1 | /** | |
2 | Copyright 2018 Carlos Macasaet | |
3 | ||
4 | Licensed under the Apache License, Version 2.0 (the "License"); | |
5 | you may not use this file except in compliance with the License. | |
6 | You may obtain a copy of the License at | |
7 | ||
8 | https://www.apache.org/licenses/LICENSE-2.0 | |
9 | ||
10 | Unless required by applicable law or agreed to in writing, software | |
11 | distributed under the License is distributed on an "AS IS" BASIS, | |
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
13 | See the License for the specific language governing permissions and | |
14 | limitations under the License. | |
15 | */ | |
16 | package com.macasaet.fernet.jersey; | |
17 | ||
18 | import javax.ws.rs.NotAuthorizedException; | |
19 | ||
20 | import org.glassfish.jersey.server.ContainerRequest; | |
21 | ||
22 | import com.macasaet.fernet.Token; | |
23 | ||
24 | /** | |
25 | * This is a utility class for extracting Fernet tokens from HTTP headers. | |
26 | * | |
27 | * <p>Copyright © 2018 Carlos Macasaet.</p> | |
28 | * @author Carlos Macasaet | |
29 | */ | |
30 | class TokenHeaderUtility { | |
31 | ||
32 | private static final String authenticationType = "Bearer"; | |
33 | ||
34 | /** | |
35 | * Extract a Fernet token from an RFC6750 Authorization header. | |
36 | * | |
37 | * @param request a REST request which may or may not include an RFC6750 Authorization header. | |
38 | * @return a Fernet token or null if no RFC6750 Authorization header is provided. | |
39 | */ | |
40 | @SuppressWarnings("PMD.AvoidLiteralsInIfCondition") | |
41 | public Token getAuthorizationToken(final ContainerRequest request) { | |
42 | String authorizationString = request.getHeaderString("Authorization"); | |
43 |
2
1. getAuthorizationToken : negated conditional → KILLED 2. getAuthorizationToken : negated conditional → KILLED |
if (authorizationString != null && !"".equals(authorizationString)) { |
44 | authorizationString = authorizationString.trim(); | |
45 | final String[] components = authorizationString.split("\\s"); | |
46 |
1
1. getAuthorizationToken : negated conditional → KILLED |
if (components.length != 2) { |
47 | throw new NotAuthorizedException(authenticationType); | |
48 | } | |
49 | final String scheme = components[0]; | |
50 |
1
1. getAuthorizationToken : negated conditional → KILLED |
if (!authenticationType.equalsIgnoreCase(scheme)) { |
51 | throw new NotAuthorizedException(authenticationType); | |
52 | } | |
53 | final String tokenString = components[1]; | |
54 |
1
1. getAuthorizationToken : mutated return of Object value for com/macasaet/fernet/jersey/TokenHeaderUtility::getAuthorizationToken to ( if (x != null) null else throw new RuntimeException ) → KILLED |
return Token.fromString(tokenString); |
55 | } | |
56 |
1
1. getAuthorizationToken : mutated return of Object value for com/macasaet/fernet/jersey/TokenHeaderUtility::getAuthorizationToken to ( if (x != null) null else throw new RuntimeException ) → KILLED |
return null; |
57 | } | |
58 | ||
59 | /** | |
60 | * Extract a Fernet token from an X-Authorization header. | |
61 | * | |
62 | * @param request a REST request which may or may not include an X-Authorization header. | |
63 | * @return a Fernet token or null if no X-Authorization header is provided. | |
64 | */ | |
65 | public Token getXAuthorizationToken(final ContainerRequest request) { | |
66 | final String xAuthorizationString = request.getHeaderString("X-Authorization"); | |
67 |
2
1. getXAuthorizationToken : negated conditional → KILLED 2. getXAuthorizationToken : negated conditional → KILLED |
if (xAuthorizationString != null && !"".equals(xAuthorizationString)) { |
68 |
1
1. getXAuthorizationToken : mutated return of Object value for com/macasaet/fernet/jersey/TokenHeaderUtility::getXAuthorizationToken to ( if (x != null) null else throw new RuntimeException ) → KILLED |
return Token.fromString(xAuthorizationString.trim()); |
69 | } | |
70 |
1
1. getXAuthorizationToken : mutated return of Object value for com/macasaet/fernet/jersey/TokenHeaderUtility::getXAuthorizationToken to ( if (x != null) null else throw new RuntimeException ) → KILLED |
return null; |
71 | } | |
72 | ||
73 | } | |
Mutations | ||
43 |
1.1 2.2 |
|
46 |
1.1 |
|
50 |
1.1 |
|
54 |
1.1 |
|
56 |
1.1 |
|
67 |
1.1 2.2 |
|
68 |
1.1 |
|
70 |
1.1 |