authent...

[email protected] Tue, 4 Jan 2011 17:35:29 +0100

Author: marcel.offermans at luminis.nl
Date: Tue Jan  4 17:35:28 2011
New Revision: 557


Log:
AMDATU-222 Fixed an issue with not properly encoding and decoding attribute 
values, and dealing with spaces. Added unit tests to prevent these bugs from 
reappearing.

Added:
   trunk/amdatu-authentication/tokenprovider/src/test/
   trunk/amdatu-authentication/tokenprovider/src/test/java/
   trunk/amdatu-authentication/tokenprovider/src/test/java/org/
   trunk/amdatu-authentication/tokenprovider/src/test/java/org/amdatu/
   
trunk/amdatu-authentication/tokenprovider/src/test/java/org/amdatu/authentication/
   
trunk/amdatu-authentication/tokenprovider/src/test/java/org/amdatu/authentication/tokenprovider/
   
trunk/amdatu-authentication/tokenprovider/src/test/java/org/amdatu/authentication/tokenprovider/service/
   
trunk/amdatu-authentication/tokenprovider/src/test/java/org/amdatu/authentication/tokenprovider/service/TokenProviderImplTest.java
Modified:
   
trunk/amdatu-authentication/tokenprovider/src/main/java/org/amdatu/authentication/tokenprovider/service/TokenProviderImpl.java

Modified: 
trunk/amdatu-authentication/tokenprovider/src/main/java/org/amdatu/authentication/tokenprovider/service/TokenProviderImpl.java
==============================================================================
--- 
trunk/amdatu-authentication/tokenprovider/src/main/java/org/amdatu/authentication/tokenprovider/service/TokenProviderImpl.java
      (original)
+++ 
trunk/amdatu-authentication/tokenprovider/src/main/java/org/amdatu/authentication/tokenprovider/service/TokenProviderImpl.java
      Tue Jan  4 17:35:28 2011
@@ -17,6 +17,7 @@
 package org.amdatu.authentication.tokenprovider.service;
 
 import java.io.UnsupportedEncodingException;
+import java.net.URLDecoder;
 import java.net.URLEncoder;
 import java.security.InvalidKeyException;
 import java.security.NoSuchAlgorithmException;
@@ -105,29 +106,35 @@
     
     // Converts a map of attribute keys and values into a single String 
representation, using 
     // URL encoding
-    private String attributesToString(SortedMap<String, String> attributes) 
throws UnsupportedEncodingException {
-        String result = "";
+    String attributesToString(SortedMap<String, String> attributes) throws 
UnsupportedEncodingException {
+        StringBuffer result = new StringBuffer();
         if (attributes != null && attributes.size() > 0) {
             for (String key : attributes.keySet()) {
                 String value = attributes.get(key);
-                String encKey = 
URLEncoder.encode(key.toString(),DEFAULT_CHARSET); 
-                String encValue = 
URLEncoder.encode(value.toString(),DEFAULT_CHARSET); 
-                result += " " + encKey + "=" + encValue;
+                String encKey = URLEncoder.encode(key, DEFAULT_CHARSET); 
+                String encValue = URLEncoder.encode(value, DEFAULT_CHARSET); 
+                if (result.length() > 0) {
+                       result.append(' ');
+                }
+                result.append(encKey);
+                result.append('=');
+                result.append(encValue);;
             }
         }
-        return result;
+        return result.toString();
     }
     
     // Converts a single String into a map of attribute keys and values using 
URL deencoding
-    private SortedMap<String, String> stringToAttributes(String string) throws 
UnsupportedEncodingException {
+    SortedMap<String, String> stringToAttributes(String string) throws 
UnsupportedEncodingException {
         SortedMap<String, String> attributes = null;
         if (string != null && !"".equals(string)) {
             attributes = new TreeMap<String, String>();
             String[] keyvalues = string.split(" "); // space is the attribute 
separator
             for (String keyvalue : keyvalues) {
-                String key = keyvalue.split("=")[0];
-                String value = keyvalue.split("=")[1];
-                attributes.put(key, value);
+                String[] entry = keyvalue.split("=");
+                               String key = entry[0];
+                String value = entry[1];
+                attributes.put(key, URLDecoder.decode(value, DEFAULT_CHARSET));
             }
         }
         return attributes;
@@ -150,7 +157,7 @@
             
