diff --git a/jams-server/src/main/java/net/jami/jams/server/servlets/LoginServlet.java b/jams-server/src/main/java/net/jami/jams/server/servlets/LoginServlet.java
index 132087463d5a3068d9c23e6e79f19246667c3e72..66e4082973b8017e4948cd14bf7b91e06bdb3ed2 100644
--- a/jams-server/src/main/java/net/jami/jams/server/servlets/LoginServlet.java
+++ b/jams-server/src/main/java/net/jami/jams/server/servlets/LoginServlet.java
@@ -28,6 +28,7 @@ import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
+import net.jami.jams.common.annotations.JsonContent;
import net.jami.jams.common.authmodule.AuthTokenResponse;
import net.jami.jams.common.serialization.tomcat.TomcatCustomErrorHandler;
import net.jami.jams.server.servlets.api.auth.login.LoginRequest;
@@ -39,7 +40,8 @@ import static net.jami.jams.server.servlets.api.auth.login.AuthRequestProcessor.
import static net.jami.jams.server.servlets.api.auth.login.AuthRequestProcessor.processX509Auth;
@WebServlet("/api/login")
-//This method returns the token which is used for all the next calls to the API.
+// This method returns the token which is used for all the next calls to the
+// API.
public class LoginServlet extends HttpServlet {
/**
@@ -49,35 +51,33 @@ public class LoginServlet extends HttpServlet {
* @apiGroup Login
* @apiParam {header} [authorization] classical HTTP auth header
* @apiParam {attribute} [X509Certificate] X509 User certificate
- * @apiParam {body} [LoginRequest] username/password sent to server as JSON object
+ * @apiParam {body} [LoginRequest] username/password sent to server as JSON
+ * object
*
* @apiSuccess (200) {body} AuthTokenResponse the 0Auth authentication token
* @apiError (403) {null} null The user is unauthorized
*/
@Override
+ @JsonContent
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
AuthTokenResponse res = null;
- //Case 1: Authorization header.
- if(req.getHeader("authorization") != null){
+ // Case 1: Authorization header.
+ if (req.getHeader("authorization") != null) {
res = processUsernamePasswordAuth(req.getHeader("authorization"));
}
- //Case 2 SSL Certificate
- else if(req.getAttribute("jakarta.servlet.request.X509Certificate") != null){
- res = processX509Auth((X509Certificate[])req.getAttribute("jakarta.servlet.request.X509Certificate"));
- }
- else{
- //Case 3: form submitted username/password
+ // Case 2 SSL Certificate
+ else if (req.getAttribute("jakarta.servlet.request.X509Certificate") != null) {
+ res = processX509Auth((X509Certificate[]) req.getAttribute("jakarta.servlet.request.X509Certificate"));
+ } else {
+ // Case 3: form submitted username/password
LoginRequest object = JsonIterator.deserialize(req.getInputStream().readAllBytes(), LoginRequest.class);
- if(object.getUsername() != null && object.getPassword() != null){
+ if (object.getUsername() != null && object.getPassword() != null) {
res = processUsernamePasswordAuth(object.getUsername(), object.getPassword());
}
}
- if(res == null) TomcatCustomErrorHandler.sendCustomError(resp,401,"Invalid credentials provided!");
- else resp.getOutputStream().write(JsonStream.serialize(res).getBytes());
- }
-
- @Override
- protected void doDelete(HttpServletRequest req, HttpServletResponse resp) throws IOException {
- resp.setStatus(200);
+ if (res == null)
+ TomcatCustomErrorHandler.sendCustomError(resp, 401, "Invalid credentials provided!");
+ else
+ resp.getOutputStream().write(JsonStream.serialize(res).getBytes());
}
}
diff --git a/jams-server/src/main/java/net/jami/jams/server/servlets/api/admin/contacts/ContactServlet.java b/jams-server/src/main/java/net/jami/jams/server/servlets/api/admin/contacts/ContactServlet.java
index 4e2a5a85bea154cff604b47757b7cd1a5e2c1e21..7f1bbc8bcd76a73c0488f3ab0ea33ff72b7fce18 100644
