/* * Copyright @ 2013 CurisTEC, S.A.S. All Rights Reserved. */ package net.curisit.securis.services; import java.net.URI; import java.util.Date; import java.util.HashMap; import java.util.Map; import jakarta.enterprise.context.ApplicationScoped; import jakarta.inject.Inject; import jakarta.persistence.EntityManager; import jakarta.servlet.http.HttpServletRequest; import jakarta.ws.rs.GET; import jakarta.ws.rs.HeaderParam; import jakarta.ws.rs.POST; import jakarta.ws.rs.Path; import jakarta.ws.rs.PathParam; import jakarta.ws.rs.Produces; import jakarta.ws.rs.QueryParam; import jakarta.ws.rs.core.Context; import jakarta.ws.rs.core.MediaType; import jakarta.ws.rs.core.Response; import jakarta.ws.rs.core.Response.Status; import jakarta.ws.rs.core.UriBuilder; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; import net.curisit.integrity.AppVersion; import net.curisit.integrity.commons.Utils; import net.curisit.securis.ioc.EnsureTransaction; import net.curisit.securis.security.Securable; import net.curisit.securis.utils.TokenHelper; /** * BasicServices *

* Minimal public endpoints for service liveness, version info and token checks. * Also provides entry routing to SPA (admin/login/licenses) via /index.jsp. * * Security: *

* * Author: roberto <roberto.sanchez@curisit.net> * Last reviewed by JRA on Oct 5, 2025. */ @Path("/") @ApplicationScoped public class BasicServices { private static final Logger LOG = LogManager.getLogger(BasicServices.class); @Inject TokenHelper tokenHelper; @Context EntityManager em; @Inject public BasicServices() {} /** * info

* Simple liveness text endpoint. * * @param request * @return response */ @GET @Path("/info") @Produces({ MediaType.TEXT_PLAIN }) public Response info(@Context HttpServletRequest request) { return Response.ok().entity("License server running OK. Date: " + new Date()).build(); } /** * version

* Returns semantic app version as JSON. * * @param request * @return version */ @GET @Path("/version") @Produces({ MediaType.APPLICATION_JSON }) public Map version(@Context HttpServletRequest request) { Map resp = new HashMap<>(); resp.put("version", AppVersion.getInstance().getCompleteVersion()); return resp; } /** * init

* Redirects SPA modules to the main index page. * * @param module * @param request * @return response */ @GET @Path("/{module:(admin)|(login)|(licenses)}") @Produces({ MediaType.TEXT_HTML }) public Response init(@PathParam("module") String module, @Context HttpServletRequest request) { LOG.info("App index main.html"); URI uri = UriBuilder.fromUri("/index.jsp").build(); return Response.seeOther(uri).build(); } /** * check

* Validates a token (from header or query param). * * @param token X-Token header * @param token2 token query param fallback * @return 200 with user/date if valid, 401/403 otherwise */ @GET @Securable() @Path("/check") @Produces({ MediaType.APPLICATION_JSON }) @EnsureTransaction public Response check(@HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token, @QueryParam("token") String token2) { if (token == null) token = token2; if (token == null) { return Response.status(Status.FORBIDDEN).build(); } boolean valid = tokenHelper.isTokenValid(token); if (!valid) { return Response.status(Status.UNAUTHORIZED).build(); } String user = tokenHelper.extractUserFromToken(token); Date date = tokenHelper.extractDateCreationFromToken(token); return Response.ok(Utils.createMap("valid", true, "user", user, "date", date)).build(); } /** * logout

* Logs logout event. (Token invalidation is handled elsewhere.) * * @param token * @return response */ @GET @POST @Path("/logout") @Produces({ MediaType.APPLICATION_JSON }) public Response logout(@HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token) { if (token == null) { Response.status(Status.BAD_REQUEST).build(); } String user = tokenHelper.extractUserFromToken(token); LOG.info("User {} has logged out", user); return Response.ok().build(); } }