From 39c8448e25fa46d3a8f2e4e3c090eb34ecd47bbf Mon Sep 17 00:00:00 2001
From: MarkNSweep <MarkNSweep@github.com>
Date: Wed, 6 Jul 2016 09:36:28 +0100
Subject: [PATCH] Updated to latest version of signed code from map Signed off
 by : Adam Pilkington apilkington@uk.ibm.com

---
 signed-app/build.gradle                            |  1 +
 .../signed/SignedContainerRequestFilter.java       | 14 ++++++++++++--
 .../gameontext/signed/SignedRequestFeature.java    |  7 ++++++-
 3 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/signed-app/build.gradle b/signed-app/build.gradle
index 7cf2488..efe0c0d 100644
--- a/signed-app/build.gradle
+++ b/signed-app/build.gradle
@@ -6,6 +6,7 @@ sourceCompatibility = 1.8
 dependencies {
 	compile 'javax.ws.rs:javax.ws.rs-api:2.0'
 	compile 'javax.enterprise:cdi-api:1.2'
+	compile 'javax.servlet:javax.servlet-api:3.1.0'
 	compile 'javax.enterprise.concurrent:javax.enterprise.concurrent-api:1.0'
 	compile 'io.jsonwebtoken:jjwt:0.5.1'
 }
diff --git a/signed-app/src/main/java/org/gameontext/signed/SignedContainerRequestFilter.java b/signed-app/src/main/java/org/gameontext/signed/SignedContainerRequestFilter.java
index 5ff04f7..7362f8d 100644
--- a/signed-app/src/main/java/org/gameontext/signed/SignedContainerRequestFilter.java
+++ b/signed-app/src/main/java/org/gameontext/signed/SignedContainerRequestFilter.java
@@ -15,8 +15,11 @@
  *******************************************************************************/
 package org.gameontext.signed;
 
+import java.io.BufferedReader;
 import java.io.IOException;
+import java.io.InputStreamReader;
 import java.util.logging.Level;
+import java.util.stream.Collectors;
 
 import javax.ws.rs.WebApplicationException;
 import javax.ws.rs.container.ContainerRequestContext;
@@ -32,7 +35,7 @@ public class SignedContainerRequestFilter implements ContainerRequestFilter {
     public SignedContainerRequestFilter(SignedRequestSecretProvider playerClient, SignedRequestTimedCache timedCache) {
         this.playerClient = playerClient;
         this.timedCache = timedCache;
-
+        
         if ( playerClient == null || timedCache == null ) {
             SignedRequestFeature.writeLog(Level.SEVERE, this,
                     "Required resources are not available: playerClient={0}, timedCache={1}",
@@ -60,13 +63,20 @@ public void filter(ContainerRequestContext requestContext) throws IOException {
                 requestContext.getUriInfo().getQueryParameters(false),
                 requestContext.getHeaders());
 
-        if ( userId == null ) {
+        if ( userId == null || userId.trim().isEmpty()) {
             if ( "GET".equals(method) ) {
                 // no validation required for GET requests. If an ID isn't provided,
                 // then we won't do validation and will just return.
                 SignedRequestFeature.writeLog(Level.FINEST, this, "FILTER: GET WITH NO ID-- NO VERIFICATION");
                 return;
             } else {
+                //debug empty userid header..
+                if(userId!=null){
+                    BufferedReader buffer = new BufferedReader(new InputStreamReader(requestContext.getEntityStream(), SignedRequestHmac.UTF8));
+                    String body = buffer.lines().collect(Collectors.joining("\n"));
+                    SignedRequestFeature.writeLog(Level.FINEST,this,"BODY: "+body);
+                }
+                
                 SignedRequestFeature.writeLog(Level.FINEST, this, "FILTER: "+method+" WITH NO ID-- UNAUTHORIZED");
                 // STOP!! turn this right around with the bad response
                 requestContext.abortWith(Response.status(Status.FORBIDDEN).build());
diff --git a/signed-app/src/main/java/org/gameontext/signed/SignedRequestFeature.java b/signed-app/src/main/java/org/gameontext/signed/SignedRequestFeature.java
index 5221e7d..34df4f8 100644
--- a/signed-app/src/main/java/org/gameontext/signed/SignedRequestFeature.java
+++ b/signed-app/src/main/java/org/gameontext/signed/SignedRequestFeature.java
@@ -15,15 +15,19 @@
  *******************************************************************************/
 package org.gameontext.signed;
 
+import java.io.PrintWriter;
+import java.io.StringWriter;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
 import javax.enterprise.context.ApplicationScoped;
 import javax.enterprise.inject.spi.CDI;
+import javax.servlet.http.HttpServletRequest;
 import javax.ws.rs.DELETE;
 import javax.ws.rs.GET;
 import javax.ws.rs.container.DynamicFeature;
 import javax.ws.rs.container.ResourceInfo;
+import javax.ws.rs.core.Context;
 import javax.ws.rs.core.FeatureContext;
 import javax.ws.rs.ext.Provider;
 
@@ -44,7 +48,7 @@ final static void writeLog(Level level, Object source, String message, Throwable
             logger.logp(level, source.getClass().getName(), "", message, thrown);
         }
     }
-
+    
     SignedRequestSecretProvider playerClient;
     SignedRequestTimedCache timedCache;
 
@@ -63,6 +67,7 @@ public void configure(ResourceInfo resourceInfo, FeatureContext context) {
         }
         if ( sr == null )
             return;
+        
 
         context.register(new SignedContainerRequestFilter(playerClient, timedCache));