public class org.apache.nifi.web.security.ProxiedEntitiesUtils extends java.lang.Object
{
private static final org.slf4j.Logger logger;
public static final java.lang.String PROXY_ENTITIES_CHAIN;
public static final java.lang.String PROXY_ENTITIES_ACCEPTED;
public static final java.lang.String PROXY_ENTITIES_DETAILS;
public static final java.lang.String PROXY_ENTITY_GROUPS;
public static final java.lang.String PROXY_ENTITY_GROUPS_EMPTY;
private static final java.lang.String GT;
private static final java.lang.String ESCAPED_GT;
private static final java.lang.String LT;
private static final java.lang.String ESCAPED_LT;
private static final java.lang.String ANONYMOUS_CHAIN;
private static final java.lang.String ANONYMOUS_IDENTITY;
public void <init>()
{
org.apache.nifi.web.security.ProxiedEntitiesUtils v;
v := @this: org.apache.nifi.web.security.ProxiedEntitiesUtils;
specialinvoke v.<java.lang.Object: void <init>()>();
return;
}
public static transient java.lang.String getProxiedEntitiesChain(java.lang.String[])
{
java.lang.String[] v;
java.util.List v;
java.lang.String v;
v := @parameter: java.lang.String[];
v = staticinvoke <java.util.Arrays: java.util.List asList(java.lang.Object[])>(v);
v = staticinvoke <org.apache.nifi.web.security.ProxiedEntitiesUtils: java.lang.String getProxiedEntitiesChain(java.util.List)>(v);
return v;
}
public static java.lang.String getProxiedEntitiesChain(java.util.List)
{
java.util.List v;
java.util.stream.Stream v, v;
java.lang.Object v;
java.lang.String v;
java.util.stream.Collector v;
java.util.function.Function v;
v := @parameter: java.util.List;
if v != null goto label;
return null;
label:
v = interfaceinvoke v.<java.util.List: java.util.stream.Stream stream()>();
v = staticinvoke <org.apache.nifi.web.security.ProxiedEntitiesUtils$formatProxyDn__1: java.util.function.Function bootstrap$()>();
v = interfaceinvoke v.<java.util.stream.Stream: java.util.stream.Stream map(java.util.function.Function)>(v);
v = staticinvoke <java.util.stream.Collectors: java.util.stream.Collector toList()>();
v = interfaceinvoke v.<java.util.stream.Stream: java.lang.Object collect(java.util.stream.Collector)>(v);
v = staticinvoke <org.apache.commons.lang.StringUtils: java.lang.String join(java.lang.Iterable,java.lang.String)>(v, "");
return v;
}
public static java.util.List tokenizeProxiedEntitiesChain(java.lang.String)
{
java.lang.String[] v;
java.lang.IllegalArgumentException v;
java.util.function.Function v;
java.util.ArrayList v;
java.util.function.Consumer v;
java.util.stream.Stream v, v;
int v, v;
java.lang.String v, v;
boolean v, v, v;
v := @parameter: java.lang.String;
v = new java.util.ArrayList;
specialinvoke v.<java.util.ArrayList: void <init>()>();
v = staticinvoke <org.apache.commons.lang.StringUtils: boolean isEmpty(java.lang.CharSequence)>(v);
if v != 0 goto label;
v = staticinvoke <org.apache.nifi.web.security.ProxiedEntitiesUtils: boolean isValidChainFormat(java.lang.String)>(v);
if v != 0 goto label;
v = new java.lang.IllegalArgumentException;
specialinvoke v.<java.lang.IllegalArgumentException: void <init>(java.lang.String)>("Proxy chain format is not recognized and can not safely be converted to a list.");
throw v;
label:
v = virtualinvoke v.<java.lang.String: boolean equals(java.lang.Object)>("<>");
if v == 0 goto label;
interfaceinvoke v.<java.util.List: boolean add(java.lang.Object)>("");
goto label;
label:
v = virtualinvoke v.<java.lang.String: int length()>();
v = v - 1;
v = virtualinvoke v.<java.lang.String: java.lang.String substring(int,int)>(1, v);
