Skip to content

Commit 0386df2

Browse files
krogothunknown
krogoth
authored and
unknown
committed
Fix for basestring URI not properly encoded regarding RFC5849 ch 3.4.1.2
This will prevent failure for non standard port and uppercase host or scheme strings Added related test cases. Warning : Request constructor signature changed. A java.net.MalformedURLException exception will be throw when creating a request if not a proper URL previously this cannot occur until send.
1 parent ca0076c commit 0386df2

File tree

15 files changed

+140
-32
lines changed

15 files changed

+140
-32
lines changed

src/main/java/org/scribe/model/OAuthRequest.java

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,6 @@
11
package org.scribe.model;
22

3+
import java.net.MalformedURLException;
34
import java.util.*;
45

56
/**
@@ -19,8 +20,9 @@ public class OAuthRequest extends Request
1920
*
2021
* @param verb Http verb/method
2122
* @param url resource URL
23+
* @throws MalformedURLException
2224
*/
23-
public OAuthRequest(Verb verb, String url)
25+
public OAuthRequest(Verb verb, String url) throws MalformedURLException
2426
{
2527
super(verb, url);
2628
this.oauthParameters = new HashMap<String, String>();

src/main/java/org/scribe/model/Request.java

Lines changed: 9 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@ class Request
1717
{
1818
private static final String CONTENT_LENGTH = "Content-Length";
1919

20-
private String url;
20+
private URL url;
2121
private Verb verb;
2222
private Map<String, String> querystringParams;
2323
private Map<String, String> bodyParams;
@@ -30,11 +30,12 @@ class Request
3030
*
3131
* @param verb Http Verb (GET, POST, etc)
3232
* @param url url with optional querystring parameters.
33+
* @throws MalformedURLException
3334
*/
34-
public Request(Verb verb, String url)
35+
public Request(Verb verb, String url) throws MalformedURLException
3536
{
3637
this.verb = verb;
37-
this.url = url;
38+
this.url = new URL(url);
3839
this.querystringParams = new HashMap<String, String>();
3940
this.bodyParams = new HashMap<String, String>();
4041
this.headers = new HashMap<String, String>();
@@ -61,7 +62,7 @@ public Response send()
6162

6263
private void createConnection() throws IOException
6364
{
64-
String effectiveUrl = URLUtils.appendParametersToQueryString(url, querystringParams);
65+
String effectiveUrl = URLUtils.appendParametersToQueryString(url.toString(), querystringParams);
6566
if (connection == null)
6667
{
6768
connection = (HttpURLConnection) new URL(effectiveUrl).openConnection();
@@ -144,14 +145,11 @@ public void addPayload(String payload)
144145
* Get a {@link Map} of the query string parameters.
145146
*
146147
* @return a map containing the query string parameters
147-
* @throws UnsupportedEncodingException
148148
*/
149149
public Map<String, String> getQueryStringParams()
150150
{
151-
try
152-
{
153151
Map<String, String> params = new HashMap<String, String>();
154-
String query = new URL(url).getQuery();
152+
String query = url.getQuery();
155153
if (query != null)
156154
{
157155
for (String param : query.split("&"))
@@ -165,12 +163,7 @@ public Map<String, String> getQueryStringParams()
165163
}
166164
}
167165
params.putAll(querystringParams);
168-
return params;
169-
}
170-
catch (MalformedURLException mue)
171-
{
172-
throw new OAuthException("Malformed URL", mue);
173-
}
166+
return params;
174167
}
175168

176169
/**
@@ -190,7 +183,7 @@ public Map<String, String> getBodyParams()
190183
*/
191184
public String getUrl()
192185
{
193-
return url;
186+
return url.toString();
194187
}
195188

196189
/**
@@ -200,7 +193,7 @@ public String getUrl()
200193
*/
201194
public String getSanitizedUrl()
202195
{
203-
return url.replaceAll("\\?.*", "").replace("\\:\\d{4}", "");
196+
return URLUtils.convertUrlToBaseStringURI(url);
204197
}
205198

