DigestUtil.java

1 
package com.jsql.util;
2
3 
import com.jsql.model.InjectionModel;
4 
import org.apache.commons.codec.digest.DigestUtils;
5 
import org.apache.commons.lang3.StringUtils;
6 
import org.apache.logging.log4j.LogManager;
7 
import org.apache.logging.log4j.Logger;
8
9 
import java.net.MalformedURLException;
10 
import java.net.URI;
11 
import java.net.URISyntaxException;
12 
import java.net.URL;
13 
import java.net.http.HttpRequest.Builder;
14 
import java.util.AbstractMap.SimpleEntry;
15 
import java.util.Arrays;
16 
import java.util.Map;
17 
import java.util.stream.Collectors;
18
19 
public class DigestUtil {
20
21 
    /**
22 
     * Log4j logger sent to view.
23 
     */
24 
    private static final Logger LOGGER = LogManager.getRootLogger();
25
26 
    private String tokenDigest = null;
27
28 
    private final InjectionModel injectionModel;
29
30 
    public DigestUtil(InjectionModel injectionModel) {
31 
        this.injectionModel = injectionModel;
32 
    }
33
34 
    public void parseWwwAuthenticate(Map<String, String> mapResponse) {
35 
        if (
36 1 1. parseWwwAuthenticate : negated conditional → NO_COVERAGE
 
            mapResponse.containsKey(HeaderUtil.WWW_AUTHENTICATE_RESPONSE)
37 1 1. parseWwwAuthenticate : negated conditional → NO_COVERAGE
 
            && mapResponse.get(HeaderUtil.WWW_AUTHENTICATE_RESPONSE).trim().startsWith("Digest")
38 
        ) {
39 
            String[] digestParts = StringUtils.split(
40 
                mapResponse.get(HeaderUtil.WWW_AUTHENTICATE_RESPONSE).replaceAll("(?i)^\\s*Digest", StringUtils.EMPTY),
41 
                ","
42 
            );
43
44 
            Map<String, String> cookieValues = Arrays.stream(digestParts)
45 
                .map(cookie -> {
46 
                    String[] cookieEntry = StringUtils.split(cookie, "=");
47 1 1. lambda$parseWwwAuthenticate$0 : replaced return value with null for com/jsql/util/DigestUtil::lambda$parseWwwAuthenticate$0 → NO_COVERAGE
 
                    return new SimpleEntry<>(
48 
                        cookieEntry[0].trim(),
49 
                        cookieEntry[1].trim()
50 
                    );
51 
                })
52 
                .collect(
53 
                    Collectors.toMap(SimpleEntry::getKey, SimpleEntry::getValue)
54 
                );
55
56 
            String realm = cookieValues.get("realm").replace("\"", StringUtils.EMPTY);
57 
            String qop = cookieValues.get("qop").replace("\"", StringUtils.EMPTY);
58 
            String nonce = cookieValues.get("nonce").replace("\"", StringUtils.EMPTY);
59
60 
            try {
61 
                String username = this.injectionModel.getMediatorUtils().getAuthenticationUtil().getUsernameAuthentication();
62 
                String password = this.injectionModel.getMediatorUtils().getAuthenticationUtil().getPasswordAuthentication();
63 
                String nc = "00000001";
64 
                String cnonce = "2ecb0e39da79fcb5aa6ffb1bd45cb3bb";
65
66 
                URL url = new URI(this.injectionModel.getMediatorUtils().getConnectionUtil().getUrlByUser()).toURL();
67 
                String path = url.getFile();
68
69 
                String ha1 = DigestUtils.md5Hex(
70 
                    String.format("%s:%s:%s", username, realm, password)
71 
                );
72 
                String ha2 = DigestUtils.md5Hex(
73 
                    String.format("%s:%s", this.injectionModel.getMediatorUtils().getConnectionUtil().getTypeRequest(), path)
74 
                );
75 
                String response = DigestUtils.md5Hex(
76 
                    String.format("%s:%s:%s:%s:%s:%s", ha1, nonce, nc, cnonce, qop, ha2)
77 
                );
78
79 
                this.tokenDigest = String.format(
80 
                    "Digest username=\"%s\",realm=\"%s\",nonce=\"%s\",uri=\"%s\",cnonce=\"%s\",nc=%s,response=\"%s\",qop=\"%s\"",
81 
                    username, realm, nonce, path, cnonce, nc, response, qop
82 
                );
83 
            } catch (MalformedURLException | URISyntaxException e) {
84 
                LOGGER.error("Incorrect URL", e);
85 
            }
86 
        }
87 
    }
88
89 
    public void addHeaderToken(Builder httpRequest) {
90 1 1. addHeaderToken : negated conditional → NO_COVERAGE
 
        if (this.tokenDigest == null) {
91 
             return;
92 
        }
93 
        httpRequest.setHeader("Authorization", this.tokenDigest);
94 
    }
95
96 
    public boolean isDigest() {
97 2 1. isDigest : negated conditional → NO_COVERAGE
2. isDigest : replaced boolean return with true for com/jsql/util/DigestUtil::isDigest → NO_COVERAGE
 
        return this.tokenDigest != null;
98 
    }
99
100 
    public void setTokenDigest(String tokenDigest) {
101 
        this.tokenDigest = tokenDigest;
102 
    }
103
104 
    public String getTokenDigest() {
105 1 1. getTokenDigest : replaced return value with "" for com/jsql/util/DigestUtil::getTokenDigest → NO_COVERAGE
 
        return this.tokenDigest;
106 
    }
107 
}

Mutations

36

1.1
Location : parseWwwAuthenticate
Killed by : none negated conditional → NO_COVERAGE

37

1.1
Location : parseWwwAuthenticate
Killed by : none negated conditional → NO_COVERAGE

47

1.1
Location : lambda$parseWwwAuthenticate$0
Killed by : none replaced return value with null for com/jsql/util/DigestUtil::lambda$parseWwwAuthenticate$0 → NO_COVERAGE

90

1.1
Location : addHeaderToken
Killed by : none negated conditional → NO_COVERAGE

97

1.1
Location : isDigest
Killed by : none negated conditional → NO_COVERAGE

2.2
Location : isDigest
Killed by : none replaced boolean return with true for com/jsql/util/DigestUtil::isDigest → NO_COVERAGE

105

1.1
Location : getTokenDigest
Killed by : none replaced return value with "" for com/jsql/util/DigestUtil::getTokenDigest → NO_COVERAGE

Active mutators

Tests examined


Report generated by PIT 1.19.1