Java Code Examples for org.springframework.util.AntPathMatcher#match()
The following examples show how to use
org.springframework.util.AntPathMatcher#match() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: SwaggerIndexPageTransformer.java From springdoc-openapi with Apache License 2.0 | 6 votes |
|
@Override
public Mono<Resource> transform(ServerWebExchange serverWebExchange, Resource resource, ResourceTransformerChain resourceTransformerChain) {
final AntPathMatcher antPathMatcher = new AntPathMatcher();
try {
boolean isIndexFound = antPathMatcher.match("**/swagger-ui/**/index.html", resource.getURL().toString());
if (isIndexFound && hasDefaultTransformations()) {
String html = defaultTransformations(resource.getInputStream());
return Mono.just(new TransformedResource(resource, html.getBytes()));
}
else {
return Mono.just(resource);
}
}
catch (Exception e) {
throw new SpringDocUIException("Failed to transform Index", e);
}
}
Example 2
| Source File: SwaggerIndexPageTransformer.java From springdoc-openapi with Apache License 2.0 | 5 votes |
|
@Override
public Resource transform(HttpServletRequest request, Resource resource,
ResourceTransformerChain transformerChain) throws IOException {
final AntPathMatcher antPathMatcher = new AntPathMatcher();
boolean isIndexFound = antPathMatcher.match("**/swagger-ui/**/index.html", resource.getURL().toString());
if (isIndexFound && hasDefaultTransformations()) {
String html = defaultTransformations(resource.getInputStream());
return new TransformedResource(resource, html.getBytes());
}
else
return resource;
}
Example 3
| Source File: RestController.java From qconfig with MIT License | 5 votes |
|
private boolean hasGroupIdPermission(String token, String groupId, String targetGroupId, String url, String method) {
if (Strings.isNullOrEmpty(groupId)) {
return false;
}
String adminAppids = configs.get("restapi.admin.appids");
if (!Strings.isNullOrEmpty(adminAppids) && adminAppids.contains(groupId)) {//拥有超级权限,可以修改其他任何appid配置,不需要token
return true;
}
checkToken(groupId, targetGroupId, token);//checktoken
if (groupId.equalsIgnoreCase(targetGroupId)) {
return true;
}
List<ApiPermission> apiPermissionList = apiPermissionService.queryByGroupIdAndTargetGroupId(groupId, targetGroupId);
if (apiPermissionList == null || apiPermissionList.size() == 0) {
return false;
}
AntPathMatcher antPathMatcher = new AntPathMatcher();
for (ApiPermission apiPermission : apiPermissionList) {
if (apiPermission.getMethod() != null
&& apiPermission.getMethod().equalsIgnoreCase(method)
&& antPathMatcher.match(apiPermission.getUrl(), url)) {
return true;
}
}
return false;
}
Example 4
| Source File: PermissionFilter.java From framework with Apache License 2.0 | 5 votes |
|
private boolean isExclusives(HttpServletRequest request) {
List<String> exclusivePath = CHERRY.SPRING_CONTEXT.getBean(AdamProperties.class).getSecurity().getExclusivePath();
AntPathMatcher antPathMatcher = new AntPathMatcher();
String requestURI = request.getRequestURI();
for (String exclusive : exclusivePath) {
if (antPathMatcher.match(exclusive, requestURI)) {
return true;
}
}
return false;
}
Example 5
| Source File: CsrfFilter.java From framework with Apache License 2.0 | 5 votes |
|
/**
* 过滤非认证URL
* <p>和Spring Security的白名单类似</p>
*
* @param request req
* @return 返回结果
*/
private boolean isExclusives(HttpServletRequest request) {
List<String> exclusivePath = CHERRY.SPRING_CONTEXT.getBean(AdamProperties.class).getSecurity().getExclusivePath();
AntPathMatcher antPathMatcher = new AntPathMatcher();
String requestURI = request.getRequestURI();
for (String exclusive : exclusivePath) {
if (antPathMatcher.match(exclusive, requestURI)) {
return true;
}
}
return false;
}
Example 6
| Source File: InterfaceAccessKeyFilter.java From framework with Apache License 2.0 | 5 votes |
|
/**
* 过滤非认证URL
* <p>和Spring Security的白名单类似</p>
*
* @param request req
