From ab1ae16ff90a91b33adda436f2c5319d8e3154df Mon Sep 17 00:00:00 2001
From: Piotr Gawron <piotr.gawron@uni.lu>
Date: Thu, 8 Jun 2017 14:09:14 +0200
Subject: [PATCH] auth token is passed as a cookie
---
.../lcsb/mapviewer/common/Configuration.java | 1 +
frontend-js/src/main/js/ServerConnector.js | 74 ++-----------------
frontend-js/src/main/js/minerva.js | 5 +-
.../src/test/js/ServerConnector-mock.js | 17 ++++-
.../ConfigurationController.java | 5 +-
.../configuration/ConfigurationRestImpl.java | 2 +-
.../genomics/ReferenceGenomeController.java | 4 +-
.../api/projects/ProjectController.java | 10 ++-
.../api/projects/ProjectRestImpl.java | 5 +-
.../chemicals/ChemicalController.java | 4 +-
.../projects/comments/CommentController.java | 16 ++--
.../api/projects/drugs/DrugController.java | 4 +-
.../api/projects/mirnas/MiRnaController.java | 4 +-
.../bioEntities/BioEntitiesController.java | 6 +-
.../elements/ElementsController.java | 4 +-
.../reactions/ReactionsController.java | 4 +-
.../publications/PublicationsController.java | 13 +---
.../projects/overlays/OverlayController.java | 16 ++--
18 files changed, 80 insertions(+), 114 deletions(-)
diff --git a/commons/src/main/java/lcsb/mapviewer/common/Configuration.java b/commons/src/main/java/lcsb/mapviewer/common/Configuration.java
index a9c965f074..4db91ad32b 100644
--- a/commons/src/main/java/lcsb/mapviewer/common/Configuration.java
+++ b/commons/src/main/java/lcsb/mapviewer/common/Configuration.java
@@ -67,6 +67,7 @@ public final class Configuration {
* Where the main webpgae is located.
*/
public static final String MAIN_PAGE = "/index.xhtml";
+ public static final String AUTH_TOKEN = "MINERVA_AUTH_TOKEN";
/**
* Where miriam redirecting webpage is located.
diff --git a/frontend-js/src/main/js/ServerConnector.js b/frontend-js/src/main/js/ServerConnector.js
index a46847151c..42b9de84cf 100644
--- a/frontend-js/src/main/js/ServerConnector.js
+++ b/frontend-js/src/main/js/ServerConnector.js
@@ -546,9 +546,7 @@ ServerConnector.getConfiguration = function(params) {
var self = this;
if (this._configuration === undefined) {
return self.getToken(params.token).then(function(token) {
- return self.readFile(self.getConfigurationUrl(null, {
- token : token
- }));
+ return self.readFile(self.getConfigurationUrl());
}).then(function(content) {
self._configuration = new Configuration(JSON.parse(content));
return Promise.resolve(self._configuration);
@@ -572,9 +570,6 @@ ServerConnector.getProject = function(projectId) {
var self = this;
return self.getProjectId(projectId).then(function(result) {
queryParams.projectId = result;
- return self.getToken();
- }).then(function(token) {
- filterParams.token = token;
return self.readFile(self.getProjectsUrl(queryParams, filterParams));
}).then(function(content) {
project = new Project(content);
@@ -604,10 +599,7 @@ ServerConnector.getUser = function(login) {
};
var filterParams = {};
- return self.getToken().then(function(token) {
- filterParams.token = token;
- return self.readFile(self.getUserUrl(queryParams, filterParams));
- }).then(function(content) {
+ return self.readFile(self.getUserUrl(queryParams, filterParams)).then(function(content) {
var obj = JSON.parse(content);
return new User(obj);
});
@@ -620,9 +612,6 @@ ServerConnector.getOverlays = function(projectId) {
return new Promise(function(resolve, reject) {
self.getProjectId(projectId).then(function(result) {
queryParams.projectId = result;
- return self.getToken();
- }).then(function(token) {
- filterParams.token = token;
return self.readFile(self.getOverlaysUrl(queryParams, filterParams));
}).then(function(content) {
var arr = JSON.parse(content);
@@ -646,11 +635,7 @@ ServerConnector.getOverlayElements = function(overlayId, projectId) {
modelId : "*",
};
var filterParams = {};
-
- return self.getToken().then(function(result) {
- filterParams.token = result;
- return self.getProjectId(projectId);
- }).then(function(result) {
+ return self.getProjectId(projectId).then(function(result) {
queryParams.projectId = result;
return self.readFile(self.getOverlayElementsUrl(queryParams, filterParams));
}).then(function(content) {
@@ -680,10 +665,7 @@ ServerConnector.getFullOverlayElement = function(params) {
};
var filterParams = {};
- return self.getToken().then(function(result) {
- filterParams.token = result;
- return self.getProjectId(params.projectId);
- }).then(function(result) {
+ return self.getProjectId(params.projectId).then(function(result) {
queryParams.projectId = result;
return self.readFile(self.getFullOverlayElementUrl(queryParams, filterParams));
}).then(function(content) {
@@ -731,9 +713,6 @@ ServerConnector.getOverlayById = function(overlayId, projectId) {
var filterParams = {};
return self.getProjectId(projectId).then(function(data) {
queryParams.projectId = data;
- return self.getToken();
- }).then(function(token) {
- filterParams.token = token;
return self.readFile(self.getOverlayByIdUrl(queryParams, filterParams));
}).then(function(content) {
return new LayoutData(JSON.parse(content));
@@ -750,9 +729,6 @@ ServerConnector.getReactions = function(params) {
};
return self.getProjectId(params.projectId).then(function(result) {
queryParams.projectId = result;
- return self.getToken();
- }).then(function(token) {
- filterParams.token = token;
