Coverage Summary for Class: OriginValidator (co.rsk.rpc)
Class |
Class, %
|
Method, %
|
Line, %
|
OriginValidator |
0%
(0/1)
|
0%
(0/6)
|
0%
(0/49)
|
1 /*
2 * This file is part of RskJ
3 * Copyright (C) 2017 RSK Labs Ltd.
4 *
5 * This program is free software: you can redistribute it and/or modify
6 * it under the terms of the GNU Lesser General Public License as published by
7 * the Free Software Foundation, either version 3 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General Public License
16 * along with this program. If not, see <http://www.gnu.org/licenses/>.
17 */
18
19 package co.rsk.rpc;
20
21 import org.slf4j.Logger;
22 import org.slf4j.LoggerFactory;
23
24 import javax.annotation.Nonnull;
25 import java.net.MalformedURLException;
26 import java.net.URI;
27 import java.net.URISyntaxException;
28 import java.net.URL;
29
30 /**
31 * Created by ajlopez on 06/10/2017.
32 */
33 public class OriginValidator {
34 private static final Logger LOGGER = LoggerFactory.getLogger("jsonrpc");
35
36 private URI[] origins;
37 private boolean allowAllOrigins;
38
39 public OriginValidator() {
40 this.origins = new URI[0];
41 }
42
43 public OriginValidator(String uriList) {
44 if (uriList == null) {
45 this.origins = new URI[0];
46 } else if ("*".equals(uriList.trim())) {
47 this.allowAllOrigins = true;
48 } else {
49 try {
50 this.origins = toUris(uriList);
51 } catch (URISyntaxException e) {
52 LOGGER.error("Error creating OriginValidator, origins {}, {}", uriList, e);
53
54 // no origin
55 this.origins = new URI[0];
56 }
57 }
58 }
59
60 public boolean isValidOrigin(String origin) {
61 if (this.allowAllOrigins) {
62 return true;
63 }
64
65 URI originUri = null;
66
67 try {
68 originUri = new URI(origin);
69 } catch (URISyntaxException e) {
70 return false;
71 }
72
73 for (URI uri : origins) {
74 if (originUri.equals(uri)) {
75 return true;
76 }
77 }
78
79 return false;
80 }
81
82 public boolean isValidReferer(String referer) {
83 if (this.allowAllOrigins) {
84 return true;
85 }
86
87 URL refererUrl = null;
88
89 try {
90 refererUrl = new URL(referer);
91 } catch (MalformedURLException e) {
92 return false;
93 }
94
95 String refererProtocol = refererUrl.getProtocol();
96
97 if (refererProtocol == null) {
98 return false;
99 }
100
101 String refererHost = refererUrl.getHost();
102
103 if (refererHost == null) {
104 return false;
105 }
106
107 int refererPort = refererUrl.getPort();
108
109 for (int k = 0; k < origins.length; k++) {
110 if (refererProtocol.equals(origins[k].getScheme()) &&
111 refererHost.equals(origins[k].getHost()) &&
112 refererPort == origins[k].getPort()) {
113 return true;
114 }
115 }
116
117 return false;
118 }
119
120 private static URI[] toUris(@Nonnull String list) throws URISyntaxException {
121 String[] elements = list.split(" ");
122 URI[] uris = new URI[elements.length];
123
124 for (int k = 0; k < elements.length; k++) {
125 uris[k] = new URI(elements[k].trim());
126 }
127
128 return uris;
129 }
130 }