001/******************************************************************************* 002 * Copyright 2017 The MIT Internet Trust Consortium 003 * 004 * Portions copyright 2011-2013 The MITRE Corporation 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); 007 * you may not use this file except in compliance with the License. 008 * You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software 013 * distributed under the License is distributed on an "AS IS" BASIS, 014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 015 * See the License for the specific language governing permissions and 016 * limitations under the License. 017 *******************************************************************************/ 018/** 019 * 020 */ 021package org.mitre.openid.connect.view; 022 023import java.io.IOException; 024import java.io.Writer; 025import java.lang.reflect.Type; 026import java.util.Map; 027 028import javax.servlet.http.HttpServletRequest; 029import javax.servlet.http.HttpServletResponse; 030 031import org.mitre.oauth2.model.OAuth2AccessTokenEntity; 032import org.mitre.openid.connect.model.WhitelistedSite; 033import org.slf4j.Logger; 034import org.slf4j.LoggerFactory; 035import org.springframework.http.HttpStatus; 036import org.springframework.http.MediaType; 037import org.springframework.stereotype.Component; 038import org.springframework.validation.BeanPropertyBindingResult; 039import org.springframework.web.servlet.view.AbstractView; 040 041import com.google.gson.ExclusionStrategy; 042import com.google.gson.FieldAttributes; 043import com.google.gson.Gson; 044import com.google.gson.GsonBuilder; 045import com.google.gson.JsonElement; 046import com.google.gson.JsonPrimitive; 047import com.google.gson.JsonSerializationContext; 048import com.google.gson.JsonSerializer; 049 050/** 051 * @author jricher 052 * 053 */ 054@Component(JsonApprovedSiteView.VIEWNAME) 055public class JsonApprovedSiteView extends AbstractView { 056 057 /** 058 * Logger for this class 059 */ 060 private static final Logger logger = LoggerFactory.getLogger(JsonApprovedSiteView.class); 061 062 public static final String VIEWNAME = "jsonApprovedSiteView"; 063 064 private Gson gson = new GsonBuilder() 065 .setExclusionStrategies(new ExclusionStrategy() { 066 067 @Override 068 public boolean shouldSkipField(FieldAttributes f) { 069 070 return false; 071 } 072 073 @Override 074 public boolean shouldSkipClass(Class<?> clazz) { 075 // skip the JPA binding wrapper 076 if (clazz.equals(BeanPropertyBindingResult.class)) { 077 return true; 078 } 079 return false; 080 } 081 082 }) 083 .registerTypeAdapter(OAuth2AccessTokenEntity.class, new JsonSerializer<OAuth2AccessTokenEntity>() { 084 @Override 085 public JsonElement serialize(OAuth2AccessTokenEntity src, 086 Type typeOfSrc, JsonSerializationContext context) { 087 return new JsonPrimitive(src.getId()); 088 } 089 }) 090 .registerTypeAdapter(WhitelistedSite.class, new JsonSerializer<WhitelistedSite>() { 091 @Override 092 public JsonElement serialize(WhitelistedSite src, Type typeOfSrc, JsonSerializationContext context) { 093 return new JsonPrimitive(src.getId()); 094 } 095 }) 096 .serializeNulls() 097 .setDateFormat("yyyy-MM-dd'T'HH:mm:ssZ") 098 .create(); 099 100 @Override 101 protected void renderMergedOutputModel(Map<String, Object> model, HttpServletRequest request, HttpServletResponse response) { 102 103 response.setContentType(MediaType.APPLICATION_JSON_VALUE); 104 105 106 HttpStatus code = (HttpStatus) model.get(HttpCodeView.CODE); 107 if (code == null) { 108 code = HttpStatus.OK; // default to 200 109 } 110 111 response.setStatus(code.value()); 112 113 try { 114 115 Writer out = response.getWriter(); 116 Object obj = model.get(JsonEntityView.ENTITY); 117 gson.toJson(obj, out); 118 119 } catch (IOException e) { 120 121 logger.error("IOException in JsonEntityView.java: ", e); 122 123 } 124 } 125 126}