/** * Parse the given String into a single {@code MimeType}. * * @param mimeType the string to parse * @return the mime type * @throws InvalidMimeTypeException if the string cannot be parsed */ public static MimeType parseMimeType(String mimeType) { if (!Strings.hasLength(mimeType)) { throw new InvalidMimeTypeException(mimeType, "'mimeType' must not be empty"); } String[] parts = Strings.tokenizeToStringArray(mimeType, ";"); String fullType = parts[0].trim(); // java.net.HttpURLConnection returns a *; q=.2 Accept header if (MimeType.WILDCARD_TYPE.equals(fullType)) { fullType = "*/*"; } int subIndex = fullType.indexOf('/'); if (subIndex == -1) { throw new InvalidMimeTypeException(mimeType, "does not contain '/'"); } if (subIndex == fullType.length() - 1) { throw new InvalidMimeTypeException(mimeType, "does not contain subtype after '/'"); } String type = fullType.substring(0, subIndex); String subtype = fullType.substring(subIndex + 1, fullType.length()); if (MimeType.WILDCARD_TYPE.equals(type) && !MimeType.WILDCARD_TYPE.equals(subtype)) { throw new InvalidMimeTypeException( mimeType, "wildcard type is legal only in '*/*' (all mime types)"); } Map<String, String> parameters = null; if (parts.length > 1) { parameters = new LinkedHashMap<String, String>(parts.length - 1); for (int i = 1; i < parts.length; i++) { String parameter = parts[i]; int eqIndex = parameter.indexOf('='); if (eqIndex != -1) { String attribute = parameter.substring(0, eqIndex); String value = parameter.substring(eqIndex + 1, parameter.length()); parameters.put(attribute, value); } } } try { return new MimeType(type, subtype, parameters); } catch (UnsupportedCharsetException ex) { throw new InvalidMimeTypeException( mimeType, "unsupported charset '" + ex.getCharsetName() + "'"); } catch (IllegalArgumentException ex) { throw new InvalidMimeTypeException(mimeType, ex.getMessage()); } }
public static boolean containsEmailAddress(String password) { if (!Strings.hasText(password)) { return false; } matcher = pattern.matcher(password); return matcher.matches(); }
@Override public CsrfToken loadToken(HttpServletRequest request) { String token = Strings.clean(request.getParameter(parameterName)); if (token == null) { token = Strings.clean(request.getHeader(headerName)); } if (token == null) { return null; } try { Jws<Claims> jws = Jwts.parser().setSigningKey(signingKey).parseClaimsJws(token); // signature is valid, now let's ensure it hasn't been submitted before: String id = jws.getBody().getId(); String usedNonce = null; Cache.ValueWrapper wrapper = nonceCache.get(id); if (wrapper != null) { Object val = wrapper.get(); if (val != null) { usedNonce = val.toString(); } } if (usedNonce == null) { // CSRF token hasn't been used yet, mark it as used: nonceCache.put(id, token); return new DefaultCsrfToken(headerName, parameterName, token); } } catch (Exception e) { log.debug( "CSRF token is invalid (this is likely to happen and not necessarily an error condition).", e); } return null; }
@Override public String toString() { StringBuilder sb = new StringBuilder(128); for (Criterion c : criterionEntries) { if (sb.length() > 0) { sb.append(" and "); } sb.append(c); } if (!orderEntries.isEmpty()) { if (sb.length() > 0) { sb.append(" "); } sb.append("order by ").append(Strings.collectionToDelimitedString(orderEntries, ", ")); } if (offset != null) { if (sb.length() > 0) { sb.append(" "); } sb.append("offset ").append(offset); } if (limit != null) { if (sb.length() > 0) { sb.append(" "); } sb.append("limit ").append(limit); } if (!options.isEmpty() && options instanceof Expandable) { Expandable expandable = (Expandable) options; if (sb.length() > 0) { sb.append(" "); } sb.append("expand ") .append(Strings.collectionToDelimitedString(expandable.getExpansions(), ", ")); } return sb.toString(); }
/** * Parse the given, comma-separated string into a list of {@code MimeType} objects. * * @param mimeTypes the string to parse * @return the list of mime types * @throws IllegalArgumentException if the string cannot be parsed */ public static List<MimeType> parseMimeTypes(String mimeTypes) { if (!Strings.hasLength(mimeTypes)) { return Collections.emptyList(); } String[] tokens = mimeTypes.split(",\\s*"); List<MimeType> result = new ArrayList<MimeType>(tokens.length); for (String token : tokens) { result.add(parseMimeType(token)); } return result; }
