Commit 438ba977 authored by Cyril Dangerville's avatar Cyril Dangerville

- Fixed conformance and unit tests

parent e601e412

Too many changes to show.

To preserve performance only 1000 of 1000+ files are displayed.

......@@ -58,16 +58,16 @@ import com.thalesgroup.authzforce.core.DecisionResultFilter;
import com.thalesgroup.authzforce.core.IndividualDecisionRequest;
import com.thalesgroup.authzforce.core.RequestFilter;
import com.thalesgroup.authzforce.core.attr.AttributeGUID;
import com.thalesgroup.authzforce.core.attr.DatatypeConstants;
import com.thalesgroup.authzforce.core.attr.DateAttributeValue;
import com.thalesgroup.authzforce.core.attr.DateTimeAttributeValue;
import com.thalesgroup.authzforce.core.attr.DatatypeConstants;
import com.thalesgroup.authzforce.core.attr.TimeAttributeValue;
import com.thalesgroup.authzforce.core.eval.Bag;
import com.thalesgroup.authzforce.core.eval.Bags;
import com.thalesgroup.authzforce.core.eval.DecisionResult;
import com.thalesgroup.authzforce.core.eval.EvaluationContext;
import com.thalesgroup.authzforce.core.eval.IndeterminateEvaluationException;
import com.thalesgroup.authzforce.core.eval.IndividualDecisionRequestContext;
import com.thalesgroup.authzforce.core.eval.Bag;
import com.thalesgroup.authzforce.core.policy.RootPolicyFinder;
import com.thalesgroup.authzforce.xacml.schema.XACMLAttributeId;
import com.thalesgroup.authzforce.xacml.schema.XACMLCategory;
......@@ -144,7 +144,7 @@ public class PDP implements Closeable
// convert to EvaluationContext
final Map<AttributeGUID, Bag<?>> namedAttributes = request.getNamedAttributes();
namedAttributes.putAll(pdpIssuedAttributes);
final EvaluationContext ctx = new IndividualDecisionRequestContext(namedAttributes, request.getExtraContentsByCategory());
final EvaluationContext ctx = new IndividualDecisionRequestContext(namedAttributes, request.getExtraContentsByCategory(), request.getDefaultXPathCompiler());
final DecisionResult result = rootPolicyFinder.findAndEvaluate(ctx);
result.setAttributes(request.getAttributesIncludedInResult());
return result;
......
......@@ -33,9 +33,9 @@
*/
package com.sun.xacml;
import net.sf.saxon.s9api.XPathCompiler;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.AdviceExpressions;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.DecisionType;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.DefaultsType;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.EffectType;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.ObligationExpressions;
......@@ -48,7 +48,7 @@ import com.thalesgroup.authzforce.core.Target;
import com.thalesgroup.authzforce.core.eval.Decidable;
import com.thalesgroup.authzforce.core.eval.DecisionResult;
import com.thalesgroup.authzforce.core.eval.EvaluationContext;
import com.thalesgroup.authzforce.core.eval.ExpressionFactory;
import com.thalesgroup.authzforce.core.eval.Expression;
import com.thalesgroup.authzforce.core.eval.IndeterminateEvaluationException;
import com.thalesgroup.authzforce.core.eval.RulePepActionExpressionsEvaluator;
......@@ -191,14 +191,14 @@ public class Rule extends oasis.names.tc.xacml._3_0.core.schema.wd_17.Rule imple
* Instantiates rule from XACML RuleType
*
* @param ruleElt
* @param policyDefaults
* enclosing policy(set) default parameters, e.g. XPath version
* @param xPathCompiler
* XPath compiler corresponding to enclosing policy(set) default XPath version
* @param expressionFactory
* Expression parser/factory
* @throws ParsingException
* Error parsing Target and/or Condition
*/
public Rule(oasis.names.tc.xacml._3_0.core.schema.wd_17.Rule ruleElt, DefaultsType policyDefaults, ExpressionFactory expressionFactory) throws ParsingException
public Rule(oasis.names.tc.xacml._3_0.core.schema.wd_17.Rule ruleElt, XPathCompiler xPathCompiler, Expression.Factory expressionFactory) throws ParsingException
// throws ParsingException
{
// JAXB fields initialization
......@@ -223,7 +223,7 @@ public class Rule extends oasis.names.tc.xacml._3_0.core.schema.wd_17.Rule imple
final oasis.names.tc.xacml._3_0.core.schema.wd_17.Target targetElt = ruleElt.getTarget();
try
{
this.evaluatableTarget = targetElt == null ? null : new Target(targetElt, policyDefaults, expressionFactory);
this.evaluatableTarget = targetElt == null ? null : new Target(targetElt, xPathCompiler, expressionFactory);
