override
public void handleMessage(Message message) throws Fault {
Map<String, List<String>> headers = Headers.getSetProtocolHeaders(message);
boolean isAllowedSchemaRequest = checkOnSchema(message);
if (isAllowedSchemaRequest) {
// we create simple SecurityContext with anonymous user
message.put(SecurityContext.class, new AnonymousSecurityContext());
}
headers.put(AnonymousSecurityContext.HEADER_IS_DISPLAY_SERVICE_SERVICE,
Collections.singletonList(String.valueOf(isAllowedSchemaRequest)));
}
private boolean checkOnSchema(Message message) {
Object params = message.get(Message.QUERY_STRING);
for (String schema : SERVICE_SCHEMA_QUERY) {
if (params != null && Pattern.matches(schema, params.toString()))
return true;
}
params = message.get(Message.REQUEST_URL);
try {
URL requestUrl = new URL(params.toString());
for (String schema : SERVICE_SCHEMA_FILE) {
if (Pattern.matches(schema, requestUrl.getFile()))
return true;
}
} catch (Exception e) {
}
return false;
}
}

60
platform/runtime/core/objects-implementations/service-implementation/service-runtime/src/main/java/ru/entaxy/platform/services/runtime/interceptor/ResolveLoginInterceptor.java Normal file
View File

@ -0,0 +1,60 @@
/*-
* ~~~~~~licensing~~~~~~
* basic-auth-impl
* ==========
* Copyright (C) 2020 - 2024 EmDev LLC
* ==========
* You may not use this file except in accordance with the License Terms of the Copyright
* Holder located at: https://entaxy.ru/eula . All copyrights, all intellectual property
* rights to the Software and any copies are the property of the Copyright Holder. Unless
* it is explicitly allowed the Copyright Holder, the User is prohibited from using the
* Software for commercial purposes to provide services to third parties.
*
* The Copyright Holder hereby declares that the Software is provided on an "AS IS".
* Under no circumstances does the Copyright Holder guarantee or promise that the
* Software provided by him will be suitable or not suitable for the specific purposes
* of the User, that the Software will meet all commercial and personal subjective
* expectations of the User, that the Software will work properly, without technical
* errors, quickly and uninterruptedly.
*
* Under no circumstances shall the Copyright Holder or its Affiliates is not liable
* to the User for any direct or indirect losses of the User, his expenses or actual
* damage, including, downtime; loss of bussines; lost profit; lost earnings; loss
* or damage to data, property, etc.
* ~~~~~~/licensing~~~~~~
*/
package ru.entaxy.platform.services.runtime.interceptor;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.message.Message;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import org.apache.cxf.security.LoginSecurityContext;
import org.apache.cxf.security.SecurityContext;
import org.apache.cxf.transport.http.Headers;
public class ResolveLoginInterceptor extends AbstractPhaseInterceptor<Message> {
public static final String HEADER_USER = "X-User";
public ResolveLoginInterceptor() {
super(Phase.POST_UNMARSHAL);
}
public void handleMessage(Message message) throws Fault {
SecurityContext sc = message.get(SecurityContext.class);
if ((sc != null) && (sc instanceof LoginSecurityContext)) {
LoginSecurityContext lsc = (LoginSecurityContext) sc;
String login = lsc.getUserPrincipal().getName();
Map<String, List<String>> headers = Headers.getSetProtocolHeaders(message);
headers.put(HEADER_USER, Collections.singletonList(login));
}
return;
}
}

92
platform/runtime/core/objects-implementations/service-implementation/service-runtime/src/main/java/ru/entaxy/platform/services/runtime/interceptor/ResolveProfileNameInterceptor.java Normal file
View File

