Add filter to inject scripts into host page from script registry

csadilek · csadilek · commit f4a5d6d5db07 · 2016-07-22T12:59:31.000-04:00
diff --git a/errai-cdi/errai-cdi-server/pom.xml b/errai-cdi/errai-cdi-server/pom.xml
@@ -46,6 +46,13 @@
       </properties>
 
       <dependencies>
+        <!-- Must come before gwt-user to override servlet api -->
+        <dependency>
+          <groupId>org.jboss.spec.javax.servlet</groupId>
+          <artifactId>jboss-servlet-api_3.1_spec</artifactId>
+          <scope>provided</scope>
+        </dependency>
+      
         <!-- Errai Core -->
         <dependency>
           <groupId>org.jboss.errai</groupId>
@@ -185,6 +192,11 @@
           <artifactId>errai-data-binding</artifactId>
           <scope>provided</scope>
         </dependency>
+
+        <dependency>
+          <groupId>org.jsoup</groupId>
+          <artifactId>jsoup</artifactId>
+        </dependency>
       </dependencies>
 
       <build>
@@ -250,6 +262,12 @@
       </build>
 
       <dependencies> 
+        <!-- Must come before gwt-user to override servlet api -->
+        <dependency>
+          <groupId>org.jboss.spec.javax.servlet</groupId>
+          <artifactId>jboss-servlet-api_3.1_spec</artifactId>
+          <scope>provided</scope>
+        </dependency>
         <dependency>
           <groupId>log4j</groupId>
           <artifactId>log4j</artifactId>
@@ -412,6 +430,11 @@
           <artifactId>javaee-api</artifactId>
           <scope>provided</scope>
         </dependency>
+
+        <dependency>
+          <groupId>org.jsoup</groupId>
+          <artifactId>jsoup</artifactId>
+        </dependency>
       </dependencies>
     </profile>
   </profiles>
diff --git a/errai-cdi/errai-cdi-server/src/main/java/org/jboss/errai/cdi/server/scripts/FilterCacheUtil.java b/errai-cdi/errai-cdi-server/src/main/java/org/jboss/errai/cdi/server/scripts/FilterCacheUtil.java
@@ -0,0 +1,86 @@
+package org.jboss.errai.cdi.server.scripts;
+
+import java.io.CharArrayWriter;
+import java.io.IOException;
+import java.io.PrintWriter;
+
+import javax.servlet.ServletOutputStream;
+import javax.servlet.WriteListener;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpServletResponseWrapper;
+
+/**
+ * Shared utilities for servlet filters in Errai.
+ *  
+ * @author Christian Sadilek <csadilek@redhat.com>
+ */
+public class FilterCacheUtil {
+  private static final String EXPIRES_HEADER = "Expires";
+  private static final String CACHE_CONTROL_HEADER = "Cache-Control";
+  private static final String PRAGMA_HEADER = "Pragma";
+
+  private FilterCacheUtil() {}
+  
+  public static HttpServletResponse noCache(final HttpServletResponse response) {
+    response.setHeader( CACHE_CONTROL_HEADER, "no-cache, no-store, must-revalidate" );
+    response.setHeader( PRAGMA_HEADER, "no-cache" );
+    response.setDateHeader( EXPIRES_HEADER, 0 );
+    return response;
+  }
+  
+  public static CharResponseWrapper getCharResponseWrapper(final HttpServletResponse response) {
+    return new CharResponseWrapper(response);
+  }
+  
+  public static class CharResponseWrapper extends HttpServletResponseWrapper {
+
+    protected CharArrayWriter charWriter = new CharArrayWriter();
+
+    protected ServletOutputStream outputStream = new ServletOutputStream() {
+
+      @Override
+      public boolean isReady() {
+        return true;
+      }
+
+      @Override
+      public void setWriteListener(WriteListener writeListener) {
+        // no-op
+      }
+
+      @Override
+      public void write(int b) throws IOException {
+        charWriter.write(b);
+      }
+    };
+
+    protected PrintWriter writer = new PrintWriter(charWriter);
+
+    public CharResponseWrapper(final HttpServletResponse response) {
+      super(response);
+    }
+
+    @Override
+    public ServletOutputStream getOutputStream() throws IOException {
+      return outputStream;
+    }
+
+    @Override
+    public PrintWriter getWriter() throws IOException {
+      return writer;
+    }
+
+    @Override
+    public void flushBuffer() throws IOException {
+      // Don't remove this override!
+      // When intercepting static content, WAS 8.5.5.5 prematurely calls this