v = staticinvoke <org.apache.commons.lang.StringUtils: java.lang.String[] splitByWholeSeparatorPreserveAllTokens(java.lang.String,java.lang.String)>(v, "><");
v = staticinvoke <java.util.Arrays: java.util.stream.Stream stream(java.lang.Object[])>(v);
v = staticinvoke <org.apache.nifi.web.security.ProxiedEntitiesUtils$unsanitizeDn__2: java.util.function.Function bootstrap$()>();
v = interfaceinvoke v.<java.util.stream.Stream: java.util.stream.Stream map(java.util.function.Function)>(v);
virtualinvoke v.<java.lang.Object: java.lang.Class getClass()>();
v = staticinvoke <org.apache.nifi.web.security.ProxiedEntitiesUtils$add__3: java.util.function.Consumer bootstrap$(java.util.List)>(v);
interfaceinvoke v.<java.util.stream.Stream: void forEach(java.util.function.Consumer)>(v);
label:
return v;
}
public static java.util.Set tokenizeProxiedEntityGroups(java.lang.String)
{
java.util.function.Predicate v;
java.util.Set v;
java.util.List v;
java.util.stream.Stream v, v;
java.lang.Object v;
java.lang.String v;
java.util.stream.Collector v;
boolean v;
v := @parameter: java.lang.String;
v = staticinvoke <org.apache.nifi.web.security.ProxiedEntitiesUtils: java.util.List tokenizeProxiedEntitiesChain(java.lang.String)>(v);
v = interfaceinvoke v.<java.util.List: boolean isEmpty()>();
if v == 0 goto label;
v = staticinvoke <java.util.Collections: java.util.Set emptySet()>();
return v;
label:
v = interfaceinvoke v.<java.util.List: java.util.stream.Stream stream()>();
v = staticinvoke <org.apache.nifi.web.security.ProxiedEntitiesUtils$lambda_tokenizeProxiedEntityGroups_0__4: java.util.function.Predicate bootstrap$()>();
v = interfaceinvoke v.<java.util.stream.Stream: java.util.stream.Stream filter(java.util.function.Predicate)>(v);
v = staticinvoke <java.util.stream.Collectors: java.util.stream.Collector toSet()>();
v = interfaceinvoke v.<java.util.stream.Stream: java.lang.Object collect(java.util.stream.Collector)>(v);
return v;
}
public static java.lang.String buildProxiedEntitiesChainString(org.apache.nifi.authorization.user.NiFiUser)
{
java.util.function.Function v;
java.util.List v;
java.util.stream.Stream v, v;
org.apache.nifi.authorization.user.NiFiUser v;
java.lang.Object v;
java.lang.String v;
java.util.stream.Collector v;
boolean v;
v := @parameter: org.apache.nifi.authorization.user.NiFiUser;
v = staticinvoke <org.apache.nifi.authorization.user.NiFiUserUtils: java.util.List buildProxiedEntitiesChain(org.apache.nifi.authorization.user.NiFiUser)>(v);
v = interfaceinvoke v.<java.util.List: boolean isEmpty()>();
if v == 0 goto label;
return "<>";
label:
v = interfaceinvoke v.<java.util.List: java.util.stream.Stream stream()>();
v = staticinvoke <org.apache.nifi.web.security.ProxiedEntitiesUtils$formatProxyDn__5: java.util.function.Function bootstrap$()>();
v = interfaceinvoke v.<java.util.stream.Stream: java.util.stream.Stream map(java.util.function.Function)>(v);
v = staticinvoke <java.util.stream.Collectors: java.util.stream.Collector toList()>();
v = interfaceinvoke v.<java.util.stream.Stream: java.lang.Object collect(java.util.stream.Collector)>(v);
v = staticinvoke <org.apache.commons.lang.StringUtils: java.lang.String join(java.lang.Iterable,java.lang.String)>(v, "");
return v;
}
public static java.lang.String buildProxiedEntityGroupsString(java.util.Set)
{
java.util.Set v;
java.util.function.Function v;
java.util.stream.Stream v, v;
java.lang.Object v;
java.lang.String v;
java.util.stream.Collector v;
boolean v;
v := @parameter: java.util.Set;
if v == null goto label;
