From be899c350553024272784225b834c680acf647f0 Mon Sep 17 00:00:00 2001 From: Gonzalo Gallotti Date: Fri, 5 Aug 2022 17:54:42 -0300 Subject: [PATCH 1/4] Read CORS AllowOrigin from client.cfg and then use ENV Vars --- .../src/main/java/com/genexus/cors/CORSHelper.java | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/wrappercommon/src/main/java/com/genexus/cors/CORSHelper.java b/wrappercommon/src/main/java/com/genexus/cors/CORSHelper.java index f1c700d75..467ad623e 100644 --- a/wrappercommon/src/main/java/com/genexus/cors/CORSHelper.java +++ b/wrappercommon/src/main/java/com/genexus/cors/CORSHelper.java @@ -1,15 +1,17 @@ package com.genexus.cors; +import com.genexus.common.interfaces.SpecificImplementation; + import java.util.HashMap; public class CORSHelper { - private static String CORS_ALLOWED_ORIGINS_ENV_VAR_NAME = "GX_CORS_ALLOW_ORIGIN"; + private static String CORS_ALLOWED_ORIGIN = "CORS_ALLOW_ORIGIN"; private static String CORS_MAX_AGE_SECONDS = "86400"; private static String CORS_ALLOWED_METHODS = "GET, POST, PUT, DELETE, HEAD"; private static String CORS_ALLOWED_HEADERS = "*"; public static HashMap getCORSHeaders(String requestRequiredHeaders) { - String corsAllowedOrigin = System.getenv(CORS_ALLOWED_ORIGINS_ENV_VAR_NAME); + String corsAllowedOrigin = SpecificImplementation.Application.getClientPreferences().getProperty(CORS_ALLOWED_ORIGIN, ""); if (corsAllowedOrigin == null || corsAllowedOrigin.isEmpty()) { return null; } From cd58958c47a41713d035a9bcc63b3e56bbb78a29 Mon Sep 17 00:00:00 2001 From: Gonzalo Gallotti Date: Wed, 17 Aug 2022 11:32:06 -0300 Subject: [PATCH 2/4] #New: Add OPTIONS Method for All Java WebServices (REST + API Objects). Add "Allow" Headers + CORS Headers. --- .../java/com/genexus/cors/CORSHelper.java | 10 ++++--- .../java/com/genexus/ws/JAXRSCorsFilter.java | 25 ------------------ .../java/com/genexus/ws/rs/core/Response.java | 23 ++++++++++++++++ .../java/com/genexus/ws/JAXRSCorsFilter.java | 26 ------------------- .../java/com/genexus/ws/rs/core/Response.java | 24 +++++++++++++++++ 5 files changed, 53 insertions(+), 55 deletions(-) delete mode 100644 wrapperjakarta/src/main/java/com/genexus/ws/JAXRSCorsFilter.java delete mode 100644 wrapperjavax/src/main/java/com/genexus/ws/JAXRSCorsFilter.java diff --git a/wrappercommon/src/main/java/com/genexus/cors/CORSHelper.java b/wrappercommon/src/main/java/com/genexus/cors/CORSHelper.java index 467ad623e..3590375e4 100644 --- a/wrappercommon/src/main/java/com/genexus/cors/CORSHelper.java +++ b/wrappercommon/src/main/java/com/genexus/cors/CORSHelper.java @@ -11,23 +11,25 @@ public class CORSHelper { private static String CORS_ALLOWED_HEADERS = "*"; public static HashMap getCORSHeaders(String requestRequiredHeaders) { + return getCORSHeaders(requestRequiredHeaders, CORS_ALLOWED_METHODS); + } + public static HashMap getCORSHeaders(String requestRequiredHeaders, String allowedMethods) { String corsAllowedOrigin = SpecificImplementation.Application.getClientPreferences().getProperty(CORS_ALLOWED_ORIGIN, ""); - if (corsAllowedOrigin == null || corsAllowedOrigin.isEmpty()) { + if (corsAllowedOrigin == null || corsAllowedOrigin.isEmpty() || allowedMethods.isEmpty()) { return null; } + HashMap corsHeaders = new HashMap<>(); corsHeaders.put( "Access-Control-Allow-Origin", corsAllowedOrigin); corsHeaders.put( "Access-Control-Allow-Credentials", "true"); - corsHeaders.put( "Access-Control-Allow-Headers", requestRequiredHeaders == null || requestRequiredHeaders.isEmpty() ? CORS_ALLOWED_HEADERS : requestRequiredHeaders); - corsHeaders.put( "Access-Control-Allow-Methods", - CORS_ALLOWED_METHODS); + allowedMethods); corsHeaders.put( "Access-Control-Max-Age", CORS_MAX_AGE_SECONDS); diff --git a/wrapperjakarta/src/main/java/com/genexus/ws/JAXRSCorsFilter.java b/wrapperjakarta/src/main/java/com/genexus/ws/JAXRSCorsFilter.java deleted file mode 100644 index bad0e4f0c..000000000 --- a/wrapperjakarta/src/main/java/com/genexus/ws/JAXRSCorsFilter.java +++ /dev/null @@ -1,25 +0,0 @@ -package com.genexus.ws; - -import com.genexus.cors.CORSHelper; -import jakarta.ws.rs.container.ContainerRequestContext; -import jakarta.ws.rs.container.ContainerResponseContext; -import jakarta.ws.rs.container.ContainerResponseFilter; -import jakarta.ws.rs.ext.Provider; - -import java.util.Collections; -import java.util.HashMap; - -@Provider -public class JAXRSCorsFilter implements ContainerResponseFilter { - @Override - public void filter(ContainerRequestContext requestContext, - ContainerResponseContext responseContext) { - HashMap corsHeaders = CORSHelper.getCORSHeaders(requestContext.getHeaderString("Access-Control-Request-Headers")); - if (corsHeaders == null) { - return; - } - for (String headerName : corsHeaders.keySet()) { - responseContext.getHeaders().putSingle(headerName,corsHeaders.get(headerName)); - } - } -} diff --git a/wrapperjakarta/src/main/java/com/genexus/ws/rs/core/Response.java b/wrapperjakarta/src/main/java/com/genexus/ws/rs/core/Response.java index aa8d92511..ef71ea3db 100644 --- a/wrapperjakarta/src/main/java/com/genexus/ws/rs/core/Response.java +++ b/wrapperjakarta/src/main/java/com/genexus/ws/rs/core/Response.java @@ -1,5 +1,10 @@ package com.genexus.ws.rs.core; +import com.genexus.cors.CORSHelper; +import com.genexus.servlet.http.IHttpServletRequest; + +import java.util.HashMap; + public abstract class Response extends jakarta.ws.rs.core.Response{ public static Response.ResponseBuilder notModifiedWrapped() { @@ -14,6 +19,24 @@ public static Response.ResponseBuilder okWrapped() { return new Response.ResponseBuilder(jakarta.ws.rs.core.Response.ok()); } + public static Response.ResponseBuilder options(String allowedMethods) { + Response.ResponseBuilder builder = okWrapped(); + builder.header("Allow", allowedMethods); + return builder; + } + + private static void addCorsHeaders(IHttpServletRequest request, IResponseBuilder builder) { + HashMap corsHeaders = CORSHelper.getCORSHeaders(request.getHeader("Access-Control-Request-Headers"), request.getMethod()); + for (String headerName : corsHeaders.keySet()) { + builder.header(headerName,corsHeaders.get(headerName)); + } + } + + public static jakarta.ws.rs.core.Response build(IHttpServletRequest request, IResponseBuilder builder) { + addCorsHeaders(request, builder); + return (jakarta.ws.rs.core.Response)builder.build(); + } + public static Response.ResponseBuilder notFound() { return new Response.ResponseBuilder(jakarta.ws.rs.core.Response.status(Status.NOT_FOUND)); } diff --git a/wrapperjavax/src/main/java/com/genexus/ws/JAXRSCorsFilter.java b/wrapperjavax/src/main/java/com/genexus/ws/JAXRSCorsFilter.java deleted file mode 100644 index 765d8724d..000000000 --- a/wrapperjavax/src/main/java/com/genexus/ws/JAXRSCorsFilter.java +++ /dev/null @@ -1,26 +0,0 @@ -package com.genexus.ws; - -import com.genexus.cors.CORSHelper; - -import javax.ws.rs.container.ContainerRequestContext; -import javax.ws.rs.container.ContainerResponseContext; -import javax.ws.rs.container.ContainerResponseFilter; -import javax.ws.rs.ext.Provider; -import java.util.Collections; -import java.util.HashMap; - -@Provider -public class JAXRSCorsFilter implements ContainerResponseFilter { - - @Override - public void filter(ContainerRequestContext requestContext, - ContainerResponseContext responseContext) { - HashMap corsHeaders = CORSHelper.getCORSHeaders(requestContext.getHeaderString("Access-Control-Request-Headers")); - if (corsHeaders == null) { - return; - } - for (String headerName : corsHeaders.keySet()) { - responseContext.getHeaders().putSingle(headerName,corsHeaders.get(headerName)); - } - } -} diff --git a/wrapperjavax/src/main/java/com/genexus/ws/rs/core/Response.java b/wrapperjavax/src/main/java/com/genexus/ws/rs/core/Response.java index 7379cadf8..ad100ce3b 100644 --- a/wrapperjavax/src/main/java/com/genexus/ws/rs/core/Response.java +++ b/wrapperjavax/src/main/java/com/genexus/ws/rs/core/Response.java @@ -1,5 +1,10 @@ package com.genexus.ws.rs.core; +import com.genexus.cors.CORSHelper; +import com.genexus.servlet.http.IHttpServletRequest; + +import java.util.HashMap; + public abstract class Response extends javax.ws.rs.core.Response{ public static Response.ResponseBuilder notModifiedWrapped() { @@ -13,6 +18,25 @@ public static Response.ResponseBuilder okWrapped(Object entity) { public static Response.ResponseBuilder okWrapped() { return new Response.ResponseBuilder(javax.ws.rs.core.Response.ok()); } + + public static Response.ResponseBuilder options(String allowedMethods) { + Response.ResponseBuilder builder = new Response.ResponseBuilder(javax.ws.rs.core.Response.ok()); + builder.header("Allow", allowedMethods); + return builder; + } + + private static void addCorsHeaders(IHttpServletRequest request, IResponseBuilder builder) { + HashMap corsHeaders = CORSHelper.getCORSHeaders(request.getHeader("Access-Control-Request-Headers"), request.getMethod()); + for (String headerName : corsHeaders.keySet()) { + builder.header(headerName,corsHeaders.get(headerName)); + } + } + + public static javax.ws.rs.core.Response build(IHttpServletRequest request, IResponseBuilder builder) { + addCorsHeaders(request, builder); + return (javax.ws.rs.core.Response)builder.build(); + } + public static Response.ResponseBuilder notFound() { return new Response.ResponseBuilder(javax.ws.rs.core.Response.status(Status.NOT_FOUND)); } From d5dd273627b0cd2dcdaf4de72643da997a7969f9 Mon Sep 17 00:00:00 2001 From: Gonzalo Gallotti Date: Thu, 18 Aug 2022 13:45:16 -0300 Subject: [PATCH 3/4] Revert "#New: Add OPTIONS Method for All Java WebServices (REST + API Objects). Add "Allow" Headers + CORS Headers." This reverts commit cd58958c47a41713d035a9bcc63b3e56bbb78a29. --- .../java/com/genexus/cors/CORSHelper.java | 10 +++---- .../java/com/genexus/ws/JAXRSCorsFilter.java | 25 ++++++++++++++++++ .../java/com/genexus/ws/rs/core/Response.java | 23 ---------------- .../java/com/genexus/ws/JAXRSCorsFilter.java | 26 +++++++++++++++++++ .../java/com/genexus/ws/rs/core/Response.java | 24 ----------------- 5 files changed, 55 insertions(+), 53 deletions(-) create mode 100644 wrapperjakarta/src/main/java/com/genexus/ws/JAXRSCorsFilter.java create mode 100644 wrapperjavax/src/main/java/com/genexus/ws/JAXRSCorsFilter.java diff --git a/wrappercommon/src/main/java/com/genexus/cors/CORSHelper.java b/wrappercommon/src/main/java/com/genexus/cors/CORSHelper.java index 3590375e4..467ad623e 100644 --- a/wrappercommon/src/main/java/com/genexus/cors/CORSHelper.java +++ b/wrappercommon/src/main/java/com/genexus/cors/CORSHelper.java @@ -11,25 +11,23 @@ public class CORSHelper { private static String CORS_ALLOWED_HEADERS = "*"; public static HashMap getCORSHeaders(String requestRequiredHeaders) { - return getCORSHeaders(requestRequiredHeaders, CORS_ALLOWED_METHODS); - } - public static HashMap getCORSHeaders(String requestRequiredHeaders, String allowedMethods) { String corsAllowedOrigin = SpecificImplementation.Application.getClientPreferences().getProperty(CORS_ALLOWED_ORIGIN, ""); - if (corsAllowedOrigin == null || corsAllowedOrigin.isEmpty() || allowedMethods.isEmpty()) { + if (corsAllowedOrigin == null || corsAllowedOrigin.isEmpty()) { return null; } - HashMap corsHeaders = new HashMap<>(); corsHeaders.put( "Access-Control-Allow-Origin", corsAllowedOrigin); corsHeaders.put( "Access-Control-Allow-Credentials", "true"); + corsHeaders.put( "Access-Control-Allow-Headers", requestRequiredHeaders == null || requestRequiredHeaders.isEmpty() ? CORS_ALLOWED_HEADERS : requestRequiredHeaders); + corsHeaders.put( "Access-Control-Allow-Methods", - allowedMethods); + CORS_ALLOWED_METHODS); corsHeaders.put( "Access-Control-Max-Age", CORS_MAX_AGE_SECONDS); diff --git