Merge pull request #661 from rizard/master

Add ability to permit all origins when using REST API

src/main/java/net/floodlightcontroller/restserver/RestApiServer.java

@@ -29,10 +29,12 @@ import org.restlet.Request;
 import org.restlet.Response;
 import org.restlet.Restlet;
 import org.restlet.Server;
+import org.restlet.data.Header;
 import org.restlet.data.Parameter;
 import org.restlet.data.Protocol;
 import org.restlet.data.Reference;
 import org.restlet.data.Status;
+import org.restlet.engine.header.HeaderConstants;
 import org.restlet.ext.jackson.JacksonRepresentation;
 import org.restlet.representation.Representation;
 import org.restlet.routing.Filter;
@@ -60,6 +62,8 @@ public class RestApiServer implements IFloodlightModule, IRestApiService {
 
 	private static String httpsNeedClientAuth = "true";
 
+	private static boolean accessControlAllowAllOrigins = false;
+
 	private static boolean useHttps = false;
 	private static boolean useHttp = false;
 
@@ -101,9 +105,57 @@ public class RestApiServer implements IFloodlightModule, IRestApiService {
 				}
 
 			};
-			slashFilter.setNext(baseRouter);
 
-			return slashFilter;
+			if (accessControlAllowAllOrigins) {
+				Filter crossAccessAllowAll = new Filter() {
+					@Override
+					protected int beforeHandle(Request request, Response response) {
+						// Initialize response headers
+						@SuppressWarnings("unchecked")
+						Series<Header> responseHeaders = (Series<Header>) response
+						.getAttributes().get(HeaderConstants.ATTRIBUTE_HEADERS);
+						if (responseHeaders == null) {
+							responseHeaders = new Series<Header>(Header.class);
+						}
+
+						// Request headers
+						@SuppressWarnings("unchecked")
+						Series<Header> requestHeaders = (Series<Header>) request
+						.getAttributes().get(HeaderConstants.ATTRIBUTE_HEADERS);
+						String requestOrigin = requestHeaders.getFirstValue("Origin",
+								false, "*");
+						String rh = requestHeaders.getFirstValue(
+								"Access-Control-Request-Headers", false, "*");
+
+						// Set CORS headers in response
+						responseHeaders.set(
+								"Access-Control-Expose-Headers",
+								"Authorization, Link");
+						responseHeaders.set("Access-Control-Allow-Credentials", "true");
+						responseHeaders.set("Access-Control-Allow-Methods",
+								"GET,POST,PUT,DELETE");
+						responseHeaders.set("Access-Control-Allow-Origin", requestOrigin);
+						responseHeaders.set("Access-Control-Allow-Headers", rh);
+
+						// Set response headers
+						response.getAttributes().put(HeaderConstants.ATTRIBUTE_HEADERS,
+								responseHeaders);
+
+						// Handle HTTP methods
+						if (org.restlet.data.Method.OPTIONS.equals(request.getMethod())) {
+							return Filter.STOP;
+						}
+						return Filter.CONTINUE;
+					}
+				};
+
+				crossAccessAllowAll.setNext(slashFilter);
+				slashFilter.setNext(baseRouter);
+				return crossAccessAllowAll; /* caaa --> sf --> br */
+			}
+
+			slashFilter.setNext(baseRouter);
+			return slashFilter; /* sf --> br */
 		}
 
 		public void run(FloodlightModuleContext fmlContext, String restHost) {
@@ -259,6 +311,7 @@ public class RestApiServer implements IFloodlightModule, IRestApiService {
 		String useHttps = configOptions.get("useHttps");
 		String useHttp = configOptions.get("useHttp");
 		String httpsNeedClientAuth = configOptions.get("httpsNeedClientAuthentication");
+		String accessControlAllowOrigin = configOptions.get("accessControlAllowAllOrigins");
 
 		/* HTTPS Access (ciphertext) */
 		if (useHttps == null || path == null || path.isEmpty() || 
@@ -305,7 +358,7 @@ public class RestApiServer implements IFloodlightModule, IRestApiService {
 				RestApiServer.httpPort = port.trim();
 			}	
 		}
-		
+
 		if (RestApiServer.useHttp && RestApiServer.useHttps && RestApiServer.httpPort.equals(RestApiServer.httpsPort)) {
 			logger.error("REST API's HTTP and HTTPS ports cannot be the same. Got " + RestApiServer.httpPort + " for both.");
 			throw new IllegalArgumentException("REST API's HTTP and HTTPS ports cannot be the same. Got " + RestApiServer.httpPort + " for both.");
@@ -327,6 +380,13 @@ public class RestApiServer implements IFloodlightModule, IRestApiService {
 		} else {
 			logger.warn("HTTP enabled; Allowing unsecure access to REST API on port {}.", RestApiServer.httpPort);
 		}
+
+		if (accessControlAllowOrigin != null) {
+			try {
+				RestApiServer.accessControlAllowAllOrigins = Boolean.parseBoolean(accessControlAllowOrigin);
+			} catch (Exception e) { }
+			logger.warn("CORS access control allow ALL origins: {}", RestApiServer.accessControlAllowAllOrigins);
+		}
 	}
 
 	@Override

src/main/java/net/floodlightcontroller/ui/web/StaticWebRoutable.java

@@ -72,7 +72,9 @@ public class StaticWebRoutable implements RestletRoutable, IFloodlightModule {
 	@Override
 	public Restlet getRestlet(Context context) {
         Router router = new Router(context);
-        router.attach("", new Directory(context, "clap://classloader/web/"));
+        Directory dir = new Directory(context, "clap://classloader/web/");
+        dir.setIndexName("index.html"); /* redirect from <ip>:<port>/ui/ --> /ui/index.html */
+        router.attach("", dir);
         context.setClientDispatcher(new Client(context, Protocol.CLAP));
         return router;
 	}

src/main/resources/floodlightdefault.properties

@@ -56,5 +56,6 @@ net.floodlightcontroller.restserver.RestApiServer.useHttps=NO
 net.floodlightcontroller.restserver.RestApiServer.useHttp=YES
 net.floodlightcontroller.restserver.RestApiServer.httpsPort=8081
 net.floodlightcontroller.restserver.RestApiServer.httpPort=8080
+net.floodlightcontroller.restserver.RestApiServer.accessControlAllowAllOrigins=FALSE
 net.floodlightcontroller.statistics.StatisticsCollector.enable=FALSE
 net.floodlightcontroller.statistics.StatisticsCollector.collectionIntervalPortStatsSeconds=10
\ No newline at end of file