2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
21 package org.openecomp.sdc.common.rest.impl.validator;
23 import java.util.List;
26 import javax.servlet.http.HttpServletRequest;
27 import javax.ws.rs.core.MediaType;
29 import org.apache.commons.codec.binary.Base64;
30 import org.openecomp.sdc.common.api.Constants;
31 import org.slf4j.Logger;
32 import org.slf4j.LoggerFactory;
34 public class RequestHeadersValidator {
35 private static Logger log = LoggerFactory.getLogger(RequestHeadersValidator.class.getName());
37 public static void validateContentType(HttpServletRequest request, MediaType expectedContentType,
38 Map<String, String> headersMap) throws RestRequestValidationException {
40 log.debug("validateContentType - expected: {}", expectedContentType);
41 if (request == null || expectedContentType == null) {
42 throw new RestRequestValidationException("request or media-type are null");
44 String contentType = request.getHeader(Constants.CONTENT_TYPE_HEADER);
45 if (contentType == null || !contentType.contains(MediaType.APPLICATION_JSON)) {
46 throw new RestRequestValidationException(
47 "Content-Type of requset is different then " + expectedContentType);
49 headersMap.put(Constants.CONTENT_TYPE_HEADER, contentType);
53 public static void validateIdentificationHeaders(HttpServletRequest request, List<String> identificationList,
54 Map<String, String> headersMap) throws RestRequestValidationException {
56 log.debug("validateIdentificationHeaders");
57 for (String requiredHeader : identificationList) {
58 String headerVal = request.getHeader(requiredHeader);
59 if (headerVal != null && !headerVal.isEmpty()) {
60 headersMap.put(requiredHeader, headerVal);
61 log.debug("found header - {} : {}", requiredHeader, headerVal);
63 log.error("missing identification header: {}", requiredHeader);
64 throw new RestRequestValidationException("missing identification header: " + requiredHeader);
70 public static void validateMd5(byte[] encodedData, HttpServletRequest request, Map<String, String> headersMap)
71 throws RestRequestValidationException {
73 // validate parameters
74 if (encodedData == null || request == null) {
75 throw new RestRequestValidationException("encoded data or request are not valid");
78 // calculate MD5 on the data
79 String md5 = org.apache.commons.codec.digest.DigestUtils.md5Hex(encodedData);
80 byte[] encodedMd5 = Base64.encodeBase64(md5.getBytes());
82 // read the Content-MD5 header
83 String origMd5 = request.getHeader(Constants.MD5_HEADER);
84 if ((origMd5 == null) || origMd5.isEmpty()) {
85 throw new RestRequestValidationException("missing Content-MD5 header ");
89 if (!origMd5.equals(new String(encodedMd5))) {
90 throw new RestRequestValidationException("uploaded file failed MD5 validation");
92 headersMap.put(Constants.MD5_HEADER, origMd5);
Code Review / sdc.git / blob