}
// Canonicalize the path
Uri href = normalizeUrl(httpApiRequest.href);
try {
HttpRequest req = new HttpRequest(href);
req.setMethod(method);
if (httpApiRequest.body != null) {
req.setPostBody(httpApiRequest.body.getBytes());
}
// Copy over allowed headers
for (Map.Entry<String, List<String>> header : httpApiRequest.headers.entrySet()) {
if (!BAD_HEADERS.contains(header.getKey().trim().toUpperCase())) {
for (String value : header.getValue()) {
req.addHeader(header.getKey(), value);
}
}
}
// Extract the gadget URI from the request or the security token
final Uri gadgetUri = getGadgetUri(requestItem.getToken(), httpApiRequest);
if (gadgetUri == null) {
throw new ProtocolException(HttpServletResponse.SC_BAD_REQUEST,
"Gadget URI not specified in request");
}
req.setGadget(gadgetUri);
// Detect the authz parsing
if (httpApiRequest.authz != null) {
req.setAuthType(AuthType.parse(httpApiRequest.authz));
}
final AuthType authType = req.getAuthType();
if (authType != AuthType.NONE) {
if (authType == AuthType.OAUTH2) {
req.setSecurityToken(requestItem.getToken());
Map<String, String> authSettings = getAuthSettings(requestItem);
OAuth2Arguments oauth2Args = new OAuth2Arguments(req.getAuthType(), authSettings);
req.setOAuth2Arguments(oauth2Args);
} else {
req.setSecurityToken(requestItem.getToken());
Map<String, String> authSettings = getAuthSettings(requestItem);
OAuthArguments oauthArgs = new OAuthArguments(req.getAuthType(), authSettings);
oauthArgs.setSignOwner(httpApiRequest.signOwner);
oauthArgs.setSignViewer(httpApiRequest.signViewer);
req.setOAuthArguments(oauthArgs);
}
}
// TODO: Allow the rewriter to use an externally forced mime type. This is needed
// allows proper rewriting of <script src="x"/> where x is returned with
// a content type like text/html which unfortunately happens all too often
req.setIgnoreCache(httpApiRequest.noCache);
req.setSanitizationRequested(httpApiRequest.sanitize);
// If the proxy request specifies a refresh param then we want to force the min TTL for
// the retrieved entry in the cache regardless of the headers on the content when it
// is fetched from the original source.
if (httpApiRequest.refreshInterval != null) {
req.setCacheTtl(httpApiRequest.refreshInterval);
}
final HttpRequest request = req;
HttpResponse results = requestPipeline.execute(req);
GadgetContext context = new GadgetContext() {
@Override
public Uri getUrl() {
return gadgetUri;
}
@Override
public String getParameter(String key) {
return request.getParam(key);
}
@Override
public boolean getIgnoreCache() {
return request.getIgnoreCache();
}
@Override
public String getContainer() {
return requestItem.getToken().getContainer();