diff --git a/web-rest/src/main/java/li/strolch/rest/StrolchRestfulClasses.java b/web-rest/src/main/java/li/strolch/rest/StrolchRestfulClasses.java index 97c837a22..c5f383e28 100644 --- a/web-rest/src/main/java/li/strolch/rest/StrolchRestfulClasses.java +++ b/web-rest/src/main/java/li/strolch/rest/StrolchRestfulClasses.java @@ -56,6 +56,7 @@ public class StrolchRestfulClasses { restfulClasses.add(AuditsResource.class); Set> providerClasses = new HashSet<>(); + providerClasses.add(LogRequestFilter.class); providerClasses.add(StrolchRestfulExceptionMapper.class); providerClasses.add(AccessControlResponseFilter.class); providerClasses.add(AuthenticationRequestFilter.class); diff --git a/web-rest/src/main/java/li/strolch/rest/StrolchRestfulConstants.java b/web-rest/src/main/java/li/strolch/rest/StrolchRestfulConstants.java index b32e2460b..7d3f1f786 100644 --- a/web-rest/src/main/java/li/strolch/rest/StrolchRestfulConstants.java +++ b/web-rest/src/main/java/li/strolch/rest/StrolchRestfulConstants.java @@ -27,6 +27,8 @@ public class StrolchRestfulConstants { public static final String STROLCH_CERTIFICATE = "strolch.certificate"; public static final String STROLCH_REQUEST_SOURCE= "strolch.requestSource"; public static final String STROLCH_AUTHORIZATION = "strolch.authorization"; + public static final String STROLCH_REMOTE_IP = "strolch.remote.ip"; + public static final String STROLCH_REQUEST_URL = "strolch.request.location"; public static final String STROLCH_AUTHORIZATION_EXPIRATION_DATE = "strolch.authorization.expirationDate"; public static final String MSG = "msg"; diff --git a/web-rest/src/main/java/li/strolch/rest/StrolchRestfulExceptionMapper.java b/web-rest/src/main/java/li/strolch/rest/StrolchRestfulExceptionMapper.java index df0985f75..5f31670dc 100644 --- a/web-rest/src/main/java/li/strolch/rest/StrolchRestfulExceptionMapper.java +++ b/web-rest/src/main/java/li/strolch/rest/StrolchRestfulExceptionMapper.java @@ -21,15 +21,14 @@ import jakarta.ws.rs.core.Response; import jakarta.ws.rs.core.Response.Status; import jakarta.ws.rs.ext.ExceptionMapper; import jakarta.ws.rs.ext.Provider; - -import java.text.MessageFormat; - import li.strolch.exception.StrolchAccessDeniedException; import li.strolch.exception.StrolchNotAuthenticatedException; import li.strolch.rest.helper.ResponseUtil; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import java.text.MessageFormat; + @Provider public class StrolchRestfulExceptionMapper implements ExceptionMapper { @@ -40,17 +39,14 @@ public class StrolchRestfulExceptionMapper implements ExceptionMapper logger.error(MessageFormat.format("Handling exception {0}", ex.getClass()), ex); - if (ex instanceof NotFoundException) - return ResponseUtil.toResponse(Status.NOT_FOUND, ex); - - if (ex instanceof StrolchNotAuthenticatedException e) { - logger.error("User tried to access resource, but was not authenticated: " + ex.getMessage()); - return Response.status(Status.UNAUTHORIZED).entity(e.getMessage()).type(MediaType.TEXT_PLAIN).build(); - } - - if (ex instanceof StrolchAccessDeniedException e) - return ResponseUtil.toResponse(Status.FORBIDDEN, e.getI18n()); - - return ResponseUtil.toResponse(ex); + return switch (ex) { + case NotFoundException ignored -> ResponseUtil.toResponse(Status.NOT_FOUND, ex); + case StrolchAccessDeniedException e -> ResponseUtil.toResponse(Status.FORBIDDEN, e.getI18n()); + case StrolchNotAuthenticatedException e -> { + logger.error("User tried to access resource, but was not authenticated: {}", ex.getMessage()); + yield Response.status(Status.UNAUTHORIZED).entity(e.getMessage()).type(MediaType.TEXT_PLAIN).build(); + } + default -> ResponseUtil.toResponse(ex); + }; } } \ No newline at