java - Manipulate InputStream of ContainerRequestFilter -

-

i have encrypted string being sent client. trying intercept string using containerrequestfilter decrypt , set inputstream again can used jackson map pojo.

illustration:

my resource

@path("auth") public class authresource {  @post public response testresource(@auth authuser auth, person person) {      system.out.println("recieved resource:: "+ new gson().tojson(person));      return null;     } }

person.java

public class person {      private string name;     private int age;      public person() {};      public person(string name, int age) {         this.name = name;         this.age = age;     }     public string getname() {         return name;     }     public void setname(string name) {         this.name = name;     }     public int getage() {         return age;     }     public void setage(int age) {         this.age = age;     } }

my filter

@provider public class myfilter implements containerrequestfilter {      @override      public void filter(containerrequestcontext requestcontext) throws ioexception {          inputstream inputstream = requestcontext.getentitystream();          stringwriter writer = new stringwriter();         ioutils.copy(inputstream, writer, "utf-8");         string thestring = writer.tostring();          string decryptedmessage = "";         try {             decryptedmessage = jwttoken.decryptpayload(thestring);             system.err.println("decrypted message: "+decryptedmessage);         } catch (exception e) {             e.printstacktrace();         }          inputstream stream = new bytearrayinputstream(decryptedmessage.getbytes(standardcharsets.utf_8));         requestcontext.setentitystream(stream);     }  }

i understand once inputstream utilized cannot used again. using requestcontext.setentitystream(stream); trying set inputstream again utilized jackson.

inspite of still unable person object in resource. decryption working fine have tested using debugger.

i following error: 415: unsupported media type

edit 1: using adavanced rest client hit url

http://localhost:8080/auth

header:

authorization: basic zxlkagryum9im0pwzw1gmgfxoxvjam9pwvcxcgrdsxnjbuzzwnljnklrafrnaluysw4wlmuzmc5mlutmouxqnjfsq21bektob2ltr0v4bej3rxrumxhrr3a3bupizmfsev9fonbhc3m=

raw payload:

eyjhbgcioijiuzi1nij9.eyjuyw1lijoiqw1pdcisimfnzsi6mjj9.-ro6yhyj--3zzvcahfw1hf-s533foyy6vvauyrh3q9g

the payload encrypted using jwt:

jwts.builder().setpayload(new gson().tojson(new  person("amit",22))).signwith(signaturealgorithm.hs256, key).compact();

your request payload not json. it's jwt token contains json encoded base64. it's piece of text. hence, content-type of request should text/plain instead of application/json:

post /api/auth http/1.1 host: example.org content-type: text/plain  eyjhbgcioijiuzi1nij9.eyjuyw1lijoiqw1pdcisimfnzsi6mjj9.-ro6yhyj--3zzvcahfw1hf-s533foyy6vvauyrh3q9g

your filter modifies payload of request: filter gets jwt token request payload, gets token payload, decodes token payload json string , sets json string request payload.

after executing of filter, request contain json string , not piece of text. hence, after that, content-type of request should modified application/json. achieved following lines:

requestcontext.getheaders().remove(httpheaders.content_type); requestcontext.getheaders().add(httpheaders.content_type, mediatype.application_json);

to ensure filter executed before resource matching, annotate filter @prematching.

and don't forget annotate resource method @consumes(mediatype.application_json).


Comments

Post a Comment

Popular posts from this blog

Spring Boot + JPA + Hibernate: Unable to locate persister -

-
i trying work entity inside request method of spring boot application. entity in project , pom.xml has dependencies it. why error message?: org.hibernate.unknownentitytypeexception: unable locate persister: com.ric.bill.model.bs.par package com.ric.web; import java.util.concurrent.atomic.atomiclong; import javax.persistence.entitymanager; import javax.persistence.persistencecontext; import net.sf.ehcache.cachemanager; import net.sf.ehcache.management.cache; import net.sf.ehcache.management.cachestatistics; import org.hibernate.stat.statistics; import org.springframework.beans.factory.annotation.autowired; import org.springframework.boot.autoconfigure.domain.entityscan; import org.springframework.cache.annotation.enablecaching; import org.springframework.transaction.annotation.enabletransactionmanagement; import org.springframework.transaction.annotation.propagation; import org.springframework.transaction.annotation.transactional; import org.springframework.web.bind.annotati
Read more

go - Golang: panic: runtime error: invalid memory address or nil pointer dereference using bufio.Scanner -

-
i implementing go program uses bufio.scanner , bufio.writer have packaged code follows package main import ( "fmt" "player/command" "strings" ) func main() { //enter code here. read input stdin. print output stdout commands.scanner.scan() { //scan new line , send comand variable check command exist or not input := strings.split(strings.trim(commands.scanner.text(), " "), " ") command := input[0] if command == "" { fmt.printf("$ %s:", commands.pwd) continue } if !commands.commands[command] { commands.throwerror("cannot recognize input.") } else { commands.execute(command, input[1:], nil) } fmt.printf("$ %s:", commands.pwd) } } i using init.go file in main package follows package main import ( "flag" "player/sourc
Read more

c - double free or corruption (fasttop) -

-
this code reads null terminated string file (file containing null terminated strings & should provide index wanted string). error: *** error in `./main': double free or corruption (fasttop): 0x090a4a80 *** aborted code: char *tmp_realloc=null; char *sstring=null; int i=1; /*set file pointer point string*/ fseek(fh,index,seek_set); sstring=(char*)malloc(sizeof(char)); if(sstring == null) return null; tmp_realloc=sstring; while( (*(sstring+i-1)=(char)fgetc((file*)fh)) != 0x0 ) { /*reallocate more memory*/ tmp_realloc=(char*)realloc((char*)sstring,++i); /*if not same address copy old new & set old point new*/ if(tmp_realloc != sstring){ strcpy((char*)tmp_realloc,(char*)sstring); free(sstring); sstring=tmp_realloc; } } could tell me pointer causing issue (& reason) ? remove part /*if not same address copy old new & set old point new*/ if(tmp_realloc != sstring){ strc
Read more