Beispiel #1
0
    /**
     * Validate cookie path attribute. The value for the Path attribute must be a prefix of the
     * request-URI (case-sensitive matching).
     */
    public void validate(final Cookie cookie, final CookieOrigin origin)
        throws MalformedCookieException {
      if (cookie == null) {
        throw new IllegalArgumentException("Cookie may not be null");
      }
      if (origin == null) {
        throw new IllegalArgumentException("Cookie origin may not be null");
      }
      String path = origin.getPath();
      if (path == null) {
        throw new IllegalArgumentException("Path of origin host may not be null.");
      }
      if (cookie.getPath() == null) {
        throw new MalformedCookieException("Invalid cookie state: " + "path attribute is null.");
      }
      if (path.trim().equals("")) {
        path = PATH_DELIM;
      }

      if (!pathMatch(path, cookie.getPath())) {
        throw new MalformedCookieException(
            "Illegal path attribute \""
                + cookie.getPath()
                + "\". Path of origin: \""
                + path
                + "\"");
      }
    }
Beispiel #2
0
 /** Parse cookie path attribute. */
 public void parse(final Cookie cookie, final String path) throws MalformedCookieException {
   if (cookie == null) {
     throw new IllegalArgumentException("Cookie may not be null");
   }
   if (path == null) {
     throw new MalformedCookieException("Missing value for path attribute");
   }
   if (path.trim().equals("")) {
     throw new MalformedCookieException("Blank value for path attribute");
   }
   cookie.setPath(path);
   cookie.setPathAttributeSpecified(true);
 }
Beispiel #3
0
 public boolean match(final Cookie cookie, final CookieOrigin origin) {
   if (cookie == null) {
     throw new IllegalArgumentException("Cookie may not be null");
   }
   if (origin == null) {
     throw new IllegalArgumentException("Cookie origin may not be null");
   }
   return cookie.getSecure() == origin.isSecure();
 }
Beispiel #4
0
    /**
     * Match cookie path attribute. The value for the Path attribute must be a prefix of the
     * request-URI (case-sensitive matching).
     */
    public boolean match(final Cookie cookie, final CookieOrigin origin) {
      if (cookie == null) {
        throw new IllegalArgumentException("Cookie may not be null");
      }
      if (origin == null) {
        throw new IllegalArgumentException("Cookie origin may not be null");
      }
      String path = origin.getPath();
      if (cookie.getPath() == null) {
        LOG.warn("Invalid cookie state: path attribute is null.");
        return false;
      }
      if (path.trim().equals("")) {
        path = PATH_DELIM;
      }

      if (!pathMatch(path, cookie.getPath())) {
        return false;
      }
      return true;
    }
Beispiel #5
0
  /**
   * Create a RFC 2965 compliant <tt>"Cookie"</tt> header value containing all {@link
   * edu.internet2.middleware.grouperClientExt.org.apache.commons.httpclient.Cookie}s suitable for
   * sending in a <tt>"Cookie"</tt> header
   *
   * @param cookies an array of {@link
   *     edu.internet2.middleware.grouperClientExt.org.apache.commons.httpclient.Cookie}s to be
   *     formatted
   * @return a string suitable for sending in a Cookie header.
   */
  public String formatCookies(final Cookie[] cookies) {
    LOG.trace("enter RFC2965Spec.formatCookieHeader(Cookie[])");

    if (cookies == null) {
      throw new IllegalArgumentException("Cookies may not be null");
    }
    // check if cookies array contains a set-cookie (old style) cookie
    boolean hasOldStyleCookie = false;
    int version = -1;
    for (int i = 0; i < cookies.length; i++) {
      Cookie cookie = cookies[i];
      if (!(cookie instanceof Cookie2)) {
        hasOldStyleCookie = true;
        break;
      }
      if (cookie.getVersion() > version) {
        version = cookie.getVersion();
      }
    }
    if (version < 0) {
      version = 0;
    }
    if (hasOldStyleCookie || version < 1) {
      // delegate old-style cookie formatting to rfc2109Spec
      return this.rfc2109.formatCookies(cookies);
    }
    // Arrange cookies by path
    Arrays.sort(cookies, PATH_COMPOARATOR);

