| 1 | /** | |
| 2 | Copyright 2018 Carlos Macasaet | |
| 3 | ||
| 4 | Licensed under the Apache License, Version 2.0 (the "License"); | |
| 5 | you may not use this file except in compliance with the License. | |
| 6 | You may obtain a copy of the License at | |
| 7 | ||
| 8 | https://www.apache.org/licenses/LICENSE-2.0 | |
| 9 | ||
| 10 | Unless required by applicable law or agreed to in writing, software | |
| 11 | distributed under the License is distributed on an "AS IS" BASIS, | |
| 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| 13 | See the License for the specific language governing permissions and | |
| 14 | limitations under the License. | |
| 15 | */ | |
| 16 | package com.macasaet.fernet.jersey; | |
| 17 | ||
| 18 | import static org.glassfish.jersey.server.spi.internal.ValueParamProvider.Priority.NORMAL; | |
| 19 | ||
| 20 | import java.util.Collection; | |
| 21 | import java.util.function.Function; | |
| 22 | import java.util.function.Supplier; | |
| 23 | ||
| 24 | import javax.inject.Inject; | |
| 25 | import javax.inject.Singleton; | |
| 26 | import javax.ws.rs.NotAuthorizedException; | |
| 27 | ||
| 28 | import org.glassfish.jersey.server.ContainerRequest; | |
| 29 | import org.glassfish.jersey.server.model.Parameter; | |
| 30 | import org.glassfish.jersey.server.spi.internal.ValueParamProvider; | |
| 31 | ||
| 32 | import com.macasaet.fernet.Key; | |
| 33 | import com.macasaet.fernet.Token; | |
| 34 | import com.macasaet.fernet.Validator; | |
| 35 | import com.macasaet.fernet.jaxrs.FernetSecret; | |
| 36 | ||
| 37 | /** | |
| 38 | * A {@link ValueParamProvider} to configure a Jersey JAX-RS application to inject | |
| 39 | * Fernet token payloads into Resource Method Parameters. Your application will need to provide a custom | |
| 40 | * {@link Validator} implementation that extracts the payload from the token and a {@link Supplier} that provides valid | |
| 41 | * Fernet keys. | |
| 42 | * | |
| 43 | * <p>Copyright © 2018 Carlos Macasaet.</p> | |
| 44 | * | |
| 45 | * @author Carlos Macasaet | |
| 46 | * @param <T> | |
| 47 | * The type of payload that is stored in the Fernet Tokens and will be injected into the JAX-RS Resource. | |
| 48 | * @see FernetSecretValueParamProvider#FernetPayloadValueParamProvider(Validator, Supplier) | |
| 49 | */ | |
| 50 | @Singleton | |
| 51 | class FernetSecretValueParamProvider<T> implements ValueParamProvider { | |
| 52 | ||
| 53 | private final TokenHeaderUtility headerUtility; | |
| 54 | private final Validator<T> validator; | |
| 55 | private final Supplier<Collection<Key>> keySupplier; | |
| 56 | ||
| 57 | /** | |
| 58 | * @param validator custom token verifier and payload extractor | |
| 59 | * @param keySupplier a method to provide Fernet keys | |
| 60 | */ | |
| 61 | @Inject | |
| 62 | public FernetSecretValueParamProvider(final Validator<T> validator, | |
| 63 | final Supplier<Collection<Key>> keySupplier) { | |
| 64 | this(validator, keySupplier, new TokenHeaderUtility()); | |
| 65 | } | |
| 66 | ||
| 67 | /** | |
| 68 | * @param validator custom token verifier and payload extractor | |
| 69 | * @param keySupplier a method to provide Fernet keys | |
| 70 | * @param headerUtility a helper for parsing tokens from auth headers | |
| 71 | */ | |
| 72 | protected FernetSecretValueParamProvider(final Validator<T> validator, final Supplier<Collection<Key>> keySupplier, | |
| 73 | final TokenHeaderUtility headerUtility) { | |
| 74 |
1
1. <init> : negated conditional → KILLED |
if (validator == null) { |
| 75 | throw new IllegalArgumentException("validator cannot be null"); | |
| 76 | } | |
| 77 |
1
1. <init> : negated conditional → KILLED |
if (keySupplier == null) { |
