+ if (target.matchesAny()) {
+ return true;
+ }
+ try {
+ MatchFunction requesterFunction =
+ ArpEngine.lookupMatchFunction(target.getRequester().getMatchFunctionIdentifier());
+ if (!requesterFunction.match(target.getRequester().getValue(), requester)) {
+ return false;
+ }
+ if (target.getResource().matchesAny()) {
+ return true;
+ }
+ MatchFunction resourceFunction =
+ ArpEngine.lookupMatchFunction(target.getResource().getMatchFunctionIdentifier());
+ if (resourceFunction.match(target.getResource().getValue(), resource)) {
+ return true;
+ }
+ return false;
+ } catch (ArpException e) {
+ log.warn("Encountered a problem while trying to find matching ARP rules: " + e);
+ return false;
+ }
+ }
+
+ class Target {
+ private Requester requester = null;
+ private Resource resource = null;
+ private boolean matchesAny = false;
+
+ void marshall(Element element) throws ArpMarshallingException {
+
+ //Make sure we are deling with a Target
+ if (!element.getTagName().equals("Target")) {
+ log.error("Element data does not represent an ARP Rule Target.");
+ throw new ArpMarshallingException("Element data does not represent an ARP Rule target.");
+ }
+ NodeList targetNodeList = element.getChildNodes();
+ if (targetNodeList.getLength() < 1 || targetNodeList.getLength() > 2) {
+ log.error("ARP Rule Target contains invalid data: incorrect number of elements");
+ throw new ArpMarshallingException("ARP Rule Target contains invalid data: incorrect number of elements");
+ }
+
+ //Handle <AnyTarget/> definitions
+ if (targetNodeList.getLength() == 1) {
+ if (targetNodeList.item(0).getNodeType() == Node.ELEMENT_NODE
+ && ((Element) targetNodeList.item(0)).getTagName().equals("AnyTarget")) {
+ matchesAny = true;
+ return;
+ }
+ log.error("ARP Rule Target contains invalid data.");
+ throw new ArpMarshallingException("ARP Rule Target contains invalid data.");
+ }
+
+ //Create Requester
+ if (targetNodeList.item(0).getNodeType() == Node.ELEMENT_NODE
+ && ((Element) targetNodeList.item(0)).getTagName().equals("Requester")) {
+ requester = new Requester();
+ requester.marshall((Element) targetNodeList.item(0));
+ } else {
+ log.error("ARP Rule Target contains invalid data.");
+ throw new ArpMarshallingException("ARP Rule Target contains invalid data.");
+ }
+ //Handle <AnyResource/>
+ //Create Resource
+ }
+
+ boolean matchesAny() {
+ return matchesAny;
+ }
+ Requester getRequester() {
+ return requester;
+ }
+ Resource getResource() {
+ return resource;
+ }
+ }
+
+ class Resource {
+ private String value;
+ private URI matchFunctionIdentifier;
+ private boolean matchesAny;
+ boolean matchesAny() {
+ return matchesAny;
+ }
+ URI getMatchFunctionIdentifier() {
+ return matchFunctionIdentifier;
+ }
+ String getValue() {
+ return value;
+ }
+ }
+
+ class Requester {
+ private String value;
+ private URI matchFunctionIdentifier;
+ URI getMatchFunctionIdentifier() {
+ return matchFunctionIdentifier;
+ }
+ String getValue() {
+ return value;
+ }
+ void marshall(Element element) throws ArpMarshallingException {
+ //Make sure we are deling with a Requester
+ if (!element.getTagName().equals("Requester")) {
+ log.error("Element data does not represent an ARP Rule Target.");
+ throw new ArpMarshallingException("Element data does not represent an ARP Rule target.");
+ }
+ if (element.hasChildNodes() && element.getFirstChild().getNodeType() == Node.TEXT_NODE) {
+ value = ((CharacterData) element.getFirstChild()).getData();
+ } else {
+ log.error("Element data does not represent an ARP Rule Target.");
+ throw new ArpMarshallingException("Element data does not represent an ARP Rule target.");
+ }
+ try {
+ if (element.hasAttribute("matchFunction")) {
+ matchFunctionIdentifier = new URI(element.getAttribute("matchFunction"));
+ } else {
+ matchFunctionIdentifier = new URI("urn:mace:shibboleth:arp:matchFunction:exactShar");
+ }
+ } catch (URISyntaxException e) {
+ log.error("ARP match function not identified by a proper URI.");
+ throw new ArpMarshallingException("ARP match function not identified by a proper URI.");
+ }
+ }
projects / java-idp.git / commitdiff