View Javadoc

1   //
2   //  ========================================================================
3   //  Copyright (c) 1995-2016 Mort Bay Consulting Pty. Ltd.
4   //  ------------------------------------------------------------------------
5   //  All rights reserved. This program and the accompanying materials
6   //  are made available under the terms of the Eclipse Public License v1.0
7   //  and Apache License v2.0 which accompanies this distribution.
8   //
9   //      The Eclipse Public License is available at
10  //      http://www.eclipse.org/legal/epl-v10.html
11  //
12  //      The Apache License v2.0 is available at
13  //      http://www.opensource.org/licenses/apache2.0.php
14  //
15  //  You may elect to redistribute this code under either of these licenses.
16  //  ========================================================================
17  //
18  
19  package org.eclipse.jetty.security.jaspi;
20  
21  import java.util.Collection;
22  import java.util.HashMap;
23  import java.util.Map;
24  import java.util.Set;
25  
26  import javax.security.auth.message.MessageInfo;
27  import javax.servlet.ServletRequest;
28  import javax.servlet.ServletResponse;
29  
30  /**
31   * Almost an implementation of jaspi MessageInfo.
32   */
33  public class JaspiMessageInfo implements MessageInfo
34  {
35      public static final String MANDATORY_KEY = "javax.security.auth.message.MessagePolicy.isMandatory";
36      public static final String AUTH_METHOD_KEY = "javax.servlet.http.authType";
37      private ServletRequest request;
38      private ServletResponse response;
39      private final MIMap map;
40  
41      public JaspiMessageInfo(ServletRequest request, ServletResponse response, boolean isAuthMandatory)
42      {
43          this.request = request;
44          this.response = response;
45          //JASPI 3.8.1
46          map = new MIMap(isAuthMandatory);
47      }
48  
49      public Map getMap()
50      {
51          return map;
52      }
53  
54      public Object getRequestMessage()
55      {
56          return request;
57      }
58  
59      public Object getResponseMessage()
60      {
61          return response;
62      }
63  
64      public void setRequestMessage(Object request)
65      {
66          this.request = (ServletRequest)request;
67      }
68  
69      public void setResponseMessage(Object response)
70      {
71          this.response = (ServletResponse)response;
72      }
73  
74      public String getAuthMethod()
75      {
76          return map.getAuthMethod();
77      }
78  
79      public boolean isAuthMandatory() {
80          return map.isAuthMandatory();
81      }
82  
83  
84      //TODO this has bugs in the view implementations.  Changing them will not affect the hardcoded values.
85      private static class MIMap implements Map
86      {
87          private final boolean isMandatory;
88          private String authMethod;
89          private Map delegate;
90  
91          private MIMap(boolean mandatory)
92          {
93              isMandatory = mandatory;
94          }
95  
96          public int size()
97          {
98              return (isMandatory? 1:0) +
99                      (authMethod == null? 0: 1) +
100                     (delegate == null? 0: delegate.size());
101         }
102 
103         public boolean isEmpty()
104         {
105             return !isMandatory && authMethod == null && (delegate == null || delegate.isEmpty());
106         }
107 
108         public boolean containsKey(Object key)
109         {
110             if (MANDATORY_KEY.equals(key)) return isMandatory;
111             if (AUTH_METHOD_KEY.equals(key)) return authMethod != null;
112             return delegate != null && delegate.containsKey(key);
113         }
114 
115         public boolean containsValue(Object value)
116         {
117             if (isMandatory && "true".equals(value)) return true;
118             if (authMethod == value || (authMethod != null && authMethod.equals(value))) return true;
119             return delegate != null && delegate.containsValue(value);
120         }
121 
122         public Object get(Object key)
123         {
124             if (MANDATORY_KEY.equals(key)) return isMandatory? "true": null;
125             if (AUTH_METHOD_KEY.equals(key)) return authMethod;
126             if (delegate == null) return null;
127             return delegate.get(key);
128         }
129 
130         public Object put(Object key, Object value)
131         {
132             if (MANDATORY_KEY.equals(key))
133             {
134                 throw new IllegalArgumentException("Mandatory not mutable");
135             }
136             if (AUTH_METHOD_KEY.equals(key))
137             {
138                 String authMethod = this.authMethod;
139                 this.authMethod = (String) value;
140                 if (delegate != null) delegate.put(AUTH_METHOD_KEY, value);
141                 return authMethod;
142             }
143 
144             return getDelegate(true).put(key, value);
145         }
146 
147         public Object remove(Object key)
148         {
149             if (MANDATORY_KEY.equals(key))
150             {
151                 throw new IllegalArgumentException("Mandatory not mutable");
152             }
153             if (AUTH_METHOD_KEY.equals(key))
154             {
155                 String authMethod = this.authMethod;
156                 this.authMethod = null;
157                 if (delegate != null) delegate.remove(AUTH_METHOD_KEY);
158                 return authMethod;
159             }
160             if (delegate == null) return null;
161             return delegate.remove(key);
162         }
163 
164         public void putAll(Map map)
165         {
166             if (map != null)
167             {
168                 for (Object o: map.entrySet())
169                 {
170                     Map.Entry entry = (Entry) o;
171                     put(entry.getKey(), entry.getValue());
172                 }
173             }
174         }
175 
176         public void clear()
177         {
178             authMethod = null;
179             delegate = null;
180         }
181 
182         public Set keySet()
183         {
184             return getDelegate(true).keySet();
185         }
186 
187         public Collection values()
188         {
189             return getDelegate(true).values();
190         }
191 
192         public Set entrySet()
193         {
194             return getDelegate(true).entrySet();
195         }
196 
197         private Map getDelegate(boolean create)
198         {
199             if (!create || delegate != null) return delegate;
200             if (create)
201             {
202                 delegate = new HashMap();
203                 if (isMandatory) delegate.put(MANDATORY_KEY, "true");
204                 if (authMethod != null) delegate.put(AUTH_METHOD_KEY, authMethod);
205             }
206             return delegate;
207         }
208 
209         boolean isAuthMandatory()
210         {
211             return isMandatory;
212         }
213 
214         String getAuthMethod()
215         {
216             return authMethod;
217         }
218     }
219 }