From e59d2473de18c0de62795d0850f8287583094b6d Mon Sep 17 00:00:00 2001 From: Ian Young Date: Wed, 19 Apr 2023 07:32:02 +0100 Subject: [PATCH] Remove upstreamed components --- .../dom/saml/shib/ScopeValidationStage.java | 105 ----------- .../saml/shib/ShibbolethMetadataSupport.java | 40 ---- .../mda/dom/saml/shib/package-info.java | 18 -- .../mda/validate/BaseAsValidator.java | 152 --------------- ...mainNameNotUnderPublicSuffixValidator.java | 45 ----- ...RejectDomainNamePublicSuffixValidator.java | 42 ----- .../mda/validate/net/package-info.java | 18 -- .../incommon/mda/validate/package-info.java | 18 -- .../string/AsDomainNameStringValidator.java | 42 ----- .../string/AsLiteralTailStringValidator.java | 100 ---------- .../string/BaseStringRegexValidator.java | 81 -------- .../mda/validate/string/package-info.java | 18 -- .../uk/org/iay/incommon/mda/beans.xml | 23 --- .../shib/ScopeValidationStageLitmusTest.java | 175 ------------------ ...NameNotUnderPublicSuffixValidatorTest.java | 89 --------- ...ctDomainNamePublicSuffixValidatorTest.java | 71 ------- .../AsDomainNameStringValidatorTest.java | 111 ----------- .../AsLiteralTailStringValidatorTest.java | 93 ---------- .../ScopeValidationStageLitmusTest-config.xml | 72 ------- 19 files changed, 1313 deletions(-) delete mode 100644 src/main/java/uk/org/iay/incommon/mda/dom/saml/shib/ScopeValidationStage.java delete mode 100644 src/main/java/uk/org/iay/incommon/mda/dom/saml/shib/ShibbolethMetadataSupport.java delete mode 100644 src/main/java/uk/org/iay/incommon/mda/dom/saml/shib/package-info.java delete mode 100644 src/main/java/uk/org/iay/incommon/mda/validate/BaseAsValidator.java delete mode 100644 src/main/java/uk/org/iay/incommon/mda/validate/net/RejectDomainNameNotUnderPublicSuffixValidator.java delete mode 100644 src/main/java/uk/org/iay/incommon/mda/validate/net/RejectDomainNamePublicSuffixValidator.java delete mode 100644 src/main/java/uk/org/iay/incommon/mda/validate/net/package-info.java delete mode 100644 src/main/java/uk/org/iay/incommon/mda/validate/package-info.java delete mode 100644 src/main/java/uk/org/iay/incommon/mda/validate/string/AsDomainNameStringValidator.java delete mode 100644 src/main/java/uk/org/iay/incommon/mda/validate/string/AsLiteralTailStringValidator.java delete mode 100644 src/main/java/uk/org/iay/incommon/mda/validate/string/BaseStringRegexValidator.java delete mode 100644 src/main/java/uk/org/iay/incommon/mda/validate/string/package-info.java delete mode 100644 src/test/java/uk/org/iay/incommon/mda/dom/saml/shib/ScopeValidationStageLitmusTest.java delete mode 100644 src/test/java/uk/org/iay/incommon/mda/validate/net/RejectDomainNameNotUnderPublicSuffixValidatorTest.java delete mode 100644 src/test/java/uk/org/iay/incommon/mda/validate/net/RejectDomainNamePublicSuffixValidatorTest.java delete mode 100644 src/test/java/uk/org/iay/incommon/mda/validate/string/AsDomainNameStringValidatorTest.java delete mode 100644 src/test/java/uk/org/iay/incommon/mda/validate/string/AsLiteralTailStringValidatorTest.java delete mode 100644 src/test/resources/uk/org/iay/incommon/mda/dom/saml/shib/ScopeValidationStageLitmusTest-config.xml diff --git a/src/main/java/uk/org/iay/incommon/mda/dom/saml/shib/ScopeValidationStage.java b/src/main/java/uk/org/iay/incommon/mda/dom/saml/shib/ScopeValidationStage.java deleted file mode 100644 index 33c8ede..0000000 --- a/src/main/java/uk/org/iay/incommon/mda/dom/saml/shib/ScopeValidationStage.java +++ /dev/null @@ -1,105 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package uk.org.iay.incommon.mda.dom.saml.shib; - -import java.util.List; - -import javax.annotation.Nonnull; - -import org.w3c.dom.Element; - -import net.shibboleth.metadata.Item; -import net.shibboleth.metadata.dom.AbstractDOMValidationStage; -import net.shibboleth.metadata.dom.DOMTraversalContext; -import net.shibboleth.metadata.dom.SimpleDOMTraversalContext; -import net.shibboleth.metadata.pipeline.StageProcessingException; -import net.shibboleth.metadata.validate.Validator; -import net.shibboleth.metadata.validate.ValidatorSequence; -import net.shibboleth.shared.component.ComponentInitializationException; -import net.shibboleth.shared.xml.AttributeSupport; -import net.shibboleth.shared.xml.ElementSupport; - -/** - * Stage to apply a collection of validators to Shibboleth shibmd:Scope - * values. - * - * A separate collection of validators is used for the case of the regexp - * attribute being true and false. - */ -public class ScopeValidationStage extends