aboutsummaryrefslogtreecommitdiffstats
path: root/certServiceClient/src/main
diff options
context:
space:
mode:
authorkjaniak <kornel.janiak@nokia.com>2020-11-13 15:03:17 +0100
committerkjaniak <kornel.janiak@nokia.com>2020-11-25 12:30:39 +0100
commit5a9b5d9d6911a82e50c7d3e15c2cc8b9ca14098a (patch)
tree1f78ba5e0862c970a91370e272d3740289942c66 /certServiceClient/src/main
parent6043d57de1232277456200a7e218cfa53e444c05 (diff)
[OOM cert-service-client] Add validation of email, ip and domain name
Added SanMapper to distinguish types of SANS. ExitableException changed to RuntimeException. Introcudced intermediate object San. Issue-ID: OOM-2559 Signed-off-by: kjaniak <kornel.janiak@nokia.com> Change-Id: I060de9869ab9fd737a474f683a251abd8431d224
Diffstat (limited to 'certServiceClient/src/main')
-rw-r--r--certServiceClient/src/main/java/org/onap/oom/certservice/client/CertServiceClient.java15
-rw-r--r--certServiceClient/src/main/java/org/onap/oom/certservice/client/api/ExitStatus.java3
-rw-r--r--certServiceClient/src/main/java/org/onap/oom/certservice/client/api/ExitableException.java2
-rw-r--r--certServiceClient/src/main/java/org/onap/oom/certservice/client/certification/CsrFactory.java5
-rw-r--r--certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/factory/ClientConfigurationFactory.java16
-rw-r--r--certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/factory/CsrConfigurationFactory.java45
-rw-r--r--certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/factory/SanMapper.java48
-rw-r--r--certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/model/CsrConfiguration.java6
-rw-r--r--certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/model/San.java73
-rw-r--r--certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/client/ClientEnvsValueValidators.java33
-rw-r--r--certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/client/OutputTypeValidator.java (renamed from certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/ValidatorsFactory.java)24
-rw-r--r--certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/csr/CommonNameValidator.java53
-rw-r--r--certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/csr/CsrEnvsValueValidators.java (renamed from certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/BasicValidationFunctions.java)39
-rw-r--r--certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/csr/UriValidator.java (renamed from certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/UriValidator.java)14
14 files changed, 292 insertions, 84 deletions
diff --git a/certServiceClient/src/main/java/org/onap/oom/certservice/client/CertServiceClient.java b/certServiceClient/src/main/java/org/onap/oom/certservice/client/CertServiceClient.java
index d26be8d3..afa38b99 100644
--- a/certServiceClient/src/main/java/org/onap/oom/certservice/client/CertServiceClient.java
+++ b/certServiceClient/src/main/java/org/onap/oom/certservice/client/CertServiceClient.java
@@ -25,6 +25,7 @@ import static org.onap.oom.certservice.client.certification.EncryptionAlgorithmC
import java.security.KeyPair;
import javax.net.ssl.SSLContext;
+import org.onap.oom.certservice.client.api.ExitStatus;
import org.onap.oom.certservice.client.api.ExitableException;
import org.onap.oom.certservice.client.certification.ArtifactsCreatorProvider;
import org.onap.oom.certservice.client.certification.CsrFactory;
@@ -36,10 +37,12 @@ import org.onap.oom.certservice.client.configuration.EnvsForCsr;
import org.onap.oom.certservice.client.configuration.EnvsForTls;
import org.onap.oom.certservice.client.configuration.factory.ClientConfigurationFactory;
import org.onap.oom.certservice.client.configuration.factory.CsrConfigurationFactory;
+import org.onap.oom.certservice.client.configuration.factory.SanMapper;
import org.onap.oom.certservice.client.configuration.factory.SslContextFactory;
import org.onap.oom.certservice.client.configuration.model.ClientConfiguration;
import org.onap.oom.certservice.client.configuration.model.CsrConfiguration;
-import org.onap.oom.certservice.client.configuration.validation.ValidatorsFactory;
+import org.onap.oom.certservice.client.configuration.validation.client.OutputTypeValidator;
+import org.onap.oom.certservice.client.configuration.validation.csr.CommonNameValidator;