return self.readFile(self.getReactionsUrl(queryParams, filterParams));
}).then(function(content) {
var array = JSON.parse(content);
@@ -773,9 +749,6 @@ ServerConnector.getAliases = function(aliasIds, projectId, columns) {
};
return self.getProjectId(projectId).then(function(result) {
queryParams.projectId = result;
- return self.getToken();
- }).then(function(token) {
- filterParams.token = token;
return self.readFile(self.getAliasesUrl(queryParams, filterParams));
}).then(function(content) {
var array = JSON.parse(content);
@@ -803,9 +776,6 @@ ServerConnector.getComments = function(params) {
};
return self.getProjectId(params.projectId).then(function(result) {
queryParams.projectId = result;
- return self.getToken();
- }).then(function(token) {
- filterParams.token = token;
return self.readFile(self.getCommentsUrl(queryParams, filterParams));
}).then(function(content) {
var array = JSON.parse(content);
@@ -842,9 +812,6 @@ ServerConnector.getClosestElementsByCoordinates = function(params) {
};
return self.getProjectId(params.projectId).then(function(result) {
queryParams.projectId = result;
- return self.getToken();
- }).then(function(token) {
- filterParams.token = token;
return self.readFile(self.getSearchUrl(queryParams, filterParams));
}).then(function(content) {
var array = JSON.parse(content);
@@ -890,9 +857,6 @@ ServerConnector.getElementsByQuery = function(params) {
return self.getProjectId(params.projectId).then(function(result) {
queryParams.projectId = result;
- return self.getToken();
- }).then(function(token) {
- filterParams.token = token;
return self.readFile(self.getSearchUrl(queryParams, filterParams));
}).then(function(content) {
var array = JSON.parse(content);
@@ -912,9 +876,6 @@ ServerConnector.getDrugsByQuery = function(params) {
};
return self.getProjectId(params.projectId).then(function(result) {
queryParams.projectId = result;
- return self.getToken();
- }).then(function(token) {
- filterParams.token = token;
return self.readFile(self.getSearchDrugsUrl(queryParams, filterParams));
}).then(function(content) {
var array = JSON.parse(content);
@@ -934,9 +895,6 @@ ServerConnector.getMiRnasByQuery = function(params) {
};
return self.getProjectId(params.projectId).then(function(result) {
queryParams.projectId = result;
- return self.getToken();
- }).then(function(token) {
- filterParams.token = token;
return self.readFile(self.getSearchMiRnasUrl(queryParams, filterParams));
}).then(function(content) {
var array = JSON.parse(content);
@@ -956,9 +914,6 @@ ServerConnector.getChemicalsByQuery = function(params) {
};
return self.getProjectId(params.projectId).then(function(result) {
queryParams.projectId = result;
- return self.getToken();
- }).then(function(token) {
- filterParams.token = token;
return self.readFile(self.getSearchChemicalsUrl(queryParams, filterParams));
}).then(function(content) {
var array = JSON.parse(content);
@@ -1070,9 +1025,6 @@ ServerConnector.getDrugNamesByTarget = function(params) {
};
return self.getProjectId(params.projectId).then(function(result) {
queryParams.projectId = result;
- return self.getToken();
- }).then(function(token) {
- filterParams.token = token;
return self.readFile(self.getSearchDrugsUrl(queryParams, filterParams));
}).then(function(content) {
var result = [];
@@ -1093,9 +1045,6 @@ ServerConnector.getMiRnaNamesByTarget = function(params) {
};
return self.getProjectId(params.projectId).then(function(result) {
queryParams.projectId = result;
- return self.getToken();
- }).then(function(token) {
- filterParams.token = token;
return self.readFile(self.getSearchMiRnasUrl(queryParams, filterParams));
}).then(function(content) {
var result = [];
@@ -1116,9 +1065,6 @@ ServerConnector.getChemicalNamesByTarget = function(params) {
};
return self.getProjectId(params.projectId).then(function(result) {
queryParams.projectId = result;
- return self.getToken();
- }).then(function(token) {
- filterParams.token = token;
return self.readFile(self.getSearchChemicalsUrl(queryParams, filterParams));
}).then(function(content) {
var result = [];
@@ -1220,12 +1166,8 @@ ServerConnector.getSuggestedQueryList = function(projectId) {
var self = this;
return self.getProjectId(projectId).then(function(result) {
projectId = result;
- return self.getToken();
- }).then(function(token) {
return self.readFile(self.getSuggestedQueryListUrl({
projectId : projectId
- }, {
- token : token
}));
}).then(function(content) {
return JSON.parse(content);
@@ -1252,9 +1194,6 @@ ServerConnector.getPublications = function(params) {
};
return self.getProjectId(params.projectId).then(function(result) {
queryParams.projectId = result;
- return self.getToken();
- }).then(function(token) {
- filterParams.token = token;
return self.readFile(self.getPublicationsUrl(queryParams, filterParams));
}).then(function(content) {
return JSON.parse(content);
@@ -1264,10 +1203,7 @@ ServerConnector.getPublications = function(params) {
ServerConnector.getReferenceGenome = function(params) {
var self = this;
var filterParams = {};
- return self.getToken().then(function(token) {
- filterParams.token = token;
- return self.readFile(self.getReferenceGenomeUrl(params, filterParams));
- }).then(function(content) {
+ return self.readFile(self.getReferenceGenomeUrl(params, filterParams)).then(function(content) {
return new ReferenceGenome(JSON.parse(content));
