From a0e481eedc568c5efdd3e7db1b8123c0e9a724a4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Richard=20K=C3=B6rber?= Date: Sun, 29 Jul 2018 15:45:25 +0200 Subject: [PATCH] Also validate contacts on EditableAccount --- .../java/org/shredzone/acme4j/Account.java | 2 ++ .../org/shredzone/acme4j/AccountBuilder.java | 12 +------ .../shredzone/acme4j/toolbox/AcmeUtils.java | 21 +++++++++++++ .../shredzone/acme4j/AccountBuilderTest.java | 28 ----------------- .../acme4j/toolbox/AcmeUtilsTest.java | 31 +++++++++++++++++++ 5 files changed, 55 insertions(+), 39 deletions(-) diff --git a/acme4j-client/src/main/java/org/shredzone/acme4j/Account.java b/acme4j-client/src/main/java/org/shredzone/acme4j/Account.java index 05d8de7e..868a6f5e 100644 --- a/acme4j-client/src/main/java/org/shredzone/acme4j/Account.java +++ b/acme4j-client/src/main/java/org/shredzone/acme4j/Account.java @@ -38,6 +38,7 @@ import org.shredzone.acme4j.connector.ResourceIterator; import org.shredzone.acme4j.exception.AcmeException; import org.shredzone.acme4j.exception.AcmeProtocolException; import org.shredzone.acme4j.exception.AcmeServerException; +import org.shredzone.acme4j.toolbox.AcmeUtils; import org.shredzone.acme4j.toolbox.JSON; import org.shredzone.acme4j.toolbox.JSON.Value; import org.shredzone.acme4j.toolbox.JSONBuilder; @@ -283,6 +284,7 @@ public class Account extends AcmeJsonResource { * @return itself */ public EditableAccount addContact(URI contact) { + AcmeUtils.validateContact(contact); editContacts.add(contact); return this; } diff --git a/acme4j-client/src/main/java/org/shredzone/acme4j/AccountBuilder.java b/acme4j-client/src/main/java/org/shredzone/acme4j/AccountBuilder.java index 9e9cdb34..fbcd9688 100644 --- a/acme4j-client/src/main/java/org/shredzone/acme4j/AccountBuilder.java +++ b/acme4j-client/src/main/java/org/shredzone/acme4j/AccountBuilder.java @@ -23,7 +23,6 @@ import java.security.PublicKey; import java.util.ArrayList; import java.util.List; import java.util.Map; -import java.util.regex.Pattern; import javax.annotation.ParametersAreNonnullByDefault; import javax.crypto.SecretKey; @@ -49,8 +48,6 @@ import org.slf4j.LoggerFactory; public class AccountBuilder { private static final Logger LOG = LoggerFactory.getLogger(AccountBuilder.class); - private static final Pattern MAIL_PATTERN = Pattern.compile("\\?|@.*,"); - private List contacts = new ArrayList<>(); private Boolean termsOfServiceAgreed; private Boolean onlyExisting; @@ -66,14 +63,7 @@ public class AccountBuilder { * @return itself */ public AccountBuilder addContact(URI contact) { - if ("mailto".equalsIgnoreCase(contact.getScheme())) { - String address = contact.toString().substring(7); - if (MAIL_PATTERN.matcher(address).find()) { - throw new IllegalArgumentException( - "multiple recipients or hfields are not allowed: " + contact); - } - } - + AcmeUtils.validateContact(contact); contacts.add(contact); return this; } diff --git a/acme4j-client/src/main/java/org/shredzone/acme4j/toolbox/AcmeUtils.java b/acme4j-client/src/main/java/org/shredzone/acme4j/toolbox/AcmeUtils.java index af456f5a..7914f0da 100644 --- a/acme4j-client/src/main/java/org/shredzone/acme4j/toolbox/AcmeUtils.java +++ b/acme4j-client/src/main/java/org/shredzone/acme4j/toolbox/AcmeUtils.java @@ -17,6 +17,7 @@ import java.io.IOException; import java.io.UnsupportedEncodingException; import java.io.Writer; import java.net.IDN; +import java.net.URI; import java.nio.charset.StandardCharsets; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; @@ -65,6 +66,8 @@ public final class AcmeUtils { private static final Pattern CONTENT_TYPE_PATTERN = Pattern.compile( "([^;]+)(?:;.