import org.onap.oom.certservice.client.httpclient.CloseableHttpsClientProvider;
import org.onap.oom.certservice.client.httpclient.HttpClient;
import org.onap.oom.certservice.client.httpclient.model.CertServiceResponse;
@@ -60,12 +63,11 @@ public class CertServiceClient {
KeyPairFactory keyPairFactory = new KeyPairFactory(RSA_ENCRYPTION_ALGORITHM, KEY_SIZE);
PrivateKeyToPemEncoder pkEncoder = new PrivateKeyToPemEncoder();
Base64Encoder base64Encoder = new Base64Encoder();
- ValidatorsFactory validatorsFactory = new ValidatorsFactory();
try {
ClientConfiguration clientConfiguration = new ClientConfigurationFactory(new EnvsForClient(),
- validatorsFactory).create();
- CsrConfiguration csrConfiguration = new CsrConfigurationFactory(new EnvsForCsr(), validatorsFactory)
- .create();
+ new OutputTypeValidator()).create();
+ CsrConfiguration csrConfiguration = new CsrConfigurationFactory(new EnvsForCsr(), new CommonNameValidator(),
+ new SanMapper()).create();
KeyPair keyPair = keyPairFactory.create();
CsrFactory csrFactory = new CsrFactory(csrConfiguration);
SSLContext sslContext = new SslContextFactory(new EnvsForTls()).create();
@@ -90,6 +92,9 @@ public class CertServiceClient {
} catch (ExitableException e) {
LOGGER.error("Cert Service Client fails in execution: ", e);
appExitHandler.exit(e.applicationExitStatus());
+ } catch (Exception e) {
+ LOGGER.error("Application failed (unexpected error): ", e);
+ appExitHandler.exit(ExitStatus.UNEXPECTED_EXCEPTION);
}
appExitHandler.exit(SUCCESS);
}
diff --git a/certServiceClient/src/main/java/org/onap/oom/certservice/client/api/ExitStatus.java b/certServiceClient/src/main/java/org/onap/oom/certservice/client/api/ExitStatus.java
index 1b1cc066..8ef79167 100644
--- a/certServiceClient/src/main/java/org/onap/oom/certservice/client/api/ExitStatus.java
+++ b/certServiceClient/src/main/java/org/onap/oom/certservice/client/api/ExitStatus.java
@@ -31,7 +31,8 @@ public enum ExitStatus {
PEM_CONVERSION_EXCEPTION(7, "Fail in PEM conversion"),
PK_TO_PEM_ENCODING_EXCEPTION(8, "Fail in Private Key to PEM Encoding"),
TLS_CONFIGURATION_EXCEPTION(9, "Invalid TLS configuration"),
- FILE_CREATION_EXCEPTION(10, "File could not be created");
+ FILE_CREATION_EXCEPTION(10, "File could not be created"),
+ UNEXPECTED_EXCEPTION(99, "Application exited abnormally");
private final int value;
private final String message;
diff --git a/certServiceClient/src/main/java/org/onap/oom/certservice/client/api/ExitableException.java b/certServiceClient/src/main/java/org/onap/oom/certservice/client/api/ExitableException.java
index ab7a308b..d488843f 100644
--- a/certServiceClient/src/main/java/org/onap/oom/certservice/client/api/ExitableException.java
+++ b/certServiceClient/src/main/java/org/onap/oom/certservice/client/api/ExitableException.java
@@ -19,7 +19,7 @@
package org.onap.oom.certservice.client.api;
-public abstract class ExitableException extends Exception {
+public abstract class ExitableException extends RuntimeException {
public ExitableException(Throwable cause) {
super(cause);
}
diff --git a/certServiceClient/src/main/java/org/onap/oom/certservice/client/certification/CsrFactory.java b/certServiceClient/src/main/java/org/onap/oom/certservice/client/certification/CsrFactory.java
index 04216ff4..1215e699 100644
--- a/certServiceClient/src/main/java/org/onap/oom/certservice/client/certification/CsrFactory.java
+++ b/certServiceClient/src/main/java/org/onap/oom/certservice/client/certification/CsrFactory.java
@@ -48,6 +48,7 @@ import org.bouncycastle.pkcs.PKCS10CertificationRequest;
import org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder;
import org.onap.oom.certservice.client.certification.exception.CsrGenerationException;
import org.onap.oom.certservice.client.configuration.model.CsrConfiguration;
+import org.onap.oom.certservice.client.configuration.model.San;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -140,9 +141,9 @@ public class CsrFactory {
}
private GeneralNames createGeneralNames() {
- List<String> sans = this.configuration.getSans();
+ List<San> sans = this.configuration.getSans();
GeneralName[] generalNames = sans.stream()
- .map(san -> new GeneralName(GeneralName.dNSName, san))
+ .map(san -> new GeneralName(san.getType(), san.getValue()))
