Tuesday, December 5, 2017

JAX-RS :Validate Query Parameter Passed in by the Caller

t’s easy to validate parameters in JAX-RS using filters – ContainerRequestFilter to be specific. There are other options at your disposal, e.g. using (CDI or EJB) interceptors, or injecting (HttpServletRequestusing @Context)

Scenario: Validate Query Parameter Passed in by the Caller

Steps

  • Implement filter
  • Extracts query parameter from ContainerRequestContext
  • Performs the validation – aborts the request with an appropriate response status (and the error message)
@Provider
@QueryParamValidator
public class JAXRSReqFilter implements ContainerRequestFilter {
    @Override
    public void filter(ContainerRequestContext requestContext) throws IOException {
        MultivaluedMap < String, String > queryParameters = requestContext.getUriInfo().getQueryParameters();
        String queryParam = queryParameters.keySet().stream().findFirst().get();
        System.out.println("Query param - " + queryParam);
        if (!queryParam.equals("p")) {
            requestContext.abortWith(Response
                .status(Response.Status.BAD_REQUEST)
                .entity("Invalid Query Param " + queryParam)
                .build());
        }
    }
}

Enforce Filter

  • Use @NameBinding to decorate custom annotation
  • Use the custom annotation on the JAX-RS method
@NameBinding
@Retention(RetentionPolicy.RUNTIME)
@Target({ElementType.TYPE, ElementType.METHOD})
public @interface QueryParamValidator {
    
}

@Path("test")
public class TestResource {
    
    @GET
    @QueryParamValidator
    public String test(@QueryParam("p") String p){
        return "Param "+ p + " on " + new Date();
    }
}

No comments:

Post a Comment