-
Notifications
You must be signed in to change notification settings - Fork 23
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added method to ensure that reponse headers are correclty cased befor… #53
Merged
andrederoos
merged 5 commits into
develop
from
feature/make_sure_headers_are_correctly_cased_bunq/sdk_java#43
Dec 21, 2017
Merged
Changes from 2 commits
Commits
Show all changes
5 commits
Select commit
Hold shift + click to select a range
e1c7f8e
Added method to ensure that reponse headers are correclty cased befor…
OGKevin 9a1c2ef
Removed wild imports. (bunq/sdk_java#43)
OGKevin 0d91203
Renamed ensureHeaderCorrectlyCased to getHeaderNameCorrectlyCased. (b…
OGKevin cbf66ac
Renamed substring constants. (bunq/sdk_java#43)
OGKevin f9e252b
End index of first char instead of last char. (bunq/sdk_java#43)
OGKevin File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -72,3 +72,4 @@ context-save-restore-test.conf | |
/tmp | ||
config.properties | ||
bunq-test.conf | ||
.idea/codeStyles/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -4,6 +4,25 @@ | |
import com.bunq.sdk.exception.BunqException; | ||
import com.bunq.sdk.exception.UncaughtExceptionError; | ||
import com.bunq.sdk.http.ApiClient; | ||
import okio.BufferedSink; | ||
import okio.Okio; | ||
import org.apache.commons.codec.binary.Base64; | ||
import org.apache.http.Header; | ||
import org.apache.http.HttpEntityEnclosingRequest; | ||
import org.apache.http.HttpResponse; | ||
import org.apache.http.client.methods.HttpDelete; | ||
import org.apache.http.client.methods.HttpGet; | ||
import org.apache.http.client.methods.HttpPost; | ||
import org.apache.http.client.methods.HttpPut; | ||
import org.apache.http.client.methods.HttpUriRequest; | ||
import org.apache.http.message.BasicHeader; | ||
import org.apache.http.util.EntityUtils; | ||
|
||
import javax.crypto.Cipher; | ||
import javax.crypto.KeyGenerator; | ||
import javax.crypto.Mac; | ||
import javax.crypto.SecretKey; | ||
import javax.crypto.spec.IvParameterSpec; | ||
import java.io.ByteArrayOutputStream; | ||
import java.io.IOException; | ||
import java.security.GeneralSecurityException; | ||
|
@@ -22,24 +41,9 @@ | |
import java.security.spec.X509EncodedKeySpec; | ||
import java.util.Arrays; | ||
import java.util.Map; | ||
import java.util.regex.Matcher; | ||
import java.util.regex.Pattern; | ||
import java.util.stream.Collectors; | ||
import javax.crypto.Cipher; | ||
import javax.crypto.KeyGenerator; | ||
import javax.crypto.Mac; | ||
import javax.crypto.SecretKey; | ||
import javax.crypto.spec.IvParameterSpec; | ||
import okio.BufferedSink; | ||
import okio.Okio; | ||
import org.apache.commons.codec.binary.Base64; | ||
import org.apache.http.Header; | ||
import org.apache.http.HttpEntityEnclosingRequest; | ||
import org.apache.http.HttpResponse; | ||
import org.apache.http.client.methods.HttpDelete; | ||
import org.apache.http.client.methods.HttpGet; | ||
import org.apache.http.client.methods.HttpPost; | ||
import org.apache.http.client.methods.HttpPut; | ||
import org.apache.http.client.methods.HttpUriRequest; | ||
import org.apache.http.util.EntityUtils; | ||
|
||
/** | ||
* Static lib containing methods for handling encryption. | ||
|
@@ -62,6 +66,7 @@ public final class SecurityUtils { | |
private static final String ERROR_COULD_NOT_VERIFY_DATA = "Could not verify signed data."; | ||