.collect(Collectors.toList())
.toArray(GeneralName[]::new);
return new GeneralNames(generalNames);
diff --git a/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/factory/ClientConfigurationFactory.java b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/factory/ClientConfigurationFactory.java
index 9f3ae9cc..f1541b04 100644
--- a/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/factory/ClientConfigurationFactory.java
+++ b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/factory/ClientConfigurationFactory.java
@@ -25,8 +25,8 @@ import org.onap.oom.certservice.client.configuration.ClientConfigurationEnvs;
import org.onap.oom.certservice.client.configuration.EnvsForClient;
import org.onap.oom.certservice.client.configuration.exception.ClientConfigurationException;
import org.onap.oom.certservice.client.configuration.model.ClientConfiguration;
-import org.onap.oom.certservice.client.configuration.validation.BasicValidationFunctions;
-import org.onap.oom.certservice.client.configuration.validation.ValidatorsFactory;
+import org.onap.oom.certservice.client.configuration.validation.client.ClientEnvsValueValidators;
+import org.onap.oom.certservice.client.configuration.validation.client.OutputTypeValidator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -34,12 +34,12 @@ public class ClientConfigurationFactory implements ConfigurationFactory<ClientCo
private static final Logger LOGGER = LoggerFactory.getLogger(ClientConfigurationFactory.class);
private final EnvsForClient envsForClient;
- private final ValidatorsFactory validatorsFactory;
+ private final OutputTypeValidator outputTypeValidator;
- public ClientConfigurationFactory(EnvsForClient envsForClient, ValidatorsFactory validatorsFactory) {
+ public ClientConfigurationFactory(EnvsForClient envsForClient, OutputTypeValidator outputTypeValidator) {
this.envsForClient = envsForClient;
- this.validatorsFactory = validatorsFactory;
+ this.outputTypeValidator = outputTypeValidator;
}
@Override
@@ -54,19 +54,19 @@ public class ClientConfigurationFactory implements ConfigurationFactory<ClientCo
.map(timeout -> configuration.setRequestTimeoutInMs(Integer.valueOf(timeout)));
envsForClient.getOutputPath()
- .filter(BasicValidationFunctions::isPathValid)
+ .filter(ClientEnvsValueValidators::isPathValid)
.map(configuration::setCertsOutputPath)
.orElseThrow(() -> new ClientConfigurationException(ClientConfigurationEnvs.OUTPUT_PATH + " is invalid."));
envsForClient.getCaName()
- .filter(BasicValidationFunctions::isAlphaNumeric)
+ .filter(ClientEnvsValueValidators::isAlphaNumeric)
.map(configuration::setCaName)
.orElseThrow(() -> new ClientConfigurationException(ClientConfigurationEnvs.CA_NAME + " is invalid."));
Optional<String> outputType = envsForClient.getOutputType();
if (outputType.isPresent()) {
- outputType.filter(validatorsFactory.outputTypeValidator())
+ outputType.filter(outputTypeValidator)
.map(configuration::setOutputType)
.orElseThrow(
() -> new ClientConfigurationException(ClientConfigurationEnvs.OUTPUT_TYPE + " is invalid."));
diff --git a/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/factory/CsrConfigurationFactory.java b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/factory/CsrConfigurationFactory.java
index d050a2a3..48ead884 100644
--- a/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/factory/CsrConfigurationFactory.java
+++ b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/factory/CsrConfigurationFactory.java
@@ -20,15 +20,16 @@
package org.onap.oom.certservice.client.configuration.factory;
-import static org.onap.oom.certservice.client.configuration.validation.BasicValidationFunctions.isSpecialCharPresent;
+import static org.onap.oom.certservice.client.configuration.validation.csr.CsrEnvsValueValidators.isSpecialCharPresent;
import java.util.Arrays;
+import java.util.stream.Collectors;
import org.onap.oom.certservice.client.configuration.CsrConfigurationEnvs;
import org.onap.oom.certservice.client.configuration.EnvsForCsr;
import org.onap.oom.certservice.client.configuration.exception.CsrConfigurationException;
import org.onap.oom.certservice.client.configuration.model.CsrConfiguration;
-import org.onap.oom.certservice.client.configuration.validation.BasicValidationFunctions;