end of file diff --git a/web-rest/src/main/java/li/strolch/rest/filters/AuthenticationRequestFilter.java b/web-rest/src/main/java/li/strolch/rest/filters/AuthenticationRequestFilter.java index e1d1be02b..af0d15c13 100644 --- a/web-rest/src/main/java/li/strolch/rest/filters/AuthenticationRequestFilter.java +++ b/web-rest/src/main/java/li/strolch/rest/filters/AuthenticationRequestFilter.java @@ -16,11 +16,13 @@ package li.strolch.rest.filters; import jakarta.annotation.Priority; -import jakarta.servlet.http.HttpServletRequest; import jakarta.ws.rs.Priorities; import jakarta.ws.rs.container.ContainerRequestContext; import jakarta.ws.rs.container.ContainerRequestFilter; -import jakarta.ws.rs.core.*; +import jakarta.ws.rs.core.Cookie; +import jakarta.ws.rs.core.HttpHeaders; +import jakarta.ws.rs.core.MediaType; +import jakarta.ws.rs.core.Response; import jakarta.ws.rs.ext.Provider; import li.strolch.exception.StrolchAccessDeniedException; import li.strolch.exception.StrolchNotAuthenticatedException; @@ -28,7 +30,6 @@ import li.strolch.privilege.model.Certificate; import li.strolch.privilege.model.Usage; import li.strolch.rest.RestfulStrolchComponent; import li.strolch.rest.StrolchRestfulConstants; -import li.strolch.rest.helper.RestfulHelper; import li.strolch.runtime.sessions.StrolchSessionHandler; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -60,9 +61,6 @@ public class AuthenticationRequestFilter implements ContainerRequestFilter { private static final Logger logger = LoggerFactory.getLogger(AuthenticationRequestFilter.class); - @Context - private HttpServletRequest request; - private Set unsecuredPaths; protected RestfulStrolchComponent getRestful() { @@ -113,10 +111,8 @@ public class AuthenticationRequestFilter implements ContainerRequestFilter { @Override public void filter(ContainerRequestContext requestContext) { - String remoteIp = RestfulHelper.getRemoteIp(this.request); - logger.info("Remote IP: " + remoteIp + ": " + requestContext.getMethod() + " " + requestContext - .getUriInfo() - .getRequestUri()); + + String remoteIp = (String) requestContext.getProperty(STROLCH_REMOTE_IP); try { diff --git a/web-rest/src/main/java/li/strolch/rest/filters/LogRequestFilter.java b/web-rest/src/main/java/li/strolch/rest/filters/LogRequestFilter.java new file mode 100644 index 000000000..7e92356f9 --- /dev/null +++ b/web-rest/src/main/java/li/strolch/rest/filters/LogRequestFilter.java @@ -0,0 +1,35 @@ +package li.strolch.rest.filters; + +import jakarta.servlet.http.HttpServletRequest; +import jakarta.ws.rs.container.ContainerRequestContext; +import jakarta.ws.rs.container.ContainerRequestFilter; +import jakarta.ws.rs.container.PreMatching; +import jakarta.ws.rs.core.Context; +import li.strolch.rest.helper.RestfulHelper; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import java.io.IOException; + +import static li.strolch.rest.StrolchRestfulConstants.STROLCH_REMOTE_IP; +import static li.strolch.rest.StrolchRestfulConstants.STROLCH_REQUEST_URL; + +@PreMatching +public class LogRequestFilter implements ContainerRequestFilter { + + private static final Logger logger = LoggerFactory.getLogger(LogRequestFilter.class); + + @Context + private HttpServletRequest request; + + @Override + public void filter(ContainerRequestContext requestContext) throws IOException { + String remoteIp = RestfulHelper.getRemoteIp(this.request); + logger.info("Remote IP: {}: {} {}", remoteIp, requestContext.getMethod(), + requestContext.getUriInfo().getRequestUri()); + + this.request.setAttribute(STROLCH_REMOTE_IP, remoteIp); + this.request.setAttribute(STROLCH_REQUEST_URL, + requestContext.getMethod() + " " + requestContext.getUriInfo().getRequestUri()); + } +}