});
};
diff --git a/frontend-js/src/main/js/minerva.js b/frontend-js/src/main/js/minerva.js
index a217fa9a82..4d869f1aeb 100644
--- a/frontend-js/src/main/js/minerva.js
+++ b/frontend-js/src/main/js/minerva.js
@@ -327,7 +327,10 @@ function create(params) {
params.getElement().innerHTML = "<div style='vertical-align:middle;display:table-cell;text-align: center'>"
+ "<img src='resources/images/icons/ajax-loader.gif'/>" + "</div>";
- return getProject(params).then(function(project) {
+ //make sure that we are logged in
+ return ServerConnector.getToken().then(function(){
+ return getProject(params);
+ }).then(function(project) {
params.setProject(project);
var element = params.getElement();
diff --git a/frontend-js/src/test/js/ServerConnector-mock.js b/frontend-js/src/test/js/ServerConnector-mock.js
index dbf5973e02..b045a42a6b 100644
--- a/frontend-js/src/test/js/ServerConnector-mock.js
+++ b/frontend-js/src/test/js/ServerConnector-mock.js
@@ -7,6 +7,7 @@ var Promise = require("bluebird");
var logger = require('./logger');
var OriginalServerConnector = require('../../main/js/ServerConnector');
+var SessionObjectType = require('../../main/js/SessionObjectType');
var fs = require('fs');
var request = require('request');
@@ -25,6 +26,18 @@ ServerConnectorMock.init();
function replaceAsterisk(str) {
return str.replace(/\*/g,"all").replace(/\:/g,".");
}
+function urlToFileName(url) {
+ var result = url;
+ var token = OriginalServerConnector.getSessionData().getToken();
+ if (token!==undefined && url.startsWith("./testFiles/apiCalls")) {
+ if (!result.endsWith("&")) {
+ result +="/";
+ }
+ result+="token=" +token+"&";
+ }
+
+ return replaceAsterisk(result);
+}
ServerConnectorMock._readFile = function(url) {
return new Promise(function(resolve, reject) {
@@ -39,8 +52,8 @@ ServerConnectorMock._readFile = function(url) {
}
});
} else {
-
- fs.readFile(replaceAsterisk(url), 'utf8', function(err, content) {
+ var fileName = urlToFileName(url);
+ fs.readFile(fileName, 'utf8', function(err, content) {
if (err) {
reject(err);
} else {
diff --git a/rest-api/src/main/java/lcsb/mapviewer/api/configuration/ConfigurationController.java b/rest-api/src/main/java/lcsb/mapviewer/api/configuration/ConfigurationController.java
index 5f5d64c32f..4b582a14a8 100644
--- a/rest-api/src/main/java/lcsb/mapviewer/api/configuration/ConfigurationController.java
+++ b/rest-api/src/main/java/lcsb/mapviewer/api/configuration/ConfigurationController.java
@@ -5,12 +5,13 @@ import java.util.Map;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
+import org.springframework.web.bind.annotation.CookieValue;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import lcsb.mapviewer.api.BaseController;
+import lcsb.mapviewer.common.Configuration;
import lcsb.mapviewer.services.SecurityException;
@RestController
@@ -19,7 +20,7 @@ public class ConfigurationController extends BaseController {
private ConfigurationRestImpl configurationController;
@RequestMapping(value = "/configuration/", method = { RequestMethod.GET }, produces = { MediaType.APPLICATION_JSON_VALUE })
- public Map<String, Object> getOverlayTypes(@RequestParam(value = "token") String token) throws SecurityException {
+ public Map<String, Object> getOverlayTypes(@CookieValue(value = Configuration.AUTH_TOKEN) String token) throws SecurityException {
Map<String, Object> result = new HashMap<>();
result.put("options", configurationController.getAllValues(token));
result.put("imageFormats", configurationController.getImageFormats(token));
diff --git a/rest-api/src/main/java/lcsb/mapviewer/api/configuration/ConfigurationRestImpl.java b/rest-api/src/main/java/lcsb/mapviewer/api/configuration/ConfigurationRestImpl.java
index 7ad828d00f..7c32c55034 100644
--- a/rest-api/src/main/java/lcsb/mapviewer/api/configuration/ConfigurationRestImpl.java
+++ b/rest-api/src/main/java/lcsb/mapviewer/api/configuration/ConfigurationRestImpl.java
@@ -30,7 +30,7 @@ public class ConfigurationRestImpl {
@Autowired
private IConfigurationService configurationService;
- public List<ConfigurationView> getAllValues(@RequestParam(value = "token") String token) throws SecurityException {
+ public List<ConfigurationView> getAllValues(String token) throws SecurityException {
userService.getToken(token);
return configurationService.getAllValues();
}
diff --git a/rest-api/src/main/java/lcsb/mapviewer/api/genomics/ReferenceGenomeController.java b/rest-api/src/main/java/lcsb/mapviewer/api/genomics/ReferenceGenomeController.java
index fff94ddd66..2155a471c4 100644
--- a/rest-api/src/main/java/lcsb/mapviewer/api/genomics/ReferenceGenomeController.java
+++ b/rest-api/src/main/java/lcsb/mapviewer/api/genomics/ReferenceGenomeController.java
@@ -2,6 +2,7 @@ package lcsb.mapviewer.api.genomics;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
+import org.springframework.web.bind.annotation.CookieValue;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
@@ -10,6 +11,7 @@ import org.springframework.web.bind.annotation.RestController;
import lcsb.mapviewer.api.BaseController;
import lcsb.mapviewer.api.QueryException;
+import lcsb.mapviewer.common.Configuration;
import lcsb.mapviewer.services.SecurityException;
import lcsb.mapviewer.services.view.ReferenceGenomeView;
@@ -22,7 +24,7 @@ public class ReferenceGenomeController extends BaseController {
