| .. | .. |
|---|
| 40 | 40 | |
|---|
| 41 | 41 | @Override |
|---|
| 42 | 42 | public void filter(ContainerRequestContext containerRequestContext) throws IOException { |
|---|
| 43 | | - log.info("filter using REST interceptor, method: {}", containerRequestContext.getMethod()); |
|---|
| 44 | | - |
|---|
| 45 | | - log.info("filter using REST interceptor, ResourceMethodInvoker: {}", containerRequestContext.getProperty("org.jboss.resteasy.core.ResourceMethodInvoker")); |
|---|
| 46 | 43 | ResourceMethodInvoker methodInvoker = (ResourceMethodInvoker) containerRequestContext.getProperty("org.jboss.resteasy.core.ResourceMethodInvoker"); |
|---|
| 47 | 44 | Method method = methodInvoker.getMethod(); |
|---|
| 48 | 45 | |
|---|
| 49 | 46 | if (!method.isAnnotationPresent(Securable.class)) |
|---|
| 50 | 47 | return; |
|---|
| 51 | 48 | String token = servletRequest.getHeader(TokenHelper.TOKEN_HEADER_PÀRAM); |
|---|
| 52 | | - if (token == null || !tokenHelper.isTokenValid(token)) |
|---|
| 49 | + if (token == null || !tokenHelper.isTokenValid(token)) { |
|---|
| 50 | + log.info("Access denied to '{}', Token not valid.", servletRequest.getPathInfo()); |
|---|
| 53 | 51 | containerRequestContext.abortWith(Response.status(Status.UNAUTHORIZED).build()); |
|---|
| 54 | | - Securable sec = method.getAnnotation(Securable.class); |
|---|
| 52 | + } else { |
|---|
| 53 | + Securable sec = method.getAnnotation(Securable.class); |
|---|
| 55 | 54 | |
|---|
| 56 | | - // If roles == 0 we only need to validate the token |
|---|
| 57 | | - if (sec.roles() != 0) { |
|---|
| 58 | | - String username = tokenHelper.extractUserFromToken(token); |
|---|
| 59 | | - int userRoles = getUserRoles(username); |
|---|
| 60 | | - if ((sec.roles() & userRoles) == 0) { |
|---|
| 61 | | - log.info("User {} has no necessary role to access url: {}", username, servletRequest.getPathInfo()); |
|---|
| 62 | | - containerRequestContext.abortWith(Response.status(Status.UNAUTHORIZED).build()); |
|---|
| 55 | + // If roles == 0 we only need to validate the token |
|---|
| 56 | + if (sec.roles() != 0) { |
|---|
| 57 | + String username = tokenHelper.extractUserFromToken(token); |
|---|
| 58 | + int userRoles = getUserRoles(username); |
|---|
| 59 | + if ((sec.roles() & userRoles) == 0) { |
|---|
| 60 | + log.info("User {} has no necessary role to access url: {}", username, servletRequest.getPathInfo()); |
|---|
| 61 | + containerRequestContext.abortWith(Response.status(Status.UNAUTHORIZED).build()); |
|---|
| 62 | + } |
|---|
| 63 | 63 | } |
|---|
| 64 | 64 | } |
|---|
| 65 | 65 | } |
|---|
| 66 | 66 | |
|---|
| 67 | 67 | private int getUserRoles(String username) { |
|---|
| 68 | + if (username == null) |
|---|
| 69 | + return 0; |
|---|
| 68 | 70 | Integer userRoles = cache.get("roles_" + username, Integer.class); |
|---|
| 69 | 71 | if (userRoles == null) { |
|---|
| 70 | 72 | EntityManager em = emProvider.get(); |
|---|
