List of usage examples for org.springframework.http HttpHeaders set
@Override public void set(String headerName, @Nullable String headerValue)
From source file:it.reply.orchestrator.service.OneDataServiceImpl.java
private <T> ResponseEntity<T> getForEntity(RestTemplate restTemplate, String endpoint, String oneDataToken, Class<T> entityClass) { HttpHeaders headers = new HttpHeaders(); headers.set("macaroon", oneDataToken); HttpEntity<?> entity = new HttpEntity<>(headers); return restTemplate.exchange(endpoint, HttpMethod.GET, entity, entityClass); }
From source file:org.apigw.authserver.AuthorizationCodeProviderIntegrationtest.java
@Test public void testInvalidAccessToken() throws Exception { log.debug("testInvalidAccessToken"); // now make sure an unauthorized request fails the right way. HttpHeaders headers = new HttpHeaders(); headers.set("Authorization", String.format("%s %s", OAuth2AccessToken.BEARER_TYPE, "FOO")); ResponseEntity<String> response = serverRunning.getForString("/crm-scheduling-api/crm/scheduling/booking", headers);/*from ww w .j a v a 2s . c om*/ assertEquals(HttpStatus.UNAUTHORIZED, response.getStatusCode()); String authenticate = response.getHeaders().getFirst("WWW-Authenticate"); assertNotNull(authenticate); assertTrue(authenticate.startsWith("Bearer")); // Resource Server doesn't know what scopes are required until teh token can be validated assertFalse(authenticate.contains("scope=\"")); }
From source file:org.appverse.web.framework.backend.test.util.frontfacade.mvc.tests.predefined.BasicAuthEndPointsServiceEnabledPredefinedTests.java
@Test public void basicAuthenticationRemoteLogServiceEnabledWithoutCsrfTokenTest() throws Exception { RemoteLogRequestVO logRequestVO = new RemoteLogRequestVO(); logRequestVO.setMessage("Test mesage!"); logRequestVO.setLogLevel("DEBUG"); HttpHeaders headers = new HttpHeaders(); headers.set("Authorization", "Basic " + new String(Base64.encode((getUsername() + ":" + getPassword()).getBytes("UTF-8")))); HttpEntity<RemoteLogRequestVO> entity = new HttpEntity<RemoteLogRequestVO>(logRequestVO, headers); UriComponentsBuilder builder = UriComponentsBuilder .fromHttpUrl("http://localhost:" + port + baseApiPath + remoteLogEndpointPath); ResponseEntity<String> responseEntity = restTemplate.exchange(builder.build().encode().toUri(), HttpMethod.POST, entity, String.class); assertEquals(HttpStatus.FORBIDDEN, responseEntity.getStatusCode()); }
From source file:org.appverse.web.framework.backend.test.util.frontfacade.mvc.tests.predefined.BasicAuthEndPointsServiceEnabledPredefinedTests.java
@Test public void simpleAuthenticationRemoteLogServiceEnabledWithoutCsrfTokenTest() throws Exception { RemoteLogRequestVO logRequestVO = new RemoteLogRequestVO(); logRequestVO.setMessage("Test mesage!"); logRequestVO.setLogLevel("DEBUG"); HttpHeaders headers = new HttpHeaders(); headers.set("Authorization", "Basic " + new String(Base64.encode((getUsername() + ":" + getPassword()).getBytes("UTF-8")))); HttpEntity<RemoteLogRequestVO> entity = new HttpEntity<RemoteLogRequestVO>(logRequestVO, headers); UriComponentsBuilder builder = UriComponentsBuilder .fromHttpUrl("http://localhost:" + port + baseApiPath + remoteLogEndpointPath); ResponseEntity<String> responseEntity = restTemplate.exchange(builder.build().encode().toUri(), HttpMethod.POST, entity, String.class); assertEquals(HttpStatus.FORBIDDEN, responseEntity.getStatusCode()); }
From source file:de.metas.ui.web.process.ProcessRestController.java
@RequestMapping(value = "/{processId}/{pinstanceId}/print/{filename:.*}", method = RequestMethod.GET) public ResponseEntity<byte[]> getReport(@PathVariable("processId") final int processId_NOTUSED // , @PathVariable("pinstanceId") final int pinstanceId // , @PathVariable("filename") final String filename // ) {//w w w. j a v a 2 s . c o m final ProcessInstanceResult executionResult = instancesRepository.forProcessInstanceReadonly(pinstanceId, processInstance -> processInstance.getExecutionResult()); final String reportFilename = executionResult.getReportFilename(); final String reportContentType = executionResult.getReportContentType(); final byte[] reportData = executionResult.getReportData(); final String reportFilenameEffective = Util.coalesce(filename, reportFilename, ""); final HttpHeaders headers = new HttpHeaders(); headers.setContentType(MediaType.parseMediaType(reportContentType)); headers.set(HttpHeaders.CONTENT_DISPOSITION, "inline; filename=\"" + reportFilenameEffective + "\""); headers.setCacheControl("must-revalidate, post-check=0, pre-check=0"); final ResponseEntity<byte[]> response = new ResponseEntity<>(reportData, headers, HttpStatus.OK); return response; }
From source file:org.appverse.web.framework.backend.test.util.frontfacade.mvc.tests.predefined.BasicAuthEndPointsServiceEnabledPredefinedTests.java
