topcoder-archive · skyhit · Apr 26, 2018 · Apr 26, 2018
diff --git a/src/java/main/com/topcoder/direct/services/view/action/ServiceBackendDataTablesAction.java b/src/java/main/com/topcoder/direct/services/view/action/ServiceBackendDataTablesAction.java
@@ -7,6 +7,7 @@
 import com.topcoder.direct.services.view.dto.contest.ContestStatus;
 import com.topcoder.direct.services.view.dto.project.ProjectBriefDTO;
 import com.topcoder.direct.services.view.util.DataProvider;
+import com.topcoder.direct.services.view.util.DirectProperties;
 import com.topcoder.direct.services.view.util.DirectUtils;
 import com.topcoder.security.TCSubject;
 import org.apache.http.HttpEntity;
@@ -319,11 +320,10 @@ protected JsonNode getJsonResultFromAPI(URI apiEndPoint) throws Exception {
             // specify the get request
             HttpGet getRequest = new HttpGet(apiEndPoint);
 
-            String token = DirectUtils.getCookieFromRequest(ServletActionContext.getRequest(),
-                    ServerConfiguration.JWT_V3_COOKIE_KEY).getValue();
+            String jwtToken = (String)ServletActionContext.getServletContext().getAttribute(DirectProperties.TOKEN_ATTR);
 
             getRequest.setHeader(HttpHeaders.AUTHORIZATION,
-                    "Bearer " + token);
+                    "Bearer " + jwtToken);
 
             getRequest.addHeader(HttpHeaders.ACCEPT, "application/json");
 

diff --git a/...va/main/com/topcoder/direct/services/view/action/contest/launch/GetGroupMemberAction.java b/...va/main/com/topcoder/direct/services/view/action/contest/launch/GetGroupMemberAction.java
@@ -6,6 +6,7 @@
 import com.topcoder.direct.services.configs.ServerConfiguration;
 import com.topcoder.direct.services.view.dto.contest.GroupMember;
 import com.topcoder.direct.services.view.dto.my.RestResult;
+import com.topcoder.direct.services.view.util.DirectProperties;
 import com.topcoder.direct.services.view.util.DirectUtils;
 import com.topcoder.direct.services.view.util.SortedCacheAddress;
 import com.topcoder.web.common.cache.CacheClient;
@@ -185,8 +186,7 @@ private RestResult<GroupMember> getGroupMemberByGid(Long gid) throws Exception {
         try{
             URI groupApiEndpointUri = new URI(String.format(groupApiEndpoint, gid));
             HttpGet request = new HttpGet(groupApiEndpointUri);
-            String jwtToken = DirectUtils.getCookieFromRequest(ServletActionContext.getRequest(),
-                    ServerConfiguration.JWT_V3_COOKIE_KEY).getValue();
+            String jwtToken = (String)ServletActionContext.getServletContext().getAttribute(DirectProperties.TOKEN_ATTR);
 
             request.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + jwtToken);
             request.addHeader(HttpHeaders.ACCEPT, "application/json");

diff --git a/src/java/main/com/topcoder/direct/services/view/interceptors/AuthenticationInterceptor.java b/src/java/main/com/topcoder/direct/services/view/interceptors/AuthenticationInterceptor.java
@@ -318,6 +318,9 @@ public String intercept(ActionInvocation invocation) throws Exception {
             return loginPageName;
         }
 
+        //put token to servlet context
+        ServletActionContext.getServletContext().setAttribute(DirectProperties.TOKEN_ATTR, jwtToken.getToken());
+
         if (user != null  && !user.isAnonymous()) {
             // get user roles for the user id
             Set<TCPrincipal> roles = DirectUtils.getUserRoles(user.getId());

diff --git a/src/java/main/com/topcoder/direct/services/view/util/DirectProperties.java b/src/java/main/com/topcoder/direct/services/view/util/DirectProperties.java
@@ -143,6 +143,11 @@ public final class DirectProperties {
      */
     public static String JWT_VALID_ISSUERS;
 
+    /**
+     * Jwt Attribute name
+     */
+    public static String TOKEN_ATTR = "JWT_TOKEN";
+
     /**
      * <p>
      * Initializes non-final static fields for this class with values for the same-named properties from the resource

diff --git a/src/java/main/com/topcoder/direct/services/view/util/DirectUtils.java b/src/java/main/com/topcoder/direct/services/view/util/DirectUtils.java
@@ -3832,9 +3832,9 @@ public static Set<ProjectGroup> getGroupsFromApi(TCSubject tcSubject, String end
         HttpGet getRequest = new HttpGet(uri.build());
         logger.info("Getting Group with thi uri: " + uri.build().toString());
 
-        String v3Token = getCookieFromRequest(getServletRequest(), ServerConfiguration.JWT_V3_COOKIE_KEY).getValue();
+        String jwtToken = (String)ServletActionContext.getServletContext().getAttribute(DirectProperties.TOKEN_ATTR);
 
-        getRequest.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + v3Token);
+        getRequest.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + jwtToken);
 
         getRequest.addHeader(HttpHeaders.ACCEPT, "application/json");
         HttpResponse httpResponse = httpClient.execute(getRequest);