public void doFilter()

in src/main/java/com/googlesource/gerrit/plugins/manager/XAuthFilter.java [52:98]

• 40 lines of code
• 3 McCabe index (conditional complexity)

  public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain)
      throws IOException, ServletException {
    HttpServletRequest httpReq = (HttpServletRequest) req;
    HttpServletResponse httpResp = (HttpServletResponse) resp;

    WebSession session = webSession.get();
    final String gerritAuth = session.getXGerritAuth();
    if (gerritAuth != null) {
      session.setAccessPathOk(AccessPath.REST_API, true);

      logger.atFine().log("Injecting X-Gerrit-Auth for %s", httpReq.getRequestURI());
      httpResp =
          new HttpServletResponseWrapper(httpResp) {

            private int origContentLength;

            @Override
            public void setHeader(String name, String value) {
              logger.atFine().log("%s: %s", name, value);
              if (name.equalsIgnoreCase("Content-Length")) {
                origContentLength = Integer.parseInt(value);
              } else {
                super.setHeader(name, value);
              }
            }

            @Override
            public ServletOutputStream getOutputStream() throws IOException {
              return new TokenReplaceOutputStream(
                  (HttpServletResponse) getResponse(),
                  origContentLength,
                  "@X-Gerrit-Auth".getBytes(UTF_8),
                  gerritAuth.getBytes(UTF_8));
            }
          };

      httpResp.setHeader(
          "Cache-Control", "private, no-cache, no-store, must-revalidate, max-age=0");
      httpResp.setHeader("Pragma", "no-cache");
      httpResp.setHeader("Expires", "0");

      chain.doFilter(req, httpResp);
    } else {
      HttpServletResponse res = (HttpServletResponse) resp;
      res.sendError(HttpServletResponse.SC_UNAUTHORIZED);
    }
  }