import javax.net.ssl.HttpsURLConnection; import java.io.*; import java.net.HttpCookie; import java.net.URL; import java.util.List; /** * An example client which is able to authenticate with the LIMS application server and issue basic requests to the * non-public API */ public class LIMSClient { /** * The value to set for the Cookie header on all requests. This value is populated by authenticating the client. */ private String cookie; public static void main(String[] args) throws Exception { LIMSClient client = new LIMSClient(); client.authenticate(); String reindexResponse = client.startElasticsearchReindex(); System.out.println(reindexResponse); String statusResponse = client.getElasticsearchStatus(); System.out.println(statusResponse); } /** * Initializes a session with the LIMS application server */ public void authenticate() throws Exception { URL url = new URL("https://example.claritylims.com/clarity/j_spring_security_check"); HttpsURLConnection connection = (HttpsURLConnection) url.openConnection(); connection.setDoOutput(true); connection.setInstanceFollowRedirects(false); connection.setRequestMethod("POST"); connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded"); byte[] params = "j_username=admin&j_password=password".getBytes("UTF-8"); connection.setRequestProperty("Content-Length", String.valueOf(params.length)); connection.getOutputStream().write(params); if (connection.getResponseCode() != 302) { System.err.println("Unable to authenticate"); System.exit(-1); } cookie = extractCookie(connection.getHeaderField("Set-Cookie")); connection.disconnect(); } /** * Obtains the current status of Elasticsearch indexing. * @return The status JSON response as plain text. */ public String getElasticsearchStatus() throws Exception { URL url = new URL("https://example.claritylims.com/clarity/api/search-index/status"); HttpsURLConnection connection = (HttpsURLConnection) url.openConnection(); connection.setRequestProperty("Cookie", cookie); /* * The X-Requested-With and Origin headers must be set to satisfy CSRF protections */ connection.setRequestProperty("X-Requested-With", "XMLHttpRequest"); connection.setRequestProperty("Origin", "https://example.claritylims.com"); String response = readInputStreamToString(connection.getInputStream()); connection.disconnect(); return response; } /** * Initializes a full rebuild of the Elasticsearch index * @return The reindex JSON response as plain text. */ public String startElasticsearchReindex() throws Exception { URL url = new URL("https://example.claritylims.com/clarity/api/search-index/reindex"); HttpsURLConnection connection = (HttpsURLConnection) url.openConnection(); connection.setRequestMethod("POST"); connection.setRequestProperty("Cookie", cookie); /* * The X-Requested-With and Origin headers must be set to satisfy CSRF protections */ connection.setRequestProperty("X-Requested-With", "XMLHttpRequest"); connection.setRequestProperty("Origin", "https://example.claritylims.com"); String response = readInputStreamToString(connection.getInputStream()); connection.disconnect(); return response; } /** * Extracts the Cookie request header from a Set-Cookie response header. The Cookie header is needed to perform * authenticated requests. * @param setCookieHeader The Set-Cookie response header from an authentication request. * @return The Cookie header value to use for authenticated requests. */ private String extractCookie(String setCookieHeader) { List cookies = HttpCookie.parse(setCookieHeader); for (HttpCookie cookie : cookies) { if (cookie.getName().equals("JSESSIONID")) { return cookie.toString(); } } return null; } /** * Helper method to read an input stream into a string. */ private String readInputStreamToString(InputStream in) throws Exception { Reader reader = new BufferedReader(new InputStreamReader(in, "UTF-8")); int intValueOfChar; StringBuilder builder = new StringBuilder(); while ((intValueOfChar = reader.read()) != -1) { builder.append((char) intValueOfChar); } reader.close(); return builder.toString(); } }