AbstractDOMValidationStage { - - /** The sequence of validators to apply to regexp scopes. */ - @Nonnull - private ValidatorSequence regexpValidators = new ValidatorSequence<>(); - - /** - * Set the sequence of validators to apply to each regexp scope. - * - * @param newValidators the list of validators to set - */ - public void setRegexpValidators(@Nonnull final List> newValidators) { - regexpValidators.setValidators(newValidators); - } - - /** - * Gets the sequence of validators being applied to each regexp scope. - * - * @return list of validators - */ - @Nonnull - public List> getRegexpValidators() { - return regexpValidators.getValidators(); - } - - @Override - protected DOMTraversalContext buildContext(@Nonnull final Item item) { - return new SimpleDOMTraversalContext(item); - } - - @Override - protected boolean applicable(@Nonnull final Element element, @Nonnull final DOMTraversalContext context) { - return ElementSupport.isElementNamed(element, ShibbolethMetadataSupport.SCOPE_NAME); - } - - @Override - protected void visit(@Nonnull final Element element, @Nonnull final DOMTraversalContext context) - throws StageProcessingException { - final String text = element.getTextContent(); - final Boolean isRegexp = AttributeSupport.getAttributeValueAsBoolean( - AttributeSupport.getAttribute(element, ShibbolethMetadataSupport.REGEXP_ATTRIB_NAME)); - if (isRegexp == null || !isRegexp.booleanValue()) { - // non-regexp Scope, apply normal validators - applyValidators(text, context); - } else { - // regexp Scope, apply secondary validators - regexpValidators.validate(text, context.getItem(), getId()); - } - } - - @Override - protected void doDestroy() { - regexpValidators.destroy(); - regexpValidators = null; - super.doDestroy(); - } - - @Override - protected void doInitialize() throws ComponentInitializationException { - super.doInitialize(); - regexpValidators.setId(getId()); - regexpValidators.initialize(); - } - -} diff --git a/src/main/java/uk/org/iay/incommon/mda/dom/saml/shib/ShibbolethMetadataSupport.java b/src/main/java/uk/org/iay/incommon/mda/dom/saml/shib/ShibbolethMetadataSupport.java deleted file mode 100644 index 3e89463..0000000 --- a/src/main/java/uk/org/iay/incommon/mda/dom/saml/shib/ShibbolethMetadataSupport.java +++ /dev/null @@ -1,40 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package uk.org.iay.incommon.mda.dom.saml.shib; - -import javax.annotation.concurrent.ThreadSafe; -import javax.xml.namespace.QName; - -/** Helper class for dealing with Shibboleth metadata. */ -@ThreadSafe -public final class ShibbolethMetadataSupport { - - /** Shibboleth metadata namespace URI. */ - public static final String SHIBMD_NS = "urn:mace:shibboleth:metadata:1.0"; - - /** Default Shibboleth metadata namespace prefix. */ - public static final String SHIBMD_PREFIX = "shibmd"; - - /** Scope element name. */ - public static final QName SCOPE_NAME = new QName(SHIBMD_NS, "Scope", SHIBMD_PREFIX); - - /** regexp attribute name. */ - public static final QName REGEXP_ATTRIB_NAME = new QName("regexp"); - - /** Constructor. */ - private ShibbolethMetadataSupport() { - - } -} diff --git a/src/main/java/uk/org/iay/incommon/mda/dom/saml/shib/package-info.java b/src/main/java/uk/org/iay/incommon/mda/dom/saml/shib/package-info.java deleted file mode 100644 index cc74a6a..0000000 --- a/src/main/java/uk/org/iay/incommon/mda/dom/saml/shib/package-info.java +++ /dev/null @@ -1,18 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/** - * Aggregator beans dealing with Shibboleth SAML metadata. - */ -package uk.org.iay.incommon.mda.dom.saml.shib; diff --git a/src/main/java/uk/org/iay/incommon/mda/validate/BaseAsValidator.java b/src/main/java/uk/org/iay/incommon/mda/validate/BaseAsValidator.java deleted file mode 100644 index a90e23d..0000000 --- a/src/main/java/uk/org/iay/incommon/mda/validate/BaseAsValidator.java +++ /dev/null @@ -1,152 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package uk.org.iay.incommon.mda.validate; - -import java.util.List; - -import javax.annotation.Nonnull; - -import net.shibboleth.metadata.Item; -import net.shibboleth.metadata.pipeline.StageProcessingException; -import net.shibboleth.metadata.validate.BaseValidator; -import net.shibboleth.metadata.validate.Validator; -import net.shibboleth.metadata.validate.ValidatorSequence; -import net.shibboleth.shared.component.ComponentInitializationException; - -/** - * An abstract base class for {@link Validator} implementations which validate a value of - * one type "as" another type. - * - *

