micord/ervu-lkrp-ul
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

SUPPORT-9605: uuid validation

Browse source
This commit is contained in:
adel.ka 2025-11-28 14:25:01 +03:00
parent 3ea1e01a1a
commit a9ae8d1b37
2 changed files with 16 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

6
backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java
View file

@ -45,7 +45,6 @@ import ru.micord.ervu.security.esia.EsiaAuthInfoStore;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import org.springframework.security.core.context.SecurityContext; import org.springframework.security.core.context.SecurityContext;
import org.springframework.util.StringUtils;
import ru.micord.ervu.security.esia.config.EsiaConfig; import ru.micord.ervu.security.esia.config.EsiaConfig;
import org.springframework.beans.factory.annotation.Value; import org.springframework.beans.factory.annotation.Value;
import ru.micord.ervu.kafka.model.Brhs; import ru.micord.ervu.kafka.model.Brhs;
@ -63,6 +62,7 @@ import ru.micord.ervu.security.webbpm.jwt.helper.SecurityHelper;
import ru.micord.ervu.security.webbpm.jwt.service.JwtTokenService; import ru.micord.ervu.security.webbpm.jwt.service.JwtTokenService;
import ru.micord.ervu.security.webbpm.jwt.model.Token; import ru.micord.ervu.security.webbpm.jwt.model.Token;
import ru.micord.ervu.service.UploadAccessService; import ru.micord.ervu.service.UploadAccessService;
import ru.micord.ervu.util.StringUtils;
import ru.cg.webbpm.modules.core.runtime.api.LocalizedException; import ru.cg.webbpm.modules.core.runtime.api.LocalizedException;
import ru.cg.webbpm.modules.core.runtime.api.MessageBundleUtils; import ru.cg.webbpm.modules.core.runtime.api.MessageBundleUtils;
@ -470,8 +470,8 @@ public class EsiaAuthService {
); );
ErvuOrgResponse ervuOrgResponse = objectMapper.readValue(kafkaResponse, ErvuOrgResponse.class); ErvuOrgResponse ervuOrgResponse = objectMapper.readValue(kafkaResponse, ErvuOrgResponse.class);
String ervuId = ervuOrgResponse.getData().getErvuId(); String ervuId = ervuOrgResponse.getData().getErvuId();
if (!StringUtils.hasText(ervuId)) { if (!StringUtils.isValidUUID(ervuId)) {
throw new EsiaException("No ervuId for prnOid = " + prnOid); throw new EsiaException("No valid ervuId for prnOid = " + prnOid);
} }
return ervuId; return ervuId;
} }

13
backend/src/main/java/ru/micord/ervu/util/StringUtils.java
View file

@ -1,10 +1,16 @@
package ru.micord.ervu.util; package ru.micord.ervu.util;
import java.util.regex.Pattern;
import static org.apache.commons.lang3.StringUtils.capitalize; import static org.apache.commons.lang3.StringUtils.capitalize;
import static org.apache.commons.lang3.StringUtils.substring; import static org.apache.commons.lang3.StringUtils.substring;
public final class StringUtils { public final class StringUtils {
private static final Pattern UUID_PATTERN = Pattern.compile(
"^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$"
);
private StringUtils() { private StringUtils() {
} }
@ -18,4 +24,11 @@ public final class StringUtils {
middleNameInitial middleNameInitial
); );
} }
public static boolean isValidUUID(String uuid) {
if (uuid == null) {
return false;
}
return UUID_PATTERN.matcher(uuid).matches();
}
} }