             // First create the unencrypted token
             String signature = generateSignature(attributes);
-            String token = signature + attributesToString(attributes);
+            String token = signature + " " + attributesToString(attributes);
             
             // Encode the token using utf-8
             byte[] utf8 = token.getBytes(DEFAULT_CHARSET);

Added: 
trunk/amdatu-authentication/tokenprovider/src/test/java/org/amdatu/authentication/tokenprovider/service/TokenProviderImplTest.java
==============================================================================
--- (empty file)
+++ 
trunk/amdatu-authentication/tokenprovider/src/test/java/org/amdatu/authentication/tokenprovider/service/TokenProviderImplTest.java
  Tue Jan  4 17:35:28 2011
@@ -0,0 +1,58 @@
+package org.amdatu.authentication.tokenprovider.service;
+
+import java.net.URLEncoder;
+import java.util.SortedMap;
+
+import org.junit.Assert;
+import org.junit.Test;
+
+public class TokenProviderImplTest {
+       private static final String DEFAULT_CHARSET = "UTF-8";
+
+       @Test
+       public void testStringToSingleAttributeConversion() throws Exception {
+               TokenProviderImpl provider = new TokenProviderImpl();
+               
+               String string = "a=1";
+               SortedMap<String,String> attributes = 
provider.stringToAttributes(string);
+               Assert.assertEquals(1, attributes.size());
+               Assert.assertEquals("1", attributes.get("a"));
+               Assert.assertEquals(string, 
provider.attributesToString(attributes));
+       }
+       
+       @Test
+       public void testEncodedStringToSingleAttributeConversion() throws 
Exception {
+               TokenProviderImpl provider = new TokenProviderImpl();
+               
+               String string = "a=+";
+               SortedMap<String,String> attributes = 
provider.stringToAttributes(string);
+               Assert.assertEquals(1, attributes.size());
+               Assert.assertEquals(" ", attributes.get("a"));
+               Assert.assertEquals(string, 
provider.attributesToString(attributes));
+       }
+       
+       @Test
+       public void testStringToMultipleAttributeConversion() throws Exception {
+               TokenProviderImpl provider = new TokenProviderImpl();
+               
+               String string = "a=1 b=2 c=3";
+               SortedMap<String,String> attributes = 
provider.stringToAttributes(string);
+               Assert.assertEquals(3, attributes.size());
+               Assert.assertEquals("3", attributes.get("c"));
+               Assert.assertEquals(string, 
provider.attributesToString(attributes));
+       }
+       
+       @Test
+       public void testEncodedStringToMultipleAttributeConversion() throws 
Exception {
+               TokenProviderImpl provider = new TokenProviderImpl();
+               
+               String avalue = "a=3";
+               String aencvalue = URLEncoder.encode(avalue, DEFAULT_CHARSET);
+               String string = "a=" + aencvalue + " b=2 c=3";
+               SortedMap<String,String> attributes = 
provider.stringToAttributes(string);
+               Assert.assertEquals(3, attributes.size());
+               Assert.assertEquals("3", attributes.get("c"));
+               Assert.assertEquals(avalue, attributes.get("a"));
+               Assert.assertEquals(string, 
provider.attributesToString(attributes));
+       }
+}

[Amdatu-commits] SVN r557 - in trunk/amdatu-authentication/tokenprovider/src: main/java/org/amdatu/authentication/tokenprovider/service test test/java test/java/org test/java/org/amdatu test/java/org/amdatu/authent...

Reply via email to