    final StringBuffer buffer = new StringBuffer();
    // format cookie version
    this.formatter.format(buffer, new NameValuePair("$Version", Integer.toString(version)));
    for (int i = 0; i < cookies.length; i++) {
      buffer.append("; ");
      Cookie2 cookie = (Cookie2) cookies[i];
      // format cookie attributes
      doFormatCookie2(cookie, buffer);
    }
    return buffer.toString();
  }
Beispiel #6
0
 /** Parse cookie domain attribute. */
 public void parse(final Cookie cookie, String domain) throws MalformedCookieException {
   if (cookie == null) {
     throw new IllegalArgumentException("Cookie may not be null");
   }
   if (domain == null) {
     throw new MalformedCookieException("Missing value for domain attribute");
   }
   if (domain.trim().equals("")) {
     throw new MalformedCookieException("Blank value for domain attribute");
   }
   domain = domain.toLowerCase();
   if (!domain.startsWith(".")) {
     // Per RFC 2965 section 3.2.2
     // "... If an explicitly specified value does not start with
     // a dot, the user agent supplies a leading dot ..."
     // That effectively implies that the domain attribute
     // MAY NOT be an IP address of a host name
     domain = "." + domain;
   }
   cookie.setDomain(domain);
   cookie.setDomainAttributeSpecified(true);
 }
Beispiel #7
0
  /**
   * Performs RFC 2965 compliant {@link
   * edu.internet2.middleware.grouperClientExt.org.apache.commons.httpclient.Cookie} validation
   *
   * @param host the host from which the {@link
   *     edu.internet2.middleware.grouperClientExt.org.apache.commons.httpclient.Cookie} was
   *     received
   * @param port the port from which the {@link
   *     edu.internet2.middleware.grouperClientExt.org.apache.commons.httpclient.Cookie} was
   *     received
   * @param path the path from which the {@link
   *     edu.internet2.middleware.grouperClientExt.org.apache.commons.httpclient.Cookie} was
   *     received
   * @param secure <tt>true</tt> when the {@link
   *     edu.internet2.middleware.grouperClientExt.org.apache.commons.httpclient.Cookie} was
   *     received using a secure connection
   * @param cookie The cookie to validate
   * @throws MalformedCookieException if an exception occurs during validation
   */
  public void validate(
      final String host, int port, final String path, boolean secure, final Cookie cookie)
      throws MalformedCookieException {

    LOG.trace("enter RFC2965Spec.validate(String, int, String, " + "boolean, Cookie)");

    if (cookie instanceof Cookie2) {
      if (cookie.getName().indexOf(' ') != -1) {
        throw new MalformedCookieException("Cookie name may not contain blanks");
      }
      if (cookie.getName().startsWith("$")) {
        throw new MalformedCookieException("Cookie name may not start with $");
      }
      CookieOrigin origin = new CookieOrigin(getEffectiveHost(host), port, path, secure);
      for (Iterator i = getAttribHandlerIterator(); i.hasNext(); ) {
        CookieAttributeHandler handler = (CookieAttributeHandler) i.next();
        handler.validate(cookie, origin);
      }
    } else {
      // old-style cookies are validated according to the old rules
      this.rfc2109.validate(host, port, path, secure, cookie);
    }
  }
Beispiel #8
0
  /**
   * Return <tt>true</tt> if the cookie should be submitted with a request with given attributes,
   * <tt>false</tt> otherwise.
   *
   * @param host the host to which the request is being submitted
   * @param port the port to which the request is being submitted (ignored)
   * @param path the path to which the request is being submitted
   * @param secure <tt>true</tt> if the request is using a secure connection
   * @return true if the cookie matches the criterium
   */
  public boolean match(String host, int port, String path, boolean secure, final Cookie cookie) {

