Fix trust domain host validation.

Signed-off-by: Max Lambrecht <maxlambrecht@gmail.com>
2020-06-22 16:28:52 -03:00 · 2020-06-22 16:28:52 -03:00 · 4e1d0fb8c8
parent 7d3adfe7cf
commit 4e1d0fb8c8
2 changed files with 6 additions and 6 deletions
--- a/java-spiffe-core/src/main/java/io/spiffe/spiffeid/TrustDomain.java
+++ b/java-spiffe-core/src/main/java/io/spiffe/spiffeid/TrustDomain.java
@ -15,7 +15,7 @@ import java.net.URISyntaxException;
@Value
 public class TrustDomain {

-    public static final int TRUST_DOMAIN_MAX_LENGTH = 255;
+    public static final int HOST_MAX_LENGTH = 255;
    String name;

    private TrustDomain(final String trustDomain) {
@ -72,6 +72,10 @@ public class TrustDomain {
        if (StringUtils.isBlank(host)) {
            throw new IllegalArgumentException("Trust domain cannot be empty");
        }
+
+        if (host.length() > HOST_MAX_LENGTH) {
+            throw new IllegalArgumentException("Trust Domain: too long, maximum is 255 bytes");
+        }
    }

    private static void validateUri(final URI uri) {
@ -84,10 +88,6 @@ public class TrustDomain {
        if (port != -1) {
            throw new IllegalArgumentException("Trust Domain: port is not allowed");
        }
-
-        if (uri.toString().length() > TRUST_DOMAIN_MAX_LENGTH) {
-            throw new IllegalArgumentException("Trust Domain: too long, maximum is 255 bytes");
-        }
    }

    private static String normalize(String s) {
--- a/java-spiffe-core/src/test/java/io/spiffe/spiffeid/TrustDomainTest.java
+++ b/java-spiffe-core/src/test/java/io/spiffe/spiffeid/TrustDomainTest.java
@ -40,7 +40,7 @@ public class TrustDomainTest {
    }
    @Test
    void testFromMaxLength() {
-        final String longString = getLongString(246); // 246 = 255(max) - 9('spiffe://' bytes)
+        final String longString = getLongString(255);
        TrustDomain trustDomain = TrustDomain.of(longString);
        assertEquals(longString, trustDomain.toString());
    }