The implementation calls a template method in the implementation subclass to perform the - * conversion. If the conversion succeeds, a sequence of {@link Validator}s are applied to - * that new value.

- * - *

If the value cannot be converted to the new type, the template method is expected to - * throw {@link IllegalArgumentException}. In this case, behaviour depends on the - * {@link #conversionRequired} property.

- * - *

If {@link #conversionRequired} is true (the default) then an error - * status will be applied to the {@link Item}, and the validator will return - * {@link net.shibboleth.metadata.validate.Validator.Action#DONE}.

- * - *

If {@link #conversionRequired} is false then the validator - * will simply return {@link net.shibboleth.metadata.validate.Validator.Action#CONTINUE} - * so that subsequent validators may still be applied. This allows several "as" validators - * to be applied in sequence, each taking a different approach.

- * - * @param type of the original value - * @param type of the new value to which validators should be applied - */ -public abstract class BaseAsValidator extends BaseValidator implements Validator { - - /** The validator sequence to apply. */ - @Nonnull - private ValidatorSequence validators = new ValidatorSequence<>(); - - /** Whether conversion to the new type must succeed. Default: true */ - private boolean conversionRequired = true; - - /** - * Set the list of validators to apply to each item. - * - * @param newValidators the list of validators to set - */ - public void setValidators(@Nonnull final List> newValidators) { - validators.setValidators(newValidators); - } - - /** - * Gets the list of validators being applied to each item. - * - * @return list of validators - */ - @Nonnull - public List> getValidators() { - return validators.getValidators(); - } - - /** - * Set whether conversion to the new type is required to succeed. - * - * @param required true if the conversion is required to succeed - */ - public void setConversionRequired(final boolean required) { - conversionRequired = required; - } - - /** - * Returns whether conversion to the new type is required to succeed. - * - * @return true if the conversion is required to succeed - */ - public boolean isConversionRequired() { - return conversionRequired; - } - - /** - * Apply each of the configured validators in turn to the provided object. - * - * @param value object to be validated - * @param item the {@link Item} context for the validation - * - * @return the result of applying the validators to the value - * - * @throws StageProcessingException if errors occur during processing - */ - protected Action applyValidators(@Nonnull final A value, @Nonnull final Item item) - throws StageProcessingException { - return validators.validate(value, item, getId()); - } - - /** - * Convert from the old value type to the new. - * - * @param from a value of the old type - * @return a value of the new type - * @throws IllegalArgumentException if a conversion can not be performed - */ - protected abstract @Nonnull A convert(@Nonnull final V from) throws IllegalArgumentException; - - @Override - public @Nonnull Action validate(@Nonnull final V t, @Nonnull final Item item, @Nonnull final String stageId) - throws StageProcessingException { - try { - final A v = convert(t); - return applyValidators(v, item); - } catch (final IllegalArgumentException e) { - if (isConversionRequired()) { - addErrorMessage(t, item, stageId); - return Action.DONE; - } else { - return Action.CONTINUE; - } - } - } - - @Override - protected void doDestroy() { - validators.destroy(); - validators = null; - super.doDestroy(); - } - - @Override - protected void doInitialize() throws ComponentInitializationException { - super.doInitialize(); - validators.setId(getId()); - validators.initialize(); - } - -} diff --git a/src/main/java/uk/org/iay/incommon/mda/validate/net/RejectDomainNameNotUnderPublicSuffixValidator.java b/src/main/java/uk/org/iay/incommon/mda/validate/net/RejectDomainNameNotUnderPublicSuffixValidator.java deleted file mode 100644 index e54d3cf..0000000 --- a/src/main/java/uk/org/iay/incommon/mda/validate/net/RejectDomainNameNotUnderPublicSuffixValidator.java +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package uk.org.iay.incommon.mda.validate.net; - -import javax.annotation.Nonnull; - -import com.google.common.net.InternetDomainName; - -import net.shibboleth.metadata.Item; -import net.shibboleth.metadata.validate.BaseValidator; -import net.shibboleth.metadata.validate.Validator; - -/** - * A validator that checks whether an {@link InternetDomainName} is under a public suffix. - * - * A domain name which is not under a public suffix might be a public suffix itself, - * or might terminate in something which is not a public suffix. - */ -public class RejectDomainNameNotUnderPublicSuffixValidator extends BaseValidator - implements Validator { - - @Override - public @Nonnull Action validate(@Nonnull final InternetDomainName domain, @Nonnull final Item item, - @Nonnull final String stageId) { - if (domain.isUnderPublicSuffix()) { - return Action.CONTINUE; - } else { - addErrorMessage(domain, item, stageId); - return Action.DONE; - } - } - -} diff --git a/src/main/java/uk/org/iay/incommon/mda/validate/net/RejectDomainNamePublicSuffixValidator.java b/src/main/java/uk/org/iay/incommon/mda/validate/net/RejectDomainNamePublicSuffixValidator.java deleted file mode 100644 index 845f864..0000000 --- a/src/main/java/uk/org/iay/incommon/mda/validate/net/RejectDomainNamePublicSuffixValidator.java +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package uk.org.iay.incommon.mda.validate.net; - -import javax.annotation.Nonnull; - -import com.google.common.net.InternetDomainName; - -import net.shibboleth.metadata.Item; -import net.shibboleth.metadata.validate.BaseValidator; -import net.shibboleth.metadata.validate.Validator; - -/** - * A validator that rejects an {@link InternetDomainName} if it is a public suffix. - */ -public class RejectDomainNamePublicSuffixValidator extends BaseValidator - implements Validator { - - @Override - public @Nonnull Action validate(@Nonnull final InternetDomainName domain, @Nonnull final Item item, - @Nonnull final String stageId) { - if (domain.isPublicSuffix()) { - addErrorMessage(domain, item, stageId); - return Action.DONE; - } else { - return Action.CONTINUE; - } - } - -} diff --git a/src/main/java/uk/org/iay/incommon/mda/validate/net/package-info.java b/src/main/java/uk/org/iay/incommon/mda/validate/net/package-info.java deleted file mode 100644 index fce709b..0000000 --- a/src/main/java/uk/org/iay/incommon/mda/validate/net/package-info.java +++ /dev/null @@ -1,18 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/** - * Classes for validation of network-related object types. - */ -package uk.org.iay.incommon.mda.validate.net; diff --git a/src/main/java/uk/org/iay/incommon/mda/validate/package-info.java b/src/main/java/uk/org/iay/incommon/mda/validate/package-info.java deleted file mode 100644 index cb23f1e..0000000 --- a/src/main/java/uk/org/iay/incommon/mda/validate/package-info.java +++ /dev/null @@ -1,18 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/** - * Classes for validation of specific object types. - */ -package uk.org.iay.incommon.mda.validate; diff --git a/src/main/java/uk/org/iay/incommon/mda/validate/string/AsDomainNameStringValidator.java b/src/main/java/uk/org/iay/incommon/mda/validate/string/AsDomainNameStringValidator.java deleted file mode 100644 index 285454a..0000000 --- a/src/main/java/uk/org/iay/incommon/mda/validate/string/AsDomainNameStringValidator.java +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package uk.org.iay.incommon.mda.validate.string; - -import javax.annotation.Nonnull; - -import com.google.common.net.InternetDomainName; - -import net.shibboleth.metadata.validate.Validator; -import uk.org.iay.incommon.mda.validate.BaseAsValidator; - -/** - * A Validator that checks {@link String} values as domain names by converting the - * value to an {@link InternetDomainName} and applying a sequence of validators to that value. - * - * This validator fails (and returns {@link net.shibboleth.metadata.validate.Validator.Action#DONE}) if the - * value can not be converted to an {@link InternetDomainName}. - * - * Otherwise, the validator applies the sequence of validators to the {@link InternetDomainName} and returns - * the value of that sequence. - */ -public class AsDomainNameStringValidator extends BaseAsValidator - implements Validator { - - @Override - protected @Nonnull InternetDomainName convert(@Nonnull final String domain) throws IllegalArgumentException { - return InternetDomainName.from(domain); - } - -} diff --git a/src/main/java/uk/org/iay/incommon/mda/validate/string/AsLiteralTailStringValidator.java b/src/main/java/uk/org/iay/incommon/mda/validate/string/AsLiteralTailStringValidator.java deleted file mode 100644 index 49ac9be..0000000 --- a/src/main/java/uk/org/iay/incommon/mda/validate/string/AsLiteralTailStringValidator.java +++ /dev/null @@ -1,100 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package uk.org.iay.incommon.mda.validate.string; - -import java.util.regex.Matcher; -import java.util.regex.Pattern; - -import javax.annotation.Nonnull; - -import net.shibboleth.metadata.validate.Validator; -import uk.org.iay.incommon.mda.validate.BaseAsValidator; - -/** - * A Validator that assists in the validation of regular-expression <shibmd:Scope> - * values that include a literal tail. - * - * A literal tail is: - * - *
    - *
  • a sequence of at least two domain labels
    • - *
  • separated by literal '.' characters (encoded - * in the regular expression as '\.'
    • - *
  • explicitly anchored at the end of the regular expression
    • - *
  • preceded by anything terminating with an encoded literal '.' - *
- * - *

