View Javadoc
1   /*
2    * Portions of this software was developed by employees of the National Institute
3    * of Standards and Technology (NIST), an agency of the Federal Government and is
4    * being made available as a public service. Pursuant to title 17 United States
5    * Code Section 105, works of NIST employees are not subject to copyright
6    * protection in the United States. This software may be subject to foreign
7    * copyright. Permission in the United States and in foreign countries, to the
8    * extent that NIST may hold copyright, to use, copy, modify, create derivative
9    * works, and distribute this software and its documentation without fee is hereby
10   * granted on a non-exclusive basis, provided that this notice and disclaimer
11   * of warranty appears in all copies.
12   *
13   * THE SOFTWARE IS PROVIDED 'AS IS' WITHOUT ANY WARRANTY OF ANY KIND, EITHER
14   * EXPRESSED, IMPLIED, OR STATUTORY, INCLUDING, BUT NOT LIMITED TO, ANY WARRANTY
15   * THAT THE SOFTWARE WILL CONFORM TO SPECIFICATIONS, ANY IMPLIED WARRANTIES OF
16   * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND FREEDOM FROM
17   * INFRINGEMENT, AND ANY WARRANTY THAT THE DOCUMENTATION WILL CONFORM TO THE
18   * SOFTWARE, OR ANY WARRANTY THAT THE SOFTWARE WILL BE ERROR FREE.  IN NO EVENT
19   * SHALL NIST BE LIABLE FOR ANY DAMAGES, INCLUDING, BUT NOT LIMITED TO, DIRECT,
20   * INDIRECT, SPECIAL OR CONSEQUENTIAL DAMAGES, ARISING OUT OF, RESULTING FROM,
21   * OR IN ANY WAY CONNECTED WITH THIS SOFTWARE, WHETHER OR NOT BASED UPON WARRANTY,
22   * CONTRACT, TORT, OR OTHERWISE, WHETHER OR NOT INJURY WAS SUSTAINED BY PERSONS OR
23   * PROPERTY OR OTHERWISE, AND WHETHER OR NOT LOSS WAS SUSTAINED FROM, OR AROSE OUT
24   * OF THE RESULTS OF, OR USE OF, THE SOFTWARE OR SERVICES PROVIDED HEREUNDER.
25   */
26  
27  package gov.nist.secauto.metaschema.core.model.validation;
28  
29  import gov.nist.secauto.metaschema.core.model.constraint.IConstraint;
30  import gov.nist.secauto.metaschema.core.util.ObjectUtils;
31  
32  import org.everit.json.schema.Schema;
33  import org.everit.json.schema.ValidationException;
34  import org.everit.json.schema.loader.SchemaLoader;
35  import org.json.JSONException;
36  import org.json.JSONObject;
37  import org.json.JSONTokener;
38  
39  import java.io.IOException;
40  import java.io.InputStream;
41  import java.io.Reader;
42  import java.net.URI;
43  import java.util.Collections;
44  import java.util.List;
45  import java.util.Objects;
46  import java.util.stream.Collectors;
47  import java.util.stream.Stream;
48  
49  import edu.umd.cs.findbugs.annotations.NonNull;
50  
51  public class JsonSchemaContentValidator
52      extends AbstractContentValidator {
53    @NonNull
54    private final Schema schema;
55  
56    public JsonSchemaContentValidator(@NonNull Reader reader) {
57      this(new JSONTokener(reader));
58    }
59  
60    public JsonSchemaContentValidator(@NonNull InputStream is) {
61      this(new JSONTokener(is));
62    }
63  
64    public JsonSchemaContentValidator(@NonNull JSONObject jsonSchema) {
65      this(ObjectUtils.notNull(SchemaLoader.load(jsonSchema)));
66    }
67  
68    protected JsonSchemaContentValidator(@NonNull JSONTokener tokenizer) {
69      this(new JSONObject(tokenizer));
70    }
71  
72    protected JsonSchemaContentValidator(@NonNull Schema schema) {
73      this.schema = ObjectUtils.requireNonNull(schema, "schema");
74    }
75  
76    @Override
77    public IValidationResult validate(InputStream is, URI documentUri) throws IOException {
78      JSONObject json;
79      try {
80        json = new JSONObject(new JSONTokener(is));
81      } catch (JSONException ex) {
82        throw new IOException(String.format("Unable to parse JSON from '%s'", documentUri), ex);
83      }
84      return validate(json, documentUri);
85    }
86  
87    @SuppressWarnings("null")
88    @NonNull
89    public IValidationResult validate(@NonNull JSONObject json, @NonNull URI documentUri) {
90      IValidationResult retval;
91      try {
92        schema.validate(json);
93        retval = IValidationResult.PASSING_RESULT;
94      } catch (ValidationException ex) {
95        retval = new JsonValidationResult(
96            handleValidationException(ex, documentUri)
97                .collect(Collectors.toList()));
98      }
99  
100     return retval;
101   }
102 
103   @SuppressWarnings("null")
104   @NonNull
105   protected Stream<JsonValidationFinding> handleValidationException(@NonNull ValidationException ex,
106       @NonNull URI documentUri) {
107     JsonValidationFinding finding = new JsonValidationFinding(ex, documentUri);
108     Stream<JsonValidationFinding> childFindings = ex.getCausingExceptions().stream()
109         .flatMap(exception -> {
110           return handleValidationException(exception, documentUri);
111         });
112     return Stream.concat(Stream.of(finding), childFindings);
113   }
114 
115   public static class JsonValidationFinding implements IValidationFinding {
116     @NonNull
117     private final ValidationException exception;
118     @NonNull
119     private final URI documentUri;
120 
121     public JsonValidationFinding(@NonNull ValidationException exception, @NonNull URI documentUri) {
122       this.exception = ObjectUtils.requireNonNull(exception, "exception");
123       this.documentUri = ObjectUtils.requireNonNull(documentUri, "documentUri");
124     }
125 
126     @Override
127     public IConstraint.Level getSeverity() {
128       return IConstraint.Level.ERROR;
129     }
130 
131     @Override
132     public URI getDocumentUri() {
133       return documentUri;
134     }
135 
136     @SuppressWarnings("null")
137     @Override
138     public String getMessage() {
139       return getCause().getLocalizedMessage();
140     }
141 
142     @NonNull
143     @Override
144     public ValidationException getCause() {
145       return exception;
146     }
147   }
148 
149   private static class JsonValidationResult implements IValidationResult {
150     @NonNull
151     private final List<JsonValidationFinding> findings;
152 
153     @SuppressWarnings("null")
154     public JsonValidationResult(@NonNull List<JsonValidationFinding> findings) {
155       this.findings = Collections.unmodifiableList(Objects.requireNonNull(findings, "findings"));
156     }
157 
158     @Override
159     public IConstraint.Level getHighestSeverity() {
160       return findings.isEmpty() ? IConstraint.Level.INFORMATIONAL : IConstraint.Level.ERROR;
161     }
162 
163     @Override
164     public List<? extends IValidationFinding> getFindings() {
165       return findings;
166     }
167 
168   }
169 }