    LOG.trace("enter RFC2965.match(" + "String, int, String, boolean, Cookie");
    if (cookie == null) {
      throw new IllegalArgumentException("Cookie may not be null");
    }
    if (cookie instanceof Cookie2) {
      // check if cookie has expired
      if (cookie.isPersistent() && cookie.isExpired()) {
        return false;
      }
      CookieOrigin origin = new CookieOrigin(getEffectiveHost(host), port, path, secure);
      for (Iterator i = getAttribHandlerIterator(); i.hasNext(); ) {
        CookieAttributeHandler handler = (CookieAttributeHandler) i.next();
        if (!handler.match(cookie, origin)) {
          return false;
        }
      }
      return true;
    } else {
      // old-style cookies are matched according to the old rules
      return this.rfc2109.match(host, port, path, secure, cookie);
    }
  }
Beispiel #9
0
 /** Parse cookie max-age attribute. */
 public void parse(final Cookie cookie, final String value) throws MalformedCookieException {
   if (cookie == null) {
     throw new IllegalArgumentException("Cookie may not be null");
   }
   if (value == null) {
     throw new MalformedCookieException("Missing value for max-age attribute");
   }
   int age = -1;
   try {
     age = Integer.parseInt(value);
   } catch (NumberFormatException e) {
     age = -1;
   }
   if (age < 0) {
     throw new MalformedCookieException("Invalid max-age attribute.");
   }
   cookie.setExpiryDate(new Date(System.currentTimeMillis() + age * 1000L));
 }
Beispiel #10
0
    /** Match cookie domain attribute. */
    public boolean match(final Cookie cookie, final CookieOrigin origin) {
      if (cookie == null) {
        throw new IllegalArgumentException("Cookie may not be null");
      }
      if (origin == null) {
        throw new IllegalArgumentException("Cookie origin may not be null");
      }
      String host = origin.getHost().toLowerCase();
      String cookieDomain = cookie.getDomain();

      // The effective host name MUST domain-match the Domain
      // attribute of the cookie.
      if (!domainMatch(host, cookieDomain)) {
        return false;
      }
      // effective host name minus domain must not contain any dots
      String effectiveHostWithoutDomain = host.substring(0, host.length() - cookieDomain.length());
      if (effectiveHostWithoutDomain.indexOf('.') != -1) {
        return false;
      }
      return true;
    }
Beispiel #11
0
 public void parse(final Cookie cookie, final String comment) throws MalformedCookieException {
   cookie.setComment(comment);
 }
Beispiel #12
0
 public void parse(final Cookie cookie, final String secure) throws MalformedCookieException {
   cookie.setSecure(true);
 }
Beispiel #13
0
    /** Validate cookie domain attribute. */
    public void validate(final Cookie cookie, final CookieOrigin origin)
        throws MalformedCookieException {
      if (cookie == null) {
        throw new IllegalArgumentException("Cookie may not be null");
      }
      if (origin == null) {
        throw new IllegalArgumentException("Cookie origin may not be null");
      }
      String host = origin.getHost().toLowerCase();
      if (cookie.getDomain() == null) {
        throw new MalformedCookieException("Invalid cookie state: " + "domain not specified");
      }
      String cookieDomain = cookie.getDomain().toLowerCase();

      if (cookie.isDomainAttributeSpecified()) {
        // Domain attribute must start with a dot
        if (!cookieDomain.startsWith(".")) {
          throw new MalformedCookieException(
              "Domain attribute \""
                  + cookie.getDomain()
                  + "\" violates RFC 2109: domain must start with a dot");
        }

        // Domain attribute must contain atleast one embedded dot,
        // or the value must be equal to .local.
        int dotIndex = cookieDomain.indexOf('.', 1);
        if (((dotIndex < 0) || (dotIndex == cookieDomain.length() - 1))
            && (!cookieDomain.equals(".local"))) {
          throw new MalformedCookieException(
              "Domain attribute \""
                  + cookie.getDomain()
                  + "\" violates RFC 2965: the value contains no embedded dots "
                  + "and the value is not .local");
        }

        // The effective host name must domain-match domain attribute.
        if (!domainMatch(host, cookieDomain)) {
          throw new MalformedCookieException(
              "Domain attribute \""
                  + cookie.getDomain()
                  + "\" violates RFC 2965: effective host name does not "
                  + "domain-match domain attribute.");
        }

        // effective host name minus domain must not contain any dots
        String effectiveHostWithoutDomain =
            host.substring(0, host.length() - cookieDomain.length());
        if (effectiveHostWithoutDomain.indexOf('.') != -1) {
          throw new MalformedCookieException(
              "Domain attribute \""
                  + cookie.getDomain()
                  + "\" violates RFC 2965: "
                  + "effective host minus domain may not contain any dots");
        }
      } else {
        // Domain was not specified in header. In this case, domain must
        // string match request host (case-insensitive).
        if (!cookie.getDomain().equals(host)) {
          throw new MalformedCookieException(
              "Illegal domain attribute: \""
                  + cookie.getDomain()
                  + "\"."
                  + "Domain of origin: \""
                  + host
                  + "\"");
        }
      }
    }