206199
/**

src/main/java/org/scribe/oauth/OAuth10aServiceImpl.java

Lines changed: 15 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,9 @@
11
package org.scribe.oauth;
22

3+
import java.net.MalformedURLException;
4+
35
import org.scribe.builder.api.*;
6+
import org.scribe.exceptions.OAuthException;
47
import org.scribe.model.*;
58

69
/**
@@ -35,7 +38,12 @@ public OAuth10aServiceImpl(DefaultApi10a api, OAuthConfig config)
3538
*/
3639
public Token getRequestToken()
3740
{
38-
OAuthRequest request = new OAuthRequest(api.getRequestTokenVerb(), api.getRequestTokenEndpoint());
41+
OAuthRequest request = null;;
42+
try {
43+
request = new OAuthRequest(api.getRequestTokenVerb(), api.getRequestTokenEndpoint());
44+
} catch (MalformedURLException e) {
45+
throw new OAuthException("Problems while creating connection", e);
46+
}
3947
addOAuthParams(request, OAuthConstants.EMPTY_TOKEN);
4048
addOAuthHeader(request);
4149
Response response = request.send();
@@ -59,7 +67,12 @@ private void addOAuthParams(OAuthRequest request, Token token)
5967
*/
6068
public Token getAccessToken(Token requestToken, Verifier verifier)
6169
{
62-
OAuthRequest request = new OAuthRequest(api.getAccessTokenVerb(), api.getAccessTokenEndpoint());
70+
OAuthRequest request = null;
71+
try {
72+
request = new OAuthRequest(api.getAccessTokenVerb(), api.getAccessTokenEndpoint());
73+
} catch (MalformedURLException e) {
74+
throw new OAuthException("Problems while creating connection", e);
75+
}
6376
request.addOAuthParameter(OAuthConstants.TOKEN, requestToken.getToken());
6477
request.addOAuthParameter(OAuthConstants.VERIFIER, verifier.getValue());
6578
addOAuthParams(request, requestToken);

src/main/java/org/scribe/utils/URLUtils.java

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,10 @@ public class URLUtils
1616
private static final char PAIR_SEPARATOR = '=';
1717
private static final char PARAM_SEPARATOR = '&';
1818
private static final char QUERY_STRING_SEPARATOR = '?';
19+
private static final String HTTP_PROTOCOL = "http";
20+
private static final int HTTP_DEFAULT_PORT = 80;
21+
private static final String HTTPS_PROTOCOL = "https";
22+
private static final int HTTPS_DEFAULT_PORT = 443;
1923

2024
private static final String ERROR_MSG = String.format("Cannot find specified encoding: %s", UTF_8);
2125

@@ -166,4 +170,29 @@ public static String concatSortedPercentEncodedParams(Map<String, String> params
166170
}
167171
return target.deleteCharAt(target.length() - 1).toString();
168172
}
173+
174+
public static String convertUrlToBaseStringURI(URL url){
175+
URI uri = null;
176+
try {
177+
uri = url.toURI();
178+
} catch (URISyntaxException e1) {
179+
e1.printStackTrace();
180+
}
181+
String scheme = uri.getScheme().toLowerCase();
182+
String host = uri.getHost().toLowerCase();
183+
int port = uri.getPort();
184+
if (
185+
(scheme.equals(HTTP_PROTOCOL) && port == HTTP_DEFAULT_PORT)
186+
|| (scheme.equals(HTTPS_PROTOCOL) && port == HTTPS_DEFAULT_PORT)
187+
){
188+
port = -1;
189+
}
190+
URI baseUri = null;
191+
try {
192+
baseUri = new URI(scheme,null, host, port, uri.getPath(), null, null);
193+
} catch (URISyntaxException e) {
194+
e.printStackTrace();
195+
}
196+
return baseUri.toString();
197+
}
169198
}

src/test/java/org/scribe/examples/FacebookExample.java

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,6 @@
11
package org.scribe.examples;
22

