コード例 #1
0
ファイル: DataStore.C プロジェクト: USP/wtcpp
void DataStore::handleRequest(const Http::Request& request,
			      Http::Response& response)
{
  response.setMimeType("text/x-json");

  WModelIndexList matches;

  if (modelFilterColumn_ != -1) {
    WString query;

    const std::string *queryE = request.getParameter("query");
    if (queryE)
      query = WString::fromUTF8(*queryE);

    matches = model_->match(model_->index(0, modelFilterColumn_),
			    DisplayRole, boost::any(query));
  }

  int start = 0;
  int rowCount = (modelFilterColumn_ == -1 ?
		  model_->rowCount() : matches.size());
  int limit = rowCount;

  const std::string *s;

  s = request.getParameter("start");
  if (s)
    try {
      start = std::max(0, std::min(limit, boost::lexical_cast<int>(*s)));
    } catch (boost::bad_lexical_cast& e) {
      LOG_ERROR("start '" << *s << "' is not-a-number.");
    }

  s = request.getParameter("limit");
  if (s)
    try {
      limit = std::max(0, std::min(limit - start,
				   boost::lexical_cast<int>(*s)));
    } catch (boost::bad_lexical_cast& e) {
      LOG_ERROR("limit '" << *s << "' is not-a-number.");
    }

  std::ostream& o = response.out();

  o << "{"
    << "'count':" << rowCount << ","
    << "'data':[";

  for (int row = start; row < start + limit; ++row) {
    if (row != start)
      o << ",";
    o << "{";

    int modelRow = modelFilterColumn_ == -1 ? row : matches[row].row();

    o << "'id':" << getRecordId(modelRow);

    for (unsigned j = 0; j < columns_.size(); ++j)
      o << ",'" << columns_[j].fieldName << "':"
	<< dataAsJSLiteral(modelRow, columns_[j].modelColumn);

    o << "}";
  }

  o << "]}";
}
コード例 #2
0
ファイル: WFileUpload.C プロジェクト: 913862627/wt
  virtual void handleRequest(const Http::Request& request,
			     Http::Response& response) {
    bool triggerUpdate = false;

    std::vector<Http::UploadedFile> files;
#ifdef WT_TARGET_JAVA
    static Http::UploadedFile* uploaded;
#endif
    Utils::find(request.uploadedFiles(), "data", files);

    if (!request.tooLarge())
      if (!files.empty() || request.getParameter("data"))
	triggerUpdate = true;

    response.setMimeType("text/html; charset=utf-8");
    response.addHeader("Expires", "Sun, 14 Jun 2020 00:00:00 GMT");
    response.addHeader("Cache-Control", "max-age=315360000");

#ifndef WT_TARGET_JAVA
    std::ostream& o = response.out();
#else
    std::ostream o(response.out());
#endif // WT_TARGET_JAVA

    o << "<!DOCTYPE html>"
      "<html>\n"
      "<head><script type=\"text/javascript\">\n"
      "function load() { ";

    if (triggerUpdate || request.tooLarge()) {
      o << "if (window.parent."
	<< WApplication::instance()->javaScriptClass() << ") ";

      if (triggerUpdate) {
	LOG_DEBUG("Resource handleRequest(): signaling uploaded");

	o << "window.parent."
	  << WApplication::instance()->javaScriptClass()
	  << "._p_.update(null, '"
	  << fileUpload_->uploaded().encodeCmd() << "', null, true);";
      } else if (request.tooLarge()) {
	LOG_DEBUG("Resource handleRequest(): signaling file-too-large");

	o << "window.parent."
	  << WApplication::instance()->javaScriptClass()
	  << "._p_.update(null, '"
	  << fileUpload_->fileTooLargeImpl().encodeCmd() << "', null, true);";
      }
    } else {
      LOG_DEBUG("Resource handleRequest(): no signal");
    }

    o << "}\n"
      "</script></head>"
      "<body onload=\"load();\"></body></html>";

    if (request.tooLarge())
      fileUpload_->tooLargeSize_ = request.tooLarge();
    else
      if (!files.empty())
	fileUpload_->setFiles(files);
  }
コード例 #3
0
ファイル: OAuthTokenEndpoint.C プロジェクト: chr-thien/wt
void OAuthTokenEndpoint::handleRequest(const Http::Request &request, Http::Response &response)
{
#ifdef WT_TARGET_JAVA
  try {
#endif // WT_TARGET_JAVA
  response.setMimeType("application/json");
  response.addHeader("Cache-Control", "no-store");
  response.addHeader("Pragma", "no-cache");

  const std::string *grantType = request.getParameter("grant_type");
  const std::string *redirectUri = request.getParameter("redirect_uri");
  const std::string *code = request.getParameter("code");
  std::string clientId;
  std::string clientSecret;
  ClientSecretMethod authMethod = HttpAuthorizationBasic;

