import java.util.List;
import java.util.Map;
-import com.prueba.authorization.persistence.dao.AuthorizationDao;
+import com.prueba.authorization.persistence.dao.ApplicationResourceDao;
+import com.prueba.core.context.util.AntPathMatcher;
public class AuthorizationServicesImpl {
- private static final String USER_NAME_PARAM = "{username}";
+ private static final String USER_NAME_PARAM = "username";
+ private static final String API_URL_PATTERN = "/app/api/{" + USER_NAME_PARAM + "}";
- public boolean isAuthorized(String httpMethod, String url, String userName) {
- final AuthorizationDao dao = new AuthorizationDao();
+ public boolean isAuthorized(String httpMethod, String uri, String userName) {
+ final AntPathMatcher pathMatcher = new AntPathMatcher();
+ final Map<String, String> variables = pathMatcher.extractUriTemplateVariables(API_URL_PATTERN, uri);
+ final String userNameParam = variables.get(USER_NAME_PARAM);
+
+ final ApplicationResourceDao dao = new ApplicationResourceDao();
final List<Map<String, String>> urls = dao.findURLsByUserName(userName);
return urls.stream().anyMatch(urlMap ->
{
- final String urlPatternValue = urlMap.get(AuthorizationDao.URL_PATTERN);
- final String urlReplacedPatternValue = urlPatternValue.replace(USER_NAME_PARAM, userName);
- final String httpMethodValue = urlMap.get(AuthorizationDao.HTTP_METHOD);
+ final String urlPatternValue = urlMap.get(ApplicationResourceDao.URL_PATTERN);
+ final String urlReplacedPatternValue = urlPatternValue.replace("{" + USER_NAME_PARAM + "}", userNameParam);
+
+ final String httpMethodValue = urlMap.get(ApplicationResourceDao.HTTP_METHOD);
- return urlReplacedPatternValue.equals(url) && httpMethodValue.equals(httpMethod);
+ return urlReplacedPatternValue.equals(uri) && httpMethodValue.equals(httpMethod);
});
}