Merge pull request #1527 from guterresrafael/master

Add api support to http methods and status codes
author: Anton Tananaev <anton.tananaev@gmail.com> 2015-11-15 09:19:58 +1300
committer: Anton Tananaev <anton.tananaev@gmail.com> 2015-11-15 09:19:58 +1300
commit: 12693f823d17e106361c9626d14d9baf040af7e4 (patch)
tree: 11fdc2343dd08e6edde0f17100afa0490fe87e4e /src/org/traccar
parent: 6941836a13bc27192c8dc27c4171517333b83a7d (diff)
parent: b4eea84b009e7a3c9211cb80638737a21dac7423 (diff)
download: traccar-server-12693f823d17e106361c9626d14d9baf040af7e4.tar.gz
traccar-server-12693f823d17e106361c9626d14d9baf040af7e4.tar.bz2
traccar-server-12693f823d17e106361c9626d14d9baf040af7e4.zip
2 files changed, 59 insertions, 15 deletions
diff --git a/src/org/traccar/helper/Authorization.java b/src/org/traccar/helper/Authorization.java
index fc34687cd..d0877630d 100644
--- a/src/org/traccar/helper/Authorization.java
+++ b/src/org/traccar/helper/Authorization.java
@@ -28,13 +28,13 @@ public final class Authorization {
     private Authorization() {
     }
 
-    public static final String HEADER = "Authorization";
-    public static final String SCHEME = "Basic";
-    public static final String REGEX = SCHEME + " ";
+    public static final String AUTHORIAZTION_SCHEME_VALUE = "Basic";
+    public static final String REGEX = AUTHORIAZTION_SCHEME_VALUE + " ";
     public static final String REPLACEMENT = "";
     public static final String TOKENIZER = ":";
     public static final String USERNAME = "username";
     public static final String PASSWORD = "password";
+    public static final String WWW_AUTHENTICATE_VALUE = "Basic realm=\"api\"";
 
     public static Map<String, String> parse(String authorization) {
         Map<String, String> authMap = new HashMap<>();
diff --git a/src/org/traccar/web/BaseServlet.java b/src/org/traccar/web/BaseServlet.java
index 039e3a1f4..54cd10ad8 100644
--- a/src/org/traccar/web/BaseServlet.java
+++ b/src/org/traccar/web/BaseServlet.java
@@ -20,6 +20,7 @@ import org.traccar.helper.Log;
 import java.io.IOException;
 import java.io.Writer;
 import java.security.AccessControlException;
+import java.util.Collection;
 import java.util.Map;
 import javax.json.Json;
 import javax.json.JsonObjectBuilder;
@@ -28,6 +29,8 @@ import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import org.jboss.netty.handler.codec.http.HttpHeaders;
+import org.jboss.netty.util.CharsetUtil;
 import org.traccar.Context;
 import org.traccar.helper.Authorization;
 import org.traccar.model.User;
@@ -35,25 +38,34 @@ import org.traccar.model.User;
 public abstract class BaseServlet extends HttpServlet {
 
     public static final String USER_KEY = "user";
+    public static final String ALLOW_ORIGIN_VALUE = "*";
+    public static final String ALLOW_HEADERS_VALUE = "Origin, X-Requested-With, Content-Type, Accept";
+    public static final String ALLOW_METHODS_VALUE = "GET, POST, PUT, DELETE";
+    public static final String APPLICATION_JSON = "application/json";
+    public static final String GET = "GET";
+    public static final String POST = "POST";
+    public static final String PUT = "PUT";
+    public static final String DELETE = "DELETE";
 
