mirror of https://github.com/shred/acme4j
Also validate contacts on EditableAccount
parent
ca66975b1d
commit
a0e481eedc
|
@ -38,6 +38,7 @@ import org.shredzone.acme4j.connector.ResourceIterator;
|
|||
import org.shredzone.acme4j.exception.AcmeException;
|
||||
import org.shredzone.acme4j.exception.AcmeProtocolException;
|
||||
import org.shredzone.acme4j.exception.AcmeServerException;
|
||||
import org.shredzone.acme4j.toolbox.AcmeUtils;
|
||||
import org.shredzone.acme4j.toolbox.JSON;
|
||||
import org.shredzone.acme4j.toolbox.JSON.Value;
|
||||
import org.shredzone.acme4j.toolbox.JSONBuilder;
|
||||
|
@ -283,6 +284,7 @@ public class Account extends AcmeJsonResource {
|
|||
* @return itself
|
||||
*/
|
||||
public EditableAccount addContact(URI contact) {
|
||||
AcmeUtils.validateContact(contact);
|
||||
editContacts.add(contact);
|
||||
return this;
|
||||
}
|
||||
|
|
|
@ -23,7 +23,6 @@ import java.security.PublicKey;
|
|||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.regex.Pattern;
|
||||
|
||||
import javax.annotation.ParametersAreNonnullByDefault;
|
||||
import javax.crypto.SecretKey;
|
||||
|
@ -49,8 +48,6 @@ import org.slf4j.LoggerFactory;
|
|||
public class AccountBuilder {
|
||||
private static final Logger LOG = LoggerFactory.getLogger(AccountBuilder.class);
|
||||
|
||||
private static final Pattern MAIL_PATTERN = Pattern.compile("\\?|@.*,");
|
||||
|
||||
private List<URI> contacts = new ArrayList<>();
|
||||
private Boolean termsOfServiceAgreed;
|
||||
private Boolean onlyExisting;
|
||||
|
@ -66,14 +63,7 @@ public class AccountBuilder {
|
|||
* @return itself
|
||||
*/
|
||||
public AccountBuilder addContact(URI contact) {
|
||||
if ("mailto".equalsIgnoreCase(contact.getScheme())) {
|
||||
String address = contact.toString().substring(7);
|
||||
if (MAIL_PATTERN.matcher(address).find()) {
|
||||
throw new IllegalArgumentException(
|
||||
"multiple recipients or hfields are not allowed: " + contact);
|
||||
}
|
||||
}
|
||||
|
||||
AcmeUtils.validateContact(contact);
|
||||
contacts.add(contact);
|
||||
return this;
|
||||
}
|
||||
|
|
|
@ -17,6 +17,7 @@ import java.io.IOException;
|
|||
import java.io.UnsupportedEncodingException;
|
||||
import java.io.Writer;
|
||||
import java.net.IDN;
|
||||
import java.net.URI;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.security.MessageDigest;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
|
@ -65,6 +66,8 @@ public final class AcmeUtils {
|
|||
private static final Pattern CONTENT_TYPE_PATTERN = Pattern.compile(
|
||||
"([^;]+)(?:;.*?charset=(\"?)([a-z0-9_-]+)(\\2))?.*", Pattern.CASE_INSENSITIVE);
|
||||
|
||||
private static final Pattern MAIL_PATTERN = Pattern.compile("\\?|@.*,");
|
||||
|
||||
private static final Base64.Encoder PEM_ENCODER = Base64.getMimeEncoder(64,
|
||||
"\n".getBytes(StandardCharsets.US_ASCII));
|
||||
|
||||
|
@ -346,4 +349,22 @@ public final class AcmeUtils {
|
|||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Validates a contact {@link URI}.
|
||||
*
|
||||
* @param contact
|
||||
* Contact {@link URI} to validate
|
||||
* @throws IllegalArgumentException
|
||||
* if the contact {@link URI} is not suitable for account contacts.
|
||||
*/
|
||||
public static void validateContact(URI contact) {
|
||||
if ("mailto".equalsIgnoreCase(contact.getScheme())) {
|
||||
String address = contact.toString().substring(7);
|
||||
if (MAIL_PATTERN.matcher(address).find()) {
|
||||
throw new IllegalArgumentException(
|
||||
"multiple recipients or hfields are not allowed: " + contact);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -220,32 +220,4 @@ public class AccountBuilderTest {
|
|||
provider.close();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testEmailAddresses() {
|
||||
AccountBuilder builder = new AccountBuilder();
|
||||
|
||||
builder.addContact("mailto:foo@example.com");
|
||||
|
||||
try {
|
||||
builder.addContact("mailto:foo@example.com,bar@example.com");
|
||||
fail("multiple recipients are accepted");
|
||||
} catch (IllegalArgumentException ex) {
|
||||
// expected
|
||||
}
|
||||
|
||||
try {
|
||||
builder.addContact("mailto:foo@example.com?to=bar@example.com");
|
||||
fail("hfields are accepted");
|
||||
} catch (IllegalArgumentException ex) {
|
||||
// expected
|
||||
}
|
||||
|
||||
try {
|
||||
builder.addContact("mailto:?to=foo@example.com");
|
||||
fail("hfields are accepted");
|
||||
} catch (IllegalArgumentException ex) {
|
||||
// expected
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -24,6 +24,7 @@ import java.io.OutputStreamWriter;
|
|||
import java.io.Writer;
|
||||
import java.lang.reflect.Constructor;
|
||||
import java.lang.reflect.Modifier;
|
||||
import java.net.URI;
|
||||
import java.security.KeyPair;
|
||||
import java.security.Security;
|
||||
import java.security.cert.CertificateEncodingException;
|
||||
|
@ -315,6 +316,36 @@ public class AcmeUtilsTest {
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Test that {@link AcmeUtils#validateContact(java.net.URI)} refuses invalid
|
||||
* contacts.
|
||||
*/
|
||||
@Test
|
||||
public void testValidateContact() {
|
||||
AcmeUtils.validateContact(URI.create("mailto:foo@example.com"));
|
||||
|
||||
try {
|
||||
AcmeUtils.validateContact(URI.create("mailto:foo@example.com,bar@example.com"));
|
||||
fail("multiple recipients are accepted");
|
||||
} catch (IllegalArgumentException ex) {
|
||||
// expected
|
||||
}
|
||||
|
||||
try {
|
||||
AcmeUtils.validateContact(URI.create("mailto:foo@example.com?to=bar@example.com"));
|
||||
fail("hfields are accepted");
|
||||
} catch (IllegalArgumentException ex) {
|
||||
// expected
|
||||
}
|
||||
|
||||
try {
|
||||
AcmeUtils.validateContact(URI.create("mailto:?to=foo@example.com"));
|
||||
fail("hfields are accepted");
|
||||
} catch (IllegalArgumentException ex) {
|
||||
// expected
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Matches the given time.
|
||||
*/
|
||||
|
|
Loading…
Reference in New Issue