22
22
23
23
import com .google .gson .JsonParseException ;
24
24
import password .pwm .AppProperty ;
25
+ import password .pwm .DomainProperty ;
25
26
import password .pwm .PwmConstants ;
26
27
import password .pwm .bean .DomainID ;
27
28
import password .pwm .config .AppConfig ;
29
+ import password .pwm .config .DomainConfig ;
28
30
import password .pwm .error .PwmError ;
29
31
import password .pwm .error .PwmUnrecoverableException ;
30
32
import password .pwm .util .PasswordData ;
52
54
import java .util .Optional ;
53
55
import java .util .Set ;
54
56
import java .util .function .Supplier ;
55
- import java .util .stream .Collectors ;
56
57
57
58
public class PwmHttpRequestWrapper
58
59
{
59
60
private static final PwmLogger LOGGER = PwmLogger .forClass ( PwmHttpRequestWrapper .class );
60
61
61
62
private final HttpServletRequest httpServletRequest ;
62
- private final AppConfig appConfig ;
63
+ private final DomainConfig domainConfig ;
63
64
64
65
private static final Set <String > HTTP_PARAM_DEBUG_STRIP_VALUES = Set .of (
65
66
"password" ,
@@ -81,9 +82,11 @@ public enum Flag
81
82
}
82
83
83
84
public PwmHttpRequestWrapper ( final HttpServletRequest request , final AppConfig appConfig )
85
+ throws PwmUnrecoverableException
84
86
{
85
87
this .httpServletRequest = request ;
86
- this .appConfig = appConfig ;
88
+ final DomainID domainID = readDomainIdFromRequest ( request );
89
+ this .domainConfig = appConfig .getDomainConfigs ().get ( domainID );
87
90
}
88
91
89
92
public HttpServletRequest getHttpServletRequest ( )
@@ -107,7 +110,7 @@ public boolean isHtmlRequest( )
107
110
public String readRequestBodyAsString ( )
108
111
throws IOException , PwmUnrecoverableException
109
112
{
110
- final int maxChars = Integer .parseInt ( appConfig .readAppProperty ( AppProperty .HTTP_BODY_MAXREAD_LENGTH ) );
113
+ final int maxChars = Integer .parseInt ( domainConfig .readAppProperty ( AppProperty .HTTP_BODY_MAXREAD_LENGTH ) );
111
114
return readRequestBodyAsString ( maxChars );
112
115
}
113
116
@@ -124,9 +127,9 @@ public Map<String, String> readBodyAsJsonStringMap( final Flag... flags )
124
127
final String bodyString = readRequestBodyAsString ();
125
128
final Map <String , String > inputMap = JsonFactory .get ().deserializeStringMap ( bodyString );
126
129
127
- final boolean trim = Boolean .parseBoolean ( appConfig .readAppProperty ( AppProperty .SECURITY_INPUT_TRIM ) );
128
- final boolean passwordTrim = Boolean .parseBoolean ( appConfig .readAppProperty ( AppProperty .SECURITY_INPUT_PASSWORD_TRIM ) );
129
- final int maxLength = Integer .parseInt ( appConfig .readAppProperty ( AppProperty .HTTP_PARAM_MAX_READ_LENGTH ) );
130
+ final boolean trim = Boolean .parseBoolean ( domainConfig .readAppProperty ( AppProperty .SECURITY_INPUT_TRIM ) );
131
+ final boolean passwordTrim = Boolean .parseBoolean ( domainConfig .readAppProperty ( AppProperty .SECURITY_INPUT_PASSWORD_TRIM ) );
132
+ final int maxLength = Integer .parseInt ( domainConfig .readAppProperty ( AppProperty .HTTP_PARAM_MAX_READ_LENGTH ) );
130
133
131
134
final Map <String , String > outputMap = new LinkedHashMap <>();
132
135
if ( inputMap != null )
@@ -140,11 +143,11 @@ public Map<String, String> readBodyAsJsonStringMap( final Flag... flags )
140
143
String value ;
141
144
value = bypassInputValidation
142
145
? entry .getValue ()
143
- : Validator .sanitizeInputValue ( appConfig , entry .getValue (), maxLength );
146
+ : Validator .sanitizeInputValue ( domainConfig . getAppConfig () , entry .getValue (), maxLength );
144
147
value = passwordType && passwordTrim ? value .trim () : value ;
145
148
value = !passwordType && trim ? value .trim () : value ;
146
149
147
- final String sanitizedName = Validator .sanitizeInputValue ( appConfig , key , maxLength );
150
+ final String sanitizedName = Validator .sanitizeInputValue ( domainConfig . getAppConfig () , key , maxLength );