+      // method to flush the output stream before we can calculate the content
+      // length (see above).
+    }
+
+    @Override
+    public String toString() {
+      return charWriter.toString();
+    }
+  }
+}
diff --git a/errai-cdi/errai-cdi-server/src/main/java/org/jboss/errai/cdi/server/scripts/HostPageScriptInjectorFilter.java b/errai-cdi/errai-cdi-server/src/main/java/org/jboss/errai/cdi/server/scripts/HostPageScriptInjectorFilter.java
@@ -0,0 +1,78 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.jboss.errai.cdi.server.scripts;
+
+import static org.jboss.errai.cdi.server.scripts.FilterCacheUtil.getCharResponseWrapper;
+import static org.jboss.errai.cdi.server.scripts.FilterCacheUtil.noCache;
+
+import java.io.IOException;
+
+import javax.inject.Inject;
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.annotation.WebFilter;
+import javax.servlet.http.HttpServletResponse;
+
+import org.jboss.errai.cdi.server.scripts.FilterCacheUtil.CharResponseWrapper;
+import org.jsoup.Jsoup;
+import org.jsoup.nodes.Document;
+
+/**
+ * Adds all registered scripts from {@link ScriptRegistry} to the &lt;head&gt;
+ * of the host page.
+ * 
+ * @author Christian Sadilek <csadilek@redhat.com>
+ */
+@WebFilter(filterName = "ErraiHostPageScriptInjectorFilter", urlPatterns = { "/index.jsp", "/index.html" })
+public class HostPageScriptInjectorFilter implements Filter {
+
+  @Inject
+  private ScriptRegistry registry;
+
+  @Override
+  public void init(FilterConfig filterConfig) throws ServletException {
+  }
+
+  @Override
+  public void destroy() {
+  }
+
+  @Override
+  public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
+          throws IOException, ServletException {
+
+    final HttpServletResponse httpServletResponse = (HttpServletResponse) response;
+
+    if (!registry.isEmpty()) {
+      final CharResponseWrapper wrappedResponse = getCharResponseWrapper((HttpServletResponse) response);
+      chain.doFilter(request, noCache(wrappedResponse));
+
+      final Document document = Jsoup.parse(wrappedResponse.toString());
+      registry.getAllScripts().forEach(s -> document.head().append("<script src=\"" + s + "\"/>"));
+      final byte[] outputBytes = document.html().getBytes("UTF-8");
+      response.setContentLength(outputBytes.length);
+      response.getOutputStream().write(outputBytes);
+    }
+    else {
+      chain.doFilter(request, noCache(httpServletResponse));
+    }
+  }
+
+}
diff --git a/errai-cdi/errai-cdi-server/src/main/java/org/jboss/errai/cdi/server/scripts/ScriptRegistry.java b/errai-cdi/errai-cdi-server/src/main/java/org/jboss/errai/cdi/server/scripts/ScriptRegistry.java
@@ -0,0 +1,60 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.jboss.errai.cdi.server.scripts;
+
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+import java.util.stream.Collectors;
+
+import javax.enterprise.context.ApplicationScoped;
+
+/**
+ * Script registry for scripts loaded at runtime (i.e. dynamic plugins).
+ * 
+ * @author Christian Sadilek <csadilek@redhat.com>
+ */
+@ApplicationScoped
+public class ScriptRegistry {
+
+  private final Map<String, Set<String>> scripts = new HashMap<String, Set<String>>();
+
+  public void addScript(final String ns, final String url) {
+    scripts.computeIfAbsent(ns, k -> new HashSet<String>()).add(url);
+  }
+
+  public void removeScript(final String ns, final String url) {
+    scripts.getOrDefault(ns, new HashSet<String>()).remove(url);
+  }
+
+  public void removeScripts(final String key) {
+    scripts.remove(key);
+  }
+
+  public Set<String> getAllScripts() {
+    return scripts.values().stream().flatMap(s -> s.stream()).collect(Collectors.toSet());
+  }
+
+  public boolean isEmpty() {
+    return scripts.isEmpty();
+  }
+
+  @Override
+  public String toString() {
+    return "ScriptRegistry [scripts=" + scripts + "]";
+  }
+}
diff --git a/errai-security/errai-security-server/src/main/java/org/jboss/errai/security/server/servlet/UserHostPageFilter.java b/errai-security/errai-security-server/src/main/java/org/jboss/errai/security/server/servlet/UserHostPageFilter.java
@@ -16,26 +16,24 @@
 
 package org.jboss.errai.security.server.servlet;
 