v = interfaceinvoke v.<java.util.Set: boolean isEmpty()>();
if v == 0 goto label;
label:
return "<>";
label:
v = interfaceinvoke v.<java.util.Set: java.util.stream.Stream stream()>();
v = staticinvoke <org.apache.nifi.web.security.ProxiedEntitiesUtils$formatProxyDn__6: java.util.function.Function bootstrap$()>();
v = interfaceinvoke v.<java.util.stream.Stream: java.util.stream.Stream map(java.util.function.Function)>(v);
v = staticinvoke <java.util.stream.Collectors: java.util.stream.Collector toList()>();
v = interfaceinvoke v.<java.util.stream.Stream: java.lang.Object collect(java.util.stream.Collector)>(v);
v = staticinvoke <org.apache.commons.lang.StringUtils: java.lang.String join(java.lang.Iterable,java.lang.String)>(v, "");
return v;
}
public static void successfulAuthentication(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
{
javax.servlet.http.HttpServletRequest v;
javax.servlet.http.HttpServletResponse v;
java.lang.Boolean v;
java.lang.String v, v;
boolean v;
v := @parameter: javax.servlet.http.HttpServletRequest;
v := @parameter: javax.servlet.http.HttpServletResponse;
v = interfaceinvoke v.<javax.servlet.http.HttpServletRequest: java.lang.String getHeader(java.lang.String)>("X-ProxiedEntitiesChain");
v = staticinvoke <org.apache.commons.lang.StringUtils: boolean isNotBlank(java.lang.CharSequence)>(v);
if v == 0 goto label;
v = <java.lang.Boolean: java.lang.Boolean TRUE>;
v = virtualinvoke v.<java.lang.Boolean: java.lang.String toString()>();
interfaceinvoke v.<javax.servlet.http.HttpServletResponse: void setHeader(java.lang.String,java.lang.String)>("X-ProxiedEntitiesAccepted", v);
label:
return;
}
public static void unsuccessfulAuthentication(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, org.springframework.security.core.AuthenticationException)
{
javax.servlet.http.HttpServletRequest v;
javax.servlet.http.HttpServletResponse v;
org.springframework.security.core.AuthenticationException v;
java.lang.String v, v;
boolean v;
v := @parameter: javax.servlet.http.HttpServletRequest;
v := @parameter: javax.servlet.http.HttpServletResponse;
v := @parameter: org.springframework.security.core.AuthenticationException;
v = interfaceinvoke v.<javax.servlet.http.HttpServletRequest: java.lang.String getHeader(java.lang.String)>("X-ProxiedEntitiesChain");
v = staticinvoke <org.apache.commons.lang.StringUtils: boolean isNotBlank(java.lang.CharSequence)>(v);
if v == 0 goto label;
v = virtualinvoke v.<org.springframework.security.core.AuthenticationException: java.lang.String getMessage()>();
interfaceinvoke v.<javax.servlet.http.HttpServletResponse: void setHeader(java.lang.String,java.lang.String)>("X-ProxiedEntitiesDetails", v);
label:
return;
}
public static java.lang.String formatProxyDn(java.lang.String)
{
java.lang.String v, v, v;
v := @parameter: java.lang.String;
v = staticinvoke <org.apache.nifi.web.security.ProxiedEntitiesUtils: java.lang.String sanitizeDn(java.lang.String)>(v);
v = dynamicinvoke "makeConcatWithConstants" <java.lang.String (java.lang.String)>(v) <java.lang.invoke.StringConcatFactory: java.lang.invoke.CallSite makeConcatWithConstants(java.lang.invoke.MethodHandles$Lookup,java.lang.String,java.lang.invoke.MethodType,java.lang.String,java.lang.Object[])>("<\u0001>");
return v;
}
private static java.lang.String sanitizeDn(java.lang.String)
{
org.slf4j.Logger v, v;
java.lang.String v, v, v, v, v, v;
boolean v, v, v;
v := @parameter: java.lang.String;
v = staticinvoke <org.apache.commons.lang.StringUtils: boolean isEmpty(java.lang.CharSequence)>(v);