--- a/jams-server/src/main/java/net/jami/jams/server/servlets/api/admin/contacts/ContactServlet.java
+++ b/jams-server/src/main/java/net/jami/jams/server/servlets/api/admin/contacts/ContactServlet.java
@@ -29,6 +29,7 @@ import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
+import net.jami.jams.common.annotations.JsonContent;
import net.jami.jams.common.annotations.ScopedServletMethod;
import net.jami.jams.common.dao.StatementElement;
import net.jami.jams.common.dao.StatementList;
@@ -70,6 +71,7 @@ public class ContactServlet extends HttpServlet {
*/
@Override
@ScopedServletMethod(securityGroups = {AccessLevel.ADMIN})
+ @JsonContent
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
StatementList statementList = new StatementList();
statementList.addStatement(new StatementElement("owner","=",req.getParameter("username").toString(),""));
diff --git a/jams-server/src/main/java/net/jami/jams/server/servlets/api/admin/directory/DirectoryEntryServlet.java b/jams-server/src/main/java/net/jami/jams/server/servlets/api/admin/directory/DirectoryEntryServlet.java
index 67f550dd2f4beb717914c7304ca1e6d68950634b..1128dd454d1e53a9485c5c54d15301f2aef894cd 100644
--- a/jams-server/src/main/java/net/jami/jams/server/servlets/api/admin/directory/DirectoryEntryServlet.java
+++ b/jams-server/src/main/java/net/jami/jams/server/servlets/api/admin/directory/DirectoryEntryServlet.java
@@ -31,6 +31,7 @@ import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import lombok.extern.slf4j.Slf4j;
+import net.jami.jams.common.annotations.JsonContent;
import net.jami.jams.common.annotations.ScopedServletMethod;
import net.jami.jams.common.authentication.AuthenticationSourceType;
import net.jami.jams.common.authmodule.AuthModuleKey;
@@ -54,6 +55,7 @@ public class DirectoryEntryServlet extends HttpServlet {
@Override
@ScopedServletMethod(securityGroups = {AccessLevel.ADMIN})
+ @JsonContent
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
//Create a user profile.
String realm = "LOCAL";
diff --git a/jams-server/src/main/java/net/jami/jams/server/servlets/api/admin/update/SubscriptionServlet.java b/jams-server/src/main/java/net/jami/jams/server/servlets/api/admin/update/SubscriptionServlet.java
index 06de870081f1af41b834957aaf6ca55c94dfd067..eabe92fe596b0d2c8932ce36197631b7c49b7e60 100644
--- a/jams-server/src/main/java/net/jami/jams/server/servlets/api/admin/update/SubscriptionServlet.java
+++ b/jams-server/src/main/java/net/jami/jams/server/servlets/api/admin/update/SubscriptionServlet.java
@@ -57,6 +57,7 @@ public class SubscriptionServlet extends HttpServlet {
// on disk..
@Override
@ScopedServletMethod(securityGroups = {AccessLevel.ADMIN})
+ @JsonContent
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
String license = new String(req.getInputStream().readAllBytes());
final JSONObject obj = new JSONObject(license);
diff --git a/jams-server/src/main/java/net/jami/jams/server/servlets/api/admin/users/UserServlet.java b/jams-server/src/main/java/net/jami/jams/server/servlets/api/admin/users/UserServlet.java
index 842d76c30cbfa93ad39a9b51a0a34071ab376686..43ad9b34e21cc73856eaf6d284dee89c02cf38b9 100644
--- a/jams-server/src/main/java/net/jami/jams/server/servlets/api/admin/users/UserServlet.java
+++ b/jams-server/src/main/java/net/jami/jams/server/servlets/api/admin/users/UserServlet.java
@@ -88,6 +88,7 @@ public class UserServlet extends HttpServlet {
//Create an internal user - this is always technically available, because internal users have the right to exist.
@Override
@ScopedServletMethod(securityGroups = {AccessLevel.ADMIN})
+ @JsonContent
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
final JSONObject obj = new JSONObject(req.getReader().lines().collect(Collectors.joining(System.lineSeparator())));
String pw = obj.getString("password");