@Test public void basicAuthenticationRemoteLogServiceEnabledTest() throws Exception { TestLoginInfo loginInfo = login();/* w w w. ja v a 2s . c o m*/ RemoteLogRequestVO logRequestVO = new RemoteLogRequestVO(); logRequestVO.setMessage("Test mesage!"); logRequestVO.setLogLevel("DEBUG"); // This test requires the test CSRF Token. This implies passing JSESSIONID and CSRF Token HttpHeaders headers = new HttpHeaders(); headers.set("Cookie", loginInfo.getJsessionid()); HttpEntity<RemoteLogRequestVO> entity = new HttpEntity<RemoteLogRequestVO>(logRequestVO, headers); UriComponentsBuilder builder = UriComponentsBuilder .fromHttpUrl("http://localhost:" + port + baseApiPath + remoteLogEndpointPath) .queryParam(DEFAULT_CSRF_PARAMETER_NAME, loginInfo.getXsrfToken()); ResponseEntity<String> responseEntity = restTemplate.exchange(builder.build().encode().toUri(), HttpMethod.POST, entity, String.class); assertEquals(HttpStatus.OK, responseEntity.getStatusCode()); }
From source file:org.appverse.web.framework.backend.test.util.frontfacade.mvc.tests.predefined.BasicAuthEndPointsServiceEnabledPredefinedTests.java
@Test public void simpleAuthenticationRemoteLogServiceEnabledTest() throws Exception { TestLoginInfo loginInfo = simpleLogin(); RemoteLogRequestVO logRequestVO = new RemoteLogRequestVO(); logRequestVO.setMessage("Test mesage!"); logRequestVO.setLogLevel("DEBUG"); // This test requires the test CSRF Token. This implies passing JSESSIONID and CSRF Token HttpHeaders headers = new HttpHeaders(); headers.set("Cookie", loginInfo.getJsessionid()); HttpEntity<RemoteLogRequestVO> entity = new HttpEntity<RemoteLogRequestVO>(logRequestVO, headers); UriComponentsBuilder builder = UriComponentsBuilder .fromHttpUrl("http://localhost:" + port + baseApiPath + remoteLogEndpointPath) .queryParam(DEFAULT_CSRF_PARAMETER_NAME, loginInfo.getXsrfToken()); ResponseEntity<String> responseEntity = restTemplate.exchange(builder.build().encode().toUri(), HttpMethod.POST, entity, String.class); assertEquals(HttpStatus.OK, responseEntity.getStatusCode()); }
From source file:edu.mayo.cts2.framework.webapp.rest.controller.ChangeSetController.java
private ResponseEntity<Void> getResponseEntity(String changeSetUri) { String location = this.urlTemplateBindingCreator.bindResourceToUrlTemplate("/changeset/{changeSetUri}", changeSetUri);/*from ww w . j av a 2s . com*/ HttpHeaders responseHeaders = new HttpHeaders(); responseHeaders.set("Location", location); return new ResponseEntity<Void>(responseHeaders, HttpStatus.CREATED); }
From source file:org.apigw.authserver.AuthorizationCodeProviderIntegrationtest.java
@Test public void testSuccessfulAuthorizationCodeFlow() throws Exception { log.debug("testSuccessfulAuthorizationCodeFlow"); String code = helper.getAuthorizationCode(CLIENT_ID, REDIRECT_URL, SCOPE); // Get the token using the authorization code (no session required because it's a back channel) TokenResponseDTO accessToken = helper.getAccessToken(CLIENT_ID, REDIRECT_URL, code, SCOPE); assertNotNull(accessToken);/*from w ww .ja v a 2 s . c o m*/ assertNotNull(accessToken.getExpiresIn()); assertFalse(accessToken.getExpiresIn().equals("0")); // first make sure the resource is actually protected. assertFalse(HttpStatus.OK .equals(serverRunning.getStatusCode("/crm-scheduling-api/crm/scheduling/v1/schedule"))); // now make sure an authorized request is valid. HttpHeaders headers = new HttpHeaders(); headers.set("Authorization", String.format("%s %s", OAuth2AccessToken.BEARER_TYPE, accessToken.getAccessToken())); assertEquals(HttpStatus.OK, serverRunning.getStatusCode("/crm-scheduling-api/crm/scheduling/v1/schedule", headers)); }
From source file:org.apigw.authserver.AuthorizationCodeProviderIntegrationtest.java
@Test public void testInvalidScopeInResourceRequest() throws Exception { log.debug("testInvalidScopeInResourceRequest"); String code = helper.getAuthorizationCode(CLIENT_ID, REDIRECT_URL, "CRM_SCHEDULING_WRITE"); TokenResponseDTO accessToken = helper.getAccessToken(CLIENT_ID, REDIRECT_URL, code, "CRM_SCHEDULING_WRITE", HttpStatus.OK);//from w w w. ja va 2s .c om assertNotNull(accessToken); // now make sure an unauthorized request fails the right way. HttpHeaders headers = new HttpHeaders(); headers.set("Authorization", String.format("%s %s", OAuth2AccessToken.BEARER_TYPE, accessToken.getAccessToken())); ResponseEntity<String> response = serverRunning.getForString("/crm-scheduling-api/crm/scheduling/booking", headers); assertEquals(HttpStatus.FORBIDDEN, response.getStatusCode()); String authenticate = response.getHeaders().getFirst("WWW-Authenticate"); assertNotNull(authenticate); assertTrue(authenticate.startsWith("Bearer")); assertTrue(authenticate.contains("scope=\"")); }