@ -0,0 +1,92 @@
/*-
* ~~~~~~licensing~~~~~~
* service-runtime
* ==========
* Copyright (C) 2020 - 2024 EmDev LLC
* ==========
* You may not use this file except in accordance with the License Terms of the Copyright
* Holder located at: https://entaxy.ru/eula . All copyrights, all intellectual property
* rights to the Software and any copies are the property of the Copyright Holder. Unless
* it is explicitly allowed the Copyright Holder, the User is prohibited from using the
* Software for commercial purposes to provide services to third parties.
*
* The Copyright Holder hereby declares that the Software is provided on an "AS IS".
* Under no circumstances does the Copyright Holder guarantee or promise that the
* Software provided by him will be suitable or not suitable for the specific purposes
* of the User, that the Software will meet all commercial and personal subjective
* expectations of the User, that the Software will work properly, without technical
* errors, quickly and uninterruptedly.
*
* Under no circumstances shall the Copyright Holder or its Affiliates is not liable
* to the User for any direct or indirect losses of the User, his expenses or actual
* damage, including, downtime; loss of bussines; lost profit; lost earnings; loss
* or damage to data, property, etc.
* ~~~~~~/licensing~~~~~~
*/
/**
* Licensed to the Apache Software Foundation (ASF) under one or more contributor license
* agreements. See the NOTICE file distributed with this work for additional information regarding
* copyright ownership. The ASF licenses this file to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance with the License. You may obtain a
* copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software distributed under the License
* is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
* or implied. See the License for the specific language governing permissions and limitations under
* the License.
*/
package ru.entaxy.platform.services.runtime.interceptor;
import java.security.Principal;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.message.Message;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import org.apache.cxf.security.LoginSecurityContext;
import org.apache.cxf.security.SecurityContext;
import org.apache.cxf.transport.http.Headers;
import javax.ws.rs.ForbiddenException;
public class ResolveProfileNameInterceptor extends AbstractPhaseInterceptor<Message> {
public static final String SYSTEM_ROLE_PREFIX = "PROFILE_";
public static final String HEADER_SYSTEM_NAME = "X-SystemName";
public static final String HEADER_SYSTEM_UUID = "X-SystemUuid";
public static final String HEADER_SYSTEM_ID = "X-SystemId";
public ResolveProfileNameInterceptor() {
super(Phase.UNMARSHAL);
}
public void handleMessage(Message message) throws Fault {
SecurityContext sc = message.get(SecurityContext.class);
if ((sc != null) && (sc instanceof LoginSecurityContext)) {
LoginSecurityContext lsc = (LoginSecurityContext) sc;
boolean found = false;
for (Principal p : lsc.getUserRoles()) {
if (p.getName().startsWith(SYSTEM_ROLE_PREFIX)) {
Map<String, List<String>> headers = Headers.getSetProtocolHeaders(message);
String systemName = p.getName().substring(SYSTEM_ROLE_PREFIX.length());
headers.put(HEADER_SYSTEM_ID, Collections.singletonList(systemName));
headers.put(HEADER_SYSTEM_UUID, Collections.singletonList(systemName));
headers.put(HEADER_SYSTEM_NAME, Collections.singletonList(systemName));
found = true;
break;
}
}
if (!found) {
throw new Fault(new ForbiddenException("Associated profile not found"));
}
}
return;
}
}

130
platform/runtime/core/objects-implementations/service-implementation/service-runtime/src/main/java/ru/entaxy/platform/services/runtime/interceptor/SOAPValidateInterceptor.java Normal file
View File