private static final String ERROR_CAN_NOT_GET_ENTITY_BODY_BYTES = | ||
"Can't get body bytes of the entity."; | ||
private static final String ERROR_RESPONSE_VERIFICATION_FAILED = "Response verification failed"; | ||
|
||
/** | ||
* Constants to generate encryption keys. | ||
|
@@ -141,6 +146,22 @@ public final class SecurityUtils { | |
private static final String DELIMITER_METHOD_PATH = " "; | ||
private static final String DELIMITER_HEADER_NAME_AND_VALUE = ": "; | ||
|
||
/** | ||
* Regex constants. | ||
*/ | ||
private static final String REGEX_FOR_LOWERCASE_HEADERS = "(-[a-z])"; | ||
|
||
/** | ||
* The index of the first item in an array. | ||
*/ | ||
private static final int INDEX_FIRST = 0; | ||
|
||
/** | ||
* Substring constants. | ||
*/ | ||
private static final int SUBSTRING_BEGIN_INDEX = 0; | ||
private static final int SUBSTRING_END_INDEX = 1; | ||
|
||
/** | ||
*/ | ||
private SecurityUtils() { | ||
|
@@ -455,7 +476,10 @@ private static void verifyDataSigned(Signature signature, PublicKey publicKey, b | |
try { | ||
signature.initVerify(publicKey); | ||
signature.update(dataBytes); | ||
signature.verify(dataBytesSigned); | ||
|
||
if (!signature.verify(dataBytesSigned)) { | ||
throw new BunqException(ERROR_RESPONSE_VERIFICATION_FAILED); | ||
} | ||
} catch (GeneralSecurityException exception) { | ||
throw new BunqException(ERROR_COULD_NOT_VERIFY_DATA, exception); | ||
} | ||
|
@@ -476,6 +500,17 @@ private static byte[] getResponseBytes(int responseCode, byte[] responseBodyByte | |
Header[] responseHeaders) { | ||
ByteArrayOutputStream outputStream = new ByteArrayOutputStream(); | ||
|
||
for (int i = INDEX_FIRST; i < responseHeaders.length; i++) { | ||
if (responseHeaders[i].getName().equals(HEADER_SERVER_SIGNATURE)) { | ||
continue; | ||
} | ||
|
||
responseHeaders[i] = new BasicHeader( | ||
ensureHeaderCorrectlyCased(responseHeaders[i].getName()), | ||
responseHeaders[i].getValue() | ||
); | ||
} | ||
|
||
try { | ||
outputStream.write(getResponseHeadBytes(responseCode, responseHeaders)); | ||
outputStream.write(responseBodyBytes); | ||
|
@@ -486,6 +521,21 @@ private static byte[] getResponseBytes(int responseCode, byte[] responseBodyByte | |
return outputStream.toByteArray(); | ||
} | ||
|
||
private static String ensureHeaderCorrectlyCased(String headerName) { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. ernsure sounds like we're asserting, while this would return a value. |
||
headerName = headerName.toLowerCase(); | ||
headerName = headerName.substring(SUBSTRING_BEGIN_INDEX, SUBSTRING_END_INDEX).toUpperCase() | ||
+ headerName.substring(SUBSTRING_END_INDEX); | ||
Pattern pattern = Pattern.compile(REGEX_FOR_LOWERCASE_HEADERS); | ||
Matcher matcher = pattern.matcher(headerName); | ||
|
||
while (matcher.find()) { | ||
String result = matcher.group(); | ||
headerName = headerName.replace(result, result.toUpperCase()); | ||
} | ||
|
||
return headerName; | ||
} | ||
|
||
private static byte[] getResponseHeadBytes(int responseCode, Header[] responseHeaders) { | ||
String requestHeadString = responseCode + NEWLINE + | ||
generateResponseHeadersSortedString(responseHeaders) + NEWLINE + NEWLINE; | ||
|
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Constants can have better names, have no clue what this is about. If we would add a second substring with different params it would be really confusing.