[knox] branch master updated: KNOX-2605 - Better validation of the supplied token lifespan fields (#449)

Wed, 19 May 2021 14:23:29 -0700 

This is an automated email from the ASF dual-hosted git repository.

smolnar pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/knox.git


The following commit(s) were added to refs/heads/master by this push:
     new b9d3538  KNOX-2605 - Better validation of the supplied token lifespan 
fields (#449)
b9d3538 is described below

commit b9d35381a62a3e31be966c6e19bbfd7c72151e00
Author: Sandor Molnar <[email protected]>
AuthorDate: Wed May 19 22:52:05 2021 +0200

    KNOX-2605 - Better validation of the supplied token lifespan fields (#449)
---
 .../applications/tokengen/app/js/tokengen.js       | 29 +++++++++++++++++++---
 1 file changed, 25 insertions(+), 4 deletions(-)

diff --git 
a/gateway-applications/src/main/resources/applications/tokengen/app/js/tokengen.js
 
b/gateway-applications/src/main/resources/applications/tokengen/app/js/tokengen.js
index adfe297..9e9dd70 100644
--- 
a/gateway-applications/src/main/resources/applications/tokengen/app/js/tokengen.js
+++ 
b/gateway-applications/src/main/resources/applications/tokengen/app/js/tokengen.js
@@ -109,6 +109,30 @@ function setTokenStateServiceStatus() {
     }
 }
 
+function validateLifespan(days, hours, mins) {
+    //show possible contraint violations
+    days.reportValidity();
+    hours.reportValidity();
+    mins.reportValidity();
+
+    //check basic contraint validations (less than/ greater then)
+    var valid = days.checkValidity() && hours.checkValidity() && 
mins.checkValidity();
+
+    if (days.value == '0' && hours.value == '0' && mins.value == '0') {
+        valid = false;
+    }
+
+    if (days.value == '' || hours.value == '' || mins.value == '') {
+        valid = false;
+    }
+
+    if (!valid) {
+        $('#invalidLifetimeText').show();
+    }
+
+    return valid;
+}
+
 var gen = function() {
        $('#invalidLifetimeText').hide();
     var pathname = window.location.pathname;
@@ -117,7 +141,6 @@ var gen = function() {
     baseURL = baseURL.substring(0, baseURL.lastIndexOf('/') + 1);
     var tokenURL = topologyContext + knoxtokenURL;
     var form = document.forms[0];
-    //var comment = form.comment.value;
     var lt_days = form.lt_days.value;
     var lt_hours = form.lt_hours.value;
     var lt_mins = form.lt_mins.value;
@@ -164,9 +187,7 @@ var gen = function() {
         }
     }
 
-    if (lt_days == '0' && lt_hours == '0' && lt_mins == '0') {
-        $('#invalidLifetimeText').show();
-    } else {
+    if (validateLifespan(form.lt_days, form.lt_hours, form.lt_mins)) {
         _gen();
     }
 }

Reply via email to