3+
import java.net.MalformedURLException;
34
import java.util.*;
45

56
import org.scribe.builder.*;
@@ -14,7 +15,7 @@ public class FacebookExample
1415
private static final String NO_SECRET_NEEDED = "";
1516
private static final Token EMPTY_TOKEN = null;
1617

17-
public static void main(String[] args)
18+
public static void main(String[] args) throws MalformedURLException
1819
{
1920
// Replace these with your own api key and secret
2021
String apiKey = "your_api_key";

src/test/java/org/scribe/examples/FoursquareExample.java

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,6 @@
11
package org.scribe.examples;
22

3+
import java.net.MalformedURLException;
34
import java.util.Scanner;
45

56
import org.scribe.builder.*;
@@ -11,7 +12,7 @@ public class FoursquareExample
1112
{
1213
private static final String PROTECTED_RESOURCE_URL = "http://api.foursquare.com/v1/user";
1314

14-
public static void main(String[] args)
15+
public static void main(String[] args) throws MalformedURLException
1516
{
1617
OAuthService service = new ServiceBuilder()
1718
.provider(FoursquareApi.class)

src/test/java/org/scribe/examples/GoogleExample.java

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,6 @@
11
package org.scribe.examples;
22

3+
import java.net.MalformedURLException;
34
import java.util.*;
45

56
import org.scribe.builder.*;
@@ -14,7 +15,7 @@ public class GoogleExample
1415
private static final String PROTECTED_RESOURCE_URL = "https://docs.google.com/feeds/default/private/full/";
1516
private static final String SCOPE = "https://docs.google.com/feeds/";
1617

17-
public static void main(String[] args)
18+
public static void main(String[] args) throws MalformedURLException
1819
{
1920
OAuthService service = new ServiceBuilder()
2021
.provider(GoogleApi.class)

src/test/java/org/scribe/examples/LinkedInExample.java

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,6 @@
11
package org.scribe.examples;
22

3+
import java.net.MalformedURLException;
34
import java.util.Scanner;
45

56
import org.scribe.builder.*;
@@ -11,7 +12,7 @@ public class LinkedInExample
1112
{
1213
private static final String PROTECTED_RESOURCE_URL = "http://api.linkedin.com/v1/people/~/connections:(id,last-name)";
1314

14-
public static void main(String[] args)
15+
public static void main(String[] args) throws MalformedURLException
1516
{
1617
OAuthService service = new ServiceBuilder()
1718
.provider(LinkedInApi.class)

src/test/java/org/scribe/examples/TwitterExample.java

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,6 @@
11
package org.scribe.examples;
22

3+
import java.net.MalformedURLException;
34
import java.util.Scanner;
45

56
import org.scribe.builder.*;
@@ -11,7 +12,7 @@ public class TwitterExample
1112
{
1213
private static final String PROTECTED_RESOURCE_URL = "http://api.twitter.com/1/account/verify_credentials.xml";
1314

14-
public static void main(String[] args)
15+
public static void main(String[] args) throws MalformedURLException
1516
{
1617
OAuthService service = new ServiceBuilder()
1718
.provider(TwitterApi.class)

src/test/java/org/scribe/examples/YahooExample.java

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,6 @@
11
package org.scribe.examples;
22

3+
import java.net.MalformedURLException;
34
import java.util.Scanner;
45

56
import org.scribe.builder.*;
@@ -11,7 +12,7 @@ public class YahooExample
1112
{
1213
private static final String PROTECTED_RESOURCE_URL = "http://social.yahooapis.com/v1/user/A6ROU63MXWDCW3Y5MGCYWVHDJI/profile/status?format=json";
1314

14-
public static void main(String[] args)
15+
public static void main(String[] args) throws MalformedURLException
1516
{
1617
OAuthService service = new ServiceBuilder()
1718
.provider(YahooApi.class)

0 commit comments

Comments
 (0)