LCOV - code coverage report
Current view: top level - httpd/raw - AuthorizationCheckServlet.java (source / functions) Hit Total Coverage
Test: _coverage_report.dat Lines: 9 9 100.0 %
Date: 2022-11-19 15:00:39 Functions: 2 2 100.0 % 

          Line data    Source code
       1             : // Copyright (C) 2018 The Android Open Source Project
       2             : //
       3             : // Licensed under the Apache License, Version 2.0 (the "License");
       4             : // you may not use this file except in compliance with the License.
       5             : // You may obtain a copy of the License at
       6             : //
       7             : // http://www.apache.org/licenses/LICENSE-2.0
       8             : //
       9             : // Unless required by applicable law or agreed to in writing, software
      10             : // distributed under the License is distributed on an "AS IS" BASIS,
      11             : // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
      12             : // See the License for the specific language governing permissions and
      13             : // limitations under the License.
      14             : 
      15             : package com.google.gerrit.httpd.raw;
      16             : 
      17             : import com.google.gerrit.server.CurrentUser;
      18             : import com.google.gerrit.util.http.CacheHeaders;
      19             : import com.google.inject.Inject;
      20             : import com.google.inject.Provider;
      21             : import com.google.inject.Singleton;
      22             : import java.io.IOException;
      23             : import javax.servlet.http.HttpServlet;
      24             : import javax.servlet.http.HttpServletRequest;
      25             : import javax.servlet.http.HttpServletResponse;
      26             : 
      27             : /**
      28             :  * Offers a dedicated endpoint for checking if a user is still logged in. Returns {@code 204
      29             :  * NO_CONTENT} for logged-in users, {@code 403 FORBIDDEN} otherwise.
      30             :  *
      31             :  * <p>Mainly used by PolyGerrit to check if a user is still logged in.
      32             :  */
      33             : @Singleton
      34             : public class AuthorizationCheckServlet extends HttpServlet {
      35             :   private static final long serialVersionUID = 1L;
      36             :   private final Provider<CurrentUser> user;
      37             : 
      38             :   @Inject
      39          99 :   AuthorizationCheckServlet(Provider<CurrentUser> user) {
      40          99 :     this.user = user;
      41          99 :   }
      42             : 
      43             :   @Override
      44             :   protected void doGet(HttpServletRequest req, HttpServletResponse res) throws IOException {
      45           1 :     CacheHeaders.setNotCacheable(res);
      46           1 :     if (user.get().isIdentifiedUser()) {
      47           1 :       res.setContentLength(0);
      48           1 :       res.setStatus(HttpServletResponse.SC_NO_CONTENT);
      49             :     } else {
      50           1 :       res.setStatus(HttpServletResponse.SC_FORBIDDEN);
      51             :     }
      52           1 :   }
      53             : }

Generated by: LCOV version 1.16+git.20220603.dfeb750