+import static org.jboss.errai.cdi.server.scripts.FilterCacheUtil.getCharResponseWrapper;
+import static org.jboss.errai.cdi.server.scripts.FilterCacheUtil.noCache;
 import static org.jboss.errai.security.Properties.USER_ON_HOSTPAGE_ENABLED;
 
-import java.io.CharArrayWriter;
 import java.io.IOException;
-import java.io.PrintWriter;
 import java.util.Properties;
 
 import javax.inject.Inject;
 import javax.servlet.Filter;
 import javax.servlet.FilterChain;
 import javax.servlet.FilterConfig;
 import javax.servlet.ServletException;
-import javax.servlet.ServletOutputStream;
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
-import javax.servlet.WriteListener;
 import javax.servlet.annotation.WebFilter;
 import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpServletResponseWrapper;
 
+import org.jboss.errai.cdi.server.scripts.FilterCacheUtil.CharResponseWrapper;
 import org.jboss.errai.marshalling.server.MappingContextSingleton;
 import org.jboss.errai.marshalling.server.ServerMarshalling;
 import org.jboss.errai.security.server.properties.ErraiAppProperties;
@@ -78,11 +76,11 @@ public void doFilter(ServletRequest request, ServletResponse response, FilterCha
           ServletException {
 
     if (!isUserOnHostPageEnabled()) {
-      chain.doFilter(request, response);
+      chain.doFilter(request, noCache((HttpServletResponse) response));
     }
     else {
-      final CharResponseWrapper wrappedResponse = new CharResponseWrapper((HttpServletResponse) response);
-      chain.doFilter(request, wrappedResponse);
+      final CharResponseWrapper wrappedResponse = getCharResponseWrapper((HttpServletResponse) response);
+      chain.doFilter(request, noCache(wrappedResponse));
 
       final User user = authenticationService.getUser();
       final String output;
@@ -101,7 +99,7 @@ public void doFilter(ServletRequest request, ServletResponse response, FilterCha
         output = wrappedResponse.toString();
       }
       
-      byte[] outputBytes = output.getBytes("UTF-8");
+      final byte[] outputBytes = output.getBytes("UTF-8");
       response.setContentLength(outputBytes.length);
       response.getOutputStream().write(outputBytes);
     }
@@ -114,55 +112,4 @@ private boolean isUserOnHostPageEnabled() {
     return false;
   }
 
-  class CharResponseWrapper extends HttpServletResponseWrapper {
-
-    protected CharArrayWriter charWriter = new CharArrayWriter();
-
-    protected ServletOutputStream outputStream = new ServletOutputStream() {
-
-      @Override
-      public boolean isReady() {
-        return true;
-      }
-
-      @Override
-      public void setWriteListener(WriteListener writeListener) {
-        // no-op
-      }
-
-      @Override
-      public void write(int b) throws IOException {
-        charWriter.write(b);
-      }
-    };
-
-    protected PrintWriter writer = new PrintWriter(charWriter);
-
-    public CharResponseWrapper(final HttpServletResponse response) {
-      super(response);
-    }
-
-    @Override
-    public ServletOutputStream getOutputStream() throws IOException {
-      return outputStream;
-    }
-
-    @Override
-    public PrintWriter getWriter() throws IOException {
-      return writer;
-    }
-
-    @Override
-    public void flushBuffer() throws IOException {
-      // Don't remove this override!
-      // When intercepting static content, WAS 8.5.5.5 prematurely calls this
-      // method to flush the output stream before we can calculate the content
-      // length (see above).
-    }
-
-    @Override
-    public String toString() {
-      return charWriter.toString();
-    }
-  }
 }
