Authorization validation

Plus, a couple of minor tweaks.

Author: michalwa

src/main/java/examples/AuthorizationExamples.java

@@ -0,0 +1,24 @@
+package examples;
+
+import express.Express;
+import express.http.request.Authorization;
+import express.utils.Status;
+
+public class AuthorizationExamples
+{
+	public static void main(String[] args)
+	{
+		Express app = new Express();
+		
+		app.get("/", (req, res) -> {
+			if(Authorization.validate(req, Authorization.validator("Basic", "123456789"))) {
+				res.send("You are authorized!");
+			} else {
+				res.setStatus(Status._401);
+				res.send();
+			}
+		});
+		
+		app.listen(() -> System.out.println("Listening!"));
+	}
+}

src/main/java/express/http/Cookie.java

@@ -203,9 +203,7 @@ public boolean equals(Object obj) {
       if (!other.getExpire().equals(this.getExpire())) return false;
       if (other.getMaxAge() != this.getMaxAge()) return false;
       if (!other.getSameSite().equals(this.getSameSite())) return false;
-      if (!other.getPath().equals(this.getPath())) return false;
-
-      return true;
+	    return other.getPath().equals(this.getPath());
     }
     return super.equals(obj);
   }

src/main/java/express/http/request/Authorization.java

@@ -1,41 +1,91 @@
 package express.http.request;
 
 import java.util.Base64;
+import java.util.Collections;
+import java.util.List;
+import java.util.function.Predicate;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
 
 /**
  * @author Simon Reinisch
  * <p>
- * Class for an http-authorization
+ * Represents an HTTP Authorization header value
+ * and encapsulates authorization data
  */
 public class Authorization {
-
+  
+  public static final String HEADER_NAME = "Authorization";
+  
   private final String TYPE;
   private final String DATA;
-
+  
   Authorization(String authHeader) {
-    int index = authHeader.indexOf(' ');
-    this.TYPE = authHeader.substring(0, index);
-    this.DATA = authHeader.substring(index + 1);
+    String[] parts = Stream.of(authHeader.split(" "))
+        .filter(s -> !s.isEmpty())
+        .toArray(String[]::new);
+    
+    this.TYPE = parts[0];
+    this.DATA = parts[1];
   }
-
+  
   /**
    * @return The Authorization type
    */
   public String getType() {
     return TYPE;
   }
-
+  
   /**
    * @return The Authorization data
    */
   public String getData() {
     return DATA;
   }
-
+  
   /**
    * @return The Authorization data base64 decoded
    */
   public String getDataBase64Decoded() {
     return new String(Base64.getDecoder().decode(DATA));
   }
+  
+  /**
+   * @return A list of authorization options that are contained in the given request.
+   *  Authorization options can be separated by a comma in the Authorization header.
+   */
+  public static List<Authorization> get(Request req) {
+    List<String> headerVals = req.getHeader(HEADER_NAME);
+    if(!headerVals.isEmpty()) {
+      String authHeader = headerVals.get(0);
+      return Collections.unmodifiableList(Stream.of(authHeader.split(","))
+          .map(Authorization::new).collect(Collectors.toList()));
+    }
+    return Collections.emptyList();
+  }
+  
+  /**
+   * Validates the given request authentication using each of the given predicates.
+   * If any of the predicates returns <code>true</code>, the request is counted as
+   * validly authorized and the method returns <code>true</code>.
+   */
+  @SafeVarargs
+  public static boolean validate(Request req, Predicate<Authorization>... validators) {
+    for(Authorization auth : get(req)) {
+      for(Predicate<Authorization> validator : validators) {
+        if(validator.test(auth)) return true;
+      }
+    }
+    return false;
+  }
+  
+  /**
+   * @param type The expected type of the authorization
+   * @param data The expected data of the authorization
+   * @return A predicate that can be used with {@link Authorization#validate(Request, Predicate...)}
+   *  to test for a single type of authorization
+   */
+  public static Predicate<Authorization> validator(String type, String data) {
+    return (auth -> auth.getType().equals(type) && auth.getData().equals(data));
+  }
 }

src/main/java/express/http/request/Request.java

@@ -18,13 +18,15 @@
 import java.nio.file.Path;
 import java.time.Instant;
 import java.time.format.DateTimeFormatter;
+import java.util.Collections;
 import java.util.HashMap;
 import java.util.List;
+import java.util.Optional;
 
 /**
  * @author Simon Reinisch
  * <p>
- * Class for http-request content.
+ * Class encapsulating HTTP request data
  */
 public class Request {
 
@@ -43,8 +45,8 @@ public class Request {
 
   private final HashMap<String, Object> MIDDLEWARE;   // Middleware Data
   private final HashMap<String, Cookie> COOKIES;      // Request cookies
-  private final HashMap<String, String> QUERYS;       // URL Query's
-  private final HashMap<String, String> FORM_QUERYS;  // Form Query's (application/x-www-form-urlencoded)
+  private final HashMap<String, String> QUERIES;      // URL Query parameters
+  private final HashMap<String, String> FORM_QUERIES; // Form query parameters (application/x-www-form-urlencoded)
 
   private HashMap<String, String> params;             // URL Params, would be added in ExpressFilterImpl
   private String context;                             // Context which matched
@@ -76,12 +78,12 @@ public Request(HttpExchange exchange, Express express) {
     this.AUTH = HEADERS.get("Authorization") == null ? null : new Authorization(HEADERS.get("Authorization").get(0));
 
     // Check if the request contains x-www-form-urlencoded form data
-    this.FORM_QUERYS = CONTENT_TYPE.startsWith("application/x-www-form-urlencoded")
+    this.FORM_QUERIES = CONTENT_TYPE.startsWith("application/x-www-form-urlencoded")
         ? RequestUtils.parseRawQuery(Utils.streamToString(BODY))
         : new HashMap<>();
 
     // Parse query and cookies, both returns not null if there is nothing
-    this.QUERYS = RequestUtils.parseRawQuery(exchange.getRequestURI().getRawQuery());
+    this.QUERIES = RequestUtils.parseRawQuery(exchange.getRequestURI().getRawQuery());
     this.COOKIES = RequestUtils.parseCookies(HEADERS);
   }
 
@@ -339,7 +341,7 @@ public boolean hasAuthorization() {
    * @return The value, null if there is none.
    */
   public String getFormQuery(String name) {
-    return FORM_QUERYS.get(name);
+    return FORM_QUERIES.get(name);
   }
 
   /**
@@ -359,7 +361,7 @@ public String getParam(String param) {
    * @return The value, null if there is none.
    */
   public String getQuery(String name) {
-    return QUERYS.get(name);
+    return QUERIES.get(name);
   }
 
   /**
@@ -368,7 +370,7 @@ public String getQuery(String name) {
    * @return An entire list of key-values
    */
   public HashMap<String, String> getFormQuerys() {
-    return FORM_QUERYS;
+    return FORM_QUERIES;
   }
 
   /**
@@ -411,17 +413,17 @@ public void setContext(String context) {
    * @return An entire list of key-values
    */
   public HashMap<String, String> getQuerys() {
-    return QUERYS;
+    return QUERIES;
   }
 
   /**
    * Returns an header value.
    *
    * @param header The header name
-   * @return An list with values.
+   * @return A list with values.
    */
   public List<String> getHeader(String header) {
-    return HEADERS.get(header);
+    return Optional.ofNullable(HEADERS.get(header)).orElse(Collections.emptyList());
   }
 
   /**