1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22 package org.apache.amber.oauth2.common.validators;
23
24 import java.util.ArrayList;
25 import java.util.HashMap;
26 import java.util.HashSet;
27 import java.util.List;
28 import java.util.Map;
29 import java.util.Set;
30 import javax.servlet.http.HttpServletRequest;
31
32 import org.apache.amber.oauth2.common.OAuth;
33 import org.apache.amber.oauth2.common.exception.OAuthProblemException;
34 import org.apache.amber.oauth2.common.utils.OAuthUtils;
35
36
37
38
39
40
41
42 public abstract class AbstractValidator<T extends HttpServletRequest> implements OAuthValidator<T> {
43
44 protected List<String> requiredParams = new ArrayList<String>();
45 protected Map<String, String[]> optionalParams = new HashMap<String, String[]>();
46 protected List<String> notAllowedParams = new ArrayList<String>();
47
48
49 @Override
50 public void validateMethod(T request) throws OAuthProblemException {
51 if (!request.getMethod().equals(OAuth.HttpMethod.POST)) {
52 throw OAuthUtils.handleOAuthProblemException("Method not set to POST.");
53 }
54 }
55
56 @Override
57 public void validateContentType(T request) throws OAuthProblemException {
58 String contentType = request.getContentType();
59 final String expectedContentType = OAuth.ContentType.URL_ENCODED;
60 if (!OAuthUtils.hasContentType(contentType, expectedContentType)) {
61 throw OAuthUtils.handleBadContentTypeException(expectedContentType);
62 }
63 }
64
65 @Override
66 public void validateRequiredParameters(T request) throws OAuthProblemException {
67 Set<String> missingParameters = new HashSet<String>();
68 for (String requiredParam : requiredParams) {
69 String val = request.getParameter(requiredParam);
70 if (OAuthUtils.isEmpty(val)) {
71 missingParameters.add(requiredParam);
72 }
73 }
74 if (!missingParameters.isEmpty()) {
75 throw OAuthUtils.handleMissingParameters(missingParameters);
76 }
77 }
78
79 @Override
80 public void validateOptionalParameters(T request) throws OAuthProblemException {
81
82 Set<String> missingParameters = new HashSet<String>();
83
84 for (Map.Entry<String, String[]> requiredParam : optionalParams.entrySet()) {
85 String paramName = requiredParam.getKey();
86 String val = request.getParameter(paramName);
87 if (!OAuthUtils.isEmpty(val)) {
88 String[] dependentParams = requiredParam.getValue();
89 if (!OAuthUtils.hasEmptyValues(dependentParams)) {
90 for (String dependentParam : dependentParams) {
91 val = request.getParameter(dependentParam);
92 if (OAuthUtils.isEmpty(val)) {
93 missingParameters.add(dependentParam);
94 }
95 }
96 }
97 }
98 }
99
100 if (!missingParameters.isEmpty()) {
101 throw OAuthUtils.handleMissingParameters(missingParameters);
102 }
103 }
104
105 @Override
106 public void validateNotAllowedParameters(T request) throws OAuthProblemException {
107 List<String> notAllowedParameters = new ArrayList<String>();
108 for (String requiredParam : notAllowedParams) {
109 String val = request.getParameter(requiredParam);
110 if (!OAuthUtils.isEmpty(val)) {
111 notAllowedParameters.add(requiredParam);
112 }
113 }
114 if (!notAllowedParameters.isEmpty()) {
115 throw OAuthUtils.handleNotAllowedParametersOAuthException(notAllowedParameters);
116 }
117 }
118
119 @Override
120 public void performAllValidations(T request) throws OAuthProblemException {
121 this.validateContentType(request);
122 this.validateMethod(request);
123 this.validateRequiredParameters(request);
124 this.validateOptionalParameters(request);
125 this.validateNotAllowedParameters(request);
126 }
127 }