@RequestMapping(value = "/genomics/taxonomies/{organismId}/genomeTypes/{type}/versions/{version}/", method = { RequestMethod.GET, RequestMethod.POST },
produces = { MediaType.APPLICATION_JSON_VALUE })
public ReferenceGenomeView getDrugsByQuery(//
- @RequestParam(value = "token") String token, //
+ @CookieValue(value = Configuration.AUTH_TOKEN) String token, //
@PathVariable(value = "organism") String organism, //
@PathVariable(value = "type") String type, //
@PathVariable(value = "version") String version//
diff --git a/rest-api/src/main/java/lcsb/mapviewer/api/projects/ProjectController.java b/rest-api/src/main/java/lcsb/mapviewer/api/projects/ProjectController.java
index e38dea7905..aadbfcb4b5 100644
--- a/rest-api/src/main/java/lcsb/mapviewer/api/projects/ProjectController.java
+++ b/rest-api/src/main/java/lcsb/mapviewer/api/projects/ProjectController.java
@@ -5,6 +5,7 @@ import java.io.IOException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.CookieValue;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
@@ -14,6 +15,7 @@ import org.springframework.web.bind.annotation.RestController;
import lcsb.mapviewer.api.BaseController;
import lcsb.mapviewer.api.QueryException;
import lcsb.mapviewer.commands.CommandExecutionException;
+import lcsb.mapviewer.common.Configuration;
import lcsb.mapviewer.converter.ConverterException;
import lcsb.mapviewer.model.cache.FileEntry;
import lcsb.mapviewer.model.map.InconsistentModelException;
@@ -28,14 +30,14 @@ public class ProjectController extends BaseController {
@RequestMapping(value = "/projects/{projectId}", method = { RequestMethod.GET }, produces = { MediaType.APPLICATION_JSON_VALUE })
public ProjectMetaData getMetaData(//
@PathVariable(value = "projectId") String projectId, //
- @RequestParam(value = "token") String token //
+ @CookieValue(value = Configuration.AUTH_TOKEN) String token //
) throws SecurityException {
return projectController.getMetaData(projectId, token);
}
@RequestMapping(value = "/projects/{projectId}:downloadSource", method = { RequestMethod.GET }, produces = { MediaType.APPLICATION_JSON_VALUE })
public ResponseEntity<byte[]> getProjectSource(//
- @RequestParam(value = "token") String token, //
+ @CookieValue(value = Configuration.AUTH_TOKEN) String token, //
@PathVariable(value = "projectId") String projectId //
) throws SecurityException, QueryException {
@@ -54,7 +56,7 @@ public class ProjectController extends BaseController {
@RequestMapping(value = "/projects/{projectId}/models/{modelId}:downloadImage", method = { RequestMethod.GET },
produces = { MediaType.APPLICATION_JSON_VALUE })
public ResponseEntity<byte[]> getModelAsImage(//
- @RequestParam(value = "token") String token, //
+ @CookieValue(value = Configuration.AUTH_TOKEN) String token, //
@PathVariable(value = "projectId") String projectId, //
@PathVariable(value = "modelId") String modelId, //
@RequestParam(value = "handlerClass") String handlerClass, //
@@ -74,7 +76,7 @@ public class ProjectController extends BaseController {
@RequestMapping(value = "/projects/{projectId}/models/{modelId}:downloadModel", method = { RequestMethod.GET },
produces = { MediaType.APPLICATION_JSON_VALUE })
public ResponseEntity<byte[]> getModelAsModelFile(//
- @RequestParam(value = "token") String token, //
+ @CookieValue(value = Configuration.AUTH_TOKEN) String token, //
@PathVariable(value = "projectId") String projectId, //
@PathVariable(value = "modelId") String modelId, //
@RequestParam(value = "handlerClass") String handlerClass, //
diff --git a/rest-api/src/main/java/lcsb/mapviewer/api/projects/ProjectRestImpl.java b/rest-api/src/main/java/lcsb/mapviewer/api/projects/ProjectRestImpl.java
index ccc502800e..7dba989eea 100644
--- a/rest-api/src/main/java/lcsb/mapviewer/api/projects/ProjectRestImpl.java
+++ b/rest-api/src/main/java/lcsb/mapviewer/api/projects/ProjectRestImpl.java
@@ -17,6 +17,7 @@ import org.apache.commons.io.IOUtils;
import org.apache.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.transaction.annotation.Transactional;
+import org.springframework.web.bind.annotation.CookieValue;
import org.springframework.web.bind.annotation.RequestParam;
import lcsb.mapviewer.api.BaseRestImpl;
@@ -52,7 +53,6 @@ import lcsb.mapviewer.services.SecurityException;
import lcsb.mapviewer.services.interfaces.ILayoutService;
import lcsb.mapviewer.services.interfaces.IModelService;
import lcsb.mapviewer.services.interfaces.IProjectService;
-import lcsb.mapviewer.services.interfaces.ISearchService;
import lcsb.mapviewer.services.interfaces.IUserService;
import lcsb.mapviewer.services.utils.ColorSchemaReader;
import lcsb.mapviewer.services.utils.data.BuildInLayout;
@@ -96,8 +96,7 @@ public class ProjectRestImpl extends BaseRestImpl {
@Autowired
private OverviewImageViewFactory factory;
- public ProjectMetaData getMetaData(@RequestParam(value = "projectId") String projectId, @RequestParam(value = "token") String token)
- throws SecurityException {
+ public ProjectMetaData getMetaData(String projectId, String token) throws SecurityException {
AuthenticationToken authenticationToken = userService.getToken(token);
Project project = projectService.getProjectByProjectId(projectId, authenticationToken);
ProjectMetaData result = createData(project, authenticationToken);
