From eb654c5488bd0b83ebbefe60a16ae91d1098b0f8 Mon Sep 17 00:00:00 2001 From: "Brian M. Long" Date: Tue, 23 Jan 2024 10:40:37 -0500 Subject: [PATCH] added logging and param trimming --- pom.xml | 5 +++++ .../com/inteligr8/rs/BasicAuthorizationFilter.java | 6 ++++-- .../rs/ClientEnforcementAuthorizationFilter.java | 6 ++++-- .../rs/OAuthAuthorizationCodeAuthorizationFilter.java | 9 ++++++++- .../com/inteligr8/rs/OAuthAuthorizationFilter.java | 7 ++++--- .../rs/OAuthClientCredentialAuthorizationFilter.java | 6 ++++++ .../rs/OAuthPasswordGrantAuthorizationFilter.java | 11 +++++++++-- 7 files changed, 40 insertions(+), 10 deletions(-) diff --git a/pom.xml b/pom.xml index c1f40f3..c439212 100644 --- a/pom.xml +++ b/pom.xml @@ -74,6 +74,11 @@ jackson-datatype-jsr310 ${jackson.version} + + org.apache.commons + commons-lang3 + 3.14.0 + org.slf4j slf4j-api diff --git a/src/main/java/com/inteligr8/rs/BasicAuthorizationFilter.java b/src/main/java/com/inteligr8/rs/BasicAuthorizationFilter.java index f951186..2dfc89f 100755 --- a/src/main/java/com/inteligr8/rs/BasicAuthorizationFilter.java +++ b/src/main/java/com/inteligr8/rs/BasicAuthorizationFilter.java @@ -20,6 +20,8 @@ import java.util.Base64; import javax.ws.rs.client.ClientRequestContext; import javax.ws.rs.core.HttpHeaders; +import org.apache.commons.lang3.StringUtils; + /** * This class implements a simple 2-credential (username & password) based * authorization filter. @@ -36,8 +38,8 @@ public class BasicAuthorizationFilter implements AuthorizationFilter { * @param password A password or secret key. */ public BasicAuthorizationFilter(String username, String password) { - this.username = username; - this.password = password; + this.username = StringUtils.trimToNull(username); + this.password = StringUtils.trimToNull(password); } /** diff --git a/src/main/java/com/inteligr8/rs/ClientEnforcementAuthorizationFilter.java b/src/main/java/com/inteligr8/rs/ClientEnforcementAuthorizationFilter.java index c7842a1..63274e9 100644 --- a/src/main/java/com/inteligr8/rs/ClientEnforcementAuthorizationFilter.java +++ b/src/main/java/com/inteligr8/rs/ClientEnforcementAuthorizationFilter.java @@ -16,6 +16,8 @@ package com.inteligr8.rs; import javax.ws.rs.client.ClientRequestContext; +import org.apache.commons.lang3.StringUtils; + /** * This class is the base for implementations of client authorization similar * to OAuth-based flows. @@ -45,8 +47,8 @@ public class ClientEnforcementAuthorizationFilter implements AuthorizationFilter * @param clientSecret A secret corresponding to the client ID. */ public ClientEnforcementAuthorizationFilter(String clientId, String clientSecret) { - this.clientId = clientId; - this.clientSecret = clientSecret; + this.clientId = StringUtils.trimToNull(clientId); + this.clientSecret = StringUtils.trimToNull(clientSecret); } /** diff --git a/src/main/java/com/inteligr8/rs/OAuthAuthorizationCodeAuthorizationFilter.java b/src/main/java/com/inteligr8/rs/OAuthAuthorizationCodeAuthorizationFilter.java index 77073bc..c1a0b93 100755 --- a/src/main/java/com/inteligr8/rs/OAuthAuthorizationCodeAuthorizationFilter.java +++ b/src/main/java/com/inteligr8/rs/OAuthAuthorizationCodeAuthorizationFilter.java @@ -18,6 +18,10 @@ import java.net.URI; import javax.ws.rs.core.Form; +import org.apache.commons.lang3.StringUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + /** * This class implements the OAuth Authorization Code flow as an authorization * filter. @@ -25,6 +29,8 @@ import javax.ws.rs.core.Form; * @author brian@inteligr8.com */ public class OAuthAuthorizationCodeAuthorizationFilter extends OAuthAuthorizationFilter { + + private final Logger logger = LoggerFactory.getLogger(this.getClass()); private final String code; private final URI redirectUri; @@ -68,12 +74,13 @@ public class OAuthAuthorizationCodeAuthorizationFilter extends OAuthAuthorizatio public OAuthAuthorizationCodeAuthorizationFilter(String tokenUrl, String clientId, String clientSecret, String code, URI redirectUri) { super(tokenUrl, clientId, clientSecret); - this.code = code; + this.code = StringUtils.trimToNull(code); this.redirectUri = redirectUri; } @Override protected Form createForm() { + this.logger.debug("Using OAuth grant_type 'authorization_code'"); Form form = new Form().param("grant_type", "authorization_code"); if (this.redirectUri != null) form.param("redirect_uri", this.redirectUri.toString()); diff --git a/src/main/java/com/inteligr8/rs/OAuthAuthorizationFilter.java b/src/main/java/com/inteligr8/rs/OAuthAuthorizationFilter.java index cc27a43..519aaf2 100755 --- a/src/main/java/com/inteligr8/rs/OAuthAuthorizationFilter.java +++ b/src/main/java/com/inteligr8/rs/OAuthAuthorizationFilter.java @@ -27,6 +27,7 @@ import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.Response; import javax.ws.rs.core.Response.Status.Family; +import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -88,9 +89,9 @@ public abstract class OAuthAuthorizationFilter implements AuthorizationFilter { */ public OAuthAuthorizationFilter(String tokenUrl, String clientId, String clientSecret, String scope) { this.tokenUrl = tokenUrl; - this.clientId = clientId; - this.clientSecret = clientSecret; - this.scope = scope; + this.clientId = StringUtils.trimToNull(clientId); + this.clientSecret = StringUtils.trimToNull(clientSecret); + this.scope = StringUtils.trimToNull(scope); } /** diff --git a/src/main/java/com/inteligr8/rs/OAuthClientCredentialAuthorizationFilter.java b/src/main/java/com/inteligr8/rs/OAuthClientCredentialAuthorizationFilter.java index 40856e8..b6d9a97 100755 --- a/src/main/java/com/inteligr8/rs/OAuthClientCredentialAuthorizationFilter.java +++ b/src/main/java/com/inteligr8/rs/OAuthClientCredentialAuthorizationFilter.java @@ -16,6 +16,9 @@ package com.inteligr8.rs; import javax.ws.rs.core.Form; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + /** * This class implements the OAuth Client Credential flow as an authorization * filter. @@ -23,6 +26,8 @@ import javax.ws.rs.core.Form; * @author brian@inteligr8.com */ public class OAuthClientCredentialAuthorizationFilter extends OAuthAuthorizationFilter { + + private final Logger logger = LoggerFactory.getLogger(this.getClass()); /** * @param tokenUrl The URL to the OAuth IdP token service. @@ -35,6 +40,7 @@ public class OAuthClientCredentialAuthorizationFilter extends OAuthAuthorization @Override protected Form createForm() { + this.logger.debug("Using OAuth grant_type 'client_credentials'"); return new Form().param("grant_type", "client_credentials"); } diff --git a/src/main/java/com/inteligr8/rs/OAuthPasswordGrantAuthorizationFilter.java b/src/main/java/com/inteligr8/rs/OAuthPasswordGrantAuthorizationFilter.java index 39a1a2e..a5db103 100755 --- a/src/main/java/com/inteligr8/rs/OAuthPasswordGrantAuthorizationFilter.java +++ b/src/main/java/com/inteligr8/rs/OAuthPasswordGrantAuthorizationFilter.java @@ -16,6 +16,10 @@ package com.inteligr8.rs; import javax.ws.rs.core.Form; +import org.apache.commons.lang3.StringUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + /** * This class implements the OAuth Password Grant flow as an authorization * filter. @@ -23,6 +27,8 @@ import javax.ws.rs.core.Form; * @author brian@inteligr8.com */ public class OAuthPasswordGrantAuthorizationFilter extends OAuthAuthorizationFilter { + + private final Logger logger = LoggerFactory.getLogger(this.getClass()); private final String username; private final String password; @@ -46,12 +52,13 @@ public class OAuthPasswordGrantAuthorizationFilter extends OAuthAuthorizationFil */ public OAuthPasswordGrantAuthorizationFilter(String tokenUrl, String clientId, String clientSecret, String username, String password) { super(tokenUrl, clientId, clientSecret); - this.username = username; - this.password = password; + this.username = StringUtils.trimToNull(username); + this.password = StringUtils.trimToNull(password); } @Override protected Form createForm() { + this.logger.debug("Using OAuth grant_type 'password': {}", this.username); return new Form().param("grant_type", "password") .param("username", this.username); }