a/wrapperjakarta/src/main/java/com/genexus/ws/JAXRSCorsFilter.java b/wrapperjakarta/src/main/java/com/genexus/ws/JAXRSCorsFilter.java new file mode 100644 index 000000000..bad0e4f0c --- /dev/null +++ b/wrapperjakarta/src/main/java/com/genexus/ws/JAXRSCorsFilter.java @@ -0,0 +1,25 @@ +package com.genexus.ws; + +import com.genexus.cors.CORSHelper; +import jakarta.ws.rs.container.ContainerRequestContext; +import jakarta.ws.rs.container.ContainerResponseContext; +import jakarta.ws.rs.container.ContainerResponseFilter; +import jakarta.ws.rs.ext.Provider; + +import java.util.Collections; +import java.util.HashMap; + +@Provider +public class JAXRSCorsFilter implements ContainerResponseFilter { + @Override + public void filter(ContainerRequestContext requestContext, + ContainerResponseContext responseContext) { + HashMap corsHeaders = CORSHelper.getCORSHeaders(requestContext.getHeaderString("Access-Control-Request-Headers")); + if (corsHeaders == null) { + return; + } + for (String headerName : corsHeaders.keySet()) { + responseContext.getHeaders().putSingle(headerName,corsHeaders.get(headerName)); + } + } +} diff --git a/wrapperjakarta/src/main/java/com/genexus/ws/rs/core/Response.java b/wrapperjakarta/src/main/java/com/genexus/ws/rs/core/Response.java index ef71ea3db..aa8d92511 100644 --- a/wrapperjakarta/src/main/java/com/genexus/ws/rs/core/Response.java +++ b/wrapperjakarta/src/main/java/com/genexus/ws/rs/core/Response.java @@ -1,10 +1,5 @@ package com.genexus.ws.rs.core; -import com.genexus.cors.CORSHelper; -import com.genexus.servlet.http.IHttpServletRequest; - -import java.util.HashMap; - public abstract class Response extends jakarta.ws.rs.core.Response{ public static Response.ResponseBuilder notModifiedWrapped() { @@ -19,24 +14,6 @@ public static Response.ResponseBuilder okWrapped() { return new Response.ResponseBuilder(jakarta.ws.rs.core.Response.ok()); } - public static Response.ResponseBuilder options(String allowedMethods) { - Response.ResponseBuilder builder = okWrapped(); - builder.header("Allow", allowedMethods); - return builder; - } - - private static void addCorsHeaders(IHttpServletRequest request, IResponseBuilder builder) { - HashMap corsHeaders = CORSHelper.getCORSHeaders(request.getHeader("Access-Control-Request-Headers"), request.getMethod()); - for (String headerName : corsHeaders.keySet()) { - builder.header(headerName,corsHeaders.get(headerName)); - } - } - - public static jakarta.ws.rs.core.Response build(IHttpServletRequest request, IResponseBuilder builder) { - addCorsHeaders(request, builder); - return (jakarta.ws.rs.core.Response)builder.build(); - } - public static Response.ResponseBuilder notFound() { return new Response.ResponseBuilder(jakarta.ws.rs.core.Response.status(Status.NOT_FOUND)); } diff --git a/wrapperjavax/src/main/java/com/genexus/ws/JAXRSCorsFilter.java b/wrapperjavax/src/main/java/com/genexus/ws/JAXRSCorsFilter.java new file mode 100644 index 000000000..765d8724d --- /dev/null +++ b/wrapperjavax/src/main/java/com/genexus/ws/JAXRSCorsFilter.java @@ -0,0 +1,26 @@ +package com.genexus.ws; + +import com.genexus.cors.CORSHelper; + +import javax.ws.rs.container.ContainerRequestContext; +import javax.ws.rs.container.ContainerResponseContext; +import javax.ws.rs.container.ContainerResponseFilter; +import javax.ws.rs.ext.Provider; +import java.util.Collections; +import java.util.HashMap; + +@Provider +public class JAXRSCorsFilter implements ContainerResponseFilter { + + @Override + public void filter(ContainerRequestContext requestContext, + ContainerResponseContext responseContext) { + HashMap corsHeaders = CORSHelper.getCORSHeaders(requestContext.getHeaderString("Access-Control-Request-Headers")); + if (corsHeaders == null) { + return; + } + for (String headerName : corsHeaders.keySet()) { + responseContext.getHeaders().putSingle(headerName,corsHeaders.get(headerName)); + } + } +} diff --git