-import org.onap.oom.certservice.client.configuration.validation.ValidatorsFactory;
+import org.onap.oom.certservice.client.configuration.validation.csr.CommonNameValidator;
+import org.onap.oom.certservice.client.configuration.validation.csr.CsrEnvsValueValidators;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -39,11 +40,14 @@ public class CsrConfigurationFactory implements ConfigurationFactory<CsrConfigur
private static final String SANS_DELIMITER = ",";
private final EnvsForCsr envsForCsr;
- private final ValidatorsFactory validatorsFactory;
+ private final CommonNameValidator commonNameValidator;
+ private final SanMapper sanMapper;
- public CsrConfigurationFactory(EnvsForCsr envsForCsr, ValidatorsFactory validatorsFactory) {
+ public CsrConfigurationFactory(EnvsForCsr envsForCsr, CommonNameValidator commonNameValidator,
+ SanMapper sanMapper) {
this.envsForCsr = envsForCsr;
- this.validatorsFactory = validatorsFactory;
+ this.commonNameValidator = commonNameValidator;
+ this.sanMapper = sanMapper;
}
@Override
@@ -52,33 +56,34 @@ public class CsrConfigurationFactory implements ConfigurationFactory<CsrConfigur
CsrConfiguration configuration = new CsrConfiguration();
envsForCsr.getCommonName()
- .filter(validatorsFactory.commonNameValidator())
- .map(configuration::setCommonName)
- .orElseThrow(() -> new CsrConfigurationException(CsrConfigurationEnvs.COMMON_NAME + " is invalid."));
+ .filter(commonNameValidator)
+ .map(configuration::setCommonName)
+ .orElseThrow(() -> new CsrConfigurationException(CsrConfigurationEnvs.COMMON_NAME + " is invalid."));
envsForCsr.getOrganization()
- .filter(org -> !isSpecialCharPresent(org))
- .map(configuration::setOrganization)
- .orElseThrow(() -> new CsrConfigurationException(CsrConfigurationEnvs.ORGANIZATION + " is invalid."));
+ .filter(org -> !isSpecialCharPresent(org))
+ .map(configuration::setOrganization)
+ .orElseThrow(() -> new CsrConfigurationException(CsrConfigurationEnvs.ORGANIZATION + " is invalid."));
envsForCsr.getState()
- .map(configuration::setState)
- .orElseThrow(() -> new CsrConfigurationException(CsrConfigurationEnvs.STATE + " is invalid."));
+ .map(configuration::setState)
+ .orElseThrow(() -> new CsrConfigurationException(CsrConfigurationEnvs.STATE + " is invalid."));
envsForCsr.getCountry()
- .filter(BasicValidationFunctions::isCountryValid)
- .map(configuration::setCountry)
- .orElseThrow(() -> new CsrConfigurationException(CsrConfigurationEnvs.COUNTRY + " is invalid."));
+ .filter(CsrEnvsValueValidators::isCountryValid)
+ .map(configuration::setCountry)
+ .orElseThrow(() -> new CsrConfigurationException(CsrConfigurationEnvs.COUNTRY + " is invalid."));
envsForCsr.getOrganizationUnit()
- .map(configuration::setOrganizationUnit);
+ .map(configuration::setOrganizationUnit);
envsForCsr.getLocation()
- .map(configuration::setLocation);
+ .map(configuration::setLocation);
envsForCsr.getSubjectAlternativesName()
.map(sans -> Arrays.asList(sans.split(SANS_DELIMITER)))
- .map(configuration::setSubjectAlternativeNames);
+ .map(list -> list.stream().map(sanMapper).collect(Collectors.toList()))
+ .map(configuration::setSans);
LOGGER.info("Successful validation of CSR configuration. Configuration data: {}", configuration.toString());
diff --git a/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/factory/SanMapper.java b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/factory/SanMapper.java
new file mode 100644
index 00000000..f76bd572
--- /dev/null
+++ b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/factory/SanMapper.java
@@ -0,0 +1,48 @@
+/*
+ * ============LICENSE_START=======================================================
+ * oom-certservice-client
+ * ================================================================================
+ * Copyright (C) 2020 Nokia. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.oom.certservice.client.configuration.factory;
+
+import static org.onap.oom.certservice.client.configuration.validation.csr.CsrEnvsValueValidators.isDomainNameValid;
+import static org.onap.oom.certservice.client.configuration.validation.csr.CsrEnvsValueValidators.isEmailAddressValid;
+import static org.onap.oom.certservice.client.configuration.validation.csr.CsrEnvsValueValidators.isIpAddressValid;