For example, the literal tail in the regular expression - * '^([a-zA-Z0-9-]{1,63}\.){0,2}ddd\.ccc\.bbb\.aa$' is 'ccc.bbb.aa'.

- * - *

The literal tail is extracted from the regular expression, has its encoded '.' - * characters converted to normal ones, and then validated as a {@link String} by a new sequence of - * validators.

- * - *

This validator fails (and returns {@link net.shibboleth.metadata.validate.Validator.Action#DONE}) if the - * value does not possess a literal tail.

- * - *

Otherwise, the validator applies the sequence of validators to the new value and returns - * the value of that sequence.

- */ -public class AsLiteralTailStringValidator extends BaseAsValidator - implements Validator { - - /** - * Regular expression to match and extract the literal tail. - * - * The component parts of this expression are: - * - *
    - *
  • implicitly, anchored at the start of the string being matched
    • - *
  • .*? matches non-greedily any text at the start of the regular expression, - * maximising the size of the later parts of the match
    • - *
  • \\\\. matches \. in the regular expression, which in turn - * matches a literal . in the scope
    • - *
  • A group containing: - *
      - *
    • At least one DNS label terminated by a literal '.'
      • - *
    • A final DNS label
      • - *
    - *
    • - *
  • \\$ matches an end-string marker in the regular expression being matched
    • - *
  • implicitly, anchored at the end of the string being matched
    • - *
- * - *

The matching of DNS labels is not exact. For example, labels starting or ending with hyphens - * are accepted as part of a literal tail. This will normally be detected by the nested validator - * sequence applied to the result.

- * - *

Similarly, upper-case characters are permitted in the literal tail although these would - * not normally be permitted in scopes. Again, these characters are permitted so that a more - * specific error can be reported, rather than just a generic failure to convert.

