mirror of
https://github.com/google/nomulus.git
synced 2025-04-30 03:57:51 +02:00
1f000b94e6
A test has been added to RequestHandlerTest, making sure that, while we merely log errors for the time being, the correct dummy AuthResult is being created. Most actions use the default settings, which have been changed to INTERNAL / APP / IGNORED. Actions with non-default settings are: INTERNAL/NONE/PUBLIC (non-auth public endpoints) CheckApiAction WhoisHttpServer Rdap*Action INTERNAL,API/APP/ADMIN (things currently protected by web.xml) EppTlsAction EppToolAction CreateGroupsAction CreatePremiumListAction DeleteEntityAction List*sAction UpdatePremiumListAction VerifyOteAction WhoisServer INTERNAL,API,LEGACY/USER/PUBLIC (registrar console) RegistrarPaymentAction RegistrarPaymentSetupAction RegistrarSettingsAction EppConsoleAction INTERNAL,API,LEGACY/NONE/PUBLIC (registrar console main page) ConsoleUiAction ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=149761652
66 lines
2.2 KiB
Java
66 lines
2.2 KiB
Java
// Copyright 2017 The Nomulus Authors. All Rights Reserved.
|
|
//
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
package google.registry.flows;
|
|
|
|
import google.registry.request.Action;
|
|
import google.registry.request.Action.Method;
|
|
import google.registry.request.Payload;
|
|
import google.registry.request.auth.Auth;
|
|
import google.registry.request.auth.AuthLevel;
|
|
import google.registry.util.FormattingLogger;
|
|
import javax.inject.Inject;
|
|
import javax.servlet.http.HttpSession;
|
|
|
|
/**
|
|
* Establishes a transport for EPP+TLS over HTTP. All commands and responses are EPP XML according
|
|
* to RFC 5730. Commands must be requested via POST.
|
|
*/
|
|
@Action(
|
|
path = "/_dr/epp",
|
|
method = Method.POST,
|
|
auth =
|
|
@Auth(
|
|
methods = {Auth.AuthMethod.INTERNAL, Auth.AuthMethod.API},
|
|
minimumLevel = AuthLevel.APP,
|
|
userPolicy = Auth.UserPolicy.ADMIN
|
|
)
|
|
)
|
|
public class EppTlsAction implements Runnable {
|
|
|
|
private static final FormattingLogger logger = FormattingLogger.getLoggerForCallerClass();
|
|
|
|
@Inject @Payload byte[] inputXmlBytes;
|
|
@Inject TlsCredentials tlsCredentials;
|
|
@Inject HttpSession session;
|
|
@Inject EppRequestHandler eppRequestHandler;
|
|
@Inject EppTlsAction() {}
|
|
|
|
@Override
|
|
public void run() {
|
|
// Check that SNI header is present. This is a signal that we're receiving traffic proxied by a
|
|
// GFE, which is the expectation of this servlet. The value is unused.
|
|
if (!tlsCredentials.hasSni()) {
|
|
logger.warning("Request did not include required SNI header.");
|
|
}
|
|
eppRequestHandler.executeEpp(
|
|
new HttpSessionMetadata(session),
|
|
tlsCredentials,
|
|
EppRequestSource.TLS,
|
|
false, // This endpoint is never a dry run.
|
|
false, // This endpoint is never a superuser.
|
|
inputXmlBytes);
|
|
}
|
|
}
|
|
|