This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit 94f166631b6e424c8926442e7b5375e1f3ca86e6
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Thu May 24 22:17:11 2018 +0000
Refactor to simplify code. Also improve code coverage
---
.../tomcat/util/http/parser/Authorization.java | 71 +++++++++-------------
.../util/http/parser/LocalStrings.properties | 2 -
.../util/http/parser/TestAuthorizationDigest.java | 28 ++++++++-
3 files changed, 56 insertions(+), 45 deletions(-)
diff --git a/java/org/apache/tomcat/util/http/parser/Authorization.java
b/java/org/apache/tomcat/util/http/parser/Authorization.java
index a61b4f0..443fcc5 100644
--- a/java/org/apache/tomcat/util/http/parser/Authorization.java
+++ b/java/org/apache/tomcat/util/http/parser/Authorization.java
@@ -22,43 +22,32 @@ import java.util.HashMap;
import java.util.Locale;
import java.util.Map;
-import org.apache.tomcat.util.res.StringManager;
-
/**
* Parser for an "Authorization" header.
*/
public class Authorization {
- private static final StringManager sm =
StringManager.getManager(Authorization.class);
-
- @SuppressWarnings("unused") // Unused due to buggy client implementations
- private static final Integer FIELD_TYPE_TOKEN = Integer.valueOf(0);
- private static final Integer FIELD_TYPE_QUOTED_STRING = Integer.valueOf(1);
- private static final Integer FIELD_TYPE_TOKEN_OR_QUOTED_STRING =
Integer.valueOf(2);
- private static final Integer FIELD_TYPE_LHEX = Integer.valueOf(3);
- private static final Integer FIELD_TYPE_QUOTED_TOKEN = Integer.valueOf(4);
-
- private static final Map<String,Integer> fieldTypes = new HashMap<>();
+ private static final Map<String,FieldType> fieldTypes = new HashMap<>();
static {
// Digest field types.
// Note: These are more relaxed than RFC2617. This adheres to the
// recommendation of RFC2616 that servers are tolerant of buggy
// clients when they can be so without ambiguity.
- fieldTypes.put("username", FIELD_TYPE_QUOTED_STRING);
- fieldTypes.put("realm", FIELD_TYPE_QUOTED_STRING);
- fieldTypes.put("nonce", FIELD_TYPE_QUOTED_STRING);
- fieldTypes.put("digest-uri", FIELD_TYPE_QUOTED_STRING);
+ fieldTypes.put("username", FieldType.QUOTED_STRING);
+ fieldTypes.put("realm", FieldType.QUOTED_STRING);
+ fieldTypes.put("nonce", FieldType.QUOTED_STRING);
+ fieldTypes.put("digest-uri", FieldType.QUOTED_STRING);
// RFC2617 says response is <">32LHEX<">. 32LHEX will also be accepted
- fieldTypes.put("response", FIELD_TYPE_LHEX);
+ fieldTypes.put("response", FieldType.LHEX);
// RFC2617 says algorithm is token. <">token<"> will also be accepted
- fieldTypes.put("algorithm", FIELD_TYPE_QUOTED_TOKEN);
- fieldTypes.put("cnonce", FIELD_TYPE_QUOTED_STRING);
- fieldTypes.put("opaque", FIELD_TYPE_QUOTED_STRING);
+ fieldTypes.put("algorithm", FieldType.QUOTED_TOKEN);
+ fieldTypes.put("cnonce", FieldType.QUOTED_STRING);
+ fieldTypes.put("opaque", FieldType.QUOTED_STRING);
// RFC2617 says qop is token. <">token<"> will also be accepted
- fieldTypes.put("qop", FIELD_TYPE_QUOTED_TOKEN);
+ fieldTypes.put("qop", FieldType.QUOTED_TOKEN);
// RFC2617 says nc is 8LHEX. <">8LHEX<"> will also be accepted
- fieldTypes.put("nc", FIELD_TYPE_LHEX);
+ fieldTypes.put("nc", FieldType.LHEX);
}
@@ -94,37 +83,25 @@ public class Authorization {
if (HttpParser.skipConstant(input, "=") != SkipResult.FOUND) {
return null;
}
- String value;
- Integer type = fieldTypes.get(field.toLowerCase(Locale.ENGLISH));
+ String value = null;
