Examples with IPRange org.forgerock.openam.utils.IPRange used on opensource projects

Example 1 with IPRange

use of org.forgerock.openam.utils.IPRange in project OpenAM by OpenRock.

the class Adaptive method checkIPRange.

/**
     * Check to see if the IP address is within the ranges specified
     *
     * Range can be in the form of:
     * x.x.x.x/YY
     * or
     * x.x.x.x-y.y.y.y.
     * or
     * x:x:x:x:x:x:x:x/YY
     * or
     * x:x:x:x:x:x:x:x-y:y:y:y:y:y:y:y
     *
     * There can be multiple ranges passed in
     *
     * @return score achieved with this test
     */
protected int checkIPRange() {
    int retVal = 0;
    String ipVersion;
    String ipType;
    Map<String, String> holdDetails;
    for (String nextIP : IPRangeRange) {
        try {
            holdDetails = checkIPVersion(nextIP);
        } catch (IllegalArgumentException e) {
            if (debug.warningEnabled()) {
                debug.warning("{}.checkIPRange: IP type could not be validated. IP={}", ADAPTIVE, nextIP, e);
            }
            continue;
        }
        ipVersion = holdDetails.get(IP_Version);
        ipType = holdDetails.get(IP_TYPE);
        if (ipVersion.equalsIgnoreCase(IP_V6) && ValidateIPaddress.isIPv6(clientIP)) {
            if (debug.messageEnabled()) {
                debug.message("{}.checkIPRange: {} --> {}", ADAPTIVE, clientIP, nextIP);
                debug.message("IP version is: {}", IP_V6);
                debug.message("Client IP is: {}", IPv6Address.fromString(clientIP));
            }
            if (ipType.equalsIgnoreCase("Range")) {
                // Do range IPv6
                String first = holdDetails.get(IP_START);
                String last = holdDetails.get(IP_END);
                IPv6AddressRange iPv6AddressRange = IPv6AddressRange.fromFirstAndLast(IPv6Address.fromString(first), IPv6Address.fromString(last));
                if (iPv6AddressRange.contains(IPv6Address.fromString(clientIP))) {
                    retVal = IPRangeScore;
                }
            } else if (ipType.equalsIgnoreCase("CIDR")) {
                // Subnet mask ip
                IPv6Network iPv6Network = IPv6Network.fromString(nextIP);
                if (iPv6Network.contains(IPv6Address.fromString(clientIP))) {
                    retVal = IPRangeScore;
                }
            } else {
                // treat as single ip address
                IPv6Address iPv6AddressNextIP = IPv6Address.fromString(nextIP);
                if (iPv6AddressNextIP.compareTo(IPv6Address.fromString(clientIP)) == 0) {
                    retVal = IPRangeScore;
                }
            }
        } else if (ipVersion.equalsIgnoreCase(IP_V4) && ValidateIPaddress.isIPv4(clientIP)) {
            // treat as IPv4
            if (debug.messageEnabled()) {
                debug.message("{}.checkIPRange: {} --> {}", ADAPTIVE, clientIP, nextIP);
                debug.message("IP version is: {}", IP_V4);
                debug.message("Client IP is: {}", clientIP);
            }
            IPRange theRange = new IPRange(nextIP);
            if (theRange.inRange(clientIP)) {
                retVal = IPRangeScore;
            }
        }
    }
    if (!IPRangeInvert) {
        retVal = IPRangeScore - retVal;
    }
    return retVal;
}