diff options
Diffstat (limited to 'certServiceClient/src/main')
14 files changed, 292 insertions, 84 deletions
diff --git a/certServiceClient/src/main/java/org/onap/oom/certservice/client/CertServiceClient.java b/certServiceClient/src/main/java/org/onap/oom/certservice/client/CertServiceClient.java index d26be8d3..afa38b99 100644 --- a/certServiceClient/src/main/java/org/onap/oom/certservice/client/CertServiceClient.java +++ b/certServiceClient/src/main/java/org/onap/oom/certservice/client/CertServiceClient.java @@ -25,6 +25,7 @@ import static org.onap.oom.certservice.client.certification.EncryptionAlgorithmC import java.security.KeyPair; import javax.net.ssl.SSLContext; +import org.onap.oom.certservice.client.api.ExitStatus; import org.onap.oom.certservice.client.api.ExitableException; import org.onap.oom.certservice.client.certification.ArtifactsCreatorProvider; import org.onap.oom.certservice.client.certification.CsrFactory; @@ -36,10 +37,12 @@ import org.onap.oom.certservice.client.configuration.EnvsForCsr; import org.onap.oom.certservice.client.configuration.EnvsForTls; import org.onap.oom.certservice.client.configuration.factory.ClientConfigurationFactory; import org.onap.oom.certservice.client.configuration.factory.CsrConfigurationFactory; +import org.onap.oom.certservice.client.configuration.factory.SanMapper; import org.onap.oom.certservice.client.configuration.factory.SslContextFactory; import org.onap.oom.certservice.client.configuration.model.ClientConfiguration; import org.onap.oom.certservice.client.configuration.model.CsrConfiguration; -import org.onap.oom.certservice.client.configuration.validation.ValidatorsFactory; +import org.onap.oom.certservice.client.configuration.validation.client.OutputTypeValidator; +import org.onap.oom.certservice.client.configuration.validation.csr.CommonNameValidator; import org.onap.oom.certservice.client.httpclient.CloseableHttpsClientProvider; import org.onap.oom.certservice.client.httpclient.HttpClient; import org.onap.oom.certservice.client.httpclient.model.CertServiceResponse; @@ -60,12 +63,11 @@ public class CertServiceClient { KeyPairFactory keyPairFactory = new KeyPairFactory(RSA_ENCRYPTION_ALGORITHM, KEY_SIZE); PrivateKeyToPemEncoder pkEncoder = new PrivateKeyToPemEncoder(); Base64Encoder base64Encoder = new Base64Encoder(); - ValidatorsFactory validatorsFactory = new ValidatorsFactory(); try { ClientConfiguration clientConfiguration = new ClientConfigurationFactory(new EnvsForClient(), - validatorsFactory).create(); - CsrConfiguration csrConfiguration = new CsrConfigurationFactory(new EnvsForCsr(), validatorsFactory) - .create(); + new OutputTypeValidator()).create(); + CsrConfiguration csrConfiguration = new CsrConfigurationFactory(new EnvsForCsr(), new CommonNameValidator(), + new SanMapper()).create(); KeyPair keyPair = keyPairFactory.create(); CsrFactory csrFactory = new CsrFactory(csrConfiguration); SSLContext sslContext = new SslContextFactory(new EnvsForTls()).create(); @@ -90,6 +92,9 @@ public class CertServiceClient { } catch (ExitableException e) { LOGGER.error("Cert Service Client fails in execution: ", e); appExitHandler.exit(e.applicationExitStatus()); + } catch (Exception e) { + LOGGER.error("Application failed (unexpected error): ", e); + appExitHandler.exit(ExitStatus.UNEXPECTED_EXCEPTION); } appExitHandler.exit(SUCCESS); } diff --git a/certServiceClient/src/main/java/org/onap/oom/certservice/client/api/ExitStatus.java b/certServiceClient/src/main/java/org/onap/oom/certservice/client/api/ExitStatus.java index 1b1cc066..8ef79167 100644 --- a/certServiceClient/src/main/java/org/onap/oom/certservice/client/api/ExitStatus.java +++ b/certServiceClient/src/main/java/org/onap/oom/certservice/client/api/ExitStatus.java @@ -31,7 +31,8 @@ public enum ExitStatus { PEM_CONVERSION_EXCEPTION(7, "Fail in PEM conversion"), PK_TO_PEM_ENCODING_EXCEPTION(8, "Fail in Private Key to PEM Encoding"), TLS_CONFIGURATION_EXCEPTION(9, "Invalid TLS configuration"), - FILE_CREATION_EXCEPTION(10, "File could not be created"); + FILE_CREATION_EXCEPTION(10, "File could not be created"), + UNEXPECTED_EXCEPTION(99, "Application exited abnormally"); private final int value; private final String message; diff --git a/certServiceClient/src/main/java/org/onap/oom/certservice/client/api/ExitableException.java b/certServiceClient/src/main/java/org/onap/oom/certservice/client/api/ExitableException.java index ab7a308b..d488843f 100644 --- a/certServiceClient/src/main/java/org/onap/oom/certservice/client/api/ExitableException.java +++ b/certServiceClient/src/main/java/org/onap/oom/certservice/client/api/ExitableException.java @@ -19,7 +19,7 @@ package org.onap.oom.certservice.client.api; -public abstract class ExitableException extends Exception { +public abstract class ExitableException extends RuntimeException { public ExitableException(Throwable cause) { super(cause); } diff --git a/certServiceClient/src/main/java/org/onap/oom/certservice/client/certification/CsrFactory.java b/certServiceClient/src/main/java/org/onap/oom/certservice/client/certification/CsrFactory.java index 04216ff4..1215e699 100644 --- a/certServiceClient/src/main/java/org/onap/oom/certservice/client/certification/CsrFactory.java +++ b/certServiceClient/src/main/java/org/onap/oom/certservice/client/certification/CsrFactory.java @@ -48,6 +48,7 @@ import org.bouncycastle.pkcs.PKCS10CertificationRequest; import org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder; import org.onap.oom.certservice.client.certification.exception.CsrGenerationException; import org.onap.oom.certservice.client.configuration.model.CsrConfiguration; +import org.onap.oom.certservice.client.configuration.model.San; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -140,9 +141,9 @@ public class CsrFactory { } private GeneralNames createGeneralNames() { - List<String> sans = this.configuration.getSans(); + List<San> sans = this.configuration.getSans(); GeneralName[] generalNames = sans.stream() - .map(san -> new GeneralName(GeneralName.dNSName, san)) + .map(san -> new GeneralName(san.getType(), san.getValue())) .collect(Collectors.toList()) .toArray(GeneralName[]::new); return new GeneralNames(generalNames); diff --git a/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/factory/ClientConfigurationFactory.java b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/factory/ClientConfigurationFactory.java index 9f3ae9cc..f1541b04 100644 --- a/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/factory/ClientConfigurationFactory.java +++ b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/factory/ClientConfigurationFactory.java @@ -25,8 +25,8 @@ import org.onap.oom.certservice.client.configuration.ClientConfigurationEnvs; import org.onap.oom.certservice.client.configuration.EnvsForClient; import org.onap.oom.certservice.client.configuration.exception.ClientConfigurationException; import org.onap.oom.certservice.client.configuration.model.ClientConfiguration; -import org.onap.oom.certservice.client.configuration.validation.BasicValidationFunctions; -import org.onap.oom.certservice.client.configuration.validation.ValidatorsFactory; +import org.onap.oom.certservice.client.configuration.validation.client.ClientEnvsValueValidators; +import org.onap.oom.certservice.client.configuration.validation.client.OutputTypeValidator; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -34,12 +34,12 @@ public class ClientConfigurationFactory implements ConfigurationFactory<ClientCo private static final Logger LOGGER = LoggerFactory.getLogger(ClientConfigurationFactory.class); private final EnvsForClient envsForClient; - private final ValidatorsFactory validatorsFactory; + private final OutputTypeValidator outputTypeValidator; - public ClientConfigurationFactory(EnvsForClient envsForClient, ValidatorsFactory validatorsFactory) { + public ClientConfigurationFactory(EnvsForClient envsForClient, OutputTypeValidator outputTypeValidator) { this.envsForClient = envsForClient; - this.validatorsFactory = validatorsFactory; + this.outputTypeValidator = outputTypeValidator; } @Override @@ -54,19 +54,19 @@ public class ClientConfigurationFactory implements ConfigurationFactory<ClientCo .map(timeout -> configuration.setRequestTimeoutInMs(Integer.valueOf(timeout))); envsForClient.getOutputPath() - .filter(BasicValidationFunctions::isPathValid) + .filter(ClientEnvsValueValidators::isPathValid) .map(configuration::setCertsOutputPath) .orElseThrow(() -> new ClientConfigurationException(ClientConfigurationEnvs.OUTPUT_PATH + " is invalid.")); envsForClient.getCaName() - .filter(BasicValidationFunctions::isAlphaNumeric) + .filter(ClientEnvsValueValidators::isAlphaNumeric) .map(configuration::setCaName) .orElseThrow(() -> new ClientConfigurationException(ClientConfigurationEnvs.CA_NAME + " is invalid.")); Optional<String> outputType = envsForClient.getOutputType(); if (outputType.isPresent()) { - outputType.filter(validatorsFactory.outputTypeValidator()) + outputType.filter(outputTypeValidator) .map(configuration::setOutputType) .orElseThrow( () -> new ClientConfigurationException(ClientConfigurationEnvs.OUTPUT_TYPE + " is invalid.")); diff --git a/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/factory/CsrConfigurationFactory.java b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/factory/CsrConfigurationFactory.java index d050a2a3..48ead884 100644 --- a/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/factory/CsrConfigurationFactory.java +++ b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/factory/CsrConfigurationFactory.java @@ -20,15 +20,16 @@ package org.onap.oom.certservice.client.configuration.factory; -import static org.onap.oom.certservice.client.configuration.validation.BasicValidationFunctions.isSpecialCharPresent; +import static org.onap.oom.certservice.client.configuration.validation.csr.CsrEnvsValueValidators.isSpecialCharPresent; import java.util.Arrays; +import java.util.stream.Collectors; import org.onap.oom.certservice.client.configuration.CsrConfigurationEnvs; import org.onap.oom.certservice.client.configuration.EnvsForCsr; import org.onap.oom.certservice.client.configuration.exception.CsrConfigurationException; import org.onap.oom.certservice.client.configuration.model.CsrConfiguration; -import org.onap.oom.certservice.client.configuration.validation.BasicValidationFunctions; -import org.onap.oom.certservice.client.configuration.validation.ValidatorsFactory; +import org.onap.oom.certservice.client.configuration.validation.csr.CommonNameValidator; +import org.onap.oom.certservice.client.configuration.validation.csr.CsrEnvsValueValidators; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -39,11 +40,14 @@ public class CsrConfigurationFactory implements ConfigurationFactory<CsrConfigur private static final String SANS_DELIMITER = ","; private final EnvsForCsr envsForCsr; - private final ValidatorsFactory validatorsFactory; + private final CommonNameValidator commonNameValidator; + private final SanMapper sanMapper; - public CsrConfigurationFactory(EnvsForCsr envsForCsr, ValidatorsFactory validatorsFactory) { + public CsrConfigurationFactory(EnvsForCsr envsForCsr, CommonNameValidator commonNameValidator, + SanMapper sanMapper) { this.envsForCsr = envsForCsr; - this.validatorsFactory = validatorsFactory; + this.commonNameValidator = commonNameValidator; + this.sanMapper = sanMapper; } @Override @@ -52,33 +56,34 @@ public class CsrConfigurationFactory implements ConfigurationFactory<CsrConfigur CsrConfiguration configuration = new CsrConfiguration(); envsForCsr.getCommonName() - .filter(validatorsFactory.commonNameValidator()) - .map(configuration::setCommonName) - .orElseThrow(() -> new CsrConfigurationException(CsrConfigurationEnvs.COMMON_NAME + " is invalid.")); + .filter(commonNameValidator) + .map(configuration::setCommonName) + .orElseThrow(() -> new CsrConfigurationException(CsrConfigurationEnvs.COMMON_NAME + " is invalid.")); envsForCsr.getOrganization() - .filter(org -> !isSpecialCharPresent(org)) - .map(configuration::setOrganization) - .orElseThrow(() -> new CsrConfigurationException(CsrConfigurationEnvs.ORGANIZATION + " is invalid.")); + .filter(org -> !isSpecialCharPresent(org)) + .map(configuration::setOrganization) + .orElseThrow(() -> new CsrConfigurationException(CsrConfigurationEnvs.ORGANIZATION + " is invalid.")); envsForCsr.getState() - .map(configuration::setState) - .orElseThrow(() -> new CsrConfigurationException(CsrConfigurationEnvs.STATE + " is invalid.")); + .map(configuration::setState) + .orElseThrow(() -> new CsrConfigurationException(CsrConfigurationEnvs.STATE + " is invalid.")); envsForCsr.getCountry() - .filter(BasicValidationFunctions::isCountryValid) - .map(configuration::setCountry) - .orElseThrow(() -> new CsrConfigurationException(CsrConfigurationEnvs.COUNTRY + " is invalid.")); + .filter(CsrEnvsValueValidators::isCountryValid) + .map(configuration::setCountry) + .orElseThrow(() -> new CsrConfigurationException(CsrConfigurationEnvs.COUNTRY + " is invalid.")); envsForCsr.getOrganizationUnit() - .map(configuration::setOrganizationUnit); + .map(configuration::setOrganizationUnit); envsForCsr.getLocation() - .map(configuration::setLocation); + .map(configuration::setLocation); envsForCsr.getSubjectAlternativesName() .map(sans -> Arrays.asList(sans.split(SANS_DELIMITER))) - .map(configuration::setSubjectAlternativeNames); + .map(list -> list.stream().map(sanMapper).collect(Collectors.toList())) + .map(configuration::setSans); LOGGER.info("Successful validation of CSR configuration. Configuration data: {}", configuration.toString()); diff --git a/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/factory/SanMapper.java b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/factory/SanMapper.java new file mode 100644 index 00000000..f76bd572 --- /dev/null +++ b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/factory/SanMapper.java @@ -0,0 +1,48 @@ +/* + * ============LICENSE_START======================================================= + * oom-certservice-client + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.oom.certservice.client.configuration.factory; + +import static org.onap.oom.certservice.client.configuration.validation.csr.CsrEnvsValueValidators.isDomainNameValid; +import static org.onap.oom.certservice.client.configuration.validation.csr.CsrEnvsValueValidators.isEmailAddressValid; +import static org.onap.oom.certservice.client.configuration.validation.csr.CsrEnvsValueValidators.isIpAddressValid; +import static org.onap.oom.certservice.client.configuration.validation.csr.CsrEnvsValueValidators.isUriValid; + +import java.util.function.Function; +import org.bouncycastle.asn1.x509.GeneralName; +import org.onap.oom.certservice.client.configuration.exception.CsrConfigurationException; +import org.onap.oom.certservice.client.configuration.model.San; + +public class SanMapper implements Function<String, San> { + + public San apply(String san) { + if (isEmailAddressValid(san)) { + return new San(san, GeneralName.rfc822Name); + } else if (isIpAddressValid(san)) { + return new San(san, GeneralName.iPAddress); + } else if (isDomainNameValid(san)) { + return new San(san, GeneralName.dNSName); + } else if (isUriValid(san)) { + return new San(san, GeneralName.uniformResourceIdentifier); + } else { + throw new CsrConfigurationException("SAN :" + san + " does not match any requirements"); + } + } +} diff --git a/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/model/CsrConfiguration.java b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/model/CsrConfiguration.java index 382d1ffc..3f77d259 100644 --- a/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/model/CsrConfiguration.java +++ b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/model/CsrConfiguration.java @@ -32,7 +32,7 @@ public class CsrConfiguration implements ConfigurationModel { private String country; private String organizationUnit; private String location; - private List<String> sans; + private List<San> sans; public String getCommonName() { @@ -89,11 +89,11 @@ public class CsrConfiguration implements ConfigurationModel { return this; } - public List<String> getSans() { + public List<San> getSans() { return sans; } - public CsrConfiguration setSubjectAlternativeNames(List<String> subjectAlternativeNames) { + public CsrConfiguration setSans(List<San> subjectAlternativeNames) { this.sans = List.copyOf(subjectAlternativeNames); return this; } diff --git a/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/model/San.java b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/model/San.java new file mode 100644 index 00000000..5ca36246 --- /dev/null +++ b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/model/San.java @@ -0,0 +1,73 @@ +/* + * ============LICENSE_START======================================================= + * oom-certservice-client + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.oom.certservice.client.configuration.model; + +import java.util.Objects; + +public final class San { + + private final String value; + private final int type; + + public San(String value, int type) { + this.value = value; + this.type = type; + } + + public String getValue() { + return value; + } + + public int getType() { + return type; + } + + public String toString() { + return "{SAN value: " + value + ", type: " + getReadableType(type) + '}'; + } + + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + San san1 = (San) o; + return type == san1.type && + Objects.equals(value, san1.value); + } + + public int hashCode() { + return Objects.hash(value, type); + } + + private String getReadableType(int type) { + String readableType = "undefined"; + switch (type) { + case 1: readableType = "rfc822Name"; break; + case 2: readableType = "dNSName"; break; + case 6: readableType = "uniformResourceIdentifier"; break; + case 7: readableType = "iPAddress"; break; + } + return readableType; + } +} diff --git a/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/client/ClientEnvsValueValidators.java b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/client/ClientEnvsValueValidators.java new file mode 100644 index 00000000..503b7e46 --- /dev/null +++ b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/client/ClientEnvsValueValidators.java @@ -0,0 +1,33 @@ +/* + * ============LICENSE_START======================================================= + * oom-certservice-client + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ +package org.onap.oom.certservice.client.configuration.validation.client; + +public final class ClientEnvsValueValidators { + private static final String ALPHA_NUMERIC_REGEX = "^[a-zA-Z0-9]*$"; + private static final String VALID_PATH_REGEX = "^/|(/[a-zA-Z0-9_-]+)+/?$"; + + public static boolean isAlphaNumeric(String caName) { + return caName.matches(ALPHA_NUMERIC_REGEX); + } + + public static boolean isPathValid(String path) { + return path.matches(VALID_PATH_REGEX); + } +} diff --git a/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/ValidatorsFactory.java b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/client/OutputTypeValidator.java index 8eeac74a..6b737e26 100644 --- a/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/ValidatorsFactory.java +++ b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/client/OutputTypeValidator.java @@ -18,34 +18,18 @@ * ============LICENSE_END========================================================= */ -package org.onap.oom.certservice.client.configuration.validation; - -import static org.onap.oom.certservice.client.configuration.validation.BasicValidationFunctions.isHttpProtocolsPresent; -import static org.onap.oom.certservice.client.configuration.validation.BasicValidationFunctions.isIpAddressPresent; -import static org.onap.oom.certservice.client.configuration.validation.BasicValidationFunctions.isPortNumberPresent; -import static org.onap.oom.certservice.client.configuration.validation.BasicValidationFunctions.isSpecialCharPresent; +package org.onap.oom.certservice.client.configuration.validation.client; import java.util.Arrays; import java.util.function.Predicate; import org.onap.oom.certservice.client.certification.ArtifactsCreatorProvider; -public class ValidatorsFactory { - - public Predicate<String> commonNameValidator() { - return commonName -> - !isSpecialCharPresent(commonName) - && !isHttpProtocolsPresent(commonName) - && !isIpAddressPresent(commonName) - && !isPortNumberPresent(commonName); - } +public class OutputTypeValidator implements Predicate<String> { - public Predicate<String> outputTypeValidator() { - return outputType -> Arrays.stream(ArtifactsCreatorProvider.values()) + public boolean test(String outputType) { + return Arrays.stream(ArtifactsCreatorProvider.values()) .map(ArtifactsCreatorProvider::toString) .anyMatch(name -> name.equals(outputType)); } - public Predicate<String> uriValidator() { - return UriValidator::isValidUri; - } } diff --git a/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/csr/CommonNameValidator.java b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/csr/CommonNameValidator.java new file mode 100644 index 00000000..a5244466 --- /dev/null +++ b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/csr/CommonNameValidator.java @@ -0,0 +1,53 @@ +/* + * ============LICENSE_START======================================================= + * oom-certservice-client + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.oom.certservice.client.configuration.validation.csr; + +import static org.onap.oom.certservice.client.configuration.validation.csr.CsrEnvsValueValidators.isSpecialCharPresent; + +import java.util.function.Predicate; +import java.util.regex.Pattern; + +public final class CommonNameValidator implements Predicate<String> { + + private static final String PORT_POSTFIX_REGEX = ":[0-9]{1,5}"; + private static final String IPV4_ADDRESS_REGEX = "[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}"; + private static final String HTTP_HTTPS_SCHEME_REGEX = "[h][t][t][p][:][/][/]|[h][t][t][p][s][:][/][/]"; + + public boolean test(String commonName) { + return !isSpecialCharPresent(commonName) + && !isHttpProtocolsPresent(commonName) + && !isIpAddressPresent(commonName) + && !isPortNumberPresent(commonName); + } + + private boolean isPortNumberPresent(String stringToCheck) { + return