+import static org.onap.oom.certservice.client.configuration.validation.csr.CsrEnvsValueValidators.isUriValid;
+
+import java.util.function.Function;
+import org.bouncycastle.asn1.x509.GeneralName;
+import org.onap.oom.certservice.client.configuration.exception.CsrConfigurationException;
+import org.onap.oom.certservice.client.configuration.model.San;
+
+public class SanMapper implements Function<String, San> {
+
+ public San apply(String san) {
+ if (isEmailAddressValid(san)) {
+ return new San(san, GeneralName.rfc822Name);
+ } else if (isIpAddressValid(san)) {
+ return new San(san, GeneralName.iPAddress);
+ } else if (isDomainNameValid(san)) {
+ return new San(san, GeneralName.dNSName);
+ } else if (isUriValid(san)) {
+ return new San(san, GeneralName.uniformResourceIdentifier);
+ } else {
+ throw new CsrConfigurationException("SAN :" + san + " does not match any requirements");
+ }
+ }
+}
diff --git a/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/model/CsrConfiguration.java b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/model/CsrConfiguration.java
index 382d1ffc..3f77d259 100644
--- a/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/model/CsrConfiguration.java
+++ b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/model/CsrConfiguration.java
@@ -32,7 +32,7 @@ public class CsrConfiguration implements ConfigurationModel {
private String country;
private String organizationUnit;
private String location;
- private List<String> sans;
+ private List<San> sans;
public String getCommonName() {
@@ -89,11 +89,11 @@ public class CsrConfiguration implements ConfigurationModel {
return this;
}
- public List<String> getSans() {
+ public List<San> getSans() {
return sans;
}
- public CsrConfiguration setSubjectAlternativeNames(List<String> subjectAlternativeNames) {
+ public CsrConfiguration setSans(List<San> subjectAlternativeNames) {
this.sans = List.copyOf(subjectAlternativeNames);
return this;
}
diff --git a/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/model/San.java b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/model/San.java
new file mode 100644
index 00000000..5ca36246
--- /dev/null
+++ b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/model/San.java
@@ -0,0 +1,73 @@
+/*
+ * ============LICENSE_START=======================================================
+ * oom-certservice-client
+ * ================================================================================
+ * Copyright (C) 2020 Nokia. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.oom.certservice.client.configuration.model;
+
+import java.util.Objects;
+
+public final class San {
+
+ private final String value;
+ private final int type;
+
+ public San(String value, int type) {
+ this.value = value;
+ this.type = type;
+ }
+
+ public String getValue() {
+ return value;
+ }
+
+ public int getType() {
+ return type;
+ }
+
+ public String toString() {
+ return "{SAN value: " + value + ", type: " + getReadableType(type) + '}';
+ }
+
+ public boolean equals(Object o) {
+ if (this == o) {
+ return true;
+ }
+ if (o == null || getClass() != o.getClass()) {
+ return false;
+ }
+ San san1 = (San) o;
+ return type == san1.type &&
+ Objects.equals(value, san1.value);
+ }
+
+ public int hashCode() {
+ return Objects.hash(value, type);
+ }
+
+ private String getReadableType(int type) {
+ String readableType = "undefined";
+ switch (type) {
+ case 1: readableType = "rfc822Name"; break;
+ case 2: readableType = "dNSName"; break;
+ case 6: readableType = "uniformResourceIdentifier"; break;
+ case 7: readableType = "iPAddress"; break;
+ }
+ return readableType;
+ }
+}
diff --git a/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/client/ClientEnvsValueValidators.java b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/client/ClientEnvsValueValidators.java
new file mode 100644
index 00000000..503b7e46
--- /dev/null
+++ b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/client/ClientEnvsValueValidators.java
@@ -0,0 +1,33 @@
+/*
+ * ============LICENSE_START=======================================================
+ * oom-certservice-client
+ * ================================================================================
