Commit 26af0374 authored by cdanger's avatar cdanger

- Fixed NullPointerException when environmentProperties arg == null in

CoreRootPolicyProvider#getInstance(...)
parent 33a0717a
......@@ -572,7 +572,7 @@ public final class PdpEngineConfiguration
* Leave PARENT_DIR environment property undefined since we cannot get the file's parent directory
*/
LOGGER.debug("Property {} = <undefined>", EnvironmentPropertyName.PARENT_DIR);
final EnvironmentProperties envProps = new DefaultEnvironmentProperties(Collections.emptyMap());
final EnvironmentProperties envProps = new DefaultEnvironmentProperties();
return getInstance(new StreamSource(confUrl.toExternalForm()), modelHandler, envProps);
}
......
......@@ -24,9 +24,6 @@ import java.util.Optional;
import javax.xml.bind.JAXBException;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.Policy;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicySet;
import org.ow2.authzforce.core.pdp.api.EnvironmentProperties;
import org.ow2.authzforce.core.pdp.api.XmlUtils.XmlnsFilteringParser;
import org.ow2.authzforce.core.pdp.api.XmlUtils.XmlnsFilteringParserFactory;
......@@ -39,6 +36,9 @@ import org.ow2.authzforce.core.pdp.api.policy.StaticRootPolicyProvider;
import org.ow2.authzforce.core.pdp.api.policy.StaticTopLevelPolicyElementEvaluator;
import org.springframework.util.ResourceUtils;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.Policy;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicySet;
/**
* This is a simple {@link StaticRootPolicyProvider} implementation that supports static retrieval of the root policy. Its constructor accepts a location that represent a Spring-compatible resource
* URL, and it is resolved to the actual policy at initialization time. Beyond this, there is no modifying or re-loading of the policy.
......@@ -55,6 +55,8 @@ public class CoreRootPolicyProvider implements StaticRootPolicyProvider
public static class Factory extends RootPolicyProvider.Factory<org.ow2.authzforce.core.xmlns.pdp.StaticRootPolicyProvider>
{
private static final IllegalArgumentException ILLEGAL_JAXBCONF_ARGUMENT_EXCEPTION = new IllegalArgumentException("Undefined RootPolicyProvider configuration (JAXB/XML)");
@Override
public Class<org.ow2.authzforce.core.xmlns.pdp.StaticRootPolicyProvider> getJaxbClass()
{
......@@ -63,17 +65,23 @@ public class CoreRootPolicyProvider implements StaticRootPolicyProvider
@Override
public RootPolicyProvider getInstance(final org.ow2.authzforce.core.xmlns.pdp.StaticRootPolicyProvider jaxbConf, final XmlnsFilteringParserFactory xacmlParserFactory,
final ExpressionFactory expressionFactory, final CombiningAlgRegistry combiningAlgRegistry, final Optional<CloseableRefPolicyProvider> refPolicyProvider,
final EnvironmentProperties environmentProperties)
final ExpressionFactory expressionFactory, final CombiningAlgRegistry combiningAlgRegistry, final Optional<CloseableRefPolicyProvider> refPolicyProvider,
final EnvironmentProperties environmentProperties)
{
final String policyLocation = environmentProperties.replacePlaceholders(jaxbConf.getPolicyLocation());
if (jaxbConf == null)
{
throw ILLEGAL_JAXBCONF_ARGUMENT_EXCEPTION;
}
final String jaxbConfPolicyLocationFromConf = jaxbConf.getPolicyLocation();
final String policyLocation = environmentProperties == null ? jaxbConfPolicyLocationFromConf : environmentProperties.replacePlaceholders(jaxbConfPolicyLocationFromConf);
final URL rootPolicyURL;
try
{
// try to load the policy location as a Spring resource
rootPolicyURL = ResourceUtils.getURL(policyLocation);
}
catch (final FileNotFoundException ioe)
} catch (final FileNotFoundException ioe)
{
throw new IllegalArgumentException("No root policy (as Spring resource) found at the following URL: " + jaxbConf.getPolicyLocation(), ioe);
}
......@@ -85,13 +93,12 @@ public class CoreRootPolicyProvider implements StaticRootPolicyProvider
