View Javadoc

1   /**
2    *       Copyright 2010 Newcastle University
3    *
4    *          http://research.ncl.ac.uk/smart/
5    *
6    * Licensed to the Apache Software Foundation (ASF) under one or more
7    * contributor license agreements.  See the NOTICE file distributed with
8    * this work for additional information regarding copyright ownership.
9    * The ASF licenses this file to You under the Apache License, Version 2.0
10   * (the "License"); you may not use this file except in compliance with
11   * the License.  You may obtain a copy of the License at
12   *
13   *      http://www.apache.org/licenses/LICENSE-2.0
14   *
15   * Unless required by applicable law or agreed to in writing, software
16   * distributed under the License is distributed on an "AS IS" BASIS,
17   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18   * See the License for the specific language governing permissions and
19   * limitations under the License.
20   */
21  
22  package org.apache.amber.oauth2.common.validators;
23  
24  import java.util.ArrayList;
25  import java.util.HashMap;
26  import java.util.HashSet;
27  import java.util.List;
28  import java.util.Map;
29  import java.util.Set;
30  import javax.servlet.http.HttpServletRequest;
31  
32  import org.apache.amber.oauth2.common.OAuth;
33  import org.apache.amber.oauth2.common.exception.OAuthProblemException;
34  import org.apache.amber.oauth2.common.utils.OAuthUtils;
35  
36  /**
37   *
38   *
39   *
40   */
41  //todo add client secret in header, sect 2.1
42  public abstract class AbstractValidator<T extends HttpServletRequest> implements OAuthValidator<T> {
43  
44      protected List<String> requiredParams = new ArrayList<String>();
45      protected Map<String, String[]> optionalParams = new HashMap<String, String[]>();
46      protected List<String> notAllowedParams = new ArrayList<String>();
47  
48  
49      @Override
50      public void validateMethod(T request) throws OAuthProblemException {
51          if (!request.getMethod().equals(OAuth.HttpMethod.POST)) {
52              throw OAuthUtils.handleOAuthProblemException("Method not set to POST.");
53          }
54      }
55  
56      @Override
57      public void validateContentType(T request) throws OAuthProblemException {
58          String contentType = request.getContentType();
59          final String expectedContentType = OAuth.ContentType.URL_ENCODED;
60          if (!OAuthUtils.hasContentType(contentType, expectedContentType)) {
61              throw OAuthUtils.handleBadContentTypeException(expectedContentType);
62          }
63      }
64  
65      @Override
66      public void validateRequiredParameters(T request) throws OAuthProblemException {
67          Set<String> missingParameters = new HashSet<String>();
68          for (String requiredParam : requiredParams) {
69              String val = request.getParameter(requiredParam);
70              if (OAuthUtils.isEmpty(val)) {
71                  missingParameters.add(requiredParam);
72              }
73          }
74          if (!missingParameters.isEmpty()) {
75              throw OAuthUtils.handleMissingParameters(missingParameters);
76          }
77      }
78  
79      @Override
80      public void validateOptionalParameters(T request) throws OAuthProblemException {
81  
82          Set<String> missingParameters = new HashSet<String>();
83  
84          for (Map.Entry<String, String[]> requiredParam : optionalParams.entrySet()) {
85              String paramName = requiredParam.getKey();
86              String val = request.getParameter(paramName);
87              if (!OAuthUtils.isEmpty(val)) {
88                  String[] dependentParams = requiredParam.getValue();
89                  if (!OAuthUtils.hasEmptyValues(dependentParams)) {
90                      for (String dependentParam : dependentParams) {
91                          val = request.getParameter(dependentParam);
92                          if (OAuthUtils.isEmpty(val)) {
93                              missingParameters.add(dependentParam);
94                          }
95                      }
96                  }
97              }
98          }
99  
100         if (!missingParameters.isEmpty()) {
101             throw OAuthUtils.handleMissingParameters(missingParameters);
102         }
103     }
104 
105     @Override
106     public void validateNotAllowedParameters(T request) throws OAuthProblemException {
107         List<String> notAllowedParameters = new ArrayList<String>();
108         for (String requiredParam : notAllowedParams) {
109             String val = request.getParameter(requiredParam);
110             if (!OAuthUtils.isEmpty(val)) {
111                 notAllowedParameters.add(requiredParam);
112             }
113         }
114         if (!notAllowedParameters.isEmpty()) {
115             throw OAuthUtils.handleNotAllowedParametersOAuthException(notAllowedParameters);
116         }
117     }
118 
119     @Override
120     public void performAllValidations(T request) throws OAuthProblemException {
121         this.validateContentType(request);
122         this.validateMethod(request);
123         this.validateRequiredParameters(request);
124         this.validateOptionalParameters(request);
125         this.validateNotAllowedParameters(request);
126     }
127 }