148
151
outputMap .put ( sanitizedName , value );
149
152
}
150
153
}
@@ -160,9 +163,9 @@ public Map<String, Object> readBodyAsJsonMap( final Flag... flags )
160
163
final String bodyString = readRequestBodyAsString ();
161
164
final Map <String , Object > inputMap = JsonFactory .get ().deserializeMap ( bodyString , String .class , Object .class );
162
165
163
- final boolean trim = Boolean .parseBoolean ( appConfig .readAppProperty ( AppProperty .SECURITY_INPUT_TRIM ) );
164
- final boolean passwordTrim = Boolean .parseBoolean ( appConfig .readAppProperty ( AppProperty .SECURITY_INPUT_PASSWORD_TRIM ) );
165
- final int maxLength = Integer .parseInt ( appConfig .readAppProperty ( AppProperty .HTTP_PARAM_MAX_READ_LENGTH ) );
166
+ final boolean trim = Boolean .parseBoolean ( domainConfig .readAppProperty ( AppProperty .SECURITY_INPUT_TRIM ) );
167
+ final boolean passwordTrim = Boolean .parseBoolean ( domainConfig .readAppProperty ( AppProperty .SECURITY_INPUT_PASSWORD_TRIM ) );
168
+ final int maxLength = Integer .parseInt ( domainConfig .readAppProperty ( AppProperty .HTTP_PARAM_MAX_READ_LENGTH ) );
166
169
167
170
final Map <String , Object > outputMap = new LinkedHashMap <>();
168
171
if ( inputMap != null )
@@ -178,7 +181,7 @@ public Map<String, Object> readBodyAsJsonMap( final Flag... flags )
178
181
{
179
182
String stringValue = bypassInputValidation
180
183
? ( String ) entry .getValue ()
181
- : Validator .sanitizeInputValue ( appConfig , ( String ) entry .getValue (), maxLength );
184
+ : Validator .sanitizeInputValue ( domainConfig . getAppConfig () , ( String ) entry .getValue (), maxLength );
182
185
stringValue = passwordType && passwordTrim ? stringValue .trim () : stringValue ;
183
186
stringValue = !passwordType && trim ? stringValue .trim () : stringValue ;
184
187
value = stringValue ;
@@ -188,7 +191,7 @@ public Map<String, Object> readBodyAsJsonMap( final Flag... flags )
188
191
value = entry .getValue ();
189
192
}
190
193
191
- final String sanitizedName = Validator .sanitizeInputValue ( appConfig , key , maxLength );
194
+ final String sanitizedName = Validator .sanitizeInputValue ( domainConfig . getAppConfig () , key , maxLength );
192
195
outputMap .put ( sanitizedName , value );
193
196
}
194
197
}
@@ -200,14 +203,14 @@ public Map<String, Object> readBodyAsJsonMap( final Flag... flags )
200
203
public Optional <PasswordData > readParameterAsPassword ( final String name )
201
204
throws PwmUnrecoverableException
202
205
{
203
- final int maxLength = Integer .parseInt ( appConfig .readAppProperty ( AppProperty .HTTP_PARAM_MAX_READ_LENGTH ) );
204
- final boolean trim = Boolean .parseBoolean ( appConfig .readAppProperty ( AppProperty .SECURITY_INPUT_PASSWORD_TRIM ) );
206
+ final int maxLength = Integer .parseInt ( domainConfig .readAppProperty ( AppProperty .HTTP_PARAM_MAX_READ_LENGTH ) );
207
+ final boolean trim = Boolean .parseBoolean ( domainConfig .readAppProperty ( AppProperty .SECURITY_INPUT_PASSWORD_TRIM ) );
205
208
206
209
final String rawValue = httpServletRequest .getParameter ( name );
207
210
if ( rawValue != null && !rawValue .isEmpty () )
208
211
{
209
212
final String decodedValue = decodeStringToDefaultCharSet ( rawValue );
210
- final String sanitizedValue = Validator .sanitizeInputValue ( appConfig , decodedValue , maxLength );
213
+ final String sanitizedValue = Validator .sanitizeInputValue ( domainConfig . getAppConfig () , decodedValue , maxLength );
211
214
if ( sanitizedValue != null )
212
215
{
213
216
final String trimmedVale = trim ? sanitizedValue .trim () : sanitizedValue ;
@@ -232,7 +235,7 @@ public String readParameterAsString( final String name, final int maxLength, fin
232
235
public String readParameterAsString ( final String name , final String valueIfNotPresent )
233
236
