ModIRESTSecurity.java

  1. /*
  2.  * GovWay - A customizable API Gateway 
  3.  * https://govway.org
  4.  * 
  5.  * Copyright (c) 2005-2025 Link.it srl (https://link.it). 
  6.  * 
  7.  * This program is free software: you can redistribute it and/or modify
  8.  * it under the terms of the GNU General Public License version 3, as published by
  9.  * the Free Software Foundation.
  10.  *
  11.  * This program is distributed in the hope that it will be useful,
  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14.  * GNU General Public License for more details.
  15.  *
  16.  * You should have received a copy of the GNU General Public License
  17.  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18.  *
  19.  */

  21. package org.openspcoop2.protocol.modipa.validator;

  23. import java.util.ArrayList;
  24. import java.util.List;

  26. import org.openspcoop2.message.OpenSPCoop2Message;
  27. import org.openspcoop2.message.exception.MessageException;
  28. import org.openspcoop2.message.exception.MessageNotSupportedException;
  29. import org.openspcoop2.protocol.modipa.config.ModIProperties;
  30. import org.openspcoop2.protocol.sdk.ProtocolException;
  31. import org.openspcoop2.protocol.sdk.constants.RuoloMessaggio;
  32. import org.openspcoop2.security.SecurityException;
  33. import org.openspcoop2.utils.transport.http.HttpConstants;

  35. /**
  36.  * ModIRESTSecurity
  37.  *
  38.  * @author Poli Andrea (apoli@link.it)
  39.  * @author $Author$
  40.  * @version $Rev$, $Date$
  41.  */
  42. public class ModIRESTSecurity {

  44.     private List<String> tokenHeaderNames;
  45.     private boolean cleanDigest;
  46.     private RuoloMessaggio ruoloMessaggio;
  47.     
  48.     public ModIRESTSecurity(String tokenHeaderName, boolean request) throws ProtocolException, Exception {
  49.         this.tokenHeaderNames = new ArrayList<>();
  50.         this.tokenHeaderNames.add(tokenHeaderName); 
  51.         this.ruoloMessaggio =  request ? RuoloMessaggio.RICHIESTA : RuoloMessaggio.RISPOSTA;
  52.         switch (this.ruoloMessaggio) {
  53.         case RICHIESTA:
  54.             this.cleanDigest = ModIProperties.getInstance().isRestSecurityTokenRequestDigestClean();
  55.             break;
  56.         case RISPOSTA:
  57.             this.cleanDigest = ModIProperties.getInstance().isRestSecurityTokenResponseDigestClean();
  58.             break;
  59.         }
  60.     }
  61.     
  62.     public RuoloMessaggio getRuoloMessaggio() {
  63.         return this.ruoloMessaggio;
  64.     }

  66.     public void setRuoloMessaggio(RuoloMessaggio ruoloMessaggio) {
  67.         this.ruoloMessaggio = ruoloMessaggio;
  68.     }

  70.     public List<String> getTokenHeaderNames() {
  71.         return this.tokenHeaderNames;
  72.     }

  74.     public void setTokenHeaderNames(List<String> tokenHeaderNames) {
  75.         this.tokenHeaderNames = tokenHeaderNames;
  76.     }

  78.     public boolean isCleanDigest() {
  79.         return this.cleanDigest;
  80.     }

  82.     public void setCleanDigest(boolean cleanDigest) {
  83.         this.cleanDigest = cleanDigest;
  84.     }
  85.     
  86.     
  87.     public void clean(OpenSPCoop2Message msg) throws SecurityException, MessageException, MessageNotSupportedException {
  88.         
  89.         if(RuoloMessaggio.RICHIESTA.equals(this.ruoloMessaggio)) {
  90.             if(msg!=null && msg.getTransportRequestContext()!=null) {
  91.                 if(this.tokenHeaderNames!=null && !this.tokenHeaderNames.isEmpty()) {
  92.                     for (String hdr : this.tokenHeaderNames) {
  93.                         msg.getTransportRequestContext().removeHeader(hdr);
  94.                     }
  95.                 }
  96.                 if(this.cleanDigest) {
  97.                     msg.getTransportRequestContext().removeHeader(HttpConstants.DIGEST);
  98.                 }
  99.             }
  100.         }
  101.         else {
  102.             if(msg!=null && msg.getTransportResponseContext()!=null) {
  103.                 if(this.tokenHeaderNames!=null && !this.tokenHeaderNames.isEmpty()) {
  104.                     for (String hdr : this.tokenHeaderNames) {
  105.                         msg.getTransportResponseContext().removeHeader(hdr);
  106.                     }
  107.                 }
  108.                 if(this.cleanDigest) {
  109.                     msg.getTransportResponseContext().removeHeader(HttpConstants.DIGEST);
  110.                 }
  111.             }
  112.         }

  114.     }
  115.     
  116. }
Created with JaCoCo 0.8.8.202204050719