001/* 002 * (C) Copyright 2010 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * Nuxeo - initial API and implementation 018 */ 019 020package org.nuxeo.ecm.platform.ui.web.auth.service; 021 022import java.util.regex.Matcher; 023import java.util.regex.Pattern; 024 025import javax.servlet.http.HttpServletRequest; 026 027import org.nuxeo.common.xmap.annotation.XNode; 028import org.nuxeo.common.xmap.annotation.XObject; 029import org.nuxeo.runtime.api.Framework; 030 031@XObject("openUrl") 032public class OpenUrlDescriptor { 033 034 @XNode("@name") 035 protected String name; 036 037 protected String grantPattern; 038 039 protected Pattern compiledGrantPattern; 040 041 @XNode("denyPattern") 042 protected String denyPattern; 043 044 protected Pattern compiledDenyPattern; 045 046 @XNode("method") 047 protected String method; 048 049 public String getName() { 050 return name; 051 } 052 053 @XNode("grantPattern") 054 public void setGrantPattern(String grantPattern) { 055 this.grantPattern = Framework.expandVars(grantPattern); 056 } 057 058 public String getGrantPattern() { 059 return grantPattern; 060 } 061 062 public Pattern getCompiledGrantPattern() { 063 if (compiledGrantPattern == null && (grantPattern != null && grantPattern.length() > 0)) { 064 compiledGrantPattern = Pattern.compile(grantPattern); 065 } 066 return compiledGrantPattern; 067 } 068 069 public Pattern getCompiledDenyPattern() { 070 if (compiledDenyPattern == null && denyPattern != null && denyPattern.length() > 0) { 071 compiledDenyPattern = Pattern.compile(denyPattern); 072 } 073 return compiledDenyPattern; 074 } 075 076 public String getDenyPattern() { 077 return denyPattern; 078 } 079 080 public String getMethod() { 081 return method; 082 } 083 084 public boolean allowByPassAuth(HttpServletRequest httpRequest) { 085 String uri = httpRequest.getRequestURI(); 086 String requestMethod = httpRequest.getMethod(); 087 088 if (method != null && !requestMethod.equals(method)) { 089 return false; 090 } 091 092 Pattern deny = getCompiledDenyPattern(); 093 if (deny != null) { 094 Matcher denyMatcher = deny.matcher(uri); 095 if (denyMatcher.matches()) { 096 return false; 097 } 098 } 099 100 Pattern grant = getCompiledGrantPattern(); 101 if (grant != null) { 102 Matcher grantMatcher = grant.matcher(uri); 103 if (grantMatcher.matches()) { 104 return true; 105 } 106 } 107 return false; 108 } 109 110}