You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@oltu.apache.org by as...@apache.org on 2013/12/20 16:33:37 UTC
svn commit: r1552702 -
/oltu/trunk/commons/encodedtoken/src/main/java/org/apache/oltu/commons/encodedtoken/TokenReader.java
Author: asanso
Date: Fri Dec 20 15:33:36 2013
New Revision: 1552702
URL: http://svn.apache.org/r1552702
Log:
OLTU-131 - Signature parsing from access token is broken for character encodings that are not single-byte
* apply patch from Andrei Dulvac (thanks !!)
Modified:
oltu/trunk/commons/encodedtoken/src/main/java/org/apache/oltu/commons/encodedtoken/TokenReader.java
Modified: oltu/trunk/commons/encodedtoken/src/main/java/org/apache/oltu/commons/encodedtoken/TokenReader.java
URL: http://svn.apache.org/viewvc/oltu/trunk/commons/encodedtoken/src/main/java/org/apache/oltu/commons/encodedtoken/TokenReader.java?rev=1552702&r1=1552701&r2=1552702&view=diff
==============================================================================
--- oltu/trunk/commons/encodedtoken/src/main/java/org/apache/oltu/commons/encodedtoken/TokenReader.java (original)
+++ oltu/trunk/commons/encodedtoken/src/main/java/org/apache/oltu/commons/encodedtoken/TokenReader.java Fri Dec 20 15:33:36 2013
@@ -27,8 +27,13 @@ public abstract class TokenReader<T> ext
/**
* The Base64 JSON string default separator.
*/
- private final Pattern base64TokenPattern = Pattern.compile("([a-zA-Z0-9/+=]+)\\.([a-zA-Z0-9/+=]+)\\.(.+)");
+ private final Pattern base64urlTokenPattern = Pattern.compile("([a-zA-Z0-9/+=]+)\\.([a-zA-Z0-9/+=]+)\\.(.+)");
+ /**
+ * Read the base64url token string
+ * @param base64String
+ * @return
+ */
public T read(String base64String) {
if (base64String == null || base64String.isEmpty()) {
throw new IllegalArgumentException("Impossible to obtain a Token from a null or empty string");
@@ -52,11 +57,11 @@ public abstract class TokenReader<T> ext
}
}
- Matcher matcher = base64TokenPattern.matcher(buffer.toString());
+ Matcher matcher = base64urlTokenPattern.matcher(buffer.toString());
if (!matcher.matches()) {
throw new IllegalArgumentException(base64String
+ "is not a valid Token, it does not match with the pattern: "
- + base64TokenPattern.pattern());
+ + base64urlTokenPattern.pattern());
}
// HEADER
@@ -68,12 +73,20 @@ public abstract class TokenReader<T> ext
String decodedBody = base64Decode(body);
// SIGNATURE
+ // Keep signature encoded in base64url
String signature = matcher.group(3);
- String decodedSignature = base64Decode(signature);
- return build(base64String, decodedHeader, decodedBody, decodedSignature);
+ return build(base64String, decodedHeader, decodedBody, signature);
}
- protected abstract T build(String rawString, String decodedHeader, String decodedBody, String decodedSignature);
-
+ /**
+ * Build the token reader
+ *
+ * @param rawString
+ * @param decodedHeader
+ * @param decodedBody
+ * @param encodedSignature
+ * @return
+ */
+ protected abstract T build(String rawString, String decodedHeader, String decodedBody, String encodedSignature);
}