/** * Return the {@link ConfigFactory} implementation class to use, either the default {@link * com.stormpath.sdk.servlet.config.impl.DefaultConfigFactory} or a custom class if specified. * * @param servletContext current servlet context * @return the ConfigFactory implementation class to use * @see #CONFIG_FACTORY_CLASS_PARAM_NAME * @see com.stormpath.sdk.servlet.config.impl.DefaultConfigFactory */ protected Class<?> determineConfigFactoryClass(ServletContext servletContext) { String className = servletContext.getInitParameter(CONFIG_FACTORY_CLASS_PARAM_NAME); className = Strings.trimWhitespace(className); if (className != null) { try { return Classes.forName(className); } catch (UnknownClassException ex) { throw new IllegalStateException( "Failed to load custom ConfigFactory class [" + className + "]", ex); } } else { return DefaultConfigFactory.class; } }
private String getJwtResponse(Object httpRequestObject) { String jwtResponse; if (HttpRequest.class.isAssignableFrom(httpRequestObject.getClass())) { HttpRequest httpRequest = (HttpRequest) httpRequestObject; Assert.isTrue( httpRequest.getMethod() == HttpMethod.GET, "Only Http GET method is supported."); jwtResponse = httpRequest.getParameter(JWT_RESPONSE); } else { // This must never happen, if the object request is of HttpServletRequest type the // HTTP_SERVLET_REQUEST_WRAPPER_CLASS // must be already loaded and therefore cannot be null. if (HTTP_SERVLET_REQUEST_WRAPPER_CLASS == null) { throw new RuntimeException( "DefaultHttpServletRequestWrapper not loaded error occurred while handling httpRequest of type: " + httpRequestObject.getClass().getName()); } Constructor<? extends HttpServletRequestWrapper> ctor = Classes.getConstructor(HTTP_SERVLET_REQUEST_WRAPPER_CLASS, Object.class); HttpServletRequestWrapper httpServletRequestWrapper = Classes.instantiate(ctor, httpRequestObject); HttpMethod method = HttpMethod.fromName(httpServletRequestWrapper.getMethod()); Assert.isTrue(HttpMethod.GET == method, "Only Http GET method is supported."); jwtResponse = httpServletRequestWrapper.getParameter(JWT_RESPONSE); } if (!Strings.hasText(jwtResponse)) { throw new InvalidJwtException(InvalidJwtException.JWT_REQUIRED_ERROR); } return jwtResponse; }
@Override public AccountResult getAccountResult() { JwtWrapper jwtWrapper = new JwtWrapper(jwtResponse); Map jsonPayload = jwtWrapper.getJsonPayloadAsMap(); String apiKeyId; Map jsonHeader = jwtWrapper.getJsonHeaderAsMap(); apiKeyId = getRequiredValue(jsonHeader, KEY_ID); getJwtSignatureValidator(apiKeyId).validate(jwtWrapper); Number expire = getRequiredValue(jsonPayload, Claims.EXPIRATION); verifyJwtIsNotExpired(expire.longValue()); String issuer = getRequiredValue(jsonPayload, Claims.ISSUER); // JSDK-261: Enable Java SDK to handle new ID Site error callbacks // We are processing the error after the token has been properly validated if (isError(jsonPayload)) { throw new IDSiteRuntimeException(constructError(jsonPayload, jsonHeader)); } String responseNonce = getRequiredValue(jsonPayload, RESPONSE_ID); if (nonceStore.hasNonce(responseNonce)) { throw new InvalidJwtException(InvalidJwtException.ALREADY_USED_JWT_ERROR); } nonceStore.putNonce(responseNonce); // the 'sub' field can be null if calling /sso/logout when the subject is already logged out: String accountHref = getOptionalValue(jsonPayload, Claims.SUBJECT); boolean accountHrefPresent = Strings.hasText(accountHref); // but this is only legal during the logout scenario, so assert this: IdSiteResultStatus resultStatus = IdSiteResultStatus.valueOf((String) getRequiredValue(jsonPayload, STATUS)); if (!accountHrefPresent && !IdSiteResultStatus.LOGOUT.equals(resultStatus)) { throw new InvalidJwtException(InvalidJwtException.JWT_RESPONSE_MISSING_PARAMETER_ERROR); } Boolean isNewAccount = getRequiredValue(jsonPayload, IS_NEW_SUBJECT); String state = getOptionalValue(jsonPayload, STATE); Map<String, Object> properties = new LinkedHashMap<String, Object>(); properties.put(DefaultAccountResult.NEW_ACCOUNT.getName(), isNewAccount); properties.put(DefaultAccountResult.STATE.getName(), state); if (accountHrefPresent) { Map<String, Object> account = new HashMap<String, Object>(); account.put(DefaultAccountResult.HREF_PROP_NAME, accountHref); properties.put(DefaultAccountResult.ACCOUNT.getName(), account); } AccountResult accountResult = new DefaultAccountResult(dataStore, properties); // @since 1.0.RC7.3 if (this.resultListeners.size() > 0) { dispatchResponseStatus(resultStatus, properties); } return accountResult; }