github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

make the client auth URL matcher use an existing matcher instead of custom code

pull/1057/merge
Justin Richer 2016-07-08 11:42:35 -04:00
parent 01892b6f47
commit 39bae3a160
1 changed files with 10 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
openid-connect-server/src/main/java/org/mitre/openid/connect/filter/MultiUrlRequestMatcher.java
View File

@ -17,11 +17,13 @@
package org.mitre.openid.connect.filter; package org.mitre.openid.connect.filter;
import java.util.HashSet;
import java.util.Set; import java.util.Set;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import org.springframework.security.web.util.UrlUtils; import org.springframework.security.web.util.UrlUtils;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher; import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.util.Assert; import org.springframework.util.Assert;
@ -32,38 +34,22 @@ import com.google.common.collect.ImmutableSet;
* *
*/ */
public class MultiUrlRequestMatcher implements RequestMatcher { public class MultiUrlRequestMatcher implements RequestMatcher {
private final Set<String> filterProcessesUrls; private final Set<RequestMatcher> matchers;
public MultiUrlRequestMatcher(Set<String> filterProcessesUrls) { public MultiUrlRequestMatcher(Set<String> filterProcessesUrls) {
this.matchers = new HashSet<>(filterProcessesUrls.size());
for (String filterProcessesUrl : filterProcessesUrls) { for (String filterProcessesUrl : filterProcessesUrls) {
Assert.hasLength(filterProcessesUrl, "filterProcessesUrl must be specified"); Assert.hasLength(filterProcessesUrl, "filterProcessesUrl must be specified");
Assert.isTrue(UrlUtils.isValidRedirectUrl(filterProcessesUrl), filterProcessesUrl + " isn't a valid redirect URL"); Assert.isTrue(UrlUtils.isValidRedirectUrl(filterProcessesUrl), filterProcessesUrl + " isn't a valid URL");
matchers.add(new AntPathRequestMatcher(filterProcessesUrl));
} }
this.filterProcessesUrls = ImmutableSet.copyOf(filterProcessesUrls);
} }
@Override @Override
public boolean matches(HttpServletRequest request) { public boolean matches(HttpServletRequest request) {
String uri = request.getRequestURI(); for (RequestMatcher matcher : matchers) {
int pathParamIndex = uri.indexOf(';'); if (matcher.matches(request)) {
if (pathParamIndex > 0) {
// strip everything after the first semi-colon
uri = uri.substring(0, pathParamIndex);
}
if ("".equals(request.getContextPath())) {
// if any one of the URLs match, return true
for (String filterProcessesUrl : filterProcessesUrls) {
if (uri.endsWith(filterProcessesUrl)) {
return true;
}
}
return false;
}
for (String filterProcessesUrl : filterProcessesUrls) {
if (uri.endsWith(request.getContextPath() + filterProcessesUrl)) {
return true; return true;
} }
} }