TokenHeaderUtility.java

1
/**
2
   Copyright 2018 Carlos Macasaet
3
4
   Licensed under the Apache License, Version 2.0 (the "License");
5
   you may not use this file except in compliance with the License.
6
   You may obtain a copy of the License at
7
8
       https://www.apache.org/licenses/LICENSE-2.0
9
10
   Unless required by applicable law or agreed to in writing, software
11
   distributed under the License is distributed on an "AS IS" BASIS,
12
   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13
   See the License for the specific language governing permissions and
14
   limitations under the License.
15
 */
16
package com.macasaet.fernet.jersey;
17
18
import javax.ws.rs.NotAuthorizedException;
19
20
import org.glassfish.jersey.server.ContainerRequest;
21
22
import com.macasaet.fernet.Token;
23
24
/**
25
 * This is a utility class for extracting Fernet tokens from HTTP headers.
26
 *
27
 * <p>Copyright &copy; 2018 Carlos Macasaet.</p>
28
 * @author Carlos Macasaet
29
 */
30
class TokenHeaderUtility {
31
32
    private static final String authenticationType = "Bearer";
33
34
    /**
35
     * Extract a Fernet token from an RFC6750 Authorization header.
36
     *
37
     * @param request a REST request which may or may not include an RFC6750 Authorization header.
38
     * @return a Fernet token or null if no RFC6750 Authorization header is provided.
39
     */
40
    @SuppressWarnings("PMD.AvoidLiteralsInIfCondition")
41
    public Token getAuthorizationToken(final ContainerRequest request) {
42
        String authorizationString = request.getHeaderString("Authorization");
43 2 1. getAuthorizationToken : negated conditional → KILLED
2. getAuthorizationToken : negated conditional → KILLED
        if (authorizationString != null && !"".equals(authorizationString)) {
44
            authorizationString = authorizationString.trim();
45
            final String[] components = authorizationString.split("\\s");
46 1 1. getAuthorizationToken : negated conditional → KILLED
            if (components.length != 2) {
47
                throw new NotAuthorizedException(authenticationType);
48
            }
49
            final String scheme = components[0];
50 1 1. getAuthorizationToken : negated conditional → KILLED
            if (!authenticationType.equalsIgnoreCase(scheme)) {
51
                throw new NotAuthorizedException(authenticationType);
52
            }
53
            final String tokenString = components[1];
54 1 1. getAuthorizationToken : mutated return of Object value for com/macasaet/fernet/jersey/TokenHeaderUtility::getAuthorizationToken to ( if (x != null) null else throw new RuntimeException ) → KILLED
            return Token.fromString(tokenString);
55
        }
56 1 1. getAuthorizationToken : mutated return of Object value for com/macasaet/fernet/jersey/TokenHeaderUtility::getAuthorizationToken to ( if (x != null) null else throw new RuntimeException ) → KILLED
        return null;
57
    }
58
59
    /**
60
     * Extract a Fernet token from an X-Authorization header.
61
     *
62
     * @param request a REST request which may or may not include an X-Authorization header.
63
     * @return a Fernet token or null if no X-Authorization header is provided.
64
     */
65
    public Token getXAuthorizationToken(final ContainerRequest request) {
66
        final String xAuthorizationString = request.getHeaderString("X-Authorization");
67 2 1. getXAuthorizationToken : negated conditional → KILLED
2. getXAuthorizationToken : negated conditional → KILLED
        if (xAuthorizationString != null && !"".equals(xAuthorizationString)) {
68 1 1. getXAuthorizationToken : mutated return of Object value for com/macasaet/fernet/jersey/TokenHeaderUtility::getXAuthorizationToken to ( if (x != null) null else throw new RuntimeException ) → KILLED
            return Token.fromString(xAuthorizationString.trim());
69
        }
70 1 1. getXAuthorizationToken : mutated return of Object value for com/macasaet/fernet/jersey/TokenHeaderUtility::getXAuthorizationToken to ( if (x != null) null else throw new RuntimeException ) → KILLED
        return null;
71
    }
72
73
}

Mutations

43

1.1
Location : getAuthorizationToken
Killed by : com.macasaet.fernet.jersey.TokenHeaderUtilityTest.verifyGetAuthorizationTokenIgnoresX(com.macasaet.fernet.jersey.TokenHeaderUtilityTest)
negated conditional → KILLED

2.2
Location : getAuthorizationToken
Killed by : com.macasaet.fernet.jersey.TokenHeaderUtilityTest.verifyGetAuthorizationTokenRejectsInvalidScheme(com.macasaet.fernet.jersey.TokenHeaderUtilityTest)
negated conditional → KILLED

46

1.1
Location : getAuthorizationToken
Killed by : com.macasaet.fernet.jersey.TokenHeaderUtilityTest.verifyGetAuthorizationTokenDeserialisesBearerToken(com.macasaet.fernet.jersey.TokenHeaderUtilityTest)
negated conditional → KILLED

50

1.1
Location : getAuthorizationToken
Killed by : com.macasaet.fernet.jersey.TokenHeaderUtilityTest.verifyGetAuthorizationTokenRejectsInvalidScheme(com.macasaet.fernet.jersey.TokenHeaderUtilityTest)
negated conditional → KILLED

54

1.1
Location : getAuthorizationToken
Killed by : com.macasaet.fernet.jersey.TokenHeaderUtilityTest.verifyGetAuthorizationTokenDeserialisesBearerToken(com.macasaet.fernet.jersey.TokenHeaderUtilityTest)
mutated return of Object value for com/macasaet/fernet/jersey/TokenHeaderUtility::getAuthorizationToken to ( if (x != null) null else throw new RuntimeException ) → KILLED

56

1.1
Location : getAuthorizationToken
Killed by : com.macasaet.fernet.jersey.TokenHeaderUtilityTest.verifyGetAuthorizationTokenIgnoresX(com.macasaet.fernet.jersey.TokenHeaderUtilityTest)
mutated return of Object value for com/macasaet/fernet/jersey/TokenHeaderUtility::getAuthorizationToken to ( if (x != null) null else throw new RuntimeException ) → KILLED

67

1.1
Location : getXAuthorizationToken
Killed by : com.macasaet.fernet.jersey.TokenHeaderUtilityTest.verifyGetXAuthorizationTokenDeserialisesToken(com.macasaet.fernet.jersey.TokenHeaderUtilityTest)
negated conditional → KILLED

2.2
Location : getXAuthorizationToken
Killed by : com.macasaet.fernet.jersey.TokenHeaderUtilityTest.verifyGetXAuthorizationTokenDeserialisesToken(com.macasaet.fernet.jersey.TokenHeaderUtilityTest)
negated conditional → KILLED

68

1.1
Location : getXAuthorizationToken
Killed by : com.macasaet.fernet.jersey.TokenHeaderUtilityTest.verifyGetXAuthorizationTokenDeserialisesToken(com.macasaet.fernet.jersey.TokenHeaderUtilityTest)
mutated return of Object value for com/macasaet/fernet/jersey/TokenHeaderUtility::getXAuthorizationToken to ( if (x != null) null else throw new RuntimeException ) → KILLED

70

1.1
Location : getXAuthorizationToken
Killed by : com.macasaet.fernet.jersey.TokenHeaderUtilityTest.verifyGetXAuthorizationTokenIgnoresBearer(com.macasaet.fernet.jersey.TokenHeaderUtilityTest)
mutated return of Object value for com/macasaet/fernet/jersey/TokenHeaderUtility::getXAuthorizationToken to ( if (x != null) null else throw new RuntimeException ) → KILLED

Active mutators

Tests examined


Report generated by PIT 1.4.10