a/wrapperjavax/src/main/java/com/genexus/ws/rs/core/Response.java b/wrapperjavax/src/main/java/com/genexus/ws/rs/core/Response.java index ad100ce3b..7379cadf8 100644 --- a/wrapperjavax/src/main/java/com/genexus/ws/rs/core/Response.java +++ b/wrapperjavax/src/main/java/com/genexus/ws/rs/core/Response.java @@ -1,10 +1,5 @@ package com.genexus.ws.rs.core; -import com.genexus.cors.CORSHelper; -import com.genexus.servlet.http.IHttpServletRequest; - -import java.util.HashMap; - public abstract class Response extends javax.ws.rs.core.Response{ public static Response.ResponseBuilder notModifiedWrapped() { @@ -18,25 +13,6 @@ public static Response.ResponseBuilder okWrapped(Object entity) { public static Response.ResponseBuilder okWrapped() { return new Response.ResponseBuilder(javax.ws.rs.core.Response.ok()); } - - public static Response.ResponseBuilder options(String allowedMethods) { - Response.ResponseBuilder builder = new Response.ResponseBuilder(javax.ws.rs.core.Response.ok()); - builder.header("Allow", allowedMethods); - return builder; - } - - private static void addCorsHeaders(IHttpServletRequest request, IResponseBuilder builder) { - HashMap corsHeaders = CORSHelper.getCORSHeaders(request.getHeader("Access-Control-Request-Headers"), request.getMethod()); - for (String headerName : corsHeaders.keySet()) { - builder.header(headerName,corsHeaders.get(headerName)); - } - } - - public static javax.ws.rs.core.Response build(IHttpServletRequest request, IResponseBuilder builder) { - addCorsHeaders(request, builder); - return (javax.ws.rs.core.Response)builder.build(); - } - public static Response.ResponseBuilder notFound() { return new Response.ResponseBuilder(javax.ws.rs.core.Response.status(Status.NOT_FOUND)); } From 7367f2f913f0f6e3cfb898c6c63c8422279e1de5 Mon Sep 17 00:00:00 2001 From: Gonzalo Gallotti Date: Fri, 19 Aug 2022 15:53:14 -0300 Subject: [PATCH 4/4] #New: Add OPTIONS Method for All Java WebServices (REST + API Objects). Add "Allow" Headers + CORS Headers. --- .../java/com/genexus/cors/CORSHelper.java | 71 ++++++++++++++----- .../java/com/genexus/servlet/CorsFilter.java | 8 +-- .../java/com/genexus/ws/JAXRSCorsFilter.java | 2 +- .../java/com/genexus/ws/rs/core/Response.java | 26 +++++-- .../java/com/genexus/servlet/CorsFilter.java | 8 +-- .../java/com/genexus/ws/JAXRSCorsFilter.java | 3 +- .../java/com/genexus/ws/rs/core/Response.java | 26 +++++-- 7 files changed, 102 insertions(+), 42 deletions(-) diff --git a/wrappercommon/src/main/java/com/genexus/cors/CORSHelper.java b/wrappercommon/src/main/java/com/genexus/cors/CORSHelper.java index 467ad623e..a6dc74921 100644 --- a/wrappercommon/src/main/java/com/genexus/cors/CORSHelper.java +++ b/wrappercommon/src/main/java/com/genexus/cors/CORSHelper.java @@ -3,34 +3,69 @@ import com.genexus.common.interfaces.SpecificImplementation; import java.util.HashMap; +import java.util.List; +import java.util.Map; public class CORSHelper { + public static String REQUEST_METHOD_HEADER_NAME = "Access-Control-Request-Method"; + public static String REQUEST_HEADERS_HEADER_NAME = "Access-Control-Request-Headers"; + private static String CORS_ALLOWED_ORIGIN = "CORS_ALLOW_ORIGIN"; private static String CORS_MAX_AGE_SECONDS = "86400"; - private static String CORS_ALLOWED_METHODS = "GET, POST, PUT, DELETE, HEAD"; - private static String CORS_ALLOWED_HEADERS = "*"; - public static HashMap getCORSHeaders(String requestRequiredHeaders) { + + public static boolean corsSupportEnabled() { + return getAllowedOrigin() != null; + } + + public static HashMap getCORSHeaders(Map> headers) { + String corsAllowedOrigin = getAllowedOrigin(); + if (corsAllowedOrigin == null) return null; + + String requestedMethod = getHeaderValue(REQUEST_METHOD_HEADER_NAME, headers); + String requestedHeaders = getHeaderValue(REQUEST_HEADERS_HEADER_NAME, headers); + if (requestedMethod == null) { + return null; + } + + return