if (!(refPolicyProvider.get() instanceof StaticRefPolicyProvider))
{
throw new IllegalArgumentException("RefPolicyProvider arg '" + refPolicyProvider + "' is not compatible with " + CoreRootPolicyProvider.class + ". Expected: instance of "
+ StaticRefPolicyProvider.class + ". Make sure the PDP extension of type " + CloseableRefPolicyProvider.Factory.class
+ " corresponding to the refPolicyProvider in PDP configuration can create instances of " + StaticRefPolicyProvider.class);
+ StaticRefPolicyProvider.class + ". Make sure the PDP extension of type " + CloseableRefPolicyProvider.Factory.class
+ " corresponding to the refPolicyProvider in PDP configuration can create instances of " + StaticRefPolicyProvider.class);
}
staticRefPolicyProvider = (StaticRefPolicyProvider) refPolicyProvider.get();
}
else
} else
{
staticRefPolicyProvider = null;
}
......@@ -119,8 +126,7 @@ public class CoreRootPolicyProvider implements StaticRootPolicyProvider
try
{
rootPolicy = PolicyEvaluators.getInstance(jaxbPolicy, null, namespacePrefixesByURI, expressionFactory, combiningAlgRegistry);
}
catch (final IllegalArgumentException e)
} catch (final IllegalArgumentException e)
{
throw new IllegalArgumentException("Invalid Policy: " + jaxbPolicy.getPolicyId(), e);
}
......@@ -143,7 +149,7 @@ public class CoreRootPolicyProvider implements StaticRootPolicyProvider
* if {@code jaxbPolicySet } null/invalid, or {@code expressionFactory == null || combiningAlgRegistry == null})
*/
public CoreRootPolicyProvider(final PolicySet jaxbPolicySet, final Map<String, String> namespacePrefixesByURI, final ExpressionFactory expressionFactory,
final CombiningAlgRegistry combiningAlgRegistry, final Optional<StaticRefPolicyProvider> refPolicyProvider) throws IllegalArgumentException
final CombiningAlgRegistry combiningAlgRegistry, final Optional<StaticRefPolicyProvider> refPolicyProvider) throws IllegalArgumentException
{
if (!refPolicyProvider.isPresent())
{
......@@ -151,8 +157,7 @@ public class CoreRootPolicyProvider implements StaticRootPolicyProvider
try
{
rootPolicy = PolicyEvaluators.getInstanceStatic(jaxbPolicySet, null, namespacePrefixesByURI, expressionFactory, combiningAlgRegistry, null, null);
}
catch (final IllegalArgumentException e)
} catch (final IllegalArgumentException e)
{
throw new IllegalArgumentException("Invalid PolicySet: " + jaxbPolicySet.getPolicySetId(), e);
}
......@@ -164,8 +169,7 @@ public class CoreRootPolicyProvider implements StaticRootPolicyProvider
try
{
rootPolicy = PolicyEvaluators.getInstanceStatic(jaxbPolicySet, null, namespacePrefixesByURI, expressionFactory, combiningAlgRegistry, refPolicyProvider.get(), null);
}
catch (final IllegalArgumentException e)
} catch (final IllegalArgumentException e)
{
throw new IllegalArgumentException("Invalid PolicySet: " + jaxbPolicySet.getPolicySetId(), e);
}
......@@ -188,7 +192,7 @@ public class CoreRootPolicyProvider implements StaticRootPolicyProvider
*
*/
public static CoreRootPolicyProvider getInstance(final URL rootPolicyURL, final XmlnsFilteringParserFactory xacmlParserFactory, final ExpressionFactory expressionFactory,
final CombiningAlgRegistry combiningAlgRegistry, final Optional<StaticRefPolicyProvider> refPolicyProvider)
final CombiningAlgRegistry combiningAlgRegistry, final Optional<StaticRefPolicyProvider> refPolicyProvider)
{
if (rootPolicyURL == null)
{
......@@ -204,8 +208,7 @@ public class CoreRootPolicyProvider implements StaticRootPolicyProvider
try
{
xacmlParser = xacmlParserFactory.getInstance();
}
catch (final JAXBException e)
} catch (final JAXBException e)
{
throw new IllegalArgumentException("Failed to create JAXB unmarshaller for XML Policy(Set)", e);
}
......@@ -214,8 +217,7 @@ public class CoreRootPolicyProvider implements StaticRootPolicyProvider
try
{
jaxbPolicyOrPolicySetObj = xacmlParser.parse(rootPolicyURL);