} catch (ParsingException e)
{
throw new ParsingException(this + ": Error parsing Target", e);
......@@ -232,7 +232,7 @@ public class Rule extends oasis.names.tc.xacml._3_0.core.schema.wd_17.Rule imple
final oasis.names.tc.xacml._3_0.core.schema.wd_17.Condition condElt = ruleElt.getCondition();
try
{
this.evaluatableCondition = condElt == null ? null : new Condition(condElt, policyDefaults, expressionFactory);
this.evaluatableCondition = condElt == null ? null : new Condition(condElt, xPathCompiler, expressionFactory);
} catch (IllegalArgumentException | ParsingException e)
{
throw new ParsingException(this + ": Error parsing Condition", e);
......@@ -240,7 +240,7 @@ public class Rule extends oasis.names.tc.xacml._3_0.core.schema.wd_17.Rule imple
try
{
this.effectMatchPepActionExps = RulePepActionExpressionsEvaluator.getInstance(ruleElt.getObligationExpressions(), ruleElt.getAdviceExpressions(), policyDefaults, expressionFactory, effect);
this.effectMatchPepActionExps = RulePepActionExpressionsEvaluator.getInstance(ruleElt.getObligationExpressions(), ruleElt.getAdviceExpressions(), xPathCompiler, expressionFactory, effect);
} catch (ParsingException e)
{
throw new ParsingException(this + ": Error parsing ObligationExpressions/AdviceExpressions", e);
......
......@@ -34,7 +34,9 @@
package com.sun.xacml.attr;
import java.util.AbstractMap.SimpleEntry;
import java.util.Locale;
import java.util.Map.Entry;
import java.util.Objects;
import java.util.regex.Pattern;
import com.thalesgroup.authzforce.core.attr.AttributeValue;
......@@ -100,7 +102,9 @@ public class DNSNameAttributeValue extends SimpleAttributeValue<String, DNSNameA
// the optional port portRange
private final PortRange portRange;
// true if the hostname starts with a '*'
/*
* true if the hostname starts with a '*', therefore this field is derived from hostname
*/
private final boolean isAnySubdomain;
/**
......@@ -165,7 +169,12 @@ public class DNSNameAttributeValue extends SimpleAttributeValue<String, DNSNameA
@Override
protected String parse(String val)
{
return val.toLowerCase();
/*
* The result value SHALL be the
* "string in the form it was originally represented in XML form" to make sure the
* string-from-dnsName function works as specified in the spec.
*/
return val;
}
/**
......@@ -200,6 +209,20 @@ public class DNSNameAttributeValue extends SimpleAttributeValue<String, DNSNameA
return isAnySubdomain;
}
private int hashCode = 0;
@Override
public int hashCode()
{
if (hashCode == 0)
{
// hash regardless of letter case
hashCode = Objects.hash(hostname.toLowerCase(Locale.US), portRange);
}
return hashCode;
}
/*
* (non-Javadoc)
*
......@@ -214,10 +237,9 @@ public class DNSNameAttributeValue extends SimpleAttributeValue<String, DNSNameA
{
if (this == obj)
return true;
if (!super.equals(obj))
return false;
if (getClass() != obj.getClass())
return false;
final DNSNameAttributeValue other = (DNSNameAttributeValue) obj;
// hostname and portRange are not null
......@@ -225,14 +247,7 @@ public class DNSNameAttributeValue extends SimpleAttributeValue<String, DNSNameA
* if (hostname == null) { if (other.hostname != null) return false; } else
*/
if (!hostname.equalsIgnoreCase(other.hostname))
return false;
/*
* if (portRange == null) { if (other.portRange != null) return false; } else
*/
if (!portRange.equals(other.portRange))
return false;
return true;
return hostname.equalsIgnoreCase(other.hostname) && portRange.equals(other.portRange);
}
@Override
......
......@@ -34,6 +34,7 @@
package com.sun.xacml.attr;
import java.net.InetAddress;
import java.util.Objects;
import javax.xml.ws.Holder;
......@@ -234,6 +235,11 @@ public class IPAddressAttributeValue extends SimpleAttributeValue<String, IPAddr
@Override
protected String parse(String stringForm)
{
/*
* The result value SHALL be the
* "string in the form it was originally represented in XML form" to make sure the
* string-from-ipAddress function works as specified in the spec.
*/
return stringForm;
}
......@@ -268,6 +274,20 @@ public class IPAddressAttributeValue extends SimpleAttributeValue<String, IPAddr
return portRange;
}
private int hashCode = 0;
@Override
public int hashCode()
{
if (hashCode == 0)
{
// hash regardless of letter case
hashCode = Objects.hash(address, mask, portRange);
}
return hashCode;
}
/*