corsHeaders(corsAllowedOrigin, requestedMethod, requestedHeaders); + } + + public static HashMap getCORSHeaders(String requestedMethod, String requestedHeaders) { + String corsAllowedOrigin = getAllowedOrigin(); + + if (corsAllowedOrigin == null || requestedMethod == null) { + return null; + } + + return corsHeaders(corsAllowedOrigin, requestedMethod, requestedHeaders); + } + + private static String getAllowedOrigin() { String corsAllowedOrigin = SpecificImplementation.Application.getClientPreferences().getProperty(CORS_ALLOWED_ORIGIN, ""); if (corsAllowedOrigin == null || corsAllowedOrigin.isEmpty()) { return null; } + return corsAllowedOrigin; + } + + private static HashMap corsHeaders(String corsAllowedOrigin, String requestedMethod, String requestedHeaders) { HashMap corsHeaders = new HashMap<>(); - corsHeaders.put( - "Access-Control-Allow-Origin", corsAllowedOrigin); - corsHeaders.put( - "Access-Control-Allow-Credentials", "true"); - - corsHeaders.put( - "Access-Control-Allow-Headers", - requestRequiredHeaders == null || requestRequiredHeaders.isEmpty() ? CORS_ALLOWED_HEADERS : requestRequiredHeaders); - - corsHeaders.put( - "Access-Control-Allow-Methods", - CORS_ALLOWED_METHODS); - corsHeaders.put( - "Access-Control-Max-Age", - CORS_MAX_AGE_SECONDS); + corsHeaders.put("Access-Control-Allow-Origin", corsAllowedOrigin); + corsHeaders.put("Access-Control-Allow-Credentials", "true"); + if (requestedHeaders != null && !requestedHeaders.isEmpty()) { + corsHeaders.put("Access-Control-Allow-Headers", requestedHeaders); + } + corsHeaders.put("Access-Control-Allow-Methods", requestedMethod); + corsHeaders.put("Access-Control-Max-Age", CORS_MAX_AGE_SECONDS); return corsHeaders; } + + private static String getHeaderValue(String headerName, Map> headers) { + List value = headers.get(headerName); + if (value != null && value.size() > 0) { + return value.get(0); + } + return null; + } } diff --git a/wrapperjakarta/src/main/java/com/genexus/servlet/CorsFilter.java b/wrapperjakarta/src/main/java/com/genexus/servlet/CorsFilter.java index 7efb59baa..ab1f4537e 100644 --- a/wrapperjakarta/src/main/java/com/genexus/servlet/CorsFilter.java +++ b/wrapperjakarta/src/main/java/com/genexus/servlet/CorsFilter.java @@ -1,9 +1,7 @@ package com.genexus.servlet; - import com.genexus.cors.CORSHelper; import jakarta.servlet.*; -import jakarta.servlet.Filter; import jakarta.servlet.FilterChain; import jakarta.servlet.ServletException; import jakarta.servlet.ServletRequest; @@ -25,7 +23,7 @@ public void init(FilterConfig filterConfig) throws ServletException { public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) servletRequest; - HashMap corsHeaders = CORSHelper.getCORSHeaders(request.getHeader("Access-Control-Request-Headers")); + HashMap corsHeaders = CORSHelper.getCORSHeaders(request.getHeader(CORSHelper.REQUEST_METHOD_HEADER_NAME), request.getHeader(CORSHelper.REQUEST_HEADERS_HEADER_NAME)); if (corsHeaders != null) { HttpServletResponse response = (HttpServletResponse) servletResponse; for (String headerName : corsHeaders.keySet()) { @@ -34,9 +32,7 @@ public void doFilter(ServletRequest servletRequest, ServletResponse servletRespo } } } - if (!request.getMethod().equalsIgnoreCase("OPTIONS")) { - filterChain.doFilter(servletRequest, servletResponse); - } + filterChain.doFilter(servletRequest, servletResponse); } @Override diff --git a/wrapperjakarta/src/main/java/com/genexus/ws/JAXRSCorsFilter.java b/wrapperjakarta/src/main/java/com/genexus/ws/JAXRSCorsFilter.java index bad0e4f0c..4d4bd7adb 100644 --- a/wrapperjakarta/src/main/java/com/genexus/ws/JAXRSCorsFilter.java +++ b/wrapperjakarta/src/main/java/com/genexus/ws/JAXRSCorsFilter.java @@ -14,7 +14,7 @@ public class JAXRSCorsFilter implements ContainerResponseFilter { @Override public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) { - HashMap corsHeaders = CORSHelper.getCORSHeaders(requestContext.getHeaderString("Access-Control-Request-Headers")); + HashMap corsHeaders = CORSHelper.getCORSHeaders(requestContext.getHeaders()); if (corsHeaders == null) { return; } diff --git a/wrapperjakarta/src/main/java/com/genexus/ws/rs/core/Response.java b/wrapperjakarta/src/main/java/com/genexus/ws/rs/core/Response.java index aa8d92511..8435d7ff5 100644 --- a/wrapperjakarta/src/main/java/com/genexus/ws/rs/core/Response.java +++ b/wrapperjakarta/src/main/java/com/genexus/ws/rs/core/Response.java @@ -1,6 +1,6 @@ package com.genexus.ws.rs.core; -public abstract class Response extends jakarta.ws.rs.core.Response{ +public abstract class Response extends jakarta.ws.rs.core.Response { public static Response.ResponseBuilder notModifiedWrapped() { return new Response.ResponseBuilder(jakarta.ws.rs.core.Response.notModified()); @@ -14,6 +14,12 @@ public static Response.ResponseBuilder okWrapped() { return new Response.ResponseBuilder(jakarta.ws.rs.core.Response.ok()); } + public static Response.ResponseBuilder options(String allowedMethods) { + Response.ResponseBuilder builder = okWrapped(); + builder.header("Allow", allowedMethods); + return builder; + } + public static Response.ResponseBuilder notFound() { return new Response.ResponseBuilder(jakarta.ws.rs.core.Response.status(Status.NOT_FOUND)); } @@ -41,7 +47,8 @@ public static Response.ResponseBuilder createdWrapped(java.net.URI uri) { public static Response.ResponseBuilder statusWrapped(int status) { return new Response.ResponseBuilder(jakarta.ws.rs.core.Response.status(status)); } - public static class ResponseBuilder implements IResponseBuilder{ + + public static class ResponseBuilder implements IResponseBuilder { jakarta.ws.rs.core.Response.ResponseBuilder rb; ResponseBuilder(jakarta.ws.rs.core.Response.ResponseBuilder rb) { @@ -51,13 +58,22 @@ public static class ResponseBuilder implements IResponseBuilder{ public jakarta.ws.rs.core.Response build() { return rb.build(); } + public void type(String type) { rb.type(type); } - public void entity(Object entity) { rb.entity(entity); } - public IResponseBuilder status(short i) { return new ResponseBuilder(rb.status(i)); } - public IResponseBuilder entityWrapped(Object entity) { return new ResponseBuilder(rb.entity(entity)); } + public void entity(Object entity) { + rb.entity(entity); + } + + public IResponseBuilder status(short i) { + return new ResponseBuilder(rb.status(i)); + } + + public IResponseBuilder entityWrapped(Object entity) { + return new ResponseBuilder(rb.entity(entity)); + } public void header(String header, Object object) { rb.header(header, object); diff --git a/wrapperjavax/src/main/java/com/genexus/servlet/CorsFilter.java b/wrapperjavax/src/main/java/com/genexus/servlet/CorsFilter.java index 043194ae7..7f5b9a85a 100644 --- a/wrapperjavax/src/main/java/com/genexus/servlet/CorsFilter.java +++ b/wrapperjavax/src/main/java/com/genexus/servlet/CorsFilter.java @@ -11,7 +11,7 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; -import java.util.HashMap; +import java.util.*; public class CorsFilter implements Filter { @Override @@ -22,7 +22,7 @@ public void init(FilterConfig filterConfig) throws ServletException { @Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) servletRequest; - HashMap corsHeaders = CORSHelper.getCORSHeaders(request.getHeader("Access-Control-Request-Headers")); + HashMap corsHeaders = CORSHelper.getCORSHeaders(request.getHeader(CORSHelper.REQUEST_METHOD_HEADER_NAME), request.getHeader(CORSHelper.REQUEST_HEADERS_HEADER_NAME)); if (corsHeaders != null) { HttpServletResponse response = (HttpServletResponse) servletResponse; for (String headerName : corsHeaders.keySet()) { @@ -31,9 +31,7 @@ public void doFilter(ServletRequest servletRequest, ServletResponse servletRespo } } } - if (!request.getMethod().equalsIgnoreCase("OPTIONS")) { - filterChain.doFilter(servletRequest, servletResponse); - } + filterChain.doFilter(servletRequest, servletResponse); } @Override