if v == 0 goto label;
return v;
label:
v = virtualinvoke v.<java.lang.String: java.lang.String replaceAll(java.lang.String,java.lang.String)>(">", "\\\\>");
v = virtualinvoke v.<java.lang.String: java.lang.String replaceAll(java.lang.String,java.lang.String)>("<", "\\\\<");
v = virtualinvoke v.<java.lang.String: boolean equals(java.lang.Object)>(v);
if v != 0 goto label;
v = <org.apache.nifi.web.security.ProxiedEntitiesUtils: org.slf4j.Logger logger>;
v = dynamicinvoke "makeConcatWithConstants" <java.lang.String (java.lang.String,java.lang.String)>(v, v) <java.lang.invoke.StringConcatFactory: java.lang.invoke.CallSite makeConcatWithConstants(java.lang.invoke.MethodHandles$Lookup,java.lang.String,java.lang.invoke.MethodType,java.lang.String,java.lang.Object[])>("The provided DN [\u] contained dangerous characters that were escaped to [\u]");
interfaceinvoke v.<org.slf4j.Logger: void warn(java.lang.String)>(v);
label:
v = staticinvoke <org.apache.nifi.web.security.ProxiedEntitiesUtils: boolean isPureAscii(java.lang.String)>(v);
if v == 0 goto label;
return v;
label:
v = staticinvoke <org.apache.nifi.web.security.ProxiedEntitiesUtils: java.lang.String base64Encode(java.lang.String)>(v);
v = <org.apache.nifi.web.security.ProxiedEntitiesUtils: org.slf4j.Logger logger>;
v = dynamicinvoke "makeConcatWithConstants" <java.lang.String (java.lang.String,java.lang.String)>(v, v) <java.lang.invoke.StringConcatFactory: java.lang.invoke.CallSite makeConcatWithConstants(java.lang.invoke.MethodHandles$Lookup,java.lang.String,java.lang.invoke.MethodType,java.lang.String,java.lang.Object[])>("The provided DN [\u] contained non-ASCII characters and was encoded as [\u]");
interfaceinvoke v.<org.slf4j.Logger: void debug(java.lang.String)>(v);
return v;
}
public static java.lang.String unsanitizeDn(java.lang.String)
{
org.slf4j.Logger v, v;
java.lang.String v, v, v, v, v, v;
boolean v, v, v;
v := @parameter: java.lang.String;
v = staticinvoke <org.apache.commons.lang.StringUtils: boolean isEmpty(java.lang.CharSequence)>(v);
if v == 0 goto label;
return v;
label:
v = staticinvoke <org.apache.nifi.web.security.ProxiedEntitiesUtils: boolean isBase64Encoded(java.lang.String)>(v);
if v == 0 goto label;
v = staticinvoke <org.apache.nifi.web.security.ProxiedEntitiesUtils: java.lang.String base64Decode(java.lang.String)>(v);
v = <org.apache.nifi.web.security.ProxiedEntitiesUtils: org.slf4j.Logger logger>;
v = dynamicinvoke "makeConcatWithConstants" <java.lang.String (java.lang.String,java.lang.String)>(v, v) <java.lang.invoke.StringConcatFactory: java.lang.invoke.CallSite makeConcatWithConstants(java.lang.invoke.MethodHandles$Lookup,java.lang.String,java.lang.invoke.MethodType,java.lang.String,java.lang.Object[])>("The provided DN [\u] had been encoded, and was reconstituted to the original DN [\u]");
interfaceinvoke v.<org.slf4j.Logger: void debug(java.lang.String)>(v);
goto label;
label:
v = v;
label:
v = virtualinvoke v.<java.lang.String: java.lang.String replaceAll(java.lang.String,java.lang.String)>("\\\\>", ">");
v = virtualinvoke v.<java.lang.String: java.lang.String replaceAll(java.lang.String,java.lang.String)>("\\\\<", "<");
v = virtualinvoke v.<java.lang.String: boolean equals(java.lang.Object)>(v);
if v != 0 goto label;
v = <org.apache.nifi.web.security.ProxiedEntitiesUtils: org.slf4j.Logger logger>;