* @return 返回结果
*/
private boolean isExclusives(HttpServletRequest request) {
List<String> exclusivePath = CHERRY.SPRING_CONTEXT.getBean(AdamProperties.class).getSecurity().getExclusivePath();
AntPathMatcher antPathMatcher = new AntPathMatcher();
String requestURI = request.getRequestURI();
for (String exclusive : exclusivePath) {
if (antPathMatcher.match(exclusive, requestURI)) {
return true;
}
}
return false;
}
Example 7
| Source File: TokenSessionFilter.java From framework with Apache License 2.0 | 5 votes |
|
private boolean isExclusives(HttpServletRequest request) {
List<String> exclusivePath = CHERRY.SPRING_CONTEXT.getBean(AdamProperties.class).getSecurity().getExclusivePath();
AntPathMatcher antPathMatcher = new AntPathMatcher();
String requestURI = request.getRequestURI();
for (String exclusive : exclusivePath) {
if (antPathMatcher.match(exclusive, requestURI)) {
return true;
}
}
return false;
}
Example 8
| Source File: TokenFilter.java From framework with Apache License 2.0 | 5 votes |
|
private boolean isExclusives(HttpServletRequest request) {
List<String> exclusivePath = CHERRY.SPRING_CONTEXT.getBean(AdamProperties.class).getSecurity().getExclusivePath();
AntPathMatcher antPathMatcher = new AntPathMatcher();
String requestURI = request.getRequestURI();
for (String exclusive : exclusivePath) {
if (antPathMatcher.match(exclusive, requestURI)) {
return true;
}
}
return false;
}
Example 9
| Source File: UrlResourceInfoParserTest.java From onetwo with Apache License 2.0 | 5 votes |
|
@Test
public void testAntMatcher(){
AntPathMatcher path = new AntPathMatcher();
boolean rs = path.match("/user.*", "/user.json?aaa=bbb&cc=ddd");
Assert.assertTrue(rs);
//后缀的点号变成可选的写法?
rs = path.match("/user.*", "/user");
Assert.assertFalse(rs);
}
Example 10
| Source File: NameBasedFilter.java From gitlab-plugin with GNU General Public License v2.0 | 5 votes |
|
private boolean isBranchNotExcluded(String branchName) {
AntPathMatcher matcher = new AntPathMatcher();
for (String excludePattern : excludedBranches) {
if (matcher.match(excludePattern, branchName)) {
return false;
}
}
return true;
}
Example 11
| Source File: NameBasedFilter.java From gitlab-plugin with GNU General Public License v2.0 | 5 votes |
|
private boolean isBranchIncluded(String branchName) {
AntPathMatcher matcher = new AntPathMatcher();
for (String includePattern : includedBranches) {
if (matcher.match(includePattern, branchName)) {
return true;
}
}
return includedBranches.isEmpty();
}
Example 12
| Source File: WxMenuTestApp.java From FastBootWeixin with Apache License 2.0 | 4 votes |
|
public static void main(String[] args) {
AntPathMatcher matcher = new AntPathMatcher();
matcher.match("{a:[a-z]}{b:[1-9]}", "a3");
SpringApplication.run(WxMenuTestApp.class, args);
}
Example 13
| Source File: AntPathMatcherTest.java From onetwo with Apache License 2.0 | 4 votes |
|
@Test
public void testAntMatcher(){
AntPathMatcher req = new AntPathMatcher();
boolean res = req.match("/user.*", "/user.json");
Assert.assertTrue(res);
res = req.match("/**/api/**", "/service/api/user");
res = req.match("/**/api/**", "/api/user");
res = req.match("/**/api/**", "/api/user/1");
res = req.match("/**/api/**", "/api/user/1?aa=bb&cc=dd");
Assert.assertTrue(res);
res = req.match("*zh.*", "user_zh.html");
Assert.assertTrue(res);
res = req.match("*zh.*", "/user_zh.html");
Assert.assertFalse(res);
res = req.match("**zh.*", "user_zh.html");
Assert.assertTrue(res);
res = req.match("**zh.*", "/user_zh.html");
Assert.assertFalse(res);
res = req.match("**/*zh.*", "/user_zh.html");
Assert.assertFalse(res);
res = req.match("/*zh.*", "/user_zh.html");
Assert.assertTrue(res);
res = req.match("/user*", "/user");
Assert.assertTrue(res);
res = req.match("/user*", "/user.json");
Assert.assertTrue(res);
res = req.match("/user*", "/userInfo");
Assert.assertTrue(res);
res = req.match("/user*", "/user/1");
Assert.assertFalse(res);
res = req.match("/user**", "/user");
Assert.assertTrue(res);
res = req.match("/user**", "/user.json");
Assert.assertTrue(res);
res = req.match("/user**", "/userInfo");
Assert.assertTrue(res);
res = req.match("/user*/**", "/userInfo");
Assert.assertTrue(res);
res = req.match("/user*/**", "/user/1.json");
Assert.assertTrue(res);
res = req.match("/user/*", "/user/1");
Assert.assertTrue(res);
res = req.match("/user/*", "/user/1.json");
Assert.assertTrue(res);
res = req.match("/user/*", "/user/aaa/1.json");
Assert.assertFalse(res);
res = req.match("/user/**", "/user/1.json");
Assert.assertTrue(res);
res = req.match("/user/**", "/user/aaa/1.json");
Assert.assertTrue(res);
res = req.match("/service/swagger**", "/service/swagger-resources");
Assert.assertTrue(res);
res = req.match("/service/swagger**/**", "/service/swagger-resources/configuration");
Assert.assertTrue(res);
res = req.match("/service/swagger**/**", "/service/swagger-resources");
Assert.assertTrue(res);
res = req.match("/service/swagger**", "/service/swagger-resources/configuration/ui");
Assert.assertFalse(res);
res = req.match("/service/webjars/**/**", "/service/webjars/springfox-swagger-ui/css/typography.css");
Assert.assertTrue(res);
}
Example 14
| Source File: SecurityUtil.java From lutece-core with BSD 3-Clause "New" or "Revised" License | 4 votes |
|
/**
* Validate an internal redirect URL to avoid internal open redirect. (Use this function only if the use of internal url redirect keys is not possible. For
* external url redirection control, use the plugin plugin-verifybackurl)
*
* the url should : - not be blank (null or empty string or spaces) - not start with "http://" or "https://" or "//" OR match the base URL or any URL in the
* pattern list
*
* example with a base url "https://lutece.fr/ : - valid : myapp/jsp/site/Portal.jsp , Another.jsp , https://lutece.fr/myapp/jsp/site/Portal.jsp - invalid :
* http://anothersite.com , https://anothersite.com , //anothersite.com , file://my.txt , ...
*
*
* @param strUrl
* the Url to validate
* @param request
* the current request (containing the baseUrl)
* @param strAntPathMatcherPatterns
* a comma separated list of AntPathMatcher patterns, as "http://**.lutece.com,https://**.lutece.com"
* @return true if valid
*/
public static boolean isInternalRedirectUrlSafe( String strUrl, HttpServletRequest request, String strAntPathMatcherPatterns )
{
if ( StringUtils.isBlank( strUrl ) )
{
return true; // this is not a valid redirect Url, but it is not unsafe
}
// filter schemes
boolean [ ] conditions = new boolean [ ] {
!strUrl.startsWith( "//" ), !strUrl.startsWith( "http:" ), !strUrl.startsWith( "https:" ), !strUrl.contains( "://" ),
!strUrl.startsWith( "javascript:" )
};
if ( BooleanUtils.and( conditions ) )
{
return true; // should be a relative path
}
// compare with current baseUrl
if ( strUrl.startsWith( AppPathService.getBaseUrl( request ) ) )
{
return true;
}
// compare with allowed url patterns
if ( !StringUtils.isBlank( strAntPathMatcherPatterns ) )
{
AntPathMatcher pathMatcher = new AntPathMatcher( );
String [ ] strAntPathMatcherPatternsTab = strAntPathMatcherPatterns.split( CONSTANT_COMMA );
for ( String pattern : strAntPathMatcherPatternsTab )
{
if ( pattern != null && pathMatcher.match( pattern, strUrl ) )
{
return true;
}
}
}
// the Url does not match the allowed patterns
Logger logger = Logger.getLogger( LOGGER_NAME );
logger.warn( "SECURITY WARNING : OPEN_REDIRECT DETECTED : " + dumpRequest( request ) );
return false;
}
Example 15
| Source File: SecureInterceptor.java From magic-starter with GNU Lesser General Public License v3.0 | 2 votes |
|
/**
* 匹配路径
*
* @param request 请求
* @param path 路径
* @return 是否匹配
*/
private boolean matchPath(HttpServletRequest request, String path) {
AntPathMatcher matcher = new AntPathMatcher();
return matcher.match(path, request.getServletPath());
}
