From 3d44961e4ee37436a7dce2b6326476257b8a10d2 Mon Sep 17 00:00:00 2001 From: Cleverson Sacramento Date: Thu, 31 Jul 2014 09:13:18 -0300 Subject: [PATCH] Correção no BasicAuthFilter --- impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/BadRequestException.java | 4 +--- impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/ForbiddenException.java | 14 ++++++++++++++ impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/HttpViolationException.java | 97 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/PreconditionFailedException.java | 90 ------------------------------------------------------------------------------------------ impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/UnprocessableEntityException.java | 10 ++++++++++ impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/ConstraintViolationExceptionMapper.java | 4 ++-- impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/HttpViolationExceptionMapper.java | 16 ++++++++++++++++ impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/PreconditionFailedExceptionMapper.java | 18 ------------------ impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/security/BasicAuthFilter.java | 38 ++++++++++++-------------------------- 9 files changed, 152 insertions(+), 139 deletions(-) create mode 100644 impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/ForbiddenException.java create mode 100644 impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/HttpViolationException.java delete mode 100644 impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/PreconditionFailedException.java create mode 100644 impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/UnprocessableEntityException.java create mode 100644 impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/HttpViolationExceptionMapper.java delete mode 100644 impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/PreconditionFailedExceptionMapper.java diff --git a/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/BadRequestException.java b/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/BadRequestException.java index a2be3e8..4ca14f3 100644 --- a/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/BadRequestException.java +++ b/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/BadRequestException.java @@ -2,9 +2,7 @@ package br.gov.frameworkdemoiselle; import static javax.servlet.http.HttpServletResponse.SC_BAD_REQUEST; -import javax.xml.ws.http.HTTPException; - -public class BadRequestException extends HTTPException { +public class BadRequestException extends HttpViolationException { private static final long serialVersionUID = 1L; diff --git a/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/ForbiddenException.java b/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/ForbiddenException.java new file mode 100644 index 0000000..427829c --- /dev/null +++ b/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/ForbiddenException.java @@ -0,0 +1,14 @@ +package br.gov.frameworkdemoiselle; + +import static javax.servlet.http.HttpServletResponse.SC_FORBIDDEN; + +import javax.xml.ws.http.HTTPException; + +public class ForbiddenException extends HTTPException { + + private static final long serialVersionUID = 1L; + + public ForbiddenException() { + super(SC_FORBIDDEN); + } +} diff --git a/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/HttpViolationException.java b/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/HttpViolationException.java new file mode 100644 index 0000000..5790ccd --- /dev/null +++ b/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/HttpViolationException.java @@ -0,0 +1,97 @@ +package br.gov.frameworkdemoiselle; + +import java.util.HashSet; +import java.util.Set; + +public class HttpViolationException extends Exception { + + private static final long serialVersionUID = 1L; + + private Set violations = new HashSet(); + + private int statusCode; + + public HttpViolationException(int statusCode) { + this.statusCode = statusCode; + } + + public HttpViolationException addViolation(String property, String message) { + this.violations.add(new Violation(property, message)); + return this; + } + + public Set getViolations() { + return violations; + } + + public static class Violation { + + public String property; + + public String message; + + public Violation() { + } + + public Violation(String property, String message) { + this.property = property; + this.message = message; + } + + public String getProperty() { + return property; + } + + public void setProperty(String property) { + this.property = property; + } + + public String getMessage() { + return message; + } + + public void setMessage(String message) { + this.message = message; + } + + @Override + public int hashCode() { + final int prime = 31; + int result = 1; + result = prime * result + ((message == null) ? 0 : message.hashCode()); + result = prime * result + ((property == null) ? 0 : property.hashCode()); + return result; + } + + @Override + public boolean equals(Object obj) { + if (this == obj) + return true; + if (obj == null) + return false; + if (getClass() != obj.getClass()) + return false; + Violation other = (Violation) obj; + if (message == null) { + if (other.message != null) + return false; + } else if (!message.equals(other.message)) + return false; + if (property == null) { + if (other.property != null) + return false; + } else if (!property.equals(other.property)) + return false; + return true; + } + + @Override + public String toString() { + return this.property + " " + this.message; + } + } + + public int getStatusCode() { + return statusCode; + } +} diff --git a/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/PreconditionFailedException.java b/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/PreconditionFailedException.java deleted file mode 100644 index 7b754e1..0000000 --- a/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/PreconditionFailedException.java +++ /dev/null @@ -1,90 +0,0 @@ -package br.gov.frameworkdemoiselle; - -import java.util.HashSet; -import java.util.Set; - -public class PreconditionFailedException extends Exception { - - private static final long serialVersionUID = 1L; - - private Set violations = new HashSet(); - - public PreconditionFailedException() { - } - - public PreconditionFailedException addViolation(String property, String message) { - this.violations.add(new Violation(property, message)); - return this; - } - - public Set getViolations() { - return violations; - } - - public static class Violation { - - public String property; - - public String message; - - public Violation() { - } - - public Violation(String property, String message) { - this.property = property; - this.message = message; - } - - public String getProperty() { - return property; - } - - public void setProperty(String property) { - this.property = property; - } - - public String getMessage() { - return message; - } - - public void setMessage(String message) { - this.message = message; - } - - @Override - public int hashCode() { - final int prime = 31; - int result = 1; - result = prime * result + ((message == null) ? 