From 146a0fb8b0e90f9196e569152f649baf60d6cc8f Mon Sep 17 00:00:00 2001
From: Joaquín Reñé <jrene@curisit.net>
Date: Tue, 07 Oct 2025 14:52:57 +0000
Subject: [PATCH] #4410 - Comments on classes
---
securis/src/main/java/net/curisit/securis/services/BasicServices.java | 189 +++++++++++++++++++++++++++-------------------
1 files changed, 110 insertions(+), 79 deletions(-)
diff --git a/securis/src/main/java/net/curisit/securis/services/BasicServices.java b/securis/src/main/java/net/curisit/securis/services/BasicServices.java
index f025795..2c989cc 100644
--- a/securis/src/main/java/net/curisit/securis/services/BasicServices.java
+++ b/securis/src/main/java/net/curisit/securis/services/BasicServices.java
@@ -1,3 +1,6 @@
+/*
+ * Copyright @ 2013 CurisTEC, S.A.S. All Rights Reserved.
+ */
package net.curisit.securis.services;
import java.net.URI;
@@ -32,96 +35,124 @@
import net.curisit.securis.utils.TokenHelper;
/**
- * Basic services for login and basic app wrkflow
- *
- * @author roberto <roberto.sanchez@curisit.net>
+ * BasicServices
+ * <p>
+ * Minimal public endpoints for service liveness, version info and token checks.
+ * Also provides entry routing to SPA (admin/login/licenses) via /index.jsp.
+ *
+ * Security:
+ * <ul>
+ * <li>/check requires a valid bearer token (via {@link Securable}).</li>
+ * <li>/logout just logs intention; token invalidation is outside this class.</li>
+ * </ul>
+ *
+ * Author: roberto <roberto.sanchez@curisit.net>
+ * Last reviewed by JRA on Oct 5, 2025.
*/
@Path("/")
@ApplicationScoped
public class BasicServices {
- private static final Logger LOG = LogManager.getLogger(BasicServices.class);
+ private static final Logger LOG = LogManager.getLogger(BasicServices.class);
- @Inject
- TokenHelper tokenHelper;
+ @Inject TokenHelper tokenHelper;
+ @Context EntityManager em;
- @Context
- EntityManager em;
+ @Inject public BasicServices() {}
- @Inject
- public BasicServices() {
- }
+ /**
+ * info<p>
+ * Simple liveness text endpoint.
+ *
+ * @param request
+ * @return response
+ */
+ @GET
+ @Path("/info")
+ @Produces({ MediaType.TEXT_PLAIN })
+ public Response info(@Context HttpServletRequest request) {
+ return Response.ok().entity("License server running OK. Date: " + new Date()).build();
+ }
- @GET
- @Path("/info")
- @Produces({ MediaType.TEXT_PLAIN })
- public Response info(@Context HttpServletRequest request) {
- return Response.ok().entity("License server running OK. Date: " + new Date()).build();
- }
+ /**
+ * version<p>
+ * Returns semantic app version as JSON.
+ *
+ * @param request
+ * @return version
+ */
+ @GET
+ @Path("/version")
+ @Produces({ MediaType.APPLICATION_JSON })
+ public Map<String, String> version(@Context HttpServletRequest request) {
+ Map<String, String> resp = new HashMap<>();
+ resp.put("version", AppVersion.getInstance().getCompleteVersion());
+ return resp;
+ }
- @GET
- @Path("/version")
- @Produces({ MediaType.APPLICATION_JSON })
- public Map<String, String> version(@Context HttpServletRequest request) {
- Map<String, String> resp = new HashMap<>();
-
- // Get the real version
- String version = AppVersion.getInstance().getCompleteVersion();
- resp.put("version", version);
- return resp;
- }
+ /**
+ * init<p>
+ * Redirects SPA modules to the main index page.
+ *
+ * @param module
+ * @param request
+ * @return response
+ */
+ @GET
+ @Path("/{module:(admin)|(login)|(licenses)}")
+ @Produces({ MediaType.TEXT_HTML })
+ public Response init(@PathParam("module") String module, @Context HttpServletRequest request) {
+ LOG.info("App index main.html");
+ URI uri = UriBuilder.fromUri("/index.jsp").build();
+ return Response.seeOther(uri).build();
+ }
- @GET
- @Path("/{module:(admin)|(login)|(licenses)}")
- @Produces({ MediaType.TEXT_HTML })
- public Response init(@PathParam("module") String module, @Context HttpServletRequest request) {
- LOG.info("App index main.html");
- String page = "/index.jsp";
- URI uri = UriBuilder.fromUri(page).build();
- return Response.seeOther(uri).build();
- }
+ /**
+ * check<p>
+ * Validates a token (from header or query param).
+ *
+ * @param token X-Token header
+ * @param token2 token query param fallback
+ * @return 200 with user/date if valid, 401/403 otherwise
+ */
+ @GET
+ @Securable()
+ @Path("/check")
+ @Produces({ MediaType.APPLICATION_JSON })
+ @EnsureTransaction
+ public Response check(@HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token, @QueryParam("token") String token2) {
+ if (token == null) token = token2;
+ if (token == null) {
+ return Response.status(Status.FORBIDDEN).build();
+ }
+ boolean valid = tokenHelper.isTokenValid(token);
+ if (!valid) {
+ return Response.status(Status.UNAUTHORIZED).build();
+ }
- /**
- * Check if current token is valid
- *
- * @param user
- * @param password
- * @param request
- * @return
- */
- @GET
- @Securable()
- @Path("/check")
- @Produces({ MediaType.APPLICATION_JSON })
- @EnsureTransaction
- public Response check(@HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token, @QueryParam("token") String token2) {
- if (token == null) {
- token = token2;
- }
- if (token == null) {
- return Response.status(Status.FORBIDDEN).build();
- }
- boolean valid = tokenHelper.isTokenValid(token);
- if (!valid) {
- return Response.status(Status.UNAUTHORIZED).build();
- }
+ String user = tokenHelper.extractUserFromToken(token);
+ Date date = tokenHelper.extractDateCreationFromToken(token);
+ return Response.ok(Utils.createMap("valid", true, "user", user, "date", date)).build();
+ }
- String user = tokenHelper.extractUserFromToken(token);
- Date date = tokenHelper.extractDateCreationFromToken(token);
-
- return Response.ok(Utils.createMap("valid", true, "user", user, "date", date)).build();
- }
-
- @GET
- @POST
- @Path("/logout")
- @Produces({ MediaType.APPLICATION_JSON })
- public Response logout(@HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token) {
- if (token == null) {
- Response.status(Status.BAD_REQUEST).build();
- }
- String user = tokenHelper.extractUserFromToken(token);
- LOG.info("User {} has logged out", user);
- return Response.ok().build();
- }
+ /**
+ * logout<p>
+ * Logs logout event. (Token invalidation is handled elsewhere.)
+ *
+ * @param token
+ * @return response
+ */
+ @GET
+ @POST
+ @Path("/logout")
+ @Produces({ MediaType.APPLICATION_JSON })
+ public Response logout(@HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token) {
+ if (token == null) {
+ Response.status(Status.BAD_REQUEST).build();
+ }
+ String user = tokenHelper.extractUserFromToken(token);
+ LOG.info("User {} has logged out", user);
+ return Response.ok().build();
+ }
}
+
--
Gitblit v1.3.2