+ * Copyright (C) 2020 Nokia. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+package org.onap.oom.certservice.client.configuration.validation.client;
+
+public final class ClientEnvsValueValidators {
+ private static final String ALPHA_NUMERIC_REGEX = "^[a-zA-Z0-9]*$";
+ private static final String VALID_PATH_REGEX = "^/|(/[a-zA-Z0-9_-]+)+/?$";
+
+ public static boolean isAlphaNumeric(String caName) {
+ return caName.matches(ALPHA_NUMERIC_REGEX);
+ }
+
+ public static boolean isPathValid(String path) {
+ return path.matches(VALID_PATH_REGEX);
+ }
+}
diff --git a/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/ValidatorsFactory.java b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/client/OutputTypeValidator.java
index 8eeac74a..6b737e26 100644
--- a/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/ValidatorsFactory.java
+++ b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/client/OutputTypeValidator.java
@@ -18,34 +18,18 @@
* ============LICENSE_END=========================================================
*/
-package org.onap.oom.certservice.client.configuration.validation;
-
-import static org.onap.oom.certservice.client.configuration.validation.BasicValidationFunctions.isHttpProtocolsPresent;
-import static org.onap.oom.certservice.client.configuration.validation.BasicValidationFunctions.isIpAddressPresent;
-import static org.onap.oom.certservice.client.configuration.validation.BasicValidationFunctions.isPortNumberPresent;
-import static org.onap.oom.certservice.client.configuration.validation.BasicValidationFunctions.isSpecialCharPresent;
+package org.onap.oom.certservice.client.configuration.validation.client;
import java.util.Arrays;
import java.util.function.Predicate;
import org.onap.oom.certservice.client.certification.ArtifactsCreatorProvider;
-public class ValidatorsFactory {
-
- public Predicate<String> commonNameValidator() {
- return commonName ->
- !isSpecialCharPresent(commonName)
- && !isHttpProtocolsPresent(commonName)
- && !isIpAddressPresent(commonName)
- && !isPortNumberPresent(commonName);
- }
+public class OutputTypeValidator implements Predicate<String> {
- public Predicate<String> outputTypeValidator() {
- return outputType -> Arrays.stream(ArtifactsCreatorProvider.values())
+ public boolean test(String outputType) {
+ return Arrays.stream(ArtifactsCreatorProvider.values())
.map(ArtifactsCreatorProvider::toString)
.anyMatch(name -> name.equals(outputType));
}
- public Predicate<String> uriValidator() {
- return UriValidator::isValidUri;
- }
}
diff --git a/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/csr/CommonNameValidator.java b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/csr/CommonNameValidator.java
new file mode 100644
index 00000000..a5244466
--- /dev/null
+++ b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/csr/CommonNameValidator.java
@@ -0,0 +1,53 @@
+/*
+ * ============LICENSE_START=======================================================
+ * oom-certservice-client
+ * ================================================================================
+ * Copyright (C) 2020 Nokia. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.oom.certservice.client.configuration.validation.csr;
+
+import static org.onap.oom.certservice.client.configuration.validation.csr.CsrEnvsValueValidators.isSpecialCharPresent;
+
+import java.util.function.Predicate;
+import java.util.regex.Pattern;
+
+public final class CommonNameValidator implements Predicate<String> {
+
+ private static final String PORT_POSTFIX_REGEX = ":[0-9]{1,5}";
+ private static final String IPV4_ADDRESS_REGEX = "[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}";
+ private static final String HTTP_HTTPS_SCHEME_REGEX = "[h][t][t][p][:][/][/]|[h][t][t][p][s][:][/][/]";
+
+ public boolean test(String commonName) {
+ return !isSpecialCharPresent(commonName)
+ && !isHttpProtocolsPresent(commonName)
+ && !isIpAddressPresent(commonName)
+ && !isPortNumberPresent(commonName);
+ }
+
+ private boolean isPortNumberPresent(String stringToCheck) {
+ return Pattern.compile(PORT_POSTFIX_REGEX).matcher(stringToCheck).find();
+ }
+
+ private boolean isIpAddressPresent(String stringToCheck) {
+ return Pattern.compile(IPV4_ADDRESS_REGEX).matcher(stringToCheck).find();
+ }
+
+ private boolean isHttpProtocolsPresent(String stringToCheck) {
+ return Pattern.compile(HTTP_HTTPS_SCHEME_REGEX).matcher(stringToCheck).find();
+ }
+
+}
diff --git a/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/BasicValidationFunctions.java b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/csr/CsrEnvsValueValidators.java
index e5044c26..31903a98 100644
--- a/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/BasicValidationFunctions.java
+++ b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/csr/CsrEnvsValueValidators.java
@@ -18,40 +18,45 @@
* ============LICENSE_END=========================================================
*/
-package org.onap.oom.certservice.client.configuration.validation;
+package org.onap.oom.certservice.client.configuration.validation.csr;
import java.util.Arrays;
import java.util.Locale;
import java.util.regex.Pattern;
+import org.apache.commons.validator.routines.DomainValidator;
+import org.apache.commons.validator.routines.EmailValidator;
+import org.apache.commons.validator.routines.InetAddressValidator;
-public class BasicValidationFunctions {
+public final class CsrEnvsValueValidators {
- public static boolean isPathValid(String path) {
- return path.matches("^/|(/[a-zA-Z0-9_-]+)+/?$");
- }
+ private static final boolean ALLOW_LOCAL_DOMAINS = true;
+
+ private static final String SPECIAL_CHAR_PRESENCE_REGEX = "[~#@*$+%!()?/{}<>\\|_^]";
- public static boolean isAlphaNumeric(String caName) {
- return caName.matches("^[a-zA-Z0-9]*$");
+ private CsrEnvsValueValidators() {
}
- public static boolean isSpecialCharPresent(String stringToCheck) {
- return Pattern.compile("[~#@*$+%!()?/{}<>\\|_^]").matcher(stringToCheck).find();
+ public static boolean isCountryValid(String country) {
+ return Arrays.asList(Locale.getISOCountries()).contains(country);
}
- public static boolean isPortNumberPresent(String stringToCheck) {
- return Pattern.compile(":[0-9]{1,5}").matcher(stringToCheck).find();
+ public static boolean isEmailAddressValid(String address) {
+ return EmailValidator.getInstance().isValid(address);
}
- public static boolean isIpAddressPresent(String stringToCheck) {
- return Pattern.compile("[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}").matcher(stringToCheck).find();
+ public static boolean isIpAddressValid(String address) {
+ return InetAddressValidator.getInstance().isValid(address);
}
- public static boolean isHttpProtocolsPresent(String stringToCheck) {
- return Pattern.compile("[h][t][t][p][:][/][/]|[h][t][t][p][s][:][/][/]").matcher(stringToCheck).find();
+ public static boolean isDomainNameValid(String domain) {
+ return DomainValidator.getInstance(ALLOW_LOCAL_DOMAINS).isValid(domain);
}
- public static boolean isCountryValid(String country) {
- return Arrays.asList(Locale.getISOCountries()).contains(country);
+ public static boolean isUriValid(String uri) {
+ return UriValidator.isValid(uri);
}
+ public static boolean isSpecialCharPresent(String stringToCheck) {
+ return Pattern.compile(SPECIAL_CHAR_PRESENCE_REGEX).matcher(stringToCheck).find();
+ }
}
diff --git a/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/UriValidator.java b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/csr/UriValidator.java
index 7800d739..b8073f42 100644
--- a/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/UriValidator.java
+++ b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/csr/UriValidator.java
@@ -17,16 +17,12 @@
* limitations under the License.
* ============LICENSE_END=========================================================
*/
-
-package org.onap.oom.certservice.client.configuration.validation;
+package org.onap.oom.certservice.client.configuration.validation.csr;
/**
* Compliant with the RFC3986
*/
-public final class UriValidator {
-
- private UriValidator() {
- }
+final class UriValidator {
private static final String SCHEME = "([A-Za-z][A-Za-z0-9+\\-.]*):";
@@ -63,7 +59,11 @@ public final class UriValidator {
SCHEME + "(" + AUTHORITY_WITH_PATH + OR + PATH_BEGIN_WITH_SLASH + OR + PATH_WITHOUT_SLASH + OR + "" + ")"
+ QUERY + FRAGMENT;
- public static boolean isValidUri(String uri) {
+ private UriValidator() {
+ }
+
+ static boolean isValid(String uri) {
return uri.matches(RFC3986_URI_MATCH_PATTERN);
}
}
+