@ -0,0 +1,130 @@
/*-
* ~~~~~~licensing~~~~~~
* system-commons
* ==========
* Copyright (C) 2020 - 2024 EmDev LLC
* ==========
* You may not use this file except in accordance with the License Terms of the Copyright
* Holder located at: https://entaxy.ru/eula . All copyrights, all intellectual property
* rights to the Software and any copies are the property of the Copyright Holder. Unless
* it is explicitly allowed the Copyright Holder, the User is prohibited from using the
* Software for commercial purposes to provide services to third parties.
*
* The Copyright Holder hereby declares that the Software is provided on an "AS IS".
* Under no circumstances does the Copyright Holder guarantee or promise that the
* Software provided by him will be suitable or not suitable for the specific purposes
* of the User, that the Software will meet all commercial and personal subjective
* expectations of the User, that the Software will work properly, without technical
* errors, quickly and uninterruptedly.
*
* Under no circumstances shall the Copyright Holder or its Affiliates is not liable
* to the User for any direct or indirect losses of the User, his expenses or actual
* damage, including, downtime; loss of bussines; lost profit; lost earnings; loss
* or damage to data, property, etc.
* ~~~~~~/licensing~~~~~~
*/
package ru.entaxy.platform.services.runtime.interceptor;
import java.io.IOException;
import java.util.List;
import javax.xml.soap.SOAPMessage;
import javax.xml.stream.XMLStreamException;
import javax.xml.transform.dom.DOMSource;
import javax.xml.validation.Schema;
import javax.xml.validation.Validator;
import javax.xml.xpath.XPathExpressionException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.binding.soap.saaj.SAAJInInterceptor;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import org.apache.cxf.service.Service;
import org.apache.cxf.service.model.ServiceModelUtil;
import org.apache.cxf.ws.addressing.EndpointReferenceUtils;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.xml.sax.SAXException;
import ru.entaxy.platform.services.runtime.utils.XmlParser;
public class SOAPValidateInterceptor extends AbstractPhaseInterceptor<SoapMessage> {
private static final Log LOG = LogFactory.getLog(SOAPValidateInterceptor.class);
private final SAAJInInterceptor saajIn;
private final XmlParser xmlParser;
private boolean schemaValidationEnabled;
public SOAPValidateInterceptor() {
super(Phase.PRE_PROTOCOL);
saajIn = new SAAJInInterceptor();
xmlParser = new XmlParser();
getAfter().add(SAAJInInterceptor.class.getName());
}
@Override
public void handleMessage(SoapMessage message) throws Fault {
if (isGET(message)) {
return;
}
try {
Node body = getMessageBody((DOMSource) getSOAPMessage(message).getSOAPPart().getContent());
if (body != null)
validate(body, message);
else
throw new XMLStreamException("Can't find the tag \"Body\"");
} catch (RuntimeException re) {
throw re;
} catch (Exception e) {
throw new Fault(e);
}
}
private Node getMessageBody(DOMSource source) throws XPathExpressionException {
Node node = source.getNode().cloneNode(true);
List<Node> nodeList = xmlParser.getNodes(node.getLastChild(), "Body");
return !nodeList.isEmpty() ? nodeList.get(0) : null;
}
private void validate(Node node, SoapMessage soapMessage)
throws IOException, SAXException, XPathExpressionException {
Validator validator = getValidator(soapMessage);
validator.validate(new DOMSource(getNodeForValidate(node)));
}
private Node getNodeForValidate(Node node) throws XPathExpressionException {
if (schemaValidationEnabled && node.getLocalName().contains("packets")) {
Element element = (Element) node;
for (Node content : xmlParser.getNodes(element, "content")) {
content.getParentNode().removeChild(content);
}
return element;
}
return node;
}
private Validator getValidator(SoapMessage soapMessage) {
Service service = ServiceModelUtil.getService(soapMessage.getExchange());
Schema schema =
EndpointReferenceUtils.getSchema(service.getServiceInfos().get(0), soapMessage.getExchange().getBus());
return schema.newValidator();
}
private SOAPMessage getSOAPMessage(SoapMessage smsg) {
SOAPMessage soapMessage = smsg.getContent(SOAPMessage.class);
if (soapMessage == null) {
saajIn.handleMessage(smsg);
soapMessage = smsg.getContent(SOAPMessage.class);
}
return soapMessage;
}
public void setSchemaValidationEnabled(boolean schemaValidationEnabled) {
this.schemaValidationEnabled = schemaValidationEnabled;
}
}

41
platform/runtime/core/objects-implementations/service-implementation/service-runtime/src/main/java/ru/entaxy/platform/services/runtime/interceptor/SystemHeadersConstants.java Normal file
View File