throws PwmUnrecoverableException
234
237
{
235
- final int maxLength = Integer .parseInt ( appConfig .readAppProperty ( AppProperty .HTTP_PARAM_MAX_READ_LENGTH ) );
238
+ final int maxLength = Integer .parseInt ( domainConfig .readAppProperty ( AppProperty .HTTP_PARAM_MAX_READ_LENGTH ) );
236
239
final String returnValue = readParameterAsString ( name , maxLength );
237
240
return returnValue == null || returnValue .isEmpty () ? valueIfNotPresent : returnValue ;
238
241
}
@@ -246,7 +249,7 @@ public boolean hasParameter( final String name )
246
249
public String readParameterAsString ( final String name , final Flag ... flags )
247
250
throws PwmUnrecoverableException
248
251
{
249
- final int maxLength = Integer .parseInt ( appConfig .readAppProperty ( AppProperty .HTTP_PARAM_MAX_READ_LENGTH ) );
252
+ final int maxLength = Integer .parseInt ( domainConfig .readAppProperty ( AppProperty .HTTP_PARAM_MAX_READ_LENGTH ) );
250
253
return readParameterAsString ( name , maxLength , flags );
251
254
}
252
255
@@ -287,7 +290,7 @@ public List<String> readParameterAsStrings(
287
290
{
288
291
final boolean bypassInputValidation = flags != null && Arrays .asList ( flags ).contains ( Flag .BypassValidation );
289
292
final HttpServletRequest req = this .getHttpServletRequest ();
290
- final boolean trim = Boolean .parseBoolean ( appConfig .readAppProperty ( AppProperty .SECURITY_INPUT_TRIM ) );
293
+ final boolean trim = Boolean .parseBoolean ( domainConfig .readAppProperty ( AppProperty .SECURITY_INPUT_TRIM ) );
291
294
final String [] rawValues = req .getParameterValues ( name );
292
295
if ( rawValues == null || rawValues .length == 0 )
293
296
{
@@ -300,7 +303,7 @@ public List<String> readParameterAsStrings(
300
303
final String decodedValue = decodeStringToDefaultCharSet ( rawValue );
301
304
final String sanitizedValue = bypassInputValidation
302
305
? decodedValue
303
- : Validator .sanitizeInputValue ( appConfig , decodedValue , maxLength );
306
+ : Validator .sanitizeInputValue ( domainConfig . getAppConfig () , decodedValue , maxLength );
304
307
305
308
if ( sanitizedValue .length () > 0 )
306
309
{
@@ -333,22 +336,22 @@ public String readHeaderValueAsString( final HttpHeader headerName )
333
336
334
337
public String readHeaderValueAsString ( final String headerName )
335
338
{
336
- final int maxChars = Integer .parseInt ( appConfig .readAppProperty ( AppProperty .HTTP_PARAM_MAX_READ_LENGTH ) );
339
+ final int maxChars = Integer .parseInt ( domainConfig .readAppProperty ( AppProperty .HTTP_PARAM_MAX_READ_LENGTH ) );
337
340
final HttpServletRequest req = this .getHttpServletRequest ();
338
341
final String rawValue = req .getHeader ( headerName );
339
- final String sanitizedInputValue = Validator .sanitizeInputValue ( appConfig , rawValue , maxChars );
340
- return Validator .sanitizeHeaderValue ( appConfig , sanitizedInputValue );
342
+ final String sanitizedInputValue = Validator .sanitizeInputValue ( domainConfig . getAppConfig () , rawValue , maxChars );
343
+ return Validator .sanitizeHeaderValue ( domainConfig . getAppConfig () , sanitizedInputValue );
341
344
}
342
345
343
346
public List <String > readHeaderValuesAsString ( final String headerName )
344
347
{
345
- final int maxChars = Integer .parseInt ( appConfig .readAppProperty ( AppProperty .HTTP_PARAM_MAX_READ_LENGTH ) );
348
+ final int maxChars = Integer .parseInt ( domainConfig .readAppProperty ( AppProperty .HTTP_PARAM_MAX_READ_LENGTH ) );
346
349
final List <String > valueList = new ArrayList <>();
347
350
for ( final Enumeration <String > headerValueEnum = this .getHttpServletRequest ().getHeaders ( headerName ); headerValueEnum .hasMoreElements (); )
348
351
{
349
352
final String headerValue = headerValueEnum .nextElement ();
350
- final String sanitizedInputValue = Validator .sanitizeInputValue ( appConfig , headerValue , maxChars );
