Last active
November 6, 2018 16:37
-
-
Save jkutner/cd5bce4039744dfefb27ba60cd9e42d2 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public class HttpsEnforcer implements Filter { | |
| public static final String X_FORWARDED_PROTO = "X-Forwarded-Proto"; | |
| @Override | |
| public void init(FilterConfig filterConfig) throws ServletException {} | |
| @Override | |
| public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) | |
| throws IOException, ServletException { | |
| HttpServletRequest request = (HttpServletRequest) servletRequest; | |
| HttpServletResponse response = (HttpServletResponse) servletResponse; | |
| if (request.getHeader(X_FORWARDED_PROTO) != null) { | |
| if (request.getHeader(X_FORWARDED_PROTO).indexOf("https") != 0) { | |
| String pathInfo = (request.getPathInfo() != null) ? request.getPathInfo() : ""; | |
| response.sendRedirect("https://" + request.getServerName() + pathInfo); | |
| return; | |
| } | |
| } | |
| filterChain.doFilter(request, response); | |
| } | |
| @Override | |
| public void destroy() { } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public class JsonSchemaFilter implements Filter { | |
| @Override | |
| public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) | |
| throws IOException, ServletException { | |
| try(InputStream inputStream = getClass().getResourceAsStream("../../WEB-INF/schema.json")) { | |
| JSONObject rawSchema = new JSONObject(new JSONTokener(inputStream)); | |
| Schema schema = SchemaLoader.load(rawSchema); | |
| schema.validate(new JSONObject(getBody(servletRequest))); | |
| filterChain.doFilter(servletRequest, servletResponse); | |
| } catch (ValidationException e) { | |
| HttpServletResponse httpResponse = (HttpServletResponse) servletResponse; | |
| httpResponse.setContentType("text/plain"); | |
| httpResponse.setStatus(400); | |
| httpResponse.getWriter().append(e.getErrorMessage()); | |
| } | |
| } | |
| @Override | |
| public void destroy() { | |
| } | |
| @Override | |
| public void init(FilterConfig filterConfig) throws ServletException { | |
| } | |
| private String getBody(ServletRequest request) throws IOException { | |
| StringBuilder stringBuilder = new StringBuilder(); | |
| try (InputStream inputStream = request.getInputStream(); | |
| BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));) { | |
| char[] charBuffer = new char[128]; | |
| int bytesRead = -1; | |
| while ((bytesRead = bufferedReader.read(charBuffer)) > 0) { | |
| stringBuilder.append(charBuffer, 0, bytesRead); | |
| } | |
| } | |
| return stringBuilder.toString(); | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <plugin> | |
| <groupId>org.codehaus.mojo</groupId> | |
| <artifactId>versions-maven-plugin</artifactId> | |
| <version>2.5</version> | |
| <executions> | |
| <execution> | |
| <phase>site</phase> | |
| <goals> | |
| <goal>dependency-updates-report</goal> | |
| </goals> | |
| </execution> | |
| </executions> | |
| </plugin> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public class ThrottlingFilter implements javax.servlet.Filter { | |
| private Bucket createNewBucket() { | |
| long overdraft = 50; | |
| Refill refill = Refill.greedy(10, Duration.ofSeconds(1)); | |
| Bandwidth limit = Bandwidth.classic(overdraft, refill); | |
| return Bucket4j.builder().addLimit(limit).build(); | |
| } | |
| @Override | |
| public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) | |
| throws IOException, ServletException { | |
| HttpServletRequest httpRequest = (HttpServletRequest) servletRequest; | |
| HttpSession session = httpRequest.getSession(true); | |
| String appKey = SecurityUtils.getThirdPartyAppKey(); | |
| Bucket bucket = (Bucket) session.getAttribute("throttler-" + appKey); | |
| if (bucket == null) { | |
| Bucket bucket = createNewBucket(); | |
| session.setAttribute("throttler-" + appKey, bucket); | |
| } | |
| if (bucket.tryConsume(1)) { | |
| filterChain.doFilter(servletRequest, servletResponse); | |
| } else { | |
| HttpServletResponse httpResponse = (HttpServletResponse) servletResponse; | |
| httpResponse.setContentType("text/plain"); | |
| httpResponse.setStatus(429); | |
| httpResponse.getWriter().append("Too many requests"); | |
| } | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @Configuration | |
| public class WebSecurityConfig extends WebSecurityConfigurerAdapter { | |
| @Override | |
| protected void configure(HttpSecurity http) throws Exception { | |
| http.requiresChannel() | |
| .requestMatchers(r -> r.getHeader("X-Forwarded-Proto") != null) | |
| .requiresSecure(); | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment