• Home
• com.formkiq
• formkiq-server
• 0.2
• source code
• OAuthRequestedMatcher.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.formkiq.server.config.OAuthRequestedMatcher Maven / Gradle / Ivy

package com.formkiq.server.config;

import static com.formkiq.server.api.SystemController.API_SYSTEM_PING;
import static com.formkiq.server.api.SystemController.API_SYSTEM_SETUP;
import static com.formkiq.server.api.UsersController.API_USER_LOST_PASSWORD;
import static org.springframework.util.StringUtils.isEmpty;

import javax.servlet.http.HttpServletRequest;

import org.springframework.security.web.util.matcher.RequestMatcher;

/**
 * Matches custom OAuth Requests matcher to support both
 * OAuth authentication and basic authentication on the /api path.
 *
 */
public class OAuthRequestedMatcher implements RequestMatcher {

    @Override
    public boolean matches(final HttpServletRequest request) {

        String uri = request.getRequestURI();
        String auth = request.getHeader("Authorization");
        boolean matchURL = uri.startsWith("/api/");

        if (API_SYSTEM_SETUP.equals(uri)
                || API_USER_LOST_PASSWORD.equals(uri)
                || API_SYSTEM_PING.equals(uri)) {
            matchURL = false;
        }

        boolean matchBearer = !isEmpty(auth) && auth.startsWith("Bearer");
        boolean matchToken = !isEmpty(request.getParameter("access_token"));

        return matchURL && (matchBearer || matchToken);
    }
}