001/*******************************************************************************
002 * Copyright 2018 The MIT Internet Trust Consortium
003 *
004 * Licensed under the Apache License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 *   http://www.apache.org/licenses/LICENSE-2.0
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 *******************************************************************************/
016
017package org.mitre.openid.connect.filter;
018
019import java.util.HashSet;
020import java.util.Set;
021
022import javax.servlet.http.HttpServletRequest;
023
024import org.springframework.security.web.util.UrlUtils;
025import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
026import org.springframework.security.web.util.matcher.RequestMatcher;
027import org.springframework.util.Assert;
028
029/**
030 * @author jricher
031 *
032 */
033public class MultiUrlRequestMatcher implements RequestMatcher {
034        private final Set<RequestMatcher> matchers;
035
036        public MultiUrlRequestMatcher(Set<String> filterProcessesUrls) {
037                this.matchers = new HashSet<>(filterProcessesUrls.size());
038                for (String filterProcessesUrl : filterProcessesUrls) {
039                        Assert.hasLength(filterProcessesUrl, "filterProcessesUrl must be specified");
040                        Assert.isTrue(UrlUtils.isValidRedirectUrl(filterProcessesUrl), filterProcessesUrl + " isn't a valid URL");
041                        matchers.add(new AntPathRequestMatcher(filterProcessesUrl));
042                }
043
044        }
045
046        @Override
047        public boolean matches(HttpServletRequest request) {
048                for (RequestMatcher matcher : matchers) {
049                        if (matcher.matches(request)) {
050                                return true;
051                        }
052                }
053
054                return false;
055        }
056
057}