- */ - private final Pattern pattern = Pattern.compile(".*?\\\\.(([a-zA-Z0-9-]+\\\\.)+[a-zA-Z0-9-]+)\\$"); - - @Override - protected @Nonnull String convert(@Nonnull final String regex) throws IllegalArgumentException { - // Match against the regular expression - final Matcher matcher = pattern.matcher(regex); - - // If the pattern does not match, signal that the string does not have a literal tail - if (!matcher.matches()) { - throw new IllegalArgumentException(); - } - - // Remove all '\' characters from the result. - return matcher.group(1).replaceAll("\\\\", ""); - } - -} diff --git a/src/main/java/uk/org/iay/incommon/mda/validate/string/BaseStringRegexValidator.java b/src/main/java/uk/org/iay/incommon/mda/validate/string/BaseStringRegexValidator.java deleted file mode 100644 index 12442d2..0000000 --- a/src/main/java/uk/org/iay/incommon/mda/validate/string/BaseStringRegexValidator.java +++ /dev/null @@ -1,81 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package uk.org.iay.incommon.mda.validate.string; - -import java.util.regex.Pattern; - -import javax.annotation.Nonnull; - -import net.shibboleth.metadata.validate.BaseValidator; -import net.shibboleth.shared.annotation.constraint.NonnullAfterInit; -import net.shibboleth.shared.component.ComponentInitializationException; -import net.shibboleth.shared.component.ComponentSupport; - -/** - * A base class for Validators that match {@link String} values against a regular expression. - */ -public abstract class BaseStringRegexValidator extends BaseValidator { - - /** Regular expression to be accepted by this validator. */ - @NonnullAfterInit - private String regex; - - /** Compiled regular expression to use in match operations. */ - @NonnullAfterInit - private Pattern pattern; - - /** - * Returns the regular expression. - * - * @return Returns the regular expression. - */ - @NonnullAfterInit - public String getRegex() { - return regex; - } - - /** - * Sets the regular expression to be accepted. - * - * @param r the regular expression to set. - */ - public void setRegex(@Nonnull final String r) { - ComponentSupport.ifDestroyedThrowDestroyedComponentException(this); - ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this); - - regex = r; - } - - /** - * Get the compiled regular expression for use in matching. - * - * @return the compiled {@link Pattern} - */ - protected Pattern getPattern() { - return pattern; - } - - @Override - protected void doInitialize() throws ComponentInitializationException { - super.doInitialize(); - - if (getRegex() == null) { - throw new ComponentInitializationException("regular expression to be matched can not be null"); - } - - pattern = Pattern.compile(regex); - } - -} diff --git a/src/main/java/uk/org/iay/incommon/mda/validate/string/package-info.java b/src/main/java/uk/org/iay/incommon/mda/validate/string/package-info.java deleted file mode 100644 index 3c2101a..0000000 --- a/src/main/java/uk/org/iay/incommon/mda/validate/string/package-info.java +++ /dev/null @@ -1,18 +0,0 @@ -/* - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/** - * Validation classes for {@link java.lang.String} values. - */ -package uk.org.iay.incommon.mda.validate.string; diff --git a/src/main/resources/uk/org/iay/incommon/mda/beans.xml b/src/main/resources/uk/org/iay/incommon/mda/beans.xml index 3b733d4..51b9699 100644 --- a/src/main/resources/uk/org/iay/incommon/mda/beans.xml +++ b/src/main/resources/uk/org/iay/incommon/mda/beans.xml @@ -31,27 +31,4 @@ - - - - - - - - - - - - - - diff --git a/src/test/java/uk/org/iay/incommon/mda/dom/saml/shib/ScopeValidationStageLitmusTest.java b/src/test/java/uk/org/iay/incommon/mda/dom/saml/shib/ScopeValidationStageLitmusTest.java deleted file mode 100644 index dc4d2b6..0000000 --- a/src/test/java/uk/org/iay/incommon/mda/dom/saml/shib/ScopeValidationStageLitmusTest.java +++ /dev/null @@ -1,175 +0,0 @@ - -package uk.org.iay.incommon.mda.dom.saml.shib; - -import java.util.ArrayList; -import java.util.List; - -import javax.xml.parsers.DocumentBuilder; -import javax.xml.parsers.DocumentBuilderFactory; - -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.testng.AbstractTestNGSpringContextTests; -import org.testng.Assert; -import org.testng.annotations.BeforeClass; -import org.testng.annotations.Test; -import org.w3c.dom.Document; -import org.w3c.dom.Element; - -import net.shibboleth.metadata.ErrorStatus; -import net.shibboleth.metadata.Item; -import net.shibboleth.metadata.dom.DOMElementItem; -import net.shibboleth.metadata.pipeline.Stage; -import net.shibboleth.shared.xml.AttributeSupport; -import net.shibboleth.shared.xml.ElementSupport; - -/** - * A litmus test for {@link ScopeValidationStage} involving a set of valid and invalid - * scope values, both for regular expression and plain cases. - * - * The configuration for the stage is taken from a Spring XML configuration file. - */ -@ContextConfiguration("ScopeValidationStageLitmusTest-config.xml") -public class ScopeValidationStageLitmusTest extends AbstractTestNGSpringContextTests { - - /** Build documents using this. */ - private DocumentBuilder dBuilder; - - /** {@link Stage} to run for each test. */ - private Stage stage; - - @BeforeClass - private void setUp() throws Exception { - final DocumentBuilderFactory dbFactory = DocumentBuilderFactory.newInstance(); - dBuilder = dbFactory.newDocumentBuilder(); - stage = makeStage(); - } - - /** Acquire the configured stage from the Spring context. */ - private Stage makeStage() throws Exception { - @SuppressWarnings("unchecked") - final Stage stage = applicationContext.getBean("litmusTest", Stage.class); - stage.initialize(); - return stage; - } - - /** Build a shibmd:Scope {@link Element}. */ - private Element buildScope(final Document document, final String value, final boolean isRegex) { - final Element element = ElementSupport.constructElement(document, ShibbolethMetadataSupport.SCOPE_NAME); - AttributeSupport.appendAttribute(element, ShibbolethMetadataSupport.REGEXP_ATTRIB_NAME, - isRegex ? "true" : "false"); - element.setTextContent(value); - return element; - } - - /** Build a {@link Document} containing an appropriate shibmd:Scope {@link Element}. */ - private Document buildDocument(final String value, final boolean