001/* 002 * (C) Copyright 2010 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * Nuxeo - initial API and implementation 018 */ 019 020package org.nuxeo.ecm.platform.ui.web.auth.service; 021 022import java.io.Serializable; 023import java.util.regex.Matcher; 024import java.util.regex.Pattern; 025 026import javax.servlet.http.HttpServletRequest; 027 028import org.nuxeo.common.xmap.annotation.XNode; 029import org.nuxeo.common.xmap.annotation.XObject; 030import org.nuxeo.runtime.api.Framework; 031 032@XObject("openUrl") 033public class OpenUrlDescriptor implements Serializable { 034 035 private static final long serialVersionUID = 1L; 036 037 @XNode("@name") 038 protected String name; 039 040 protected String grantPattern; 041 042 protected Pattern compiledGrantPattern; 043 044 @XNode("denyPattern") 045 protected String denyPattern; 046 047 protected Pattern compiledDenyPattern; 048 049 @XNode("method") 050 protected String method; 051 052 public String getName() { 053 return name; 054 } 055 056 @XNode("grantPattern") 057 public void setGrantPattern(String grantPattern) { 058 this.grantPattern = Framework.expandVars(grantPattern); 059 } 060 061 public String getGrantPattern() { 062 return grantPattern; 063 } 064 065 public Pattern getCompiledGrantPattern() { 066 if (compiledGrantPattern == null && (grantPattern != null && grantPattern.length() > 0)) { 067 compiledGrantPattern = Pattern.compile(grantPattern); 068 } 069 return compiledGrantPattern; 070 } 071 072 public Pattern getCompiledDenyPattern() { 073 if (compiledDenyPattern == null && denyPattern != null && denyPattern.length() > 0) { 074 compiledDenyPattern = Pattern.compile(denyPattern); 075 } 076 return compiledDenyPattern; 077 } 078 079 public String getDenyPattern() { 080 return denyPattern; 081 } 082 083 public String getMethod() { 084 return method; 085 } 086 087 public boolean allowByPassAuth(HttpServletRequest httpRequest) { 088 String uri = httpRequest.getRequestURI(); 089 String requestMethod = httpRequest.getMethod(); 090 091 if (method != null && !requestMethod.equals(method)) { 092 return false; 093 } 094 095 Pattern deny = getCompiledDenyPattern(); 096 if (deny != null) { 097 Matcher denyMatcher = deny.matcher(uri); 098 if (denyMatcher.matches()) { 099 return false; 100 } 101 } 102 103 Pattern grant = getCompiledGrantPattern(); 104 if (grant != null) { 105 Matcher grantMatcher = grant.matcher(uri); 106 if (grantMatcher.matches()) { 107 return true; 108 } 109 } 110 return false; 111 } 112 113}