  // Preferred method: get authorization information from
  // Http Basic authentication
  std::string headerSecret;
  std::string authHeader = request.headerValue("Authorization");
  if (authHeader.length() > AUTH_TYPE.length() + 1) {
#ifndef WT_TARGET_JAVA
    headerSecret = Utils::base64Decode(authHeader.substr(AUTH_TYPE.length() + 1));
#else
    headerSecret = Utils::base64DecodeS(authHeader.substr(AUTH_TYPE.length() + 1));
#endif // WT_TARGET_JAVA
    std::vector<std::string> tokens;
    boost::split(tokens, headerSecret, boost::is_any_of(":"));
    if (tokens.size() == 2) {
      clientId = Utils::urlDecode(tokens[0]);
      clientSecret = Utils::urlDecode(tokens[1]);
      authMethod = HttpAuthorizationBasic;
    }
  }

  // Alternative method: pass authorization information as parameters
  // (only allowed for post methods)
  if (clientId.empty() && clientSecret.empty()) {
    const std::string *clientIdParam = request.getParameter("client_id");
    const std::string *clientSecretParam = request.getParameter("client_secret");
    if (clientIdParam && clientSecretParam) {
      clientId = *clientIdParam;
      clientSecret = *clientSecretParam;
      authMethod = RequestBodyParameter;
    }
  }

  if (!code || clientId.empty() || clientSecret.empty() || !grantType || !redirectUri) {
    response.setStatus(400);
    response.out() << "{\"error\": \"invalid_request\"}" << std::endl;
    return;
  }
  OAuthClient client = db_->idpClientFindWithId(clientId);
  if (!client.checkValid() || !client.verifySecret(clientSecret)
      || client.authMethod() != authMethod) {
    response.setStatus(401);
    if (!authHeader.empty()) {
      if (client.authMethod() == HttpAuthorizationBasic)
        response.addHeader("WWW-Authenticate", AUTH_TYPE);
      else
        response.addHeader("WWW-Authenticate",
            methodToString(client.authMethod()));
    }
    response.out() << "{\n\"error\": \"invalid_client\"\n}" << std::endl;
    return;
  }
  if (*grantType != GRANT_TYPE) {
    response.setStatus(400);
    response.out() << "{\n\"error\": \"unsupported_grant_type\"\n}" << std::endl;
    return;
  }
  IssuedToken authCode = db_->idpTokenFindWithValue(GRANT_TYPE, *code);
  if (!authCode.checkValid() || authCode.redirectUri() != *redirectUri
      || WDateTime::currentDateTime() > authCode.expirationTime()) {
    response.setStatus(400);
    response.out() << "{\n\"error\": \"invalid_grant\"\n}" << std::endl;
    return;
  }
  std::string accessTokenValue = WRandom::generateId();
  WDateTime expirationTime = WDateTime::currentDateTime().addSecs(accessExpSecs_);
  const User &user = authCode.user();
  const OAuthClient &authClient = authCode.authClient();
  const std::string scope = authCode.scope();
  db_->idpTokenAdd(accessTokenValue, expirationTime, "access_token", scope,
                   authCode.redirectUri(), user, authClient);
  db_->idpTokenRemove(authCode);
  response.setStatus(200);
  Json::Object root;
  root["access_token"] = Json::Value(accessTokenValue);
  root["token_type"] = Json::Value("Bearer");
  root["expires_in"] = Json::Value(accessExpSecs_);
  if (authCode.scope().find("openid") != std::string::npos) {
    std::string header;
    std::string signature;
    std::string payload = Utils::base64Encode(idTokenPayload(authClient.clientId(), scope, user), false);
#ifndef WT_TARGET_JAVA
#ifdef WT_WITH_SSL
    if (privateKey) {
      header    = Utils::base64Encode("{\n\"typ\": \"JWT\",\n\"alg\": \"RS256\"\n}", false);
      signature = Utils::base64Encode(rs256(header + "." + payload), false);
    } else {
#endif // WT_WITH_SSL
#endif // WT_TARGET_JAVA
      header    = Utils::base64Encode("{\n\"typ\": \"JWT\",\n\"alg\": \"none\"\n}", false);
      signature = Utils::base64Encode("", false);
#ifndef WT_TARGET_JAVA
#ifdef WT_WITH_SSL
    }
#endif // WT_WITH_SSL
#endif // WT_TARGET_JAVA
    root["id_token"] = Json::Value(header + "." + payload + "." + signature);
  }
  response.out() << Json::serialize(root);
#ifdef WT_TARGET_JAVA
  } catch (std::io_exception ioe) {
    LOG_ERROR(ioe.message());
  }
#endif
}