diff --git a/rest-api/src/main/java/lcsb/mapviewer/api/projects/chemicals/ChemicalController.java b/rest-api/src/main/java/lcsb/mapviewer/api/projects/chemicals/ChemicalController.java
index 2ba318842d..95cdfe87f7 100644
--- a/rest-api/src/main/java/lcsb/mapviewer/api/projects/chemicals/ChemicalController.java
+++ b/rest-api/src/main/java/lcsb/mapviewer/api/projects/chemicals/ChemicalController.java
@@ -7,6 +7,7 @@ import java.util.Map;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
+import org.springframework.web.bind.annotation.CookieValue;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
@@ -15,6 +16,7 @@ import org.springframework.web.bind.annotation.RestController;
import lcsb.mapviewer.api.BaseController;
import lcsb.mapviewer.api.QueryException;
+import lcsb.mapviewer.common.Configuration;
import lcsb.mapviewer.services.SecurityException;
@RestController
@@ -25,7 +27,7 @@ public class ChemicalController extends BaseController {
@RequestMapping(value = "/projects/{projectId}/chemicals:search", method = { RequestMethod.GET }, produces = { MediaType.APPLICATION_JSON_VALUE })
public List<Map<String, Object>> getChemicalsByQuery(//
- @RequestParam(value = "token") String token, //
+ @CookieValue(value = Configuration.AUTH_TOKEN) String token, //
@PathVariable(value = "projectId") String projectId, //
@RequestParam(value = "columns", defaultValue = "") String columns, //
@RequestParam(value = "query", defaultValue = "") String query, //
diff --git a/rest-api/src/main/java/lcsb/mapviewer/api/projects/comments/CommentController.java b/rest-api/src/main/java/lcsb/mapviewer/api/projects/comments/CommentController.java
index f90116d329..aaff441f0d 100644
--- a/rest-api/src/main/java/lcsb/mapviewer/api/projects/comments/CommentController.java
+++ b/rest-api/src/main/java/lcsb/mapviewer/api/projects/comments/CommentController.java
@@ -6,6 +6,7 @@ import java.util.Map;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
+import org.springframework.web.bind.annotation.CookieValue;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
@@ -14,6 +15,7 @@ import org.springframework.web.bind.annotation.RestController;
import lcsb.mapviewer.api.BaseController;
import lcsb.mapviewer.api.QueryException;
+import lcsb.mapviewer.common.Configuration;
import lcsb.mapviewer.services.SecurityException;
import lcsb.mapviewer.services.search.data.ElementIdentifier.ElementIdentifierType;
@@ -25,7 +27,7 @@ public class CommentController extends BaseController {
@RequestMapping(value = "/projects/{projectId}/comments/models/{modelId}/", method = { RequestMethod.GET }, produces = { MediaType.APPLICATION_JSON_VALUE })
public List<Map<String, Object>> getComments(//
- @RequestParam(value = "token") String token, //
+ @CookieValue(value = Configuration.AUTH_TOKEN) String token, //
@PathVariable(value = "projectId") String projectId, //
@RequestParam(value = "columns", defaultValue = "") String columns, //
@RequestParam(value = "removed", defaultValue = "") String removed //
@@ -36,7 +38,7 @@ public class CommentController extends BaseController {
@RequestMapping(value = "/projects/{projectId}/comments/models/{modelId}/bioEntities/reactions/{reactionId}", method = { RequestMethod.GET },
produces = { MediaType.APPLICATION_JSON_VALUE })
public List<Map<String, Object>> getCommentsByReaction(//
- @RequestParam(value = "token") String token, //
+ @CookieValue(value = Configuration.AUTH_TOKEN) String token, //
@PathVariable(value = "projectId") String projectId, //
@RequestParam(value = "columns", defaultValue = "") String columns, //
@PathVariable(value = "reactionId") String reactionId, //
@@ -48,7 +50,7 @@ public class CommentController extends BaseController {
@RequestMapping(value = "/projects/{projectId}/comments/models/{modelId}/bioEntities/elements/{elementId}", method = { RequestMethod.GET },
produces = { MediaType.APPLICATION_JSON_VALUE })
public List<Map<String, Object>> getCommentsByElement(//
- @RequestParam(value = "token") String token, //
+ @CookieValue(value = Configuration.AUTH_TOKEN) String token, //
@PathVariable(value = "projectId") String projectId, //
@RequestParam(value = "columns", defaultValue = "") String columns, //
@PathVariable(value = "elementId") String elementId, //
@@ -60,7 +62,7 @@ public class CommentController extends BaseController {
@RequestMapping(value = "/projects/{projectId}/comments/models/{modelId}/points/{coordinates}", method = { RequestMethod.GET },
produces = { MediaType.APPLICATION_JSON_VALUE })
public List<Map<String, Object>> getCommentsByPoint(//
- @RequestParam(value = "token") String token, //
+ @CookieValue(value = Configuration.AUTH_TOKEN) String token, //
@PathVariable(value = "projectId") String projectId, //
@RequestParam(value = "columns", defaultValue = "") String columns, //
@PathVariable(value = "coordinates") String coordinates, //
@@ -72,7 +74,7 @@ public class CommentController extends BaseController {
@RequestMapping(value = "/projects/{projectId}/comments/models/{modelId}/bioEntities/elements/{elementId}", method = { RequestMethod.POST },
produces = { MediaType.APPLICATION_JSON_VALUE })
public Map<String, Object> addCommentForElement(//
- @RequestParam(value = "token") String token, //
+ @CookieValue(value = Configuration.AUTH_TOKEN) String token, //