| 78 | throw new IllegalArgumentException("keySupplier cannot be null"); | |
| 79 | } | |
| 80 |
1
1. <init> : negated conditional → KILLED |
if (headerUtility == null) { |
| 81 | throw new IllegalArgumentException("headerUtility cannot be null"); | |
| 82 | } | |
| 83 | this.validator = validator; | |
| 84 | this.keySupplier = keySupplier; | |
| 85 | this.headerUtility = headerUtility; | |
| 86 | } | |
| 87 | ||
| 88 | public Function<ContainerRequest, T> getValueProvider(final Parameter parameter) { | |
| 89 |
1
1. getValueProvider : mutated return of Object value for com/macasaet/fernet/jersey/FernetSecretValueParamProvider::getValueProvider to ( if (x != null) null else throw new RuntimeException ) → KILLED |
return request -> { |
| 90 |
1
1. lambda$getValueProvider$0 : negated conditional → KILLED |
if (parameter.isAnnotationPresent(FernetSecret.class)) { |
| 91 | final Collection<? extends Key> keys = getKeySupplier().get(); | |
| 92 | final Token xAuthorizationToken = getHeaderUtility().getXAuthorizationToken(request); | |
| 93 |
1
1. lambda$getValueProvider$0 : negated conditional → KILLED |
if (xAuthorizationToken != null) { |
| 94 |
1
1. lambda$getValueProvider$0 : mutated return of Object value for com/macasaet/fernet/jersey/FernetSecretValueParamProvider::lambda$getValueProvider$0 to ( if (x != null) null else throw new RuntimeException ) → KILLED |
return getValidator().validateAndDecrypt(keys, xAuthorizationToken); |
| 95 | } | |
| 96 | final Token authorizationToken = getHeaderUtility().getAuthorizationToken(request); | |
| 97 |
1
1. lambda$getValueProvider$0 : negated conditional → KILLED |
if (authorizationToken != null) { |
| 98 |
1
1. lambda$getValueProvider$0 : mutated return of Object value for com/macasaet/fernet/jersey/FernetSecretValueParamProvider::lambda$getValueProvider$0 to ( if (x != null) null else throw new RuntimeException ) → KILLED |
return getValidator().validateAndDecrypt(keys, authorizationToken); |
| 99 | } | |
| 100 | throw new NotAuthorizedException("Bearer error=\"invalid_token\", error_description=\"no token found in Authorization or X-Authorization header\""); | |
| 101 | } | |
| 102 | throw new IllegalStateException("misconfigured annotation"); | |
| 103 | }; | |
| 104 | } | |
| 105 | ||
| 106 | public PriorityType getPriority() { | |
| 107 |
1
1. getPriority : mutated return of Object value for com/macasaet/fernet/jersey/FernetSecretValueParamProvider::getPriority to ( if (x != null) null else throw new RuntimeException ) → KILLED |
return NORMAL; |
| 108 | } | |
| 109 | ||
| 110 | protected Validator<T> getValidator() { | |
| 111 |
1
1. getValidator : mutated return of Object value for com/macasaet/fernet/jersey/FernetSecretValueParamProvider::getValidator to ( if (x != null) null else throw new RuntimeException ) → KILLED |
return validator; |
| 112 | } | |
| 113 | ||
| 114 | protected Supplier<? extends Collection<? extends Key>> getKeySupplier() { | |
| 115 |
1
1. getKeySupplier : mutated return of Object value for com/macasaet/fernet/jersey/FernetSecretValueParamProvider::getKeySupplier to ( if (x != null) null else throw new RuntimeException ) → KILLED |
return keySupplier; |
| 116 | } | |
| 117 | ||
| 118 | protected TokenHeaderUtility getHeaderUtility() { | |
| 119 |
1
1. getHeaderUtility : mutated return of Object value for com/macasaet/fernet/jersey/FernetSecretValueParamProvider::getHeaderUtility to ( if (x != null) null else throw new RuntimeException ) → KILLED |
return headerUtility; |
| 120 | } | |
| 121 | ||
| 122 | } | |
Mutations | ||
| 74 |
1.1 |
|
| 77 |
1.1 |
|
| 80 |
1.1 |
|
| 89 |
1.1 |
|
| 90 |
1.1 |
|
| 93 |
1.1 |
|
| 94 |
1.1 |
|
| 97 |
1.1 |
|
| 98 |
1.1 |
|
| 107 |
1.1 |
|
| 111 |
1.1 |
|
| 115 |
1.1 |
|
| 119 |
1.1 |