diff --git a/wrapperjavax/src/main/java/com/genexus/ws/JAXRSCorsFilter.java b/wrapperjavax/src/main/java/com/genexus/ws/JAXRSCorsFilter.java index 765d8724d..992e00670 100644 --- a/wrapperjavax/src/main/java/com/genexus/ws/JAXRSCorsFilter.java +++ b/wrapperjavax/src/main/java/com/genexus/ws/JAXRSCorsFilter.java @@ -6,7 +6,6 @@ import javax.ws.rs.container.ContainerResponseContext; import javax.ws.rs.container.ContainerResponseFilter; import javax.ws.rs.ext.Provider; -import java.util.Collections; import java.util.HashMap; @Provider @@ -15,7 +14,7 @@ public class JAXRSCorsFilter implements ContainerResponseFilter { @Override public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) { - HashMap corsHeaders = CORSHelper.getCORSHeaders(requestContext.getHeaderString("Access-Control-Request-Headers")); + HashMap corsHeaders = CORSHelper.getCORSHeaders(requestContext.getHeaders()); if (corsHeaders == null) { return; } diff --git a/wrapperjavax/src/main/java/com/genexus/ws/rs/core/Response.java b/wrapperjavax/src/main/java/com/genexus/ws/rs/core/Response.java index 7379cadf8..db58b7385 100644 --- a/wrapperjavax/src/main/java/com/genexus/ws/rs/core/Response.java +++ b/wrapperjavax/src/main/java/com/genexus/ws/rs/core/Response.java @@ -1,6 +1,6 @@ package com.genexus.ws.rs.core; -public abstract class Response extends javax.ws.rs.core.Response{ +public abstract class Response extends javax.ws.rs.core.Response { public static Response.ResponseBuilder notModifiedWrapped() { return new Response.ResponseBuilder(javax.ws.rs.core.Response.notModified()); @@ -13,6 +13,13 @@ public static Response.ResponseBuilder okWrapped(Object entity) { public static Response.ResponseBuilder okWrapped() { return new Response.ResponseBuilder(javax.ws.rs.core.Response.ok()); } + + public static Response.ResponseBuilder options(String allowedMethods) { + Response.ResponseBuilder builder = okWrapped(); + builder.header("Allow", allowedMethods); + return builder; + } + public static Response.ResponseBuilder notFound() { return new Response.ResponseBuilder(javax.ws.rs.core.Response.status(Status.NOT_FOUND)); } @@ -20,12 +27,15 @@ public static Response.ResponseBuilder notFound() { public static Response.ResponseBuilder conflict() { return new Response.ResponseBuilder(javax.ws.rs.core.Response.status(Status.CONFLICT)); } + public static Response.ResponseBuilder forbidden() { return new Response.ResponseBuilder(javax.ws.rs.core.Response.status(Status.FORBIDDEN)); } + public static Response.ResponseBuilder unauthorized() { return new Response.ResponseBuilder(javax.ws.rs.core.Response.status(Status.UNAUTHORIZED)); } + public static Response.ResponseBuilder noContentWrapped() { return new Response.ResponseBuilder(javax.ws.rs.core.Response.noContent()); } @@ -38,7 +48,7 @@ public static Response.ResponseBuilder statusWrapped(int status) { return new Response.ResponseBuilder(javax.ws.rs.core.Response.status(status)); } - public static class ResponseBuilder implements IResponseBuilder{ + public static class ResponseBuilder implements IResponseBuilder { javax.ws.rs.core.Response.ResponseBuilder rb; ResponseBuilder(javax.ws.rs.core.Response.ResponseBuilder rb) { @@ -53,11 +63,17 @@ public void type(String type) { rb.type(type); } - public void entity(Object entity) { rb.entity(entity); } + public void entity(Object entity) { + rb.entity(entity); + } - public IResponseBuilder status(short i) { return new ResponseBuilder(rb.status(i)); } + public IResponseBuilder status(short i) { + return new ResponseBuilder(rb.status(i)); + } - public IResponseBuilder entityWrapped(Object entity) { return new ResponseBuilder(rb.entity(entity)); } + public IResponseBuilder entityWrapped(Object entity) { + return new ResponseBuilder(rb.entity(entity)); + } public void header(String header, Object object) { rb.header(header, object);