}
catch (final JAXBException e)
} catch (final JAXBException e)
{
throw new IllegalArgumentException("Failed to unmarshall Policy(Set) XML document from policy location: " + rootPolicyURL, e);
}
......@@ -223,12 +225,10 @@ public class CoreRootPolicyProvider implements StaticRootPolicyProvider
if (jaxbPolicyOrPolicySetObj instanceof Policy)
{
return new CoreRootPolicyProvider((Policy) jaxbPolicyOrPolicySetObj, xacmlParser.getNamespacePrefixUriMap(), expressionFactory, combiningAlgRegistry);
}
else if (jaxbPolicyOrPolicySetObj instanceof PolicySet)
} else if (jaxbPolicyOrPolicySetObj instanceof PolicySet)
{
return new CoreRootPolicyProvider((PolicySet) jaxbPolicyOrPolicySetObj, xacmlParser.getNamespacePrefixUriMap(), expressionFactory, combiningAlgRegistry, refPolicyProvider);
}
else
} else
{
throw new IllegalArgumentException("Unexpected element found as root of the policy document: " + jaxbPolicyOrPolicySetObj.getClass().getSimpleName());
}
......
......@@ -58,41 +58,6 @@ import oasis.names.tc.xacml._3_0.core.schema.wd_17.Attributes;
*/
public class TestAttributeProvider extends BaseNamedAttributeProvider
{
/**
* Module factory
*
*/
public static class Factory extends CloseableNamedAttributeProvider.FactoryBuilder<org.ow2.authzforce.core.pdp.testutil.ext.xmlns.TestAttributeProvider>
{
@Override
public Class<org.ow2.authzforce.core.pdp.testutil.ext.xmlns.TestAttributeProvider> getJaxbClass()
{
return org.ow2.authzforce.core.pdp.testutil.ext.xmlns.TestAttributeProvider.class;
}
@Override
public DependencyAwareFactory getInstance(final org.ow2.authzforce.core.pdp.testutil.ext.xmlns.TestAttributeProvider conf, final EnvironmentProperties environmentProperties)
{
return new DependencyAwareFactory()
{
@Override
public Set<AttributeDesignatorType> getDependencies()
{
// no dependency
return null;
}
@Override
public CloseableNamedAttributeProvider getInstance(final AttributeValueFactoryRegistry attrDatatypeFactory, final AttributeProvider depAttrProvider)
{
return new TestAttributeProvider(conf, attrDatatypeFactory);
}
};
}
}
private static AttributeDesignatorType newAttributeDesignator(Entry<AttributeFqn, AttributeBag<?>> attributeEntry)
{
......@@ -162,4 +127,40 @@ public class TestAttributeProvider extends BaseNamedAttributeProvider
XacmlStatusCode.MISSING_ATTRIBUTE.value());
}
/**
* {@link TestAttributeProvider} factory
*
*/
public static class Factory extends CloseableNamedAttributeProvider.FactoryBuilder<org.ow2.authzforce.core.pdp.testutil.ext.xmlns.TestAttributeProvider>
{
@Override
public Class<org.ow2.authzforce.core.pdp.testutil.ext.xmlns.TestAttributeProvider> getJaxbClass()
{
return org.ow2.authzforce.core.pdp.testutil.ext.xmlns.TestAttributeProvider.class;
}
@Override
public DependencyAwareFactory getInstance(final org.ow2.authzforce.core.pdp.testutil.ext.xmlns.TestAttributeProvider conf, final EnvironmentProperties environmentProperties)
{
return new DependencyAwareFactory()
{
@Override
public Set<AttributeDesignatorType> getDependencies()
{
// no dependency
return null;
}
@Override
public CloseableNamedAttributeProvider getInstance(final AttributeValueFactoryRegistry attrDatatypeFactory, final AttributeProvider depAttrProvider)
{
return new TestAttributeProvider(conf, attrDatatypeFactory);
}
};
}
}
}
......@@ -25,20 +25,20 @@ import java.util.Optional;
import javax.xml.namespace.QName;
import net.sf.saxon.s9api.XPathCompiler;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.Policy;
import org.ow2.authzforce.core.pdp.api.value.AttributeDatatype;
import org.ow2.authzforce.core.pdp.api.value.AttributeValue;
import org.ow2.authzforce.core.pdp.api.value.BaseAttributeValueFactory;
import net.sf.saxon.s9api.XPathCompiler;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.Policy;
/**
* Represents a XACML Policy datatype (from XACML schema), to be used as AttributeValue.