0 : message.hashCode()); - result = prime * result + ((property == null) ? 0 : property.hashCode()); - return result; - } - - @Override - public boolean equals(Object obj) { - if (this == obj) - return true; - if (obj == null) - return false; - if (getClass() != obj.getClass()) - return false; - Violation other = (Violation) obj; - if (message == null) { - if (other.message != null) - return false; - } else if (!message.equals(other.message)) - return false; - if (property == null) { - if (other.property != null) - return false; - } else if (!property.equals(other.property)) - return false; - return true; - } - - @Override - public String toString() { - return this.property + " " + this.message; - } - } -} diff --git a/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/UnprocessableEntityException.java b/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/UnprocessableEntityException.java new file mode 100644 index 0000000..a04d9a0 --- /dev/null +++ b/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/UnprocessableEntityException.java @@ -0,0 +1,10 @@ +package br.gov.frameworkdemoiselle; + +public class UnprocessableEntityException extends HttpViolationException { + + private static final long serialVersionUID = 1L; + + public UnprocessableEntityException() { + super(422); + } +} diff --git a/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/ConstraintViolationExceptionMapper.java b/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/ConstraintViolationExceptionMapper.java index 1e3ee6c..b87942d 100644 --- a/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/ConstraintViolationExceptionMapper.java +++ b/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/ConstraintViolationExceptionMapper.java @@ -10,14 +10,14 @@ import javax.ws.rs.core.Response; import javax.ws.rs.ext.ExceptionMapper; import javax.ws.rs.ext.Provider; -import br.gov.frameworkdemoiselle.PreconditionFailedException; +import br.gov.frameworkdemoiselle.UnprocessableEntityException; @Provider public class ConstraintViolationExceptionMapper implements ExceptionMapper { @Override public Response toResponse(ConstraintViolationException exception) { - PreconditionFailedException failed = new PreconditionFailedException(); + UnprocessableEntityException failed = new UnprocessableEntityException(); for (Iterator> iter = exception.getConstraintViolations().iterator(); iter.hasNext();) { ConstraintViolation violation = iter.next(); diff --git a/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/HttpViolationExceptionMapper.java b/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/HttpViolationExceptionMapper.java new file mode 100644 index 0000000..49e5aab --- /dev/null +++ b/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/HttpViolationExceptionMapper.java @@ -0,0 +1,16 @@ +package br.gov.frameworkdemoiselle.internal.implementation; + +import javax.ws.rs.core.Response; +import javax.ws.rs.ext.ExceptionMapper; +import javax.ws.rs.ext.Provider; + +import br.gov.frameworkdemoiselle.HttpViolationException; + +@Provider +public class HttpViolationExceptionMapper implements ExceptionMapper { + + @Override + public Response toResponse(HttpViolationException exception) { + return Response.status(exception.getStatusCode()).entity(exception.getViolations()).build(); + } +} diff --git a/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/PreconditionFailedExceptionMapper.java b/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/PreconditionFailedExceptionMapper.java deleted file mode 100644 index ce3821d..0000000 --- a/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/PreconditionFailedExceptionMapper.java +++ /dev/null @@ -1,18 +0,0 @@ -package br.gov.frameworkdemoiselle.internal.implementation; - -import static javax.ws.rs.core.Response.Status.PRECONDITION_FAILED; - -import javax.ws.rs.core.Response; -import javax.ws.rs.ext.ExceptionMapper; -import javax.ws.rs.ext.Provider; - -import br.gov.frameworkdemoiselle.PreconditionFailedException; - -@Provider -public class PreconditionFailedExceptionMapper implements ExceptionMapper { - - @Override - public Response toResponse(PreconditionFailedException exception) { - return Response.status(PRECONDITION_FAILED).entity(exception.getViolations()).build(); - } -} diff --git a/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/security/BasicAuthFilter.java b/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/security/BasicAuthFilter.java index 05339f6..556761e 100644 --- a/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/security/BasicAuthFilter.java +++ b/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/security/BasicAuthFilter.java @@ -36,9 +36,6 @@ */ package br.gov.frameworkdemoiselle.security; -import java.util.regex.Matcher; -import java.util.regex.Pattern; - import org.apache.commons.codec.binary.Base64; import br.gov.frameworkdemoiselle.util.Beans; @@ -46,48 +43,37 @@ import br.gov.frameworkdemoiselle.util.Strings; public class BasicAuthFilter extends AbstractHTTPAuthorizationFilter { - private String header; + private String credentials; @Override protected boolean isSupported(String authHeader) { - header = authHeader; - return !Strings.isEmpty(header); + credentials = extractCredentials("Basic", authHeader); + return !Strings.isEmpty(credentials); } @Override protected void prepareForLogin() { - if (header != null) { - String[] basicCredentials = getCredentials(header); + String[] basicCredentials = getCredentials(credentials); - Credentials credentials = Beans.getReference(Credentials.class); - credentials.setUsername(basicCredentials[0]); - credentials.setPassword(basicCredentials[1]); - } + Credentials credentials = Beans.getReference(Credentials.class); + credentials.setUsername(basicCredentials[0]); + credentials.setPassword(basicCredentials[1]); } @Override protected void prepareForLogout() { } - private static String[] getCredentials(String header) - throws InvalidCredentialsException { + private static String[] getCredentials(String header) throws InvalidCredentialsException { String[] result = null; - String regexp = "^Basic[ \\n]+(.+)$"; - Pattern pattern = Pattern.compile(regexp); - Matcher matcher = pattern.matcher(header); - - if (matcher.matches()) { - byte[] decoded = Base64.decodeBase64(matcher.group(1)); - result = new String(decoded).split(":"); - } + byte[] decoded = Base64.decodeBase64(header); + result = new String(decoded).split(":"); if (result == null || result.length != 2) { - throw new InvalidCredentialsException( - "Formato inválido do cabeçalho"); + throw new InvalidCredentialsException("Formato inválido do cabeçalho"); } return result; } - -} \ No newline at end of file +} -- libgit2 0.21.2