org.forgerock / org.forgerock.openig

18 Feb, 2015

2 commits

17 Feb, 2015

2 commits

  • 46cb2247   Ease the Expression's evaluation without any scope ... Browse Dir » 
    Add a convenient method to evaluate an Expression that do not require any scope.

git-svn-id: https://svn.forgerock.org/openig/trunk@898 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
    laurent.vaills
     
  • 8b839dd7   Add a type to Expression ... Browse Dir » 
    The type of an Expression is now given at the creation time,
which means we do not provide it anymore for the evaluation.
Furthermore, it helps the developper as it knows the expected
type of an Expression.

git-svn-id: https://svn.forgerock.org/openig/trunk@897 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
    laurent.vaills
     

09 Feb, 2015

3 commits

05 Feb, 2015

1 commit

04 Feb, 2015

2 commits

03 Feb, 2015

4 commits

23 Jan, 2015

1 commit

22 Jan, 2015

1 commit

  • b7229e8c   OPENIG-180 (CR-5830) Provide a baseURI decorator ... Browse Dir » 
    As the URI rebasing is done at different places in the code
we'd like to have a BaseUriHandler/Filter in order to factor
out the code.

Following the same scheme as the "Timer" decorator, the "baseURI"
decorator is created by default in the Gateway Servlet.
(Named "baseUri" and created at startup time in the top-level heap.)

* GatewayServlet.class, Route.class
The creation of the "baseUri" decorator means the attribute
class 'baseURI' is no longer needed as the URI rebasing is now
directly done by the decorator. In the other hand,
the heap initialization performed within both class constructors,
contained a list of reservedFieldNames where the 'baseURI'was present.
It has been removed from there as it is now a global decorator.

* RouteTest.java
Removed unit test 'testRouteIsRebasingTheRequestUri'(Duplicated
in the RouteBuilder test, and the RouteBuilder has the responsability
to apply decorators).

git-svn-id: https://svn.forgerock.org/openig/trunk@843 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
    violette
     

20 Jan, 2015

1 commit

  • dcfbc791   OPENIG-315 Complete the fix for empty messages ... Browse Dir » 
    The previous commit introduced a regression, especially for GET messages
being sent with an empty entity where they should have no entity at all.

They were being falsely detected as messages with content because we were
comparing `EMPTY_STREAM` with `Entity.head` (the branched content) instead
of the `Entity.trunk` (`head` being re-created every time OpenIG tries to read
the content, so in the `HttpBasicAuthFilter` for example, we push the Entity,
then delegates to the next handler in chain, so when message is sent, the
`head` is != from the `trunk` and cannot be == to `EMPTY_STREAM`)

I could not reliably reproduce that in a unit test with a real HTTP Server
because the failure also need the HTTPClient to re-use the same connection
for 2 consecutive messages. Thus, I only added a small `Entity` unit test
to make sure that `Entity.mayContainData()` behave correct even when the
entity is pushed/popped.

git-svn-id: https://svn.forgerock.org/openig/trunk@838 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
    guillaume.sauthier
     

19 Jan, 2015

2 commits

16 Jan, 2015

2 commits

  • 1b82ae1c   OPENIG-394 (CR-5754) Implement toString() to Expression ... Browse Dir » 
    The toString() method is now implemented and tested.
We also decide to replace Expression constructor by a more conventional valueOf(...) factory method.
A new Expression is now created by Expression exp = Expression.valueOf(<Expression string>);

git-svn-id: https://svn.forgerock.org/openig/trunk@834 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
    violette
     
  • 3a864f31   OPENIG-315 (CR-5787) Fix non-empty messages being considered as empty ... Browse Dir » 
    The `Entity.isEmpty()` method relied on `InputStream.available()` returning
something different of `0` (zero) to detect if the entity was empty or not.
This technic is not reliable enough since the javadoc clearly states that
this return the number of bytes that can be read **without blocking**, that
means that the result of this method depends on the network (and to some
extension to the web container), not entirely on the message.

The idea here is to now check if the wrapped stream is the `EMPTY_STREAM` instance
to detect if the entity is empty or not.
This is better than the old solution because we don't rely anymore on an external
`InputStream` implementation, but that will not detect a user provided stream with
no data inside. This is why `isEmpty()` has been renamed to `mayContainData()`.
There is also a new `setEmpty()` method to mark the entity as empty (simply assign
`EMPTY_STREAM` to the wrapped stram field).

git-svn-id: https://svn.forgerock.org/openig/trunk@833 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
    guillaume.sauthier
     

13 Jan, 2015

3 commits

02 Dec, 2014

3 commits

  • c94f546a   OPENIG-411 Fix route reloading in case of unchecked exceptions being thrown ... Browse Dir » 
    git-svn-id: https://svn.forgerock.org/openig/trunk@775 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
    guillaume.sauthier
     
  • a32d9777   OPENIG-389 (CR-5537) Fix "object already defined" errors for servlet registered object declarations ... Browse Dir » 
    `HeapImpl.addDefaultDeclaration()` is now the way to add default object declarations in the heap.

Default declarations are only included if no user-provided overriding declaration is
found (only works for heap declarations, not for named inline declaration).

git-svn-id: https://svn.forgerock.org/openig/trunk@772 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
    guillaume.sauthier
     
  • bab15cbc   OPENIG-370 (CR-5528) Rework Console and File LogSinks ... Browse Dir » 
    `ConsoleLogSink` is now rendering each `LogEntry` on 2 lines with a line separator
between entries, the objective being to improve console log readability. The first line
is the header line and display the timestamp of the event (in the current system Locale),
the entry's `LogLevel` and ends with the `Name` (leaf part) of the heap object that is
the source of the log statement.

```
MON DEC 01 20:39:16 CET 2014 (INFO) _Router
Added route 'oauth2-resources.json' defined in file '/Users/guillaume/tmp/demo/config/routes/oauth2-resources.json'
------------------------------
```

Notice that a special treatment is done when logging a `Throwable`: a condensed stack
trace is printed on the console and if (and only if) the `LogSink` has been assigned
a `DEBUG` or `TRACE` level, the full stack trace is printed (independently of the
entry's level).

```
MON DEC 01 15:28:10 CET 2014 (DEBUG) ResourceServer
Initial token resolution has failed
[     OAuth2TokenException] > Initial token resolution has failed
[     OAuth2TokenException] > Authorization Server returned an error
                              (error: bad_request, description: Could not read token in CTS)

org.forgerock.openig.filter.oauth2.OAuth2TokenException: Initial token resolution has failed
  at org.forgerock.openig.filter.oauth2.cache.CachingAccessTokenResolver.resolve(CachingAccessTokenResolver.java:62)
... 33 more
------------------------------
```

A new `stream` property has been added to `ConsoleLogSink` to let the user choose
which PrintStream to use for printing messages:
 * `ERR`: Use System.err (default value, keep compatibility)
 * `OUT`: Use System.out
 * `AUTO`: Select System.out for `TRACE` to `INFO` messages, switching to System.err
   for `WARNING` and `ERROR`.

`FileLogSink` implements a machine parseable `LogEntry` rendering: each entry is on
one line and includes:
 * timestamp of the event (in the current system Locale), always have the same length
 * the entry's `LogLevel`, always 1 word, uppercase
 * the `Name` (leaf part) of the heap object that is the source of the log statement.
 * a `---` separator that segregates the beginning of the line (log statement's context)
   from the entry's message (the rest of the line)

Notice that in the case of `Throwable` printing, the full stack trace is printed as commented lines.

```
MON DEC 01 17:46:21 CET 2014 DEBUG ResourceServer --- Initial token resolution has failed
 # org.forgerock.openig.filter.oauth2.OAuth2TokenException: Initial token resolution has failed
 # 	at org.forgerock.openig.filter.oauth2.cache.CachingAccessTokenResolver.resolve(CachingAccessTokenResolver.java:62)
 # 	at org.forgerock.openig.filter.oauth2.OAuth2ResourceServerFilter.filter(OAuth2ResourceServerFilter.java:205)
 # 	at org.forgerock.openig.decoration.capture.CaptureFilter.filter(CaptureFilter.java:62)
```

git-svn-id: https://svn.forgerock.org/openig/trunk@771 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
    guillaume.sauthier
     

