diff options
author | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2021-05-07 10:00:32 +0200 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2021-05-07 10:00:32 +0200 |
commit | 5e5b7e7690d98963d689251b87042e6f85749bef (patch) | |
tree | ecd8f47ae400c29e329cb9d6c1c950249dafc6eb | |
parent | d4eebbf6d9b6a30e1c08896c64c5256b05c9d265 (diff) |
Remove corse filter base class that is no longer relevant
2 files changed, 0 insertions, 101 deletions
diff --git a/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/cors/CorsRequestFilterBase.java b/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/cors/CorsRequestFilterBase.java deleted file mode 100644 index b565ad374ed..00000000000 --- a/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/cors/CorsRequestFilterBase.java +++ /dev/null @@ -1,41 +0,0 @@ -// Copyright 2018 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. -package com.yahoo.jdisc.http.filter.security.cors; - -import com.yahoo.jdisc.Response; -import com.yahoo.jdisc.http.filter.DiscFilterRequest; -import com.yahoo.jdisc.http.filter.security.base.JsonSecurityRequestFilterBase; - -import java.util.Optional; -import java.util.Set; - -import static com.yahoo.jdisc.http.filter.security.cors.CorsLogic.createCorsResponseHeaders; - -/** - * Security request filters should extend this base class to ensure that CORS header are included in the response of a rejected request. - * This is required as response filter chains are not executed when a request is rejected in a request filter. - * - * @author bjorncs - */ -public abstract class CorsRequestFilterBase extends JsonSecurityRequestFilterBase { - - private final Set<String> allowedUrls; - - protected CorsRequestFilterBase(Set<String> allowedUrls) { - this.allowedUrls = allowedUrls; - } - - @Override - public final Optional<ErrorResponse> filter(DiscFilterRequest request) { - Optional<ErrorResponse> errorResponse = filterRequest(request); - errorResponse.ifPresent(response -> addCorsHeaders(request, response.getResponse())); - return errorResponse; - } - - protected abstract Optional<ErrorResponse> filterRequest(DiscFilterRequest request); - - private void addCorsHeaders(DiscFilterRequest request, Response response) { - createCorsResponseHeaders(request.getHeader("Origin"), allowedUrls) - .forEach(response.headers()::add); - } - -} diff --git a/jdisc-security-filters/src/test/java/com/yahoo/jdisc/http/filter/security/cors/CorsRequestFilterBaseTest.java b/jdisc-security-filters/src/test/java/com/yahoo/jdisc/http/filter/security/cors/CorsRequestFilterBaseTest.java deleted file mode 100644 index 2cb25bc93cb..00000000000 --- a/jdisc-security-filters/src/test/java/com/yahoo/jdisc/http/filter/security/cors/CorsRequestFilterBaseTest.java +++ /dev/null @@ -1,60 +0,0 @@ -// Copyright 2018 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. -package com.yahoo.jdisc.http.filter.security.cors; - -import com.yahoo.container.jdisc.RequestHandlerTestDriver.MockResponseHandler; -import com.yahoo.jdisc.Response; -import com.yahoo.jdisc.http.filter.DiscFilterRequest; -import org.junit.Test; - -import java.util.Collections; -import java.util.List; -import java.util.Optional; -import java.util.Set; - -import static com.yahoo.jdisc.http.filter.security.cors.CorsLogic.ALLOW_ORIGIN_HEADER; -import static org.hamcrest.CoreMatchers.equalTo; -import static org.hamcrest.CoreMatchers.notNullValue; -import static org.junit.Assert.assertThat; -import static org.mockito.Mockito.mock; -import static org.mockito.Mockito.when; - -/** - * @author bjorncs - */ -public class CorsRequestFilterBaseTest { - - @Test - public void adds_cors_headers_when_filter_reject_request() { - String origin = "http://allowed.origin"; - Set<String> allowedOrigins = Collections.singleton(origin); - int statusCode = 403; - SimpleCorsRequestFilter filter = - new SimpleCorsRequestFilter(allowedOrigins, statusCode, "Forbidden"); - DiscFilterRequest request = mock(DiscFilterRequest.class); - when(request.getHeader("Origin")).thenReturn(origin); - MockResponseHandler responseHandler = new MockResponseHandler(); - filter.filter(request, responseHandler); - - Response response = responseHandler.getResponse(); - assertThat(response, notNullValue()); - assertThat(response.getStatus(), equalTo(statusCode)); - List<String> allowOriginHeader = response.headers().get(ALLOW_ORIGIN_HEADER); - assertThat(allowOriginHeader.size(), equalTo(1)); - assertThat(allowOriginHeader.get(0), equalTo(origin)); - } - - private static class SimpleCorsRequestFilter extends CorsRequestFilterBase { - private final ErrorResponse errorResponse; - - SimpleCorsRequestFilter(Set<String> allowedUrls, int statusCode, String message) { - super(allowedUrls); - this.errorResponse = new ErrorResponse(statusCode, message); - } - - @Override - protected Optional<ErrorResponse> filterRequest(DiscFilterRequest request) { - return Optional.ofNullable(this.errorResponse); - } - } - -}
\ No newline at end of file |