isRegex) { - final Document document = dBuilder.newDocument(); - document.appendChild(buildScope(document, value, isRegex)); - return document; - } - - /** Run the test stage on a single {@link Item}. */ - private List runTest(final Item item) throws Exception { - final List> coll = new ArrayList<>(); - coll.add(item); - stage.execute(coll); - final List errors = item.getItemMetadata().get(ErrorStatus.class); - return errors; - } - - /** Test a value-regexp combination we expect to be accepted. */ - private void good(final String value, final boolean isRegex) throws Exception { - final Item item = new DOMElementItem(buildDocument(value, isRegex)); - final List errors = runTest(item); - if (errors.size() != 0) { - Assert.fail("expected no errors for '" + value + "'[" + isRegex + "] " + - "but saw \"" + errors.get(0).getStatusMessage() + "\""); - } - } - - /** Test a non-regexp value we expect to be accepted. */ - private void good(final String value) throws Exception { - good(value, false); - } - - /** Test a regexp value we expect to be accepted. */ - private void goodRegexp(final String value) throws Exception { - good(value, true); - } - - /** Test a value-regexp combination we expect to be rejected. */ - private void bad(final String value, final boolean isRegex, final String why) throws Exception { - final Item item = new DOMElementItem(buildDocument(value, isRegex)); - final List errors = runTest(item); - Assert.assertEquals(errors.size(), 1, "expected an error for '" + value + "'[" + isRegex + "]"); - final ErrorStatus error = errors.get(0); - final String message = error.getStatusMessage(); - Assert.assertTrue(message.contains(why), "error '" + message + "' didn't contain '" + why + "'"); - } - - /** Test a non-regexp value we expect to be rejected. */ - private void bad(final String value) throws Exception { - bad(value, false, ""); - } - - /** Test a non-regexp value we expect to be rejected. */ - private void bad(final String value, final String why) throws Exception { - bad(value, false, why); - } - - /** Test a regexp value we expect to be rejected. */ - private void badRegexp(final String value, final String why) throws Exception { - bad(value, true, why); - } - - /** Test a regexp value we expect to be rejected. */ - private void badRegexp(final String value) throws Exception { - bad(value, true, ""); - } - - @Test - public void litmusTests() throws Exception { - good("example.org"); - good("UGent.be"); - bad("", "empty"); - bad(" "); - bad(" "); - bad(" example.org", "white space"); - bad("example.org ", "white space"); - bad("example**.org", "scope is not a valid domain name: example**.org"); - bad("uk", "scope is a public suffix"); - bad("ac.uk", "scope is a public suffix"); - bad("random.nonsense", "scope is not under a public suffix"); - good("example.ac.uk"); - bad("adm.aau.dk@aau.dk"); // incommon/inc-meta#58 - bad("example .org", "white space"); - bad("\nexample.org", "white space"); - - badRegexp("", "empty"); - badRegexp(" "); - badRegexp(" "); - badRegexp("aaaa$", "does not start with an anchor ('^')"); - badRegexp("^aaaa", "does not end with an anchor ('$')"); - goodRegexp("^([a-zA-Z0-9-]{1,63}\\.){0,2}vho\\.aaf\\.edu\\.au$"); - // don't use literal .s - badRegexp("^([a-zA-Z0-9-]{1,63}.){0,2}vho.aaf.edu.au$", "does not end with a literal tail"); - // bad literal tail: no public suffix - badRegexp("^([a-zA-Z0-9-]{1,63}\\.){0,2}vho\\.aaf\\.edu\\.nopublic$", "literal tail is not under a public suffix"); - // bad literal tail: is a public suffix - badRegexp("^.*\\.ac\\.uk$", "literal tail is a public suffix"); - - // UK federation examples - goodRegexp("^.+\\.atomwide\\.com$"); - goodRegexp("^.+\\.856\\.eng\\.ukfederation\\.org\\.uk$"); - goodRegexp("^.+\\.scot\\.nhs\\.uk$"); - goodRegexp("^.+\\.login\\.groupcall\\.com$"); - goodRegexp("^.+\\.logintestingthirks\\.groupcall\\.com$"); - goodRegexp("^.+\\.logintest\\.me\\.e2bn\\.org$"); - goodRegexp("^.+\\.loginstaging\\.groupcall\\.com$"); - goodRegexp("^.+\\.identityfor\\.co\\.uk$"); - goodRegexp("^.+\\.rmunify\\.com$"); - - // Combination regexp plus case significance - goodRegexp("^.+\\.UGent\\.be$"); - } -} diff --git a/src/test/java/uk/org/iay/incommon/mda/validate/net/RejectDomainNameNotUnderPublicSuffixValidatorTest.java b/src/test/java/uk/org/iay/incommon/mda/validate/net/RejectDomainNameNotUnderPublicSuffixValidatorTest.java deleted file mode 100644 index 08bbbd2..0000000 --- a/src/test/java/uk/org/iay/incommon/mda/validate/net/RejectDomainNameNotUnderPublicSuffixValidatorTest.java +++ /dev/null @@ -1,89 +0,0 @@ -package uk.org.iay.incommon.mda.validate.net; - -import org.testng.Assert; -import org.testng.annotations.Test; - -import com.google.common.net.InternetDomainName; - -import net.shibboleth.metadata.ErrorStatus; -import net.shibboleth.metadata.Item; -import net.shibboleth.metadata.testing.MockItem; -import net.shibboleth.metadata.validate.Validator.Action; - -public class RejectDomainNameNotUnderPublicSuffixValidatorTest { - - @Test - public void normal() throws Exception { - final Item item = new MockItem("content"); - final RejectDomainNameNotUnderPublicSuffixValidator val = - new RejectDomainNameNotUnderPublicSuffixValidator(); - val.setId("validate"); - val.initialize(); - - final InternetDomainName domain = InternetDomainName.from("example.org"); - Assert.assertNotNull(domain); - final Action res = val.validate(domain, item, "stage"); - Assert.assertNotNull(res); - Assert.assertEquals(res, Action.CONTINUE); - Assert.assertEquals(item.getItemMetadata().get(ErrorStatus.class).size(), 0); - - Assert.assertEquals(val.validate(InternetDomainName.from("ed.ac.uk"), item, "stage"), Action.CONTINUE); - Assert.assertEquals(item.getItemMetadata().get(ErrorStatus.class).size(), 0); - } - - @Test - public void uk() throws Exception { - final Item item = new MockItem("content"); - final RejectDomainNameNotUnderPublicSuffixValidator val = - new RejectDomainNameNotUnderPublicSuffixValidator(); - val.setId("validate"); - val.initialize(); - - final InternetDomainName domain = InternetDomainName.from("uk"); - Assert.assertNotNull(domain); - final Action res = val.validate(domain, item, "stage"); - Assert.assertNotNull(res); - Assert.assertEquals(res, Action.DONE); - Assert.assertEquals(item.getItemMetadata().get(ErrorStatus.class).size(), 