351
- final String sanitizedHeaderValue = Validator .sanitizeHeaderValue ( appConfig , sanitizedInputValue );
353
+ final String sanitizedInputValue = Validator .sanitizeInputValue ( domainConfig . getAppConfig () , headerValue , maxChars );
354
+ final String sanitizedHeaderValue = Validator .sanitizeHeaderValue ( domainConfig . getAppConfig () , sanitizedInputValue );
352
355
if ( sanitizedHeaderValue != null && !sanitizedHeaderValue .isEmpty () )
353
356
{
354
357
valueList .add ( sanitizedHeaderValue );
@@ -374,20 +377,20 @@ public Map<String, List<String>> readHeaderValuesMap( )
374
377
375
378
public List <String > headerNames ( )
376
379
{
377
- final int maxChars = Integer .parseInt ( appConfig .readAppProperty ( AppProperty .HTTP_PARAM_MAX_READ_LENGTH ) );
380
+ final int maxChars = Integer .parseInt ( domainConfig .readAppProperty ( AppProperty .HTTP_PARAM_MAX_READ_LENGTH ) );
378
381
379
382
return CollectionUtil .iteratorToStream ( getHttpServletRequest ().getHeaderNames ().asIterator () )
380
- .map ( s -> Validator .sanitizeInputValue ( appConfig , s , maxChars ) )
381
- .collect ( Collectors . toUnmodifiableList () );
383
+ .map ( s -> Validator .sanitizeInputValue ( domainConfig . getAppConfig () , s , maxChars ) )
384
+ .toList ( );
382
385
383
386
}
384
387
385
388
public List <String > parameterNames ( )
386
389
{
387
- final int maxChars = Integer .parseInt ( appConfig .readAppProperty ( AppProperty .HTTP_PARAM_MAX_READ_LENGTH ) );
390
+ final int maxChars = Integer .parseInt ( domainConfig .readAppProperty ( AppProperty .HTTP_PARAM_MAX_READ_LENGTH ) );
388
391
389
392
return CollectionUtil .iteratorToStream ( getHttpServletRequest ().getParameterNames ().asIterator () )
390
- .map ( s -> Validator .sanitizeInputValue ( appConfig , s , maxChars ) )
393
+ .map ( s -> Validator .sanitizeInputValue ( domainConfig . getAppConfig () , s , maxChars ) )
391
394
.toList ();
392
395
393
396
}
@@ -409,7 +412,7 @@ public Map<String, String> readParametersAsMap( )
409
412
public Map <String , List <String >> readMultiParametersAsMap ( )
410
413
throws PwmUnrecoverableException
411
414
{
412
- final int maxLength = Integer .parseInt ( appConfig .readAppProperty ( AppProperty .HTTP_PARAM_MAX_READ_LENGTH ) );
415
+ final int maxLength = Integer .parseInt ( domainConfig .readAppProperty ( AppProperty .HTTP_PARAM_MAX_READ_LENGTH ) );
413
416
414
417
final List <String > parameterNames = parameterNames ();
415
418
@@ -425,7 +428,7 @@ public Map<String, List<String>> readMultiParametersAsMap( )
425
428
426
429
public Optional <String > readCookie ( final String cookieName )
427
430
{
428
- final int maxChars = Integer .parseInt ( appConfig . readAppProperty ( AppProperty .HTTP_COOKIE_MAX_READ_LENGTH ) );
431
+ final int maxChars = Integer .parseInt ( domainConfig . readDomainProperty ( DomainProperty .HTTP_COOKIE_MAX_READ_LENGTH ) );
429
432
final Cookie [] cookies = this .getHttpServletRequest ().getCookies ();
430
433
if ( cookies != null )
431
434
{
@@ -437,7 +440,7 @@ public Optional<String> readCookie( final String cookieName )
437
440
try
438
441
{
439
442
final String decodedCookieValue = StringUtil .urlDecode ( rawCookieValue );
440
- return Optional .of ( Validator .sanitizeInputValue ( appConfig , decodedCookieValue , maxChars ) );
443
+ return Optional .of ( Validator .sanitizeInputValue ( domainConfig . getAppConfig () , decodedCookieValue , maxChars ) );
441
444
}
442
445
catch ( final IOException e )
443
446
{
@@ -464,7 +467,12 @@ public HttpMethod getMethod( )
464
467
465
468
public AppConfig getAppConfig ( )
466
469
{
467
- return appConfig ;
470
+ return domainConfig .getAppConfig ();
471
+ }
472
+
473
+ public DomainConfig getDomainConfig ( )
474
+ {
475
+ return domainConfig ;
468
476
}
469
477
470
478
public String getUrlWithoutQueryString ( )
0 commit comments