Coverage Summary for Class: OriginValidator (co.rsk.rpc)

Class Class, % Method, % Line, %
OriginValidator 0% (0/1) 0% (0/6) 0% (0/49)


1 /* 2  * This file is part of RskJ 3  * Copyright (C) 2017 RSK Labs Ltd. 4  * 5  * This program is free software: you can redistribute it and/or modify 6  * it under the terms of the GNU Lesser General Public License as published by 7  * the Free Software Foundation, either version 3 of the License, or 8  * (at your option) any later version. 9  * 10  * This program is distributed in the hope that it will be useful, 11  * but WITHOUT ANY WARRANTY; without even the implied warranty of 12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13  * GNU Lesser General Public License for more details. 14  * 15  * You should have received a copy of the GNU Lesser General Public License 16  * along with this program. If not, see <http://www.gnu.org/licenses/>. 17  */ 18  19 package co.rsk.rpc; 20  21 import org.slf4j.Logger; 22 import org.slf4j.LoggerFactory; 23  24 import javax.annotation.Nonnull; 25 import java.net.MalformedURLException; 26 import java.net.URI; 27 import java.net.URISyntaxException; 28 import java.net.URL; 29  30 /** 31  * Created by ajlopez on 06/10/2017. 32  */ 33 public class OriginValidator { 34  private static final Logger LOGGER = LoggerFactory.getLogger("jsonrpc"); 35  36  private URI[] origins; 37  private boolean allowAllOrigins; 38  39  public OriginValidator() { 40  this.origins = new URI[0]; 41  } 42  43  public OriginValidator(String uriList) { 44  if (uriList == null) { 45  this.origins = new URI[0]; 46  } else if ("*".equals(uriList.trim())) { 47  this.allowAllOrigins = true; 48  } else { 49  try { 50  this.origins = toUris(uriList); 51  } catch (URISyntaxException e) { 52  LOGGER.error("Error creating OriginValidator, origins {}, {}", uriList, e); 53  54  // no origin 55  this.origins = new URI[0]; 56  } 57  } 58  } 59  60  public boolean isValidOrigin(String origin) { 61  if (this.allowAllOrigins) { 62  return true; 63  } 64  65  URI originUri = null; 66  67  try { 68  originUri = new URI(origin); 69  } catch (URISyntaxException e) { 70  return false; 71  } 72  73  for (URI uri : origins) { 74  if (originUri.equals(uri)) { 75  return true; 76  } 77  } 78  79  return false; 80  } 81  82  public boolean isValidReferer(String referer) { 83  if (this.allowAllOrigins) { 84  return true; 85  } 86  87  URL refererUrl = null; 88  89  try { 90  refererUrl = new URL(referer); 91  } catch (MalformedURLException e) { 92  return false; 93  } 94  95  String refererProtocol = refererUrl.getProtocol(); 96  97  if (refererProtocol == null) { 98  return false; 99  } 100  101  String refererHost = refererUrl.getHost(); 102  103  if (refererHost == null) { 104  return false; 105  } 106  107  int refererPort = refererUrl.getPort(); 108  109  for (int k = 0; k < origins.length; k++) { 110  if (refererProtocol.equals(origins[k].getScheme()) && 111  refererHost.equals(origins[k].getHost()) && 112  refererPort == origins[k].getPort()) { 113  return true; 114  } 115  } 116  117  return false; 118  } 119  120  private static URI[] toUris(@Nonnull String list) throws URISyntaxException { 121  String[] elements = list.split(" "); 122  URI[] uris = new URI[elements.length]; 123  124  for (int k = 0; k < elements.length; k++) { 125  uris[k] = new URI(elements[k].trim()); 126  } 127  128  return uris; 129  } 130 }