Class Utilities.EffectiveOriginResolver

java.lang.Object

com.soklet.Utilities.EffectiveOriginResolver

Enclosing class:

Utilities

@NotThreadSafe
public static final class Utilities.EffectiveOriginResolver
extends Object

Builder for Utilities.extractEffectiveOrigin(EffectiveOriginResolver).

Packages the inputs needed to reconstruct a client origin (scheme + host + optional port) from request headers. The resulting value never includes a path or query component.

Forwarded headers can be spoofed if Soklet is reachable directly. Choose a Utilities.EffectiveOriginResolver.TrustPolicy that matches your deployment and, for Utilities.EffectiveOriginResolver.TrustPolicy.TRUST_PROXY_ALLOWLIST, provide a trusted proxy predicate or allowlist. If the remote address is missing or not trusted, forwarded headers are ignored.

Extraction order is: trusted forwarded headers → Host → (optional) Origin fallback. Origin never overrides a conflicting host value; it only fills missing scheme/port or supplies host when absent.

Defaults: if allowOriginFallback(Boolean) is left unset, Origin fallback is enabled only for Utilities.EffectiveOriginResolver.TrustPolicy.TRUST_ALL; otherwise it is disabled.

Author:

Mark Allen

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static enum	Utilities.EffectiveOriginResolver.TrustPolicy	Forwarded header trust policy.

Method Summary

Modifier and Type	Method	Description
@NonNull Utilities.EffectiveOriginResolver	allowOriginFallback(@Nullable Boolean allowOriginFallback)	Controls whether Origin is used as a fallback signal when determining the client URL prefix.
@NonNull Utilities.EffectiveOriginResolver	remoteAddress(@Nullable InetSocketAddress remoteAddress)	The remote address of the client connection.
@NonNull Utilities.EffectiveOriginResolver	trustedProxyAddresses(@NonNull Set<@NonNull InetAddress> trustedProxyAddresses)	Allows specifying an IP allowlist for trusted proxies.
@NonNull Utilities.EffectiveOriginResolver	trustedProxyPredicate(@Nullable Predicate<InetSocketAddress> trustedProxyPredicate)	Predicate used when Utilities.EffectiveOriginResolver.TrustPolicy.TRUST_PROXY_ALLOWLIST is in effect.
static @NonNull Utilities.EffectiveOriginResolver	withHeaders(@NonNull Map<@NonNull String, @NonNull Set<@NonNull String>> headers, @NonNull Utilities.EffectiveOriginResolver.TrustPolicy trustPolicy)	Acquires a builder seeded with raw request headers and a trust policy.
static @NonNull Utilities.EffectiveOriginResolver	withRequest(@NonNull Request request, @NonNull Utilities.EffectiveOriginResolver.TrustPolicy trustPolicy)	Acquires a builder seeded with a Request and a trust policy.

Methods inherited from class Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

withHeaders

public static @NonNull Utilities.EffectiveOriginResolver withHeaders(@NonNull Map<@NonNull String, @NonNull Set<@NonNull String>> headers,
 @NonNull Utilities.EffectiveOriginResolver.TrustPolicy trustPolicy)

Acquires a builder seeded with raw request headers and a trust policy.

Parameters:

headers - HTTP request headers

trustPolicy - how forwarded headers should be trusted

Returns:

the builder

withRequest

public static @NonNull Utilities.EffectiveOriginResolver withRequest(@NonNull Request request,
 @NonNull Utilities.EffectiveOriginResolver.TrustPolicy trustPolicy)

Acquires a builder seeded with a Request and a trust policy.

Parameters:

request - the current request

trustPolicy - how forwarded headers should be trusted

Returns:

the builder

remoteAddress

public @NonNull Utilities.EffectiveOriginResolver remoteAddress(@Nullable InetSocketAddress remoteAddress)

The remote address of the client connection.

Parameters:

remoteAddress - the remote address, or null if unavailable

Returns:

this builder

trustedProxyPredicate

public @NonNull Utilities.EffectiveOriginResolver trustedProxyPredicate(@Nullable Predicate<InetSocketAddress> trustedProxyPredicate)

Predicate used when Utilities.EffectiveOriginResolver.TrustPolicy.TRUST_PROXY_ALLOWLIST is in effect.

Parameters:

trustedProxyPredicate - predicate that returns true for trusted proxies

Returns:

this builder

trustedProxyAddresses

public @NonNull Utilities.EffectiveOriginResolver trustedProxyAddresses(@NonNull Set<@NonNull InetAddress> trustedProxyAddresses)

Allows specifying an IP allowlist for trusted proxies.

Parameters:

trustedProxyAddresses - IP addresses of trusted proxies

Returns:

this builder

allowOriginFallback

public @NonNull Utilities.EffectiveOriginResolver allowOriginFallback(@Nullable Boolean allowOriginFallback)

Controls whether Origin is used as a fallback signal when determining the client URL prefix.

Parameters:

allowOriginFallback - true to allow Origin fallback, false to disable it

Returns:

this builder