@ -0,0 +1,41 @@
/*-
* ~~~~~~licensing~~~~~~
* system-commons
* ==========
* Copyright (C) 2020 - 2024 EmDev LLC
* ==========
* You may not use this file except in accordance with the License Terms of the Copyright
* Holder located at: https://entaxy.ru/eula . All copyrights, all intellectual property
* rights to the Software and any copies are the property of the Copyright Holder. Unless
* it is explicitly allowed the Copyright Holder, the User is prohibited from using the
* Software for commercial purposes to provide services to third parties.
*
* The Copyright Holder hereby declares that the Software is provided on an "AS IS".
* Under no circumstances does the Copyright Holder guarantee or promise that the
* Software provided by him will be suitable or not suitable for the specific purposes
* of the User, that the Software will meet all commercial and personal subjective
* expectations of the User, that the Software will work properly, without technical
* errors, quickly and uninterruptedly.
*
* Under no circumstances shall the Copyright Holder or its Affiliates is not liable
* to the User for any direct or indirect losses of the User, his expenses or actual
* damage, including, downtime; loss of bussines; lost profit; lost earnings; loss
* or damage to data, property, etc.
* ~~~~~~/licensing~~~~~~
*/
package ru.entaxy.platform.services.runtime.interceptor;
/**
* @Deprecated copied from legacy 'system-commons' for backward compatibility
*/
@Deprecated(since = "1.10", forRemoval = true)
public class SystemHeadersConstants {
public static final String HEADER_USER_LOGIN = "X-ForwardedUser";
public static final String HEADER_USER_ID = "X-ForwardedUserId";
public static final String HEADER_SYSTEM_NAME = "X-SystemName";
public static final String HEADER_SYSTEM_UUID = "X-SystemUuid";
public static final String HEADER_SYSTEM_ID = "X-SystemId";
public static final String HEADER_IS_DISPLAY_SERVICE_SERVICE = "NTX_IsDisplayServiceSchema";
private SystemHeadersConstants() {}
}

56
platform/runtime/core/objects-implementations/service-implementation/service-runtime/src/main/java/ru/entaxy/platform/services/runtime/utils/XmlParser.java Normal file
View File

@ -0,0 +1,56 @@
/*-
* ~~~~~~licensing~~~~~~
* system-commons
* ==========
* Copyright (C) 2020 - 2024 EmDev LLC
* ==========
* You may not use this file except in accordance with the License Terms of the Copyright
* Holder located at: https://entaxy.ru/eula . All copyrights, all intellectual property
* rights to the Software and any copies are the property of the Copyright Holder. Unless
* it is explicitly allowed the Copyright Holder, the User is prohibited from using the
* Software for commercial purposes to provide services to third parties.
*
* The Copyright Holder hereby declares that the Software is provided on an "AS IS".
* Under no circumstances does the Copyright Holder guarantee or promise that the
* Software provided by him will be suitable or not suitable for the specific purposes
* of the User, that the Software will meet all commercial and personal subjective
* expectations of the User, that the Software will work properly, without technical
* errors, quickly and uninterruptedly.
*
* Under no circumstances shall the Copyright Holder or its Affiliates is not liable
* to the User for any direct or indirect losses of the User, his expenses or actual
* damage, including, downtime; loss of bussines; lost profit; lost earnings; loss
* or damage to data, property, etc.
* ~~~~~~/licensing~~~~~~
*/
package ru.entaxy.platform.services.runtime.utils;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import javax.xml.xpath.*;
import java.util.ArrayList;
import java.util.List;
public class XmlParser {
public List<Node> getNodes(Node node, String elementName) throws XPathExpressionException {
XPath xpath = XPathFactory.newInstance().newXPath();
XPathExpression expr = xpath.compile("//*[local-name()='" + elementName + "']/child::node()");
NodeList nodeList = (NodeList) expr.evaluate(node.getOwnerDocument(), XPathConstants.NODESET);
return getNotNullNodes(nodeList);
}
private List<Node> getNotNullNodes(NodeList nodeList) {
List<Node> result = new ArrayList<>();
for (int i = 0; i < nodeList.getLength(); i++) {
Node node = nodeList.item(i);
if (node.getLocalName() != null) {
result.add(node);
}
}
return result;
}
}