Pattern.compile(PORT_POSTFIX_REGEX).matcher(stringToCheck).find(); + } + + private boolean isIpAddressPresent(String stringToCheck) { + return Pattern.compile(IPV4_ADDRESS_REGEX).matcher(stringToCheck).find(); + } + + private boolean isHttpProtocolsPresent(String stringToCheck) { + return Pattern.compile(HTTP_HTTPS_SCHEME_REGEX).matcher(stringToCheck).find(); + } + +} diff --git a/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/BasicValidationFunctions.java b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/csr/CsrEnvsValueValidators.java index e5044c26..31903a98 100644 --- a/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/BasicValidationFunctions.java +++ b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/csr/CsrEnvsValueValidators.java @@ -18,40 +18,45 @@ * ============LICENSE_END========================================================= */ -package org.onap.oom.certservice.client.configuration.validation; +package org.onap.oom.certservice.client.configuration.validation.csr; import java.util.Arrays; import java.util.Locale; import java.util.regex.Pattern; +import org.apache.commons.validator.routines.DomainValidator; +import org.apache.commons.validator.routines.EmailValidator; +import org.apache.commons.validator.routines.InetAddressValidator; -public class BasicValidationFunctions { +public final class CsrEnvsValueValidators { - public static boolean isPathValid(String path) { - return path.matches("^/|(/[a-zA-Z0-9_-]+)+/?$"); - } + private static final boolean ALLOW_LOCAL_DOMAINS = true; + + private static final String SPECIAL_CHAR_PRESENCE_REGEX = "[~#@*$+%!()?/{}<>\\|_^]"; - public static boolean isAlphaNumeric(String caName) { - return caName.matches("^[a-zA-Z0-9]*$"); + private CsrEnvsValueValidators() { } - public static boolean isSpecialCharPresent(String stringToCheck) { - return Pattern.compile("[~#@*$+%!()?/{}<>\\|_^]").matcher(stringToCheck).find(); + public static boolean isCountryValid(String country) { + return Arrays.asList(Locale.getISOCountries()).contains(country); } - public static boolean isPortNumberPresent(String stringToCheck) { - return Pattern.compile(":[0-9]{1,5}").matcher(stringToCheck).find(); + public static boolean isEmailAddressValid(String address) { + return EmailValidator.getInstance().isValid(address); } - public static boolean isIpAddressPresent(String stringToCheck) { - return Pattern.compile("[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}").matcher(stringToCheck).find(); + public static boolean isIpAddressValid(String address) { + return InetAddressValidator.getInstance().isValid(address); } - public static boolean isHttpProtocolsPresent(String stringToCheck) { - return Pattern.compile("[h][t][t][p][:][/][/]|[h][t][t][p][s][:][/][/]").matcher(stringToCheck).find(); + public static boolean isDomainNameValid(String domain) { + return DomainValidator.getInstance(ALLOW_LOCAL_DOMAINS).isValid(domain); } - public static boolean isCountryValid(String country) { - return Arrays.asList(Locale.getISOCountries()).contains(country); + public static boolean isUriValid(String uri) { + return UriValidator.isValid(uri); } + public static boolean isSpecialCharPresent(String stringToCheck) { + return Pattern.compile(SPECIAL_CHAR_PRESENCE_REGEX).matcher(stringToCheck).find(); + } } diff --git a/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/UriValidator.java b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/csr/UriValidator.java index 7800d739..b8073f42 100644 --- a/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/UriValidator.java +++ b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/validation/csr/UriValidator.java @@ -17,16 +17,12 @@ * limitations under the License. * ============LICENSE_END========================================================= */ - -package org.onap.oom.certservice.client.configuration.validation; +package org.onap.oom.certservice.client.configuration.validation.csr; /** * Compliant with the RFC3986 */ -public final class UriValidator { - - private UriValidator() { - } +final class UriValidator { private static final String SCHEME = "([A-Za-z][A-Za-z0-9+\\-.]*):"; @@ -63,7 +59,11 @@ public final class UriValidator { SCHEME + "(" + AUTHORITY_WITH_PATH + OR + PATH_BEGIN_WITH_SLASH + OR + PATH_WITHOUT_SLASH + OR + "" + ")" + QUERY + FRAGMENT; - public static boolean isValidUri(String uri) { + private UriValidator() { + } + + static boolean isValid(String uri) { return uri.matches(RFC3986_URI_MATCH_PATTERN); } } + |