use of com.sun.identity.shared.whitelist.URLPatternMatcher in project OpenAM by OpenRock.
the class RedirectUrlValidator method isRedirectUrlValid.
/**
* Validates the provided redirect URL against the collection of valid goto URL domains found based on the
* configuration info.
*
* @param url The URL that needs to be validated. May be null.
* @param configInfo The necessary information about the configuration to determine the collection of valid goto
* URL domains. May not be null.
* @return <code>true</code> if the provided URL is valid, <code>false</code> otherwise.
*/
public boolean isRedirectUrlValid(final String url, final T configInfo) {
if (url == null || url.isEmpty()) {
return false;
}
final Collection<String> patterns = domainExtractor.extractValidDomains(configInfo);
if (DEBUG.messageEnabled()) {
DEBUG.message("Validating goto URL " + url + " against patterns:\n" + patterns);
}
if (url.length() > MAX_URL_LENGTH) {
return false;
}
try {
final URI uri = new URI(url);
// Both Absolute and scheme relative URLs should be validated.
if (!uri.isAbsolute() && !url.startsWith("//")) {
return true;
}
if (uri.getScheme() != null && !uri.getScheme().equals("http") && !uri.getScheme().equals("https")) {
return false;
}
} catch (final URISyntaxException urise) {
if (DEBUG.messageEnabled()) {
DEBUG.message("The goto URL " + url + " is not a valid URI", urise);
}
return false;
}
if (patterns == null || patterns.isEmpty()) {
if (DEBUG.messageEnabled()) {
DEBUG.message("There are no patterns to validate the URL against, the goto URL is considered valid");
}
return true;
}
final URLPatternMatcher patternMatcher = new URLPatternMatcher();
try {
return patternMatcher.match(url, patterns, true);
} catch (MalformedURLException murle) {
DEBUG.error("An error occurred while validating goto URL: " + url, murle);
return false;
}
}
Aggregations