01 Dec, 2014

3 commits

28 Nov, 2014

2 commits

  • 21ff5479   OPENIG-401 (CR-5498) Rework decorator configuration model ... Browse Dir » 
    The decorations are now applied in a more intuitive way:

  * Local decorations are declared inside of the heap object declaration (no changes here)
    ```
    {
      "type": "Something",
      "decorator-name": "configuration ..."
    }
    ```
  * Global decorations are declared in a top-level element called `globalDecorators`
    and are inherited by sub-heap.
    ```
    "globalDecorators": {
      "decorator-name": "configuration ...",
      ...
    }
    ```
  * Top-level handler decorations are declared as top-level attributes
  ```
  "handler": "NameOfHandler"
  "decorator-name": "configuration ..."
  ```

Decorators are applied in this order:
  1. local decorations
  2. global decorations (inherited first, up to the ones declared in the requester heap)
  3. top-level reference decorations (only if the heap object is the main `handler`
     object and retrieved with `HeapImpl.getHandler()`)

Default configuration is now using the top-level reference decoration style.

git-svn-id: https://svn.forgerock.org/openig/trunk@761 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
    guillaume.sauthier
     
  • c41f480e   OPENIG-386 (CR-5503) Introduce per-tag monitoring endpoint ... Browse Dir » 
    This audit framework application maintains hit counters on a per-tag basis.

Here is an output sample:
```
  {
      "resources": {
          "completed": 1,
          "failed": 0,
          "flowing": 0
      },
      "main": {
          "completed": 12,
          "failed": 0,
          "flowing": 1
      },
      "monitor": {
          "completed": 11,
          "failed": 0,
          "flowing": 1
      }
  }
```
`resources`, `main` and `monitor` being "non-standard" (or user-provided) tags.

git-svn-id: https://svn.forgerock.org/openig/trunk@760 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
    guillaume.sauthier
     

27 Nov, 2014

1 commit

  • 8bbd0851   CR-5463 OPENIG-325 Cannot use exchange.request.uri as lvalue-expression ... Browse Dir » 
    The issue was due to the BeanELResolver involded by the use of Expression
which was unable to get the right setter to set the URI.
Solution was to create a RequestResolver, to guide it through the setters to get
the right one and to finally be able to write the uri as expected.

- added RequestResolver.class
- added unit tests for the new RequestResolver class.
- added unit tests for the AssignmentFilter about URI change.

Thanks to Guillaume for his help.

git-svn-id: https://svn.forgerock.org/openig/trunk@754 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
    violette
     

20 Nov, 2014

1 commit

  • 6e866493   OPENIG-359 (CR-5294) Introduce Audit Framework ... Browse Dir » 
    The audit framework is a new OpenIG API that gives to users a deeper view (and probably
a better understanding) of what's going on in the observed OpenIG system.

This is an initial version of the audit framework that only supports `Exchange` flow
observation: Filters and Handlers will send `AuditEvent` notifications both when an
Exchange enters or exists.

An `AuditEvent` is a notification that includes meta-information about the observed
component emitter of the notification (its `Name` in particular), a timestamp, the
exchange being captured and a set of tags that helps to qualify the event.

Four tags are supported out-of-the-box: `request`, `response`, `completed` and `exception`.
The user can add as many tags as wanted as part of the decoration configuration:

    "audit": "route-#1"  // add a single tag to the decorated component
    "audit": [ "super-tag", "route-#2" ] // add all of theses tags
    "audit": boolean, object, ... // any other format will be ignored

OpenIG provides a single `audit` decorator by default.

Consumers of AuditEvent are `AuditEventListener`, they have to provide their own Heaplet
implementation that extends `ConditionalListenerHeaplet`. They'll be automatically notified
of emitted AuditEvents and can (optionally) filter the received event using the `condition`
configuration attribute (condition is expressed as an `Expression` that needs to evaluate
to a boolean).

Examples of such event-filtering conditions:

    ${true}
    ${contains(tags, 'tag#1')}
    ${source.name.leaf == 'source'}

git-svn-id: https://svn.forgerock.org/openig/trunk@736 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
    guillaume.sauthier
     

19 Nov, 2014

1 commit

18 Nov, 2014

1 commit

17 Nov, 2014

2 commits

13 Nov, 2014

2 commits