/** * Extracts a map of challenge parameters from an authentication challenge. * Keys in the map are lower-cased * * @param challengeStr the authentication challenge string * @return a map of authentication challenge parameters * @throws MalformedChallengeException when the authentication challenge string * is malformed * * @since 2.0beta1 */ public static Map extractParams(final String challengeStr) throws MalformedChallengeException { if (challengeStr == null) { throw new IllegalArgumentException("Challenge may not be null"); } int idx = challengeStr.indexOf(' '); if (idx == -1) { throw new MalformedChallengeException("Invalid challenge: " + challengeStr); } Map map = new HashMap(); ParameterParser parser = new ParameterParser(); List params = parser.parse( challengeStr.substring(idx + 1, challengeStr.length()), ','); for (int i = 0; i < params.size(); i++) { NameValuePair param = (NameValuePair) params.get(i); map.put(param.getName().toLowerCase(), param.getValue()); } return map; }
/** * Constructor with array of characters. * * @param chars the array of characters * @param offset - the initial offset. * @param length - the length. * * @since 3.0 */ public HeaderElement(char[] chars, int offset, int length) { this(); if (chars == null) { return; } ParameterParser parser = new ParameterParser(); List params = parser.parse(chars, offset, length, ';'); if (params.size() > 0) { NameValuePair element = (NameValuePair) params.remove(0); setName(element.getName()); setValue(element.getValue()); if (params.size() > 0) { this.parameters = (NameValuePair[]) params.toArray(new NameValuePair[params.size()]); } } }
public void testParsingEscapedChars() { String s = "param = \"stuff\\\"; more stuff\""; ParameterParser parser = new ParameterParser(); List params = parser.parse(s, ';'); assertEquals(1, params.size()); assertEquals("param", ((NameValuePair)params.get(0)).getName()); assertEquals("stuff\\\"; more stuff", ((NameValuePair)params.get(0)).getValue()); s = "param = \"stuff\\\\\"; anotherparam"; params = parser.parse(s, ';'); assertEquals(2, params.size()); assertEquals("param", ((NameValuePair)params.get(0)).getName()); assertEquals("stuff\\\\", ((NameValuePair)params.get(0)).getValue()); assertEquals("anotherparam", ((NameValuePair)params.get(1)).getName()); assertNull( ((NameValuePair)params.get(1)).getValue()); }
public void testParsing() { String s = "test; test1 = stuff ; test2 = \"stuff; stuff\"; test3=\"stuff"; ParameterParser parser = new ParameterParser(); List params = parser.parse(s, ';'); assertEquals("test", ((NameValuePair)params.get(0)).getName()); assertEquals(null, ((NameValuePair)params.get(0)).getValue()); assertEquals("test1", ((NameValuePair)params.get(1)).getName()); assertEquals("stuff", ((NameValuePair)params.get(1)).getValue()); assertEquals("test2", ((NameValuePair)params.get(2)).getName()); assertEquals("stuff; stuff", ((NameValuePair)params.get(2)).getValue()); assertEquals("test3", ((NameValuePair)params.get(3)).getName()); assertEquals("\"stuff", ((NameValuePair)params.get(3)).getValue()); s = " test , test1=stuff , , test2=, test3, "; params = parser.parse(s, ','); assertEquals("test", ((NameValuePair)params.get(0)).getName()); assertEquals(null, ((NameValuePair)params.get(0)).getValue()); assertEquals("test1", ((NameValuePair)params.get(1)).getName()); assertEquals("stuff", ((NameValuePair)params.get(1)).getValue()); assertEquals("test2", ((NameValuePair)params.get(2)).getName()); assertEquals("", ((NameValuePair)params.get(2)).getValue()); assertEquals("test3", ((NameValuePair)params.get(3)).getName()); assertEquals(null, ((NameValuePair)params.get(3)).getValue()); s = " test"; params = parser.parse(s, ';'); assertEquals("test", ((NameValuePair)params.get(0)).getName()); assertEquals(null, ((NameValuePair)params.get(0)).getValue()); s = " "; params = parser.parse(s, ';'); assertEquals(0, params.size()); s = " = stuff "; params = parser.parse(s, ';'); assertEquals(1, params.size()); assertEquals("", ((NameValuePair)params.get(0)).getName()); assertEquals("stuff", ((NameValuePair)params.get(0)).getValue()); }
public void testParsingBlankParams() { String s = "test; test1 = ; test2 = \"\""; ParameterParser parser = new ParameterParser(); List params = parser.parse(s, ';'); assertEquals("test", ((NameValuePair)params.get(0)).getName()); assertEquals(null, ((NameValuePair)params.get(0)).getValue()); assertEquals("test1", ((NameValuePair)params.get(1)).getName()); assertEquals("", ((NameValuePair)params.get(1)).getValue()); assertEquals("test2", ((NameValuePair)params.get(2)).getName()); assertEquals("", ((NameValuePair)params.get(2)).getValue()); }
/** * 校验一下URL上的签名信息,确认这个请求来自敏行的服务器 * * @param queryString * url的query String部分,例如 http://g.com?abc=1&de=2 的url,query * string 为abc=1&de=2 * @param securet * ocu或者app的 securet。 * @return true 如果签名被认证。 */ public boolean verifyURLSignature(String queryString, String secret) { String signed = null; String timestamp = null; String nonce = null; String mx_sso_token = null; String login_name = null; String qstring = queryString; if (queryString.startsWith("http://") || queryString.startsWith("https://")) { qstring = URIUtil.getQuery(queryString); } ParameterParser pp = new ParameterParser(); @SuppressWarnings("unchecked") List<NameValuePair> list = (List<NameValuePair>) pp.parse(qstring, '&'); try { for (NameValuePair np : list) { if (np.getName().equals("timestamp")) { timestamp = URIUtil.decode(np.getValue()); continue; } if (np.getName().equals("nonce")) { nonce = URIUtil.decode(np.getValue()); continue; } if (np.getName().equals("login_name")) { login_name = URIUtil.decode(np.getValue()); continue; } if (np.getName().equals("mx_sso_token")) { mx_sso_token = URIUtil.decode(np.getValue()); continue; } if (np.getName().equals("signed")) { signed = URIUtil.decode(np.getValue()); continue; } } } catch (URIException e) { throw new MxException("Query string not valid:" + queryString, e); } StringBuilder sb = new StringBuilder(); sb.append(timestamp).append(":").append(nonce).append(":") .append(login_name).append(":").append(mx_sso_token); String t = HMACSHA1.getSignature(sb.toString(), secret); return t.equals(signed); }
@SuppressWarnings("unchecked") private void parseResponse() { ParameterParser parser = new ParameterParser(); responseEntries = parser.parse(gatewayResponse, '&'); }
