Examples with PatternHolder org.swisspush.gateleen.security.PatternHolder used on opensource projects

Example 1 with PatternHolder

use of org.swisspush.gateleen.security.PatternHolder in project gateleen by swisspush.

the class AclFactory method parseAcl.

public Map<PatternHolder, Set<String>> parseAcl(Buffer buffer) throws ValidationException {
    ValidationResult validationResult = Validator.validateStatic(buffer, aclSchema, log);
    if (!validationResult.isSuccess()) {
        throw new ValidationException(validationResult);
    }
    Map<PatternHolder, Set<String>> result = new HashMap<>();
    JsonObject aclItems = new JsonObject(buffer.toString("UTF-8"));
    for (String id : aclItems.fieldNames()) {
        Object aclItemToTest = aclItems.getValue(id);
        if (!(aclItemToTest instanceof JsonObject)) {
            throw new ValidationException("acl item must be a map: " + id);
        }
        JsonObject aclItem = aclItems.getJsonObject(id);
        aclItems.getValue("debug.read");
        String path = aclItem.getString("path");
        JsonArray methods = aclItem.getJsonArray("methods");
        checkPropertiesValid(path, methods, id);
        if (path != null) {
            PatternHolder holder = new PatternHolder(path);
            Set<String> methodSet = result.computeIfAbsent(holder, k -> new HashSet<>());
            if (methods != null) {
                for (Object methodObj : methods) {
                    String method = (String) methodObj;
                    methodSet.add(method);
                }
            }
        }
    }
    return result;
}

Example 2 with PatternHolder

use of org.swisspush.gateleen.security.PatternHolder in project gateleen by swisspush.

the class RoleAuthorizer method mergeAcl.

private void mergeAcl(String role, Buffer buffer) throws ValidationException {
    Map<PatternHolder, Set<String>> permissions = aclFactory.parseAcl(buffer);
    for (Entry<PatternHolder, Set<String>> entry : permissions.entrySet()) {
        PatternHolder holder = entry.getKey();
        Map<String, Set<String>> aclItem = grantedRoles.computeIfAbsent(holder, k -> new HashMap<>());
        for (String method : entry.getValue()) {
            Set<String> aclMethod = aclItem.computeIfAbsent(method, k -> new HashSet<>());
            aclMethod.add(role);
        }
    }
}

Example 3 with PatternHolder

use of org.swisspush.gateleen.security.PatternHolder in project gateleen by swisspush.

the class ContentTypeConstraintFactory method create.

/**
 * Parses the provided Content-Type constraint configuration resource and returns a list of {@link ContentTypeConstraint} objects.
 *
 * When the configuration resource contains invalid regex patterns, a warning will be logged and the corresponding
 * {@link ContentTypeConstraint} object will not be included in the returned list.
 *
 * @param constraintResourceBuffer the resource to create the {@link ContentTypeConstraint}s from
 * @return a list of {@link ContentTypeConstraint} objects
 */
static List<ContentTypeConstraint> create(Buffer constraintResourceBuffer) {
    List<ContentTypeConstraint> constraints = new ArrayList<>();
    JsonObject config = constraintResourceBuffer.toJsonObject();
    for (String urlPattern : config.fieldNames()) {
        try {
            Pattern pattern = Pattern.compile(urlPattern);
            final List<PatternHolder> allowedTypes = extractAllowedTypes(config.getJsonObject(urlPattern));
            if (!allowedTypes.isEmpty()) {
                constraints.add(new ContentTypeConstraint(new PatternHolder(pattern.pattern()), allowedTypes));
                log.info("Constraint '{}' successfully parsed and added to constraint configuration list", urlPattern);
            } else {
                log.warn("Constraint configuration '{}' has no valid 'allowedTypes' regex pattern. Discarding this constraint", urlPattern);
            }
        } catch (PatternSyntaxException patternException) {
            log.warn("Constraint '{}' is not a valid regex pattern. Discarding this constraint", urlPattern);
        }
    }
    return constraints;
}

Example 4 with PatternHolder

use of org.swisspush.gateleen.security.PatternHolder in project gateleen by swisspush.

the class ContentTypeConstraintTest method testEqualsAndHashcode.

@Test
public void testEqualsAndHashcode(TestContext context) {
    ContentTypeConstraint constraint_0 = new ContentTypeConstraint(new PatternHolder("/gateleen/contacts/zips/(.*)"), Arrays.asList(new PatternHolder("image/png"), new PatternHolder("image/bmp")));
    ContentTypeConstraint constraint_1 = new ContentTypeConstraint(new PatternHolder("/gateleen/contacts/zips/(.*)"), Arrays.asList(new PatternHolder("image/png"), new PatternHolder("image/bmp")));
    context.assertEquals(constraint_0, constraint_1);
    context.assertEquals(constraint_0.hashCode(), constraint_1.hashCode());
    ContentTypeConstraint constraint_2 = new ContentTypeConstraint(new PatternHolder("/gateleen/contacts/zips/(.*)"), Arrays.asList(new PatternHolder("image/png"), new PatternHolder("video/mp4")));
    context.assertNotEquals(constraint_1, constraint_2, "AllowedTypes do not match");
    context.assertNotEquals(constraint_1.hashCode(), constraint_2.hashCode(), "AllowedTypes do not match");
    ContentTypeConstraint constraint_3 = new ContentTypeConstraint(new PatternHolder("/gateleen/foobar/(.*)"), Arrays.asList(new PatternHolder("image/png"), new PatternHolder("image/bmp")));
    context.assertNotEquals(constraint_1, constraint_3, "urlPattern is not equal");
    context.assertNotEquals(constraint_1.hashCode(), constraint_3.hashCode(), "urlPattern is not equal");
    ContentTypeConstraint constraint_4 = new ContentTypeConstraint(new PatternHolder("/gateleen/contacts/zips/(.*)"), Arrays.asList(new PatternHolder("image/png")));
    context.assertNotEquals(constraint_1, constraint_4, "Count of allowedTypes matters");
    context.assertNotEquals(constraint_1.hashCode(), constraint_4.hashCode(), "Count of allowedTypes matters");
    ContentTypeConstraint constraint_5 = new ContentTypeConstraint(new PatternHolder("/gateleen/contacts/zips/(.*)"), Arrays.asList(new PatternHolder("image/bmp"), new PatternHolder("image/png")));
    context.assertNotEquals(constraint_1, constraint_5, "Order of allowedTypes matters");
    context.assertNotEquals(constraint_1.hashCode(), constraint_5.hashCode(), "Order of allowedTypes matters");
}

Example 5 with PatternHolder

use of org.swisspush.gateleen.security.PatternHolder in project gateleen by swisspush.

the class ContentTypeConstraintHandlerTest method handleWithNoConfigWithHeaderNotMatchingDefaults.

@Test
public void handleWithNoConfigWithHeaderNotMatchingDefaults(TestContext context) {
    Async async = context.async();
    String requestUri = "/gateleen/constraint/tests/abc";
    handler = new ContentTypeConstraintHandler(configurationResourceManager, repository, configResourceUri, Arrays.asList(new PatternHolder("image/.*")));
    handler.initialize().onComplete(event -> {
        HttpServerResponse response = spy(new ConstraintResponse());
        ConstraintRequest request = new ConstraintRequest(HttpMethod.POST, requestUri, headersWithContentType("video/mp4"), response);
        final boolean handled = handler.handle(request);
        context.assertTrue(handled);
        verify(repository, times(1)).findMatchingContentTypeConstraint(eq(requestUri));
        verifyUnsupportedMediaType(response);
        async.complete();
    });
}