View Javadoc

1   package com.atlassian.plugins.rest.helloworld;
2   
3   import com.atlassian.plugins.rest.common.security.CorsAllowed;
4   import com.atlassian.plugins.rest.common.security.AnonymousAllowed;
5   import com.atlassian.plugins.rest.common.security.AuthenticationContext;
6   
7   import java.security.Principal;
8   import javax.ws.rs.GET;
9   import javax.ws.rs.Path;
10  import javax.ws.rs.Produces;
11  import javax.ws.rs.core.Context;
12  
13  @Path ("/helloworld")
14  
15  public class HelloWorld
16  {
17      @GET
18      @Produces ("text/plain")
19      @Path ("/authenticated")
20      public String getAuthenticatedMessage()
21      {
22          return "Goodbye Authenticated World";
23      }
24  
25      @GET
26      @Produces ("text/plain")
27      @Path ("/anonymous")
28      @AnonymousAllowed
29      @CorsAllowed
30      public String getAnonymousMessage()
31      {
32          return "Goodbye Anonymous World";
33      }
34  
35      @GET
36      @Produces ("text/plain")
37      @Path ("/admin")
38      @AnonymousAllowed
39      public String getMessageForAdmin(@Context AuthenticationContext authenticationContext)
40      {
41          checkIsUser(authenticationContext, "admin");
42          return "Goodbye " + authenticationContext.getPrincipal();
43      }
44  
45      private void checkIsUser(AuthenticationContext context, String userName)
46      {
47          final Principal principal = context.getPrincipal();
48          if (principal == null || !principal.getName().equals(userName))
49          {
50              throw new SecurityException("You're not '" + userName + "' I know who you really are'" + principal + "', you can't access this information");
51          }
52      }
53  }