     @Override
     protected final void service(
             HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
-
-        String command = req.getPathInfo();
-        if (command == null) {
-            command = "";
-        }
         try {
-            resp.setContentType("application/json");
-            resp.setCharacterEncoding("UTF-8");
-            resp.setHeader("Access-Control-Allow-Origin", "*");
-            resp.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
-            resp.setHeader("Access-Control-Allow-Methods", "GET, POST");
-            if (!handle(command, req, resp)) {
+            resp.setContentType(APPLICATION_JSON);
+            resp.setCharacterEncoding(CharsetUtil.UTF_8.name());
+            resp.setHeader(HttpHeaders.Names.ACCESS_CONTROL_ALLOW_ORIGIN, ALLOW_ORIGIN_VALUE);
+            resp.setHeader(HttpHeaders.Names.ACCESS_CONTROL_ALLOW_HEADERS, ALLOW_HEADERS_VALUE);
+            resp.setHeader(HttpHeaders.Names.ACCESS_CONTROL_ALLOW_METHODS, ALLOW_METHODS_VALUE);
+            if (!handle(getCommand(req), req, resp)) {
                 resp.sendError(HttpServletResponse.SC_BAD_REQUEST);
             }
         } catch (Exception error) {
+            if (error instanceof AccessControlException) {
+                resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+                resp.addHeader(HttpHeaders.Names.WWW_AUTHENTICATE, Authorization.WWW_AUTHENTICATE_VALUE);
+            } else if (error instanceof SecurityException) {
+                resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
+            }
             sendResponse(resp.getWriter(), error);
         }
     }
@@ -62,7 +74,7 @@ public abstract class BaseServlet extends HttpServlet {
             String command, HttpServletRequest req, HttpServletResponse resp) throws Exception;
 
     public long getUserId(HttpServletRequest req) throws Exception  {
-        String authorization = req.getHeader(Authorization.HEADER);
+        String authorization = req.getHeader(HttpHeaders.Names.AUTHORIZATION);
         if (authorization != null && !authorization.isEmpty()) {
             Map<String, String> authMap = Authorization.parse(authorization);
             String username = authMap.get(Authorization.USERNAME);
@@ -92,6 +104,16 @@ public abstract class BaseServlet extends HttpServlet {
         writer.write(result.build().toString());
     }
 
+    public void sendResponse(HttpServletResponse resp, Collection collection) throws IOException {
+        if (collection.isEmpty()) {
+            resp.setStatus(HttpServletResponse.SC_NOT_FOUND);
+        }
+        JsonObjectBuilder result = Json.createObjectBuilder();
+        result.add("success", true);
+        result.add("data", JsonConverter.arrayToJson(collection));
+        resp.getWriter().write(result.build().toString());
+    }
+
     public void sendResponse(Writer writer, Exception error) throws IOException {
         JsonObjectBuilder result = Json.createObjectBuilder();
         result.add("success", false);
@@ -99,4 +121,26 @@ public abstract class BaseServlet extends HttpServlet {
         writer.write(result.build().toString());
     }
 
+    private String getCommand(HttpServletRequest req) {
+        String command = req.getPathInfo();
+        if (command == null) {
+            switch (req.getMethod()) {
+                case GET:
+                    command = "/get";
+                    break;
+                case POST:
+                    command = "/add";
+                    break;
+                case PUT:
+                    command = "/update";
+                    break;
+                case DELETE:
+                    command = "/remove";
+                    break;
+                default:
+                    command = "";
+            }
+        }
+        return command;
+    }
 }
author	Anton Tananaev <anton.tananaev@gmail.com>	2015-11-15 09:19:58 +1300
committer	Anton Tananaev <anton.tananaev@gmail.com>	2015-11-15 09:19:58 +1300
commit	12693f823d17e106361c9626d14d9baf040af7e4 (patch)
tree	11fdc2343dd08e6edde0f17100afa0490fe87e4e /src/org/traccar
parent	6941836a13bc27192c8dc27c4171517333b83a7d (diff)
parent	b4eea84b009e7a3c9211cb80638737a21dac7423 (diff)
download	traccar-server-12693f823d17e106361c9626d14d9baf040af7e4.tar.gz traccar-server-12693f823d17e106361c9626d14d9baf040af7e4.tar.bz2 traccar-server-12693f823d17e106361c9626d14d9baf040af7e4.zip