forked from jooby-project/jooby
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathSSLHandler.java
More file actions
101 lines (93 loc) · 3.12 KB
/
SSLHandler.java
File metadata and controls
101 lines (93 loc) · 3.12 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
/**
* Jooby https://jooby.io
* Apache License Version 2.0 https://jooby.io/LICENSE.txt
* Copyright 2014 Edgar Espina
*/
package io.jooby;
import javax.annotation.Nonnull;
/**
* Force SSL handler. Check for non-HTTPs request and force client to use HTTPs by redirecting the
* call to the HTTPs version.
*
* If you run behind a reverse proxy that has been configured to send the X-Forwarded-* header,
* please consider to set {@link Router#setTrustProxy(boolean)} option.
*
* @author edgar
*/
public class SSLHandler implements Route.Before {
private static final int SECURE_PORT = 443;
private final String host;
private final int port;
/**
* Creates a SSLHandler and redirect non-HTTPS request to the given host and port.
*
* If you run behind a reverse proxy that has been configured to send the X-Forwarded-* header,
* please consider to set {@link Router#setTrustProxy(boolean)} option.
*
* @param host Host to redirect.
* @param port HTTP port.
*/
public SSLHandler(@Nonnull String host, int port) {
this.host = host;
this.port = port;
}
/**
* Creates a SSLHandler and redirect non-HTTPS request to the given host.
*
* If you run behind a reverse proxy that has been configured to send the X-Forwarded-* header,
* please consider to set {@link Router#setTrustProxy(boolean)} option.
*
* @param host Host to redirect.
*/
public SSLHandler(@Nonnull String host) {
this(host, SECURE_PORT);
}
/**
* Creates a SSLHandler and redirect non-HTTPs requests to the HTTPS version of this call. Host
* is recreated from <code>Host</code> header or <code>X-Forwarded-Host</code>.
*
* If you run behind a reverse proxy that has been configured to send the X-Forwarded-* header,
* please consider to set {@link Router#setTrustProxy(boolean)} option.
*
* @param port HTTPS port.
*/
public SSLHandler(int port) {
this.host = null;
this.port = port;
}
/**
* Creates a SSLHandler and redirect non-HTTPs requests to the HTTPS version of this call. Host
* is recreated from <code>Host</code> header.
*
* If you run behind a reverse proxy that has been configured to send the X-Forwarded-* header,
* please consider to set {@link Router#setTrustProxy(boolean)} option.
*/
public SSLHandler() {
this(SECURE_PORT);
}
@Override public void apply(@Nonnull Context ctx) {
if (!ctx.isSecure()) {
String host;
if (this.host == null) {
String hostAndPort = ctx.getHostAndPort();
int i = hostAndPort.lastIndexOf(':');
host = i > 0 ? hostAndPort.substring(0, i) : hostAndPort;
} else {
host = this.host;
}
StringBuilder buff = new StringBuilder("https://");
buff.append(host);
if (host.equals("localhost")) {
int securePort = ctx.getRouter().getServerOptions().getSecurePort();
buff.append(":").append(securePort);
} else {
if (port > 0 && port != SECURE_PORT) {
buff.append(":").append(port);
}
}
buff.append(ctx.getRequestPath());
buff.append(ctx.queryString());
ctx.sendRedirect(buff.toString());
}
}
}