* <p>
* Used here for testing Authzforce datatype extension mechanism, i.e. plugging a custom complex datatype into the PDP engine.
*
*/
public class TestXacmlPolicyAttributeValue extends AttributeValue
public final class TestXacmlPolicyAttributeValue extends AttributeValue
{
/**
......@@ -50,7 +50,7 @@ public class TestXacmlPolicyAttributeValue extends AttributeValue
* Datatype
*/
public static final AttributeDatatype<TestXacmlPolicyAttributeValue> DATATYPE = new AttributeDatatype<>(TestXacmlPolicyAttributeValue.class,
"urn:ow2:authzforce:feature:pdp:data-type:test-xacml-policy", "urn:ow2:authzforce:feature:pdp:function:test-xacml-policy");
"urn:ow2:authzforce:feature:pdp:data-type:test-xacml-policy", "urn:ow2:authzforce:feature:pdp:function:test-xacml-policy");
private static final IllegalArgumentException NO_CONTENT_EXCEPTION = new IllegalArgumentException("Invalid content for datatype '" + DATATYPE + "': empty");
private static final IllegalArgumentException NO_ELEMENT_EXCEPTION = new IllegalArgumentException("Invalid content for datatype '" + DATATYPE + "': no XML element");
......@@ -86,8 +86,7 @@ public class TestXacmlPolicyAttributeValue extends AttributeValue
if (content0 instanceof Policy)
{
policy = (Policy) content0;
}
else if (content0 instanceof String)
} else if (content0 instanceof String)
{
if (!contentIterator.hasNext())
{
......@@ -98,13 +97,11 @@ public class TestXacmlPolicyAttributeValue extends AttributeValue
if (content1 instanceof Policy)
{
policy = (Policy) content1;
}
else
} else
{
throw new IllegalArgumentException("Invalid content for datatype '" + DATATYPE + "': second item (after text) is not a XACML <Policy>, but: " + content1.getClass());
}
}
else
} else
{
throw new IllegalArgumentException("Invalid content for datatype '" + DATATYPE + "': first item is neither text nor a XACML <Policy>, but: " + content0.getClass());
}
......@@ -120,27 +117,34 @@ public class TestXacmlPolicyAttributeValue extends AttributeValue
return policy;
}
/**
* {@link TestXacmlPolicyAttributeValue} factory
*
*/
public static class Factory extends BaseAttributeValueFactory<TestXacmlPolicyAttributeValue>
{
/**
* No-arg constructor
*/
public Factory()
{
super(DATATYPE);
}
private static final IllegalArgumentException NON_NULL_OTHER_XML_ATTRIBUTES_ARG_EXCEPTION = new IllegalArgumentException("Invalid content for datatype '" + DATATYPE
+ "': extra XML attributes are not supported by this primitive datatype, only one XML element.");
private static final IllegalArgumentException NON_NULL_OTHER_XML_ATTRIBUTES_ARG_EXCEPTION = new IllegalArgumentException(
"Invalid content for datatype '" + DATATYPE + "': extra XML attributes are not supported by this primitive datatype, only one XML element.");
private static final IllegalArgumentException UNDEFINED_CONTENT_ARG_EXCEPTION = new IllegalArgumentException("Invalid content for datatype '" + DATATYPE + "': null.");
@Override
public TestXacmlPolicyAttributeValue getInstance(final List<Serializable> content, final Map<QName, String> otherXmlAttributes, final XPathCompiler xPathCompiler)
throws IllegalArgumentException
throws IllegalArgumentException
{
if (content == null || content.isEmpty())
{
throw UNDEFINED_CONTENT_ARG_EXCEPTION;
}
if (!otherXmlAttributes.isEmpty())
if (otherXmlAttributes != null && !otherXmlAttributes.isEmpty())
{
throw NON_NULL_OTHER_XML_ATTRIBUTES_ARG_EXCEPTION;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment