Throw an exception if a non-SHA1 digest is passed (fcrepo#1063)

* Throw an exception if a non-SHA1 digest is passed * Code review, method references * Code review, better case insensitive matching
awoods · Jul 7, 2016 · c3eeee4 · c3eeee4
1 parent ddee309
commit c3eeee4
Show file tree

Hide file tree

Showing 2 changed files with 28 additions and 7 deletions.
diff --git a/fcrepo-http-api/src/main/java/org/fcrepo/http/api/FedoraLdp.java b/fcrepo-http-api/src/main/java/org/fcrepo/http/api/FedoraLdp.java
@@ -786,16 +786,23 @@ private static void checkLinkForLdpResourceCreation(final String link) {
      * an empty string is returned.
      * @param digest The Digest header value
      * @return the sha1 checksum value
+     * @throws InvalidChecksumException if an unsupported digest is used
      */
-    private static String parseDigestHeader(final String digest) {
+    private static String parseDigestHeader(final String digest) throws InvalidChecksumException {
         try {
             final Map<String,String> digestPairs = RFC3230_SPLITTER.split(nullToEmpty(digest));
-            return digestPairs.entrySet().stream()
-                .filter(s -> s.getKey().toLowerCase().equals("sha1"))
-                .map(Map.Entry::getValue)
-                .findFirst()
-                .map("urn:sha1:"::concat)
-                .orElse("");
+            final boolean checksumTypeIncludeSHA1 = digestPairs.keySet().stream().anyMatch("sha1"::equalsIgnoreCase);
+            // If you have one or more digests and one is sha1 or no digests.
+            if (digestPairs.isEmpty() || checksumTypeIncludeSHA1) {
+                return digestPairs.entrySet().stream()
+                    .filter(s -> s.getKey().toLowerCase().equals("sha1"))
+                    .map(Map.Entry::getValue)
+                    .findFirst()
+                    .map("urn:sha1:"::concat)
+                    .orElse("");
+            } else {
+                throw new InvalidChecksumException(String.format("Unsupported Digest Algorithim: {}", digest));
+            }
         } catch (final RuntimeException e) {
             if (e instanceof IllegalArgumentException) {
                 throw new ClientErrorException("Invalid Digest header: " + digest + "\n", BAD_REQUEST);

diff --git a/fcrepo-http-api/src/test/java/org/fcrepo/integration/http/api/FedoraLdpIT.java b/fcrepo-http-api/src/test/java/org/fcrepo/integration/http/api/FedoraLdpIT.java
@@ -1022,6 +1022,20 @@ public void testIngestWithBinaryAndMalformedDigestHeader() {
         assertEquals("Should be a 400 BAD REQUEST!", BAD_REQUEST.getStatusCode(), getStatus(method));
     }
 
+    /**
+     * Ensure that a non-SHA1 Digest header returns a 409 Conflict
+     */
+    @Test
+    public void testIngestWithBinaryAndNonSha1DigestHeader() {
+        final HttpPost method = postObjMethod();
+        final File img = new File("src/test/resources/test-objects/img.png");
+        method.addHeader("Content-Type", "application/octet-stream");
+        method.addHeader("Digest", "md5=anything");
+        method.setEntity(new FileEntity(img));
+
+        assertEquals("Should be a 409 Conflict!", CONFLICT.getStatusCode(), getStatus(method));
+    }
+
     @Test
     public void testIngestOnSubtree() throws IOException {
         final String id = getRandomUniqueId();