*?charset=(\"?)([a-z0-9_-]+)(\\2))?.*", Pattern.CASE_INSENSITIVE); + private static final Pattern MAIL_PATTERN = Pattern.compile("\\?|@.*,"); + private static final Base64.Encoder PEM_ENCODER = Base64.getMimeEncoder(64, "\n".getBytes(StandardCharsets.US_ASCII)); @@ -346,4 +349,22 @@ public final class AcmeUtils { return null; } + /** + * Validates a contact {@link URI}. + * + * @param contact + * Contact {@link URI} to validate + * @throws IllegalArgumentException + * if the contact {@link URI} is not suitable for account contacts. + */ + public static void validateContact(URI contact) { + if ("mailto".equalsIgnoreCase(contact.getScheme())) { + String address = contact.toString().substring(7); + if (MAIL_PATTERN.matcher(address).find()) { + throw new IllegalArgumentException( + "multiple recipients or hfields are not allowed: " + contact); + } + } + } + } diff --git a/acme4j-client/src/test/java/org/shredzone/acme4j/AccountBuilderTest.java b/acme4j-client/src/test/java/org/shredzone/acme4j/AccountBuilderTest.java index 0803e5b7..c3645ae4 100644 --- a/acme4j-client/src/test/java/org/shredzone/acme4j/AccountBuilderTest.java +++ b/acme4j-client/src/test/java/org/shredzone/acme4j/AccountBuilderTest.java @@ -220,32 +220,4 @@ public class AccountBuilderTest { provider.close(); } - @Test - public void testEmailAddresses() { - AccountBuilder builder = new AccountBuilder(); - - builder.addContact("mailto:foo@example.com"); - - try { - builder.addContact("mailto:foo@example.com,bar@example.com"); - fail("multiple recipients are accepted"); - } catch (IllegalArgumentException ex) { - // expected - } - - try { - builder.addContact("mailto:foo@example.com?to=bar@example.com"); - fail("hfields are accepted"); - } catch (IllegalArgumentException ex) { - // expected - } - - try { - builder.addContact("mailto:?to=foo@example.com"); - fail("hfields are accepted"); - } catch (IllegalArgumentException ex) { - // expected - } - } - } diff --git a/acme4j-client/src/test/java/org/shredzone/acme4j/toolbox/AcmeUtilsTest.java b/acme4j-client/src/test/java/org/shredzone/acme4j/toolbox/AcmeUtilsTest.java index 04033c15..e5ce7e63 100644 --- a/acme4j-client/src/test/java/org/shredzone/acme4j/toolbox/AcmeUtilsTest.java +++ b/acme4j-client/src/test/java/org/shredzone/acme4j/toolbox/AcmeUtilsTest.java @@ -24,6 +24,7 @@ import java.io.OutputStreamWriter; import java.io.Writer; import java.lang.reflect.Constructor; import java.lang.reflect.Modifier; +import java.net.URI; import java.security.KeyPair; import java.security.Security; import java.security.cert.CertificateEncodingException; @@ -315,6 +316,36 @@ public class AcmeUtilsTest { } } + /** + * Test that {@link AcmeUtils#validateContact(java.net.URI)} refuses invalid + * contacts. + */ + @Test + public void testValidateContact() { + AcmeUtils.validateContact(URI.create("mailto:foo@example.com")); + + try { + AcmeUtils.validateContact(URI.create("mailto:foo@example.com,bar@example.com")); + fail("multiple recipients are accepted"); + } catch (IllegalArgumentException ex) { + // expected + } + + try { + AcmeUtils.validateContact(URI.create("mailto:foo@example.com?to=bar@example.com")); + fail("hfields are accepted"); + } catch (IllegalArgumentException ex) { + // expected + } + + try { + AcmeUtils.validateContact(URI.create("mailto:?to=foo@example.com")); + fail("hfields are accepted"); + } catch (IllegalArgumentException ex) { + // expected + } + } + /** * Matches the given time. */