Source code

001/*
002 * (C) Copyright 2010 Nuxeo SA (http://nuxeo.com/) and others.
003 *
004 * Licensed under the Apache License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 *     http://www.apache.org/licenses/LICENSE-2.0
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 *
016 * Contributors:
017 *     Nuxeo - initial API and implementation
018 */
019
020package org.nuxeo.ecm.platform.ui.web.auth.service;
021
022import java.util.regex.Matcher;
023import java.util.regex.Pattern;
024
025import javax.servlet.http.HttpServletRequest;
026
027import org.nuxeo.common.xmap.annotation.XNode;
028import org.nuxeo.common.xmap.annotation.XObject;
029import org.nuxeo.runtime.api.Framework;
030
031@XObject("openUrl")
032public class OpenUrlDescriptor {
033
034    @XNode("@name")
035    protected String name;
036
037    protected String grantPattern;
038
039    protected Pattern compiledGrantPattern;
040
041    @XNode("denyPattern")
042    protected String denyPattern;
043
044    protected Pattern compiledDenyPattern;
045
046    @XNode("method")
047    protected String method;
048
049    public String getName() {
050        return name;
051    }
052
053    @XNode("grantPattern")
054    public void setGrantPattern(String grantPattern) {
055        this.grantPattern = Framework.expandVars(grantPattern);
056    }
057
058    public String getGrantPattern() {
059        return grantPattern;
060    }
061
062    public Pattern getCompiledGrantPattern() {
063        if (compiledGrantPattern == null && (grantPattern != null && grantPattern.length() > 0)) {
064            compiledGrantPattern = Pattern.compile(grantPattern);
065        }
066        return compiledGrantPattern;
067    }
068
069    public Pattern getCompiledDenyPattern() {
070        if (compiledDenyPattern == null && denyPattern != null && denyPattern.length() > 0) {
071            compiledDenyPattern = Pattern.compile(denyPattern);
072        }
073        return compiledDenyPattern;
074    }
075
076    public String getDenyPattern() {
077        return denyPattern;
078    }
079
080    public String getMethod() {
081        return method;
082    }
083
084    public boolean allowByPassAuth(HttpServletRequest httpRequest) {
085        String uri = httpRequest.getRequestURI();
086        String requestMethod = httpRequest.getMethod();
087
088        if (method != null && !requestMethod.equals(method)) {
089            return false;
090        }
091
092        Pattern deny = getCompiledDenyPattern();
093        if (deny != null) {
094            Matcher denyMatcher = deny.matcher(uri);
095            if (denyMatcher.matches()) {
096                return false;
097            }
098        }
099
100        Pattern grant = getCompiledGrantPattern();
101        if (grant != null) {
102            Matcher grantMatcher = grant.matcher(uri);
103            if (grantMatcher.matches()) {
104                return true;
105            }
106        }
107        return false;
108    }
109
110}