v = dynamicinvoke "makeConcatWithConstants" <java.lang.String (java.lang.String,java.lang.String)>(v, v) <java.lang.invoke.StringConcatFactory: java.lang.invoke.CallSite makeConcatWithConstants(java.lang.invoke.MethodHandles$Lookup,java.lang.String,java.lang.invoke.MethodType,java.lang.String,java.lang.Object[])>("The provided DN [\u] had been escaped, and was reconstituted to the dangerous DN [\u]");
interfaceinvoke v.<org.slf4j.Logger: void warn(java.lang.String)>(v);
label:
return v;
}
private static java.lang.String base64Encode(java.lang.String)
{
byte[] v;
java.nio.charset.Charset v;
java.util.Base64$Encoder v;
java.lang.String v, v, v;
v := @parameter: java.lang.String;
v = staticinvoke <java.util.Base64: java.util.Base64$Encoder getEncoder()>();
v = <java.nio.charset.StandardCharsets: java.nio.charset.Charset UTF_8>;
v = virtualinvoke v.<java.lang.String: byte[] getBytes(java.nio.charset.Charset)>(v);
v = virtualinvoke v.<java.util.Base64$Encoder: java.lang.String encodeToString(byte[])>(v);
v = dynamicinvoke "makeConcatWithConstants" <java.lang.String (java.lang.String)>(v) <java.lang.invoke.StringConcatFactory: java.lang.invoke.CallSite makeConcatWithConstants(java.lang.invoke.MethodHandles$Lookup,java.lang.String,java.lang.invoke.MethodType,java.lang.String,java.lang.Object[])>("<\u0001>");
return v;
}
private static java.lang.String base64Decode(java.lang.String)
{
byte[] v;
java.util.Base64$Decoder v;
java.nio.charset.Charset v;
int v, v;
java.lang.String v, v, v;
v := @parameter: java.lang.String;
v = virtualinvoke v.<java.lang.String: int length()>();
v = v - 1;
v = virtualinvoke v.<java.lang.String: java.lang.String substring(int,int)>(1, v);
v = new java.lang.String;
v = staticinvoke <java.util.Base64: java.util.Base64$Decoder getDecoder()>();
v = virtualinvoke v.<java.util.Base64$Decoder: byte[] decode(java.lang.String)>(v);
v = <java.nio.charset.StandardCharsets: java.nio.charset.Charset UTF_8>;
specialinvoke v.<java.lang.String: void <init>(byte[],java.nio.charset.Charset)>(v, v);
return v;
}
private static boolean isValidChainFormat(java.lang.String)
{
java.lang.String v;
boolean v;
v := @parameter: java.lang.String;
v = staticinvoke <org.apache.nifi.web.security.ProxiedEntitiesUtils: boolean isWrappedInAngleBrackets(java.lang.String)>(v);
return v;
}
private static boolean isBase64Encoded(java.lang.String)
{
java.lang.String v;
boolean v;
v := @parameter: java.lang.String;
v = staticinvoke <org.apache.nifi.web.security.ProxiedEntitiesUtils: boolean isWrappedInAngleBrackets(java.lang.String)>(v);
return v;
}
private static boolean isWrappedInAngleBrackets(java.lang.String)
{
java.lang.String v;
boolean v, v, v;
v := @parameter: java.lang.String;
v = virtualinvoke v.<java.lang.String: boolean startsWith(java.lang.String)>("<");
if v == 0 goto label;
v = virtualinvoke v.<java.lang.String: boolean endsWith(java.lang.String)>(">");
if v == 0 goto label;
v = 1;
goto label;
label:
v = 0;
label:
return v;
}
private static boolean isPureAscii(java.lang.String)
{
java.nio.charset.Charset v;
java.nio.charset.CharsetEncoder v;
java.lang.String v;
boolean v;
v := @parameter: java.lang.String;
v = <java.nio.charset.StandardCharsets: java.nio.charset.Charset US_ASCII>;
v = virtualinvoke v.<java.nio.charset.Charset: java.nio.charset.CharsetEncoder newEncoder()>();
v = virtualinvoke v.<java.nio.charset.CharsetEncoder: boolean canEncode(java.lang.CharSequence)>(v);
return v;
}
static void <clinit>()
{
org.slf4j.Logger v;
v = staticinvoke <org.slf4j.LoggerFactory: org.slf4j.Logger getLogger(java.lang.Class)>(class "Lorg/apache/nifi/web/security/ProxiedEntitiesUtils;");
<org.apache.nifi.web.security.ProxiedEntitiesUtils: org.slf4j.Logger logger> = v;
return;
}
}