1); - Assert.assertTrue(item.getItemMetadata().get(ErrorStatus.class).get(0).getStatusMessage().contains("rejected")); - } - - @Test - public void ac_uk() throws Exception { - final Item item = new MockItem("content"); - final RejectDomainNameNotUnderPublicSuffixValidator val = - new RejectDomainNameNotUnderPublicSuffixValidator(); - val.setId("validate"); - val.initialize(); - - final InternetDomainName domain = InternetDomainName.from("ac.uk"); - Assert.assertNotNull(domain); - final Action res = val.validate(domain, item, "stage"); - Assert.assertNotNull(res); - Assert.assertEquals(res, Action.DONE); - Assert.assertEquals(item.getItemMetadata().get(ErrorStatus.class).size(), 1); - Assert.assertTrue(item.getItemMetadata().get(ErrorStatus.class).get(0).getStatusMessage().contains("rejected")); - } - - @Test - public void wibble_wobble() throws Exception { - final Item item = new MockItem("content"); - final RejectDomainNameNotUnderPublicSuffixValidator val = - new RejectDomainNameNotUnderPublicSuffixValidator(); - val.setId("validate"); - val.setMessage("scope is not under a public suffix: '%s'"); - val.initialize(); - - // This is (currently) just a nonsense value, so it doesn't have a public suffix - // and isn't under one either. - final InternetDomainName domain = InternetDomainName.from("wibble.wobble"); - Assert.assertNotNull(domain); - final Action res = val.validate(domain, item, "stage"); - Assert.assertNotNull(res); - Assert.assertEquals(res, Action.DONE); - Assert.assertEquals(item.getItemMetadata().get(ErrorStatus.class).size(), 1); - Assert.assertEquals(item.getItemMetadata().get(ErrorStatus.class).get(0).getStatusMessage(), - "scope is not under a public suffix: 'wibble.wobble'"); - } - -} diff --git a/src/test/java/uk/org/iay/incommon/mda/validate/net/RejectDomainNamePublicSuffixValidatorTest.java b/src/test/java/uk/org/iay/incommon/mda/validate/net/RejectDomainNamePublicSuffixValidatorTest.java deleted file mode 100644 index 856d677..0000000 --- a/src/test/java/uk/org/iay/incommon/mda/validate/net/RejectDomainNamePublicSuffixValidatorTest.java +++ /dev/null @@ -1,71 +0,0 @@ -package uk.org.iay.incommon.mda.validate.net; - -import org.testng.Assert; -import org.testng.annotations.Test; - -import com.google.common.net.InternetDomainName; - -import net.shibboleth.metadata.ErrorStatus; -import net.shibboleth.metadata.Item; -import net.shibboleth.metadata.testing.MockItem; -import net.shibboleth.metadata.validate.Validator.Action; - -public class RejectDomainNamePublicSuffixValidatorTest { - - @Test - public void normal() throws Exception { - final Item item = new MockItem("content"); - final RejectDomainNamePublicSuffixValidator val = - new RejectDomainNamePublicSuffixValidator(); - val.setId("validate"); - val.initialize(); - - final InternetDomainName domain = InternetDomainName.from("example.org"); - Assert.assertNotNull(domain); - final Action res = val.validate(domain, item, "stage"); - Assert.assertNotNull(res); - Assert.assertEquals(res, Action.CONTINUE); - Assert.assertEquals(item.getItemMetadata().get(ErrorStatus.class).size(), 0); - - Assert.assertEquals(val.validate(InternetDomainName.from("ed.ac.uk"), item, "stage"), Action.CONTINUE); - Assert.assertEquals(item.getItemMetadata().get(ErrorStatus.class).size(), 0); - - Assert.assertEquals(val.validate(InternetDomainName.from("complete.nonsense"), item, "stage"), Action.CONTINUE); - Assert.assertEquals(item.getItemMetadata().get(ErrorStatus.class).size(), 0); - } - - @Test - public void uk() throws Exception { - final Item item = new MockItem("content"); - final RejectDomainNamePublicSuffixValidator val = - new RejectDomainNamePublicSuffixValidator(); - val.setId("validate"); - val.initialize(); - - final InternetDomainName domain = InternetDomainName.from("uk"); - Assert.assertNotNull(domain); - final Action res = val.validate(domain, item, "stage"); - Assert.assertNotNull(res); - Assert.assertEquals(res, Action.DONE); - Assert.assertEquals(item.getItemMetadata().get(ErrorStatus.class).size(), 1); - Assert.assertTrue(item.getItemMetadata().get(ErrorStatus.class).get(0).getStatusMessage().contains("rejected")); - } - - @Test - public void ac_uk() throws Exception { - final Item item = new MockItem("content"); - final RejectDomainNamePublicSuffixValidator val = - new RejectDomainNamePublicSuffixValidator(); - val.setId("validate"); - val.initialize(); - - final InternetDomainName domain = InternetDomainName.from("ac.uk"); - Assert.assertNotNull(domain); - final Action res = val.validate(domain, item, "stage"); - Assert.assertNotNull(res); - Assert.assertEquals(res, Action.DONE); - Assert.assertEquals(item.getItemMetadata().get(ErrorStatus.class).size(), 1); - Assert.assertTrue(item.getItemMetadata().get(ErrorStatus.class).get(0).getStatusMessage().contains("rejected")); - } - -} diff --git a/src/test/java/uk/org/iay/incommon/mda/validate/string/AsDomainNameStringValidatorTest.java b/src/test/java/uk/org/iay/incommon/mda/validate/string/AsDomainNameStringValidatorTest.java deleted file mode 100644 index 4817621..0000000 --- a/src/test/java/uk/org/iay/incommon/mda/validate/string/AsDomainNameStringValidatorTest.java +++ /dev/null @@ -1,111 +0,0 @@ - -package uk.org.iay.incommon.mda.validate.string; - -import java.util.ArrayList; -import java.util.List; - -import javax.annotation.Nonnull; - -import org.testng.Assert; -import org.testng.annotations.Test; - -import com.google.common.net.InternetDomainName; - -import net.shibboleth.metadata.ErrorStatus; -import net.shibboleth.metadata.Item; -import net.shibboleth.metadata.pipeline.StageProcessingException; -import net.shibboleth.metadata.testing.MockItem; -import net.shibboleth.metadata.validate.BaseValidator; -import net.shibboleth.metadata.validate.Validator; -import net.shibboleth.metadata.validate.Validator.Action; - -public class AsDomainNameStringValidatorTest { - - private static class CountingValidator extends BaseValidator implements Validator { - public int count; - private final @Nonnull Action action; - - @Override - public @Nonnull Action validate(@Nonnull InternetDomainName e, @Nonnull Item item, @Nonnull String