@PathVariable(value = "projectId") String projectId, //
@PathVariable(value = "elementId") String elementId, //
@RequestParam(value = "name") String name, //
@@ -91,7 +93,7 @@ public class CommentController extends BaseController {
@RequestMapping(value = "/projects/{projectId}/comments/models/{modelId}/bioEntities/reactions/{reactionId}", method = { RequestMethod.POST },
produces = { MediaType.APPLICATION_JSON_VALUE })
public Map<String, Object> addCommentForReaction(//
- @RequestParam(value = "token") String token, //
+ @CookieValue(value = Configuration.AUTH_TOKEN) String token, //
@PathVariable(value = "projectId") String projectId, //
@PathVariable(value = "reactionId") String reactionId, //
@RequestParam(value = "name") String name, //
@@ -110,7 +112,7 @@ public class CommentController extends BaseController {
@RequestMapping(value = "/projects/{projectId}/comments/models/{modelId}/points/{coordinates}", method = { RequestMethod.POST },
produces = { MediaType.APPLICATION_JSON_VALUE })
public Map<String, Object> addCommentForPoint(//
- @RequestParam(value = "token") String token, //
+ @CookieValue(value = Configuration.AUTH_TOKEN) String token, //
@PathVariable(value = "projectId") String projectId, //
@RequestParam(value = "name") String name, //
@RequestParam(value = "email") String email, //
diff --git a/rest-api/src/main/java/lcsb/mapviewer/api/projects/drugs/DrugController.java b/rest-api/src/main/java/lcsb/mapviewer/api/projects/drugs/DrugController.java
index 0349d807e6..7afb8ed73f 100644
--- a/rest-api/src/main/java/lcsb/mapviewer/api/projects/drugs/DrugController.java
+++ b/rest-api/src/main/java/lcsb/mapviewer/api/projects/drugs/DrugController.java
@@ -6,6 +6,7 @@ import java.util.Map;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
+import org.springframework.web.bind.annotation.CookieValue;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
@@ -14,6 +15,7 @@ import org.springframework.web.bind.annotation.RestController;
import lcsb.mapviewer.api.BaseController;
import lcsb.mapviewer.api.QueryException;
+import lcsb.mapviewer.common.Configuration;
import lcsb.mapviewer.services.SecurityException;
@RestController
@@ -24,7 +26,7 @@ public class DrugController extends BaseController {
@RequestMapping(value = "/projects/{projectId}/drugs:search", method = { RequestMethod.GET }, produces = { MediaType.APPLICATION_JSON_VALUE })
public List<Map<String, Object>> getDrugsByQuery(//
- @RequestParam(value = "token") String token, //
+ @CookieValue(value = Configuration.AUTH_TOKEN) String token, //
@PathVariable(value = "projectId") String projectId, //
@RequestParam(value = "columns", defaultValue = "") String columns, //
@RequestParam(value = "query", defaultValue = "") String query, //
diff --git a/rest-api/src/main/java/lcsb/mapviewer/api/projects/mirnas/MiRnaController.java b/rest-api/src/main/java/lcsb/mapviewer/api/projects/mirnas/MiRnaController.java
index 5ac60818fa..9450f9d535 100644
--- a/rest-api/src/main/java/lcsb/mapviewer/api/projects/mirnas/MiRnaController.java
+++ b/rest-api/src/main/java/lcsb/mapviewer/api/projects/mirnas/MiRnaController.java
@@ -6,6 +6,7 @@ import java.util.Map;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
+import org.springframework.web.bind.annotation.CookieValue;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
@@ -14,6 +15,7 @@ import org.springframework.web.bind.annotation.RestController;
import lcsb.mapviewer.api.BaseController;
import lcsb.mapviewer.api.QueryException;
+import lcsb.mapviewer.common.Configuration;
import lcsb.mapviewer.services.SecurityException;
@RestController
@@ -24,7 +26,7 @@ public class MiRnaController extends BaseController {
@RequestMapping(value = "/projects/{projectId}/miRnas:search", method = { RequestMethod.GET }, produces = { MediaType.APPLICATION_JSON_VALUE })
public List<Map<String, Object>> getMiRnasByQuery(//
- @RequestParam(value = "token") String token, //
+ @CookieValue(value = Configuration.AUTH_TOKEN) String token, //
@PathVariable(value = "projectId") String projectId, //
@RequestParam(value = "columns", defaultValue = "") String columns, //
@RequestParam(value = "query", defaultValue = "") String query, //
diff --git a/rest-api/src/main/java/lcsb/mapviewer/api/projects/models/bioEntities/BioEntitiesController.java b/rest-api/src/main/java/lcsb/mapviewer/api/projects/models/bioEntities/BioEntitiesController.java
index acf743a154..9f8bd3fe86 100644
--- a/rest-api/src/main/java/lcsb/mapviewer/api/projects/models/bioEntities/BioEntitiesController.java
+++ b/rest-api/src/main/java/lcsb/mapviewer/api/projects/models/bioEntities/BioEntitiesController.java
@@ -7,6 +7,7 @@ import java.util.Map;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
+import org.springframework.web.bind.annotation.CookieValue;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
@@ -15,6 +16,7 @@ import org.springframework.web.bind.annotation.RestController;
import lcsb.mapviewer.api.BaseController;
import lcsb.mapviewer.api.QueryException;
+import lcsb.mapviewer.common.Configuration;
import lcsb.mapviewer.services.SecurityException;
@RestController
@@ -27,7 +29,7 @@ public class BioEntitiesController extends BaseController {
public List<Map<String, Object>> getClosestElementsByCoordinates(//
@PathVariable(value = "projectId") String projectId, //
@PathVariable(value = "modelId") String modelId, //
- @RequestParam(value = "token") String token, //
+ @CookieValue(value = Configuration.AUTH_TOKEN) String token, //
@RequestParam(value = "coordinates", defaultValue = "") String coordinates, //
@RequestParam(value = "query", defaultValue = "") String query, //
@RequestParam(value = "count", defaultValue = "") String count, //
@@ -68,7 +70,7 @@ public class BioEntitiesController extends BaseController {
produces = { MediaType.APPLICATION_JSON_VALUE })
public String[] getSuggestedQueryList( //
@PathVariable(value = "projectId") String projectId, //
- @RequestParam(value = "token") String token//
+ @CookieValue(value = Configuration.AUTH_TOKEN) String token//
) throws SecurityException {
return bioEntitiesRestImpl.getSuggestedQueryList(projectId, token);
}
diff --git a/rest-api/src/main/java/lcsb/mapviewer/api/projects/models/bioEntities/elements/ElementsController.java b/rest-api/src/main/java/lcsb/mapviewer/api/projects/models/bioEntities/elements/ElementsController.java
index d006a63c73..c6e8f637fb 100644
--- a/rest-api/src/main/java/lcsb/mapviewer/api/projects/models/bioEntities/elements/ElementsController.java
+++ b/rest-api/src/main/java/lcsb/mapviewer/api/projects/models/bioEntities/elements/ElementsController.java
@@ -5,6 +5,7 @@ import java.util.Map;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
+import org.springframework.web.bind.annotation.CookieValue;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
@@ -12,6 +13,7 @@ import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import lcsb.mapviewer.api.BaseController;
+import lcsb.mapviewer.common.Configuration;
import lcsb.mapviewer.services.SecurityException;
@RestController
@@ -26,7 +28,7 @@ public class ElementsController extends BaseController {
@PathVariable(value = "modelId") String modelId, //
@RequestParam(value = "id", defaultValue = "") String id, //
@RequestParam(value = "columns", defaultValue = "") String columns, //
- @RequestParam(value = "token") String token//
+ @CookieValue(value = Configuration.AUTH_TOKEN) String token//
) throws SecurityException {
return projectController.getElements(projectId, id, columns, modelId, token);
}
diff --git a/rest-api/src/main/java/lcsb/mapviewer/api/projects/models/bioEntities/reactions/ReactionsController.java b/rest-api/src/main/java/lcsb/mapviewer/api/projects/models/bioEntities/reactions/ReactionsController.java
index 0d2175c1d6..2cde3d273d 100644
--- a/rest-api/src/main/java/lcsb/mapviewer/api/projects/models/bioEntities/reactions/ReactionsController.java
+++ b/rest-api/src/main/java/lcsb/mapviewer/api/projects/models/bioEntities/reactions/ReactionsController.java
@@ -5,6 +5,7 @@ import java.util.Map;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
+import org.springframework.web.bind.annotation.CookieValue;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
@@ -12,6 +13,7 @@ import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import lcsb.mapviewer.api.BaseController;
+import lcsb.mapviewer.common.Configuration;
import lcsb.mapviewer.services.SecurityException;
@RestController
@@ -26,7 +28,7 @@ public class ReactionsController extends BaseController {
@PathVariable(value = "modelId") String modelId, //
@RequestParam(value = "id", defaultValue = "") String id, //
@RequestParam(value = "columns", defaultValue = "") String columns, //
- @RequestParam(value = "token") String token, //
+ @CookieValue(value = Configuration.AUTH_TOKEN) String token, //
@RequestParam(value = "participantId", defaultValue = "") String participantId//
) throws SecurityException {
return reactionController.getReactions(projectId, id, columns, modelId, token, participantId);
diff --git a/rest-api/src/main/java/lcsb/mapviewer/api/projects/models/publications/PublicationsController.java b/rest-api/src/main/java/lcsb/mapviewer/api/projects/models/publications/PublicationsController.java
index f4e7b38be7..32a73f0d15 100644
--- a/rest-api/src/main/java/lcsb/mapviewer/api/projects/models/publications/PublicationsController.java
+++ b/rest-api/src/main/java/lcsb/mapviewer/api/projects/models/publications/PublicationsController.java
@@ -1,13 +1,10 @@
package lcsb.mapviewer.api.projects.models.publications;
-import java.awt.geom.Point2D;
-import java.io.IOException;
-import java.util.List;
import java.util.Map;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
-import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.CookieValue;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
@@ -16,11 +13,7 @@ import org.springframework.web.bind.annotation.RestController;
import lcsb.mapviewer.api.BaseController;
import lcsb.mapviewer.api.QueryException;
-import lcsb.mapviewer.commands.CommandExecutionException;
-import lcsb.mapviewer.converter.ConverterException;
-import lcsb.mapviewer.model.cache.FileEntry;
-import lcsb.mapviewer.model.map.InconsistentModelException;
-import lcsb.mapviewer.model.map.layout.InvalidColorSchemaException;
+import lcsb.mapviewer.common.Configuration;
import lcsb.mapviewer.services.SecurityException;
@RestController
@@ -33,7 +26,7 @@ public class PublicationsController extends BaseController {
public Map<String, Object> getPublications(//
@PathVariable(value = "projectId") String projectId, //
@PathVariable(value = "modelId") String modelId, //
- @RequestParam(value = "token") String token, //
+ @CookieValue(value = Configuration.AUTH_TOKEN) String token, //
@RequestParam(value = "start", defaultValue = "0") String start, //
@RequestParam(value = "length", defaultValue = "10") Integer length//
) throws QueryException, SecurityException {
diff --git a/rest-api/src/main/java/lcsb/mapviewer/api/projects/overlays/OverlayController.java b/rest-api/src/main/java/lcsb/mapviewer/api/projects/overlays/OverlayController.java
index c5f259ab5e..8b24479599 100644
--- a/rest-api/src/main/java/lcsb/mapviewer/api/projects/overlays/OverlayController.java
+++ b/rest-api/src/main/java/lcsb/mapviewer/api/projects/overlays/OverlayController.java
@@ -8,6 +8,7 @@ import org.apache.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.CookieValue;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
@@ -20,6 +21,7 @@ import com.fasterxml.jackson.databind.JsonMappingException;
import lcsb.mapviewer.api.BaseController;
import lcsb.mapviewer.api.QueryException;
+import lcsb.mapviewer.common.Configuration;
import lcsb.mapviewer.model.cache.FileEntry;
import lcsb.mapviewer.services.SecurityException;
import lcsb.mapviewer.services.view.LayoutView;
@@ -34,7 +36,7 @@ public class OverlayController extends BaseController {
@RequestMapping(value = "/projects/{projectId}/overlays/", method = { RequestMethod.GET }, produces = { MediaType.APPLICATION_JSON_VALUE })
public List<LayoutView> getOverlayList(//
- @RequestParam(value = "token") String token, //
+ @CookieValue(value = Configuration.AUTH_TOKEN) String token, //
@PathVariable(value = "projectId") String projectId //
) throws SecurityException, QueryException {
return overlayRestImp.getOverlayList(token, projectId);
@@ -42,7 +44,7 @@ public class OverlayController extends BaseController {
@RequestMapping(value = "/projects/{projectId}/overlays/{overlayId}/", method = { RequestMethod.GET }, produces = { MediaType.APPLICATION_JSON_VALUE })
public LayoutView getOverlayById(//
- @RequestParam(value = "token") String token, //
+ @CookieValue(value = Configuration.AUTH_TOKEN) String token, //
@PathVariable(value = "projectId") String projectId, //
@PathVariable(value = "overlayId") String overlayId//
) throws SecurityException, QueryException {
@@ -52,7 +54,7 @@ public class OverlayController extends BaseController {
@RequestMapping(value = "/projects/{projectId}/overlays/{overlayId}/models/{modelId}/bioEntities/", method = { RequestMethod.GET },
produces = { MediaType.APPLICATION_JSON_VALUE })
public List<Map<String, Object>> getOverlayElements(//
- @RequestParam(value = "token") String token, //
+ @CookieValue(value = Configuration.AUTH_TOKEN) String token, //
@PathVariable(value = "projectId") String projectId, //
@PathVariable(value = "overlayId") String overlayId, @RequestParam(value = "columns", defaultValue = "") String columns)
throws SecurityException, QueryException {
@@ -62,7 +64,7 @@ public class OverlayController extends BaseController {
@RequestMapping(value = "/projects/{projectId}/overlays/{overlayId}/models/{modelId}/bioEntities/reactions/{reactionId}/", method = { RequestMethod.GET },
produces = { MediaType.APPLICATION_JSON_VALUE })
public Map<String, Object> getFullReaction(//
- @RequestParam(value = "token") String token, //
+ @CookieValue(value = Configuration.AUTH_TOKEN) String token, //
@PathVariable(value = "projectId") String projectId, //
@PathVariable(value = "modelId") String modelId, //
@PathVariable(value = "overlayId") String overlayId, //
@@ -76,7 +78,7 @@ public class OverlayController extends BaseController {
@RequestMapping(value = "/projects/{projectId}/overlays/{overlayId}/models/{modelId}/bioEntities/elements/{elementId}/", method = { RequestMethod.GET },
produces = { MediaType.APPLICATION_JSON_VALUE })
public Map<String, Object> getFullSpecies(//
- @RequestParam(value = "token") String token, //
+ @CookieValue(value = Configuration.AUTH_TOKEN) String token, //
@PathVariable(value = "projectId") String projectId, //
@PathVariable(value = "modelId") String modelId, //
@PathVariable(value = "overlayId") String overlayId, //
@@ -89,7 +91,7 @@ public class OverlayController extends BaseController {
@RequestMapping(value = "/projects/{projectId}/overlays/", method = { RequestMethod.POST }, produces = { MediaType.APPLICATION_JSON_VALUE })
public Map<String, Object> addOverlay( //
- @RequestParam(value = "token") String token, //
+ @CookieValue(value = Configuration.AUTH_TOKEN) String token, //
@PathVariable(value = "projectId") String projectId, //
@RequestParam(value = "name") String name, //
@RequestParam(value = "description") String description, //
@@ -124,7 +126,7 @@ public class OverlayController extends BaseController {
@RequestMapping(value = "/projects/{projectId}/overlays/{overlayId}:downloadSource", method = { RequestMethod.GET },
produces = { MediaType.APPLICATION_JSON_VALUE })
public ResponseEntity<byte[]> getOverlaySource( //
- @RequestParam(value = "token") String token, //
+ @CookieValue(value = Configuration.AUTH_TOKEN) String token, //
@PathVariable(value = "projectId") String projectId, //
@PathVariable(value = "overlayId") String overlayId //
) throws SecurityException, QueryException, JsonParseException, JsonMappingException, IOException {
--
GitLab