+ FieldType type = fieldTypes.get(field.toLowerCase(Locale.ENGLISH));
if (type == null) {
// auth-param = token "=" ( token | quoted-string )
- type = FIELD_TYPE_TOKEN_OR_QUOTED_STRING;
+ type = FieldType.TOKEN_OR_QUOTED_STRING;
}
- switch (type.intValue()) {
- case 0:
- // FIELD_TYPE_TOKEN
- value = HttpParser.readToken(input);
- break;
- case 1:
- // FIELD_TYPE_QUOTED_STRING
+ switch (type) {
+ case QUOTED_STRING:
value = HttpParser.readQuotedString(input, false);
break;
- case 2:
- // FIELD_TYPE_TOKEN_OR_QUOTED_STRING
+ case TOKEN_OR_QUOTED_STRING:
value = HttpParser.readTokenOrQuotedString(input, false);
break;
- case 3:
- // FIELD_TYPE_LHEX
+ case LHEX:
value = HttpParser.readLhex(input);
break;
- case 4:
- // FIELD_TYPE_QUOTED_TOKEN
+ case QUOTED_TOKEN:
value = HttpParser.readQuotedToken(input);
break;
- default:
- // Error
- throw new IllegalArgumentException(
- sm.getString("authorization.unknownType", type));
}
if (value == null) {
@@ -143,4 +120,14 @@ public class Authorization {
return result;
}
+
+
+ private enum FieldType {
+ // Unused due to buggy clients
+ // TOKEN,
+ QUOTED_STRING,
+ TOKEN_OR_QUOTED_STRING,
+ LHEX,
+ QUOTED_TOKEN;
+ }
}
diff --git a/java/org/apache/tomcat/util/http/parser/LocalStrings.properties
b/java/org/apache/tomcat/util/http/parser/LocalStrings.properties
index 7329ca9..4e6f7b9 100644
--- a/java/org/apache/tomcat/util/http/parser/LocalStrings.properties
+++ b/java/org/apache/tomcat/util/http/parser/LocalStrings.properties
@@ -13,8 +13,6 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-authorization.unknownType=Unknown Type [{0}]
-
cookie.fallToDebug=\n\
\ Note: further occurrences of this error will be logged at DEBUG level.
cookie.invalidCookieValue=A cookie header was received [{0}] that contained an
invalid cookie. That cookie will be ignored.
diff --git
a/test/org/apache/tomcat/util/http/parser/TestAuthorizationDigest.java
b/test/org/apache/tomcat/util/http/parser/TestAuthorizationDigest.java
index 2f14841..b7787e9 100644
--- a/test/org/apache/tomcat/util/http/parser/TestAuthorizationDigest.java
+++ b/test/org/apache/tomcat/util/http/parser/TestAuthorizationDigest.java
@@ -278,7 +278,7 @@ public class TestAuthorizationDigest {
}
@Test
- public void testNonTokenDirective() throws Exception {
+ public void testNonTokenDirective1() throws Exception {
String header = "Digest user{name=\"test\"";
StringReader input = new StringReader(header);
@@ -288,6 +288,16 @@ public class TestAuthorizationDigest {
}
@Test
+ public void testNonTokenDirective2() throws Exception {
+ String header = "Digest a=b,{name=test";
+
+ StringReader input = new StringReader(header);
+
+ Map<String,String> result =
Authorization.parseAuthorizationDigest(input);
+ Assert.assertNull(result);
+ }
+
+ @Test
public void testTokenQop() throws Exception {
String header = "Digest qop=auth";
@@ -460,4 +470,20 @@ public class TestAuthorizationDigest {
Map<String,String> result =
Authorization.parseAuthorizationDigest(input);
Assert.assertEquals("b", result.get("a"));
}
+
+ @Test
+ public void testNotDigest() throws Exception {
+ String header = "SomethingElse a=b";
+
+ StringReader input = new StringReader(header);
+
+ Map<String,String> result =
Authorization.parseAuthorizationDigest(input);
+ Assert.assertNull(result);
+ }
+
+ @Test
+ public void testCoverage() {
+ // Here to add code coverage of default constructor
+ Assert.assertNotNull(new Authorization());
+ }
}
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