stageId) - throws StageProcessingException { - count++; - return action; - } - - /** Constructor. */ - public CountingValidator(final @Nonnull Action a) { - action = a; - } - } - - @Test - public void testOK() throws Exception { - final CountingValidator counter = new CountingValidator(Action.CONTINUE); - counter.setId("counter"); - counter.initialize(); - - final List> nestedSequence = new ArrayList<>(); - nestedSequence.add(counter); - - final Item item = new MockItem("content"); - - final AsDomainNameStringValidator val = new AsDomainNameStringValidator(); - val.setId("id"); - val.setValidators(nestedSequence); - val.initialize(); - - final Action res = val.validate("example.org", item, "stage"); - Assert.assertEquals(res, Action.CONTINUE); - Assert.assertEquals(item.getItemMetadata().get(ErrorStatus.class).size(), 0); - Assert.assertEquals(counter.count, 1); - } - - @Test - public void testNoConvertDefault() throws Exception { - final CountingValidator counter = new CountingValidator(Action.CONTINUE); - counter.setId("counter"); - counter.initialize(); - - final List> nestedSequence = new ArrayList<>(); - nestedSequence.add(counter); - - final Item item = new MockItem("content"); - - final AsDomainNameStringValidator val = new AsDomainNameStringValidator(); - val.setId("id"); - val.setValidators(nestedSequence); - val.setMessage("quick brown %s"); - val.initialize(); - - final Action res = val.validate("example**.org", item, "stage"); - Assert.assertEquals(res, Action.DONE); - Assert.assertEquals(item.getItemMetadata().get(ErrorStatus.class).size(), 1); - final ErrorStatus err = item.getItemMetadata().get(ErrorStatus.class).get(0); - Assert.assertTrue(err.getStatusMessage().contains("quick brown example**.org")); - Assert.assertEquals(counter.count, 0); - } - - @Test - public void testNoConvertFalse() throws Exception { - final CountingValidator counter = new CountingValidator(Action.CONTINUE); - counter.setId("counter"); - counter.initialize(); - - final List> nestedSequence = new ArrayList<>(); - nestedSequence.add(counter); - - final Item item = new MockItem("content"); - - final AsDomainNameStringValidator val = new AsDomainNameStringValidator(); - val.setId("id"); - val.setConversionRequired(false); - val.setValidators(nestedSequence); - val.initialize(); - - final Action res = val.validate("example**.org", item, "stage"); - Assert.assertEquals(res, Action.CONTINUE); - Assert.assertEquals(item.getItemMetadata().get(ErrorStatus.class).size(), 0); - Assert.assertEquals(counter.count, 0); - } - -} diff --git a/src/test/java/uk/org/iay/incommon/mda/validate/string/AsLiteralTailStringValidatorTest.java b/src/test/java/uk/org/iay/incommon/mda/validate/string/AsLiteralTailStringValidatorTest.java deleted file mode 100644 index b312645..0000000 --- a/src/test/java/uk/org/iay/incommon/mda/validate/string/AsLiteralTailStringValidatorTest.java +++ /dev/null @@ -1,93 +0,0 @@ - -package uk.org.iay.incommon.mda.validate.string; - -import java.util.ArrayList; -import java.util.List; -import java.util.regex.Matcher; -import java.util.regex.Pattern; - -import javax.annotation.Nonnull; - -import org.testng.Assert; -import org.testng.annotations.Test; - -import net.shibboleth.metadata.Item; -import net.shibboleth.metadata.pipeline.StageProcessingException; -import net.shibboleth.metadata.testing.MockItem; -import net.shibboleth.metadata.validate.BaseValidator; -import net.shibboleth.metadata.validate.Validator; -import net.shibboleth.metadata.validate.Validator.Action; - -public class AsLiteralTailStringValidatorTest { - - private static class CountingCapturingValidator extends BaseValidator implements Validator { - public int count; - public String value; - private final @Nonnull Action action; - - @Override - public @Nonnull Action validate(@Nonnull String e, @Nonnull Item item, @Nonnull String stageId) throws StageProcessingException { - count++; - value = e; - return action; - } - - /** Constructor. */ - public CountingCapturingValidator(final @Nonnull Action a) { - action = a; - } - } - - @Test - public void testAssumptions() throws Exception { - final Pattern pattern = Pattern.compile(".*?\\\\.(([a-zA-Z0-9-]+\\\\.)+[a-zA-Z0-9-]+)\\$"); - final String value = "^([a-zA-Z0-9-]{1,63}\\.){0,2}vho\\.aaf\\.edu\\.au$"; - final Matcher matcher = pattern.matcher(value); - Assert.assertTrue(matcher.matches()); - } - - @Test - public void testExample() throws Exception { - final CountingCapturingValidator ccv = new CountingCapturingValidator(Action.CONTINUE); - ccv.setId("ccv"); - ccv.initialize(); - - final List> nvs = new ArrayList<>(); - nvs.add(ccv); - - final AsLiteralTailStringValidator val = new AsLiteralTailStringValidator(); - val.setId("val"); - val.setValidators(nvs); - val.initialize(); - - final Item item = new MockItem("content"); - Assert.assertEquals(val.validate("^([a-zA-Z0-9-]{1,63}\\.){0,2}vho\\.aaf\\.edu\\.au$", item, "stage"), Action.CONTINUE); - Assert.assertEquals(ccv.count, 1); - Assert.assertEquals(ccv.value, "aaf.edu.au"); - } - - /* - * Example from the REFEDS MRPS template document. - * - * See https://github.com/REFEDS/MRPS/blob/master/MRPS-templatev1.1.pdf - */ - @Test - public void testREFEDSExample() throws Exception { - final CountingCapturingValidator ccv = new CountingCapturingValidator(Action.CONTINUE); - ccv.setId("ccv"); - ccv.initialize(); - - final List> nvs = new ArrayList<>(); - nvs.add(ccv); - - final AsLiteralTailStringValidator val = new AsLiteralTailStringValidator(); - val.setId("val"); - val.setValidators(nvs); - val.initialize(); - - final Item item = new MockItem("content"); - Assert.assertEquals(val.validate("^(foo|bar)\\.example\\.com$", item, "stage"), Action.CONTINUE); - Assert.assertEquals(ccv.count, 1); - Assert.assertEquals(ccv.value, "example.com"); - } -} diff --git a/src/test/resources/uk/org/iay/incommon/mda/dom/saml/shib/ScopeValidationStageLitmusTest-config.xml b/src/test/resources/uk/org/iay/incommon/mda/dom/saml/shib/ScopeValidationStageLitmusTest-config.xml deleted file mode 100644 index 2de10cc..0000000 --- a/src/test/resources/uk/org/iay/incommon/mda/dom/saml/shib/ScopeValidationStageLitmusTest-config.xml +++ /dev/null @@ -1,72 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -