private JsonObject getPayload() { String encodedJson; try { encodedJson = this.token.split("\\.")[1]; } catch (ArrayIndexOutOfBoundsException e) { throw new IllegalArgumentException(e.getMessage()); } String decodedJson = new String(Base64.getDecoder().decode(encodedJson)); JsonObject j; try { j = new JsonObject(decodedJson); } catch (DecodeException e) { throw new IllegalArgumentException(e.getMessage()); } return j; }
@Override public void resourceChanged(String resourceUri, String resource) { if (configResourceUri != null && configResourceUri.equals(resourceUri)) { log.info("Got notified about configuration resource update for " + resourceUri + " with new data: " + resource); try { JsonObject obj = new JsonObject(resource); Integer requestHopsLimitValue = obj.getInteger(REQUEST_HOPS_LIMIT_PROPERTY); if (requestHopsLimitValue != null) { log.info("Got value '" + requestHopsLimitValue + "' for property '"+ REQUEST_HOPS_LIMIT_PROPERTY +"'. Request hop validation is now activated"); requestHopsLimit = requestHopsLimitValue; } else { log.warn("No value for property '"+ REQUEST_HOPS_LIMIT_PROPERTY +"' found. Request hop validation will not be activated"); requestHopsLimit = null; } } catch (DecodeException ex) { log.warn("Unable to decode configuration resource for " + resourceUri + " with data: " + resource + " Reason: " + ex.getMessage()); requestHopsLimit = null; } } }
System.exit(1); } catch (DecodeException e) { System.err.println("Invalid config file: " + e.getMessage()); System.exit(1);
private boolean isListenerJsonInvalid(HttpServerRequest request, Buffer hookData) { if (isHookJsonInvalid(request, hookData)) { // No further checks required. hook definitively is invalid. return true; } final JsonObject hook; try { // Badly we need to parse that JSON one more time. hook = new JsonObject(hookData); } catch (DecodeException e) { log.error("Cannot decode JSON", e); badRequest(request, "Cannot decode JSON", e.getMessage()); return true; } final JsonArray methods = hook.getJsonArray("methods"); if (methods != null) { for (Object method : methods) { if (!QueueProcessor.httpMethodIsQueueable(HttpMethod.valueOf((String) method))) { final String msg = "Listener registration request tries to hook for not allowed '" + method + "' method."; log.error(msg); badRequest(request, "Bad Request", msg + "\n"); return true; } } } return false; }
} catch (DecodeException e) { request.response().setStatusCode(BAD_REQUEST); request.response().end(e.getMessage()); return;
} catch (DecodeException e) { log.error("Cannot decode JSON", e); badRequest(request, "Cannot decode JSON", e.getMessage()); return;
hook = new JsonObject(hookData.toString()); } catch (DecodeException e) { badRequest(request, "Cannot decode JSON", e.getMessage()); return;