View Javadoc
1   /*
2    * Copyright (c) 2002-2022, Mairie de Paris
3    * All rights reserved.
4    *
5    * Redistribution and use in source and binary forms, with or without
6    * modification, are permitted provided that the following conditions
7    * are met:
8    *
9    *  1. Redistributions of source code must retain the above copyright notice
10   *     and the following disclaimer.
11   *
12   *  2. Redistributions in binary form must reproduce the above copyright notice
13   *     and the following disclaimer in the documentation and/or other materials
14   *     provided with the distribution.
15   *
16   *  3. Neither the name of 'Mairie de Paris' nor 'Lutece' nor the names of its
17   *     contributors may be used to endorse or promote products derived from
18   *     this software without specific prior written permission.
19   *
20   * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
21   * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22   * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23   * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
24   * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25   * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26   * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27   * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28   * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29   * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30   * POSSIBILITY OF SUCH DAMAGE.
31   *
32   * License 1.0
33   */
34  package fr.paris.lutece.plugins.leaflet.service;
35  
36  
37  import org.apache.commons.lang3.StringUtils;
38  import org.springframework.util.AntPathMatcher;
39  import org.springframework.util.PathMatcher;
40  
41  import fr.paris.lutece.portal.service.util.AppPropertiesService;
42  
43  
44  
45  /*
46   * CorsUtils
47   */
48  public final class CorsUtils
49  {
50      
51      /** The Constant PATH_MATCHER. */
52      private final static PathMatcher PATH_MATCHER = new AntPathMatcher( );
53      
54      /** The Constant PROPERTY_CORS_ORIGIN_KEY. */
55      private static final String PROPERTY_CORS_ORIGIN_KEY = "leaflet.cors.origin"; 
56  
57      /**
58       * Private constructor.
59       */
60      private CorsUtils( )
61      {
62      }
63  
64     
65      
66      /**
67       * Checks if is valid origin.
68       *
69       * @param strOrigin the str origin
70       * @return the boolean
71       */
72      public static Boolean isValidOrigin( String strOrigin )
73      {
74         
75          String strAuthorizedOrigin = AppPropertiesService.getProperty( PROPERTY_CORS_ORIGIN_KEY );
76  
77          return isValidOrigin(strOrigin, strAuthorizedOrigin);
78      }
79      
80      /**
81       * Checks if is valid origin.
82       *
83       * @param strOrigin the str origin
84       * @param strCorsOriginPatterns the cors origin pattern used to test
85       * @return the boolean
86       */
87      public static Boolean isValidOrigin( String strOrigin,String strCorsOriginPatterns)
88      {
89         
90          if ( !StringUtils.isEmpty( strCorsOriginPatterns ) )
91          {
92           
93              String [ ] tabAuthorizedDomains = strCorsOriginPatterns.split( "," );
94  
95              for ( int i = 0; i < tabAuthorizedDomains.length; i++ )
96              {
97                  if ( PATH_MATCHER.match( tabAuthorizedDomains [i], strOrigin ) )
98                  {
99                     return true;
100                 }
101                
102             }
103         }
104 
105         return false;
106     }
107 
108 
109 }