#22 - Added constraint verification of purl types, including a check for Maven that ensures namespace and name both exist. Added unit tests.

stevespringett · stevespringett · commit 077752bfbe23 · 2021-06-27T23:12:25.000-05:00
diff --git a/src/main/java/com/github/packageurl/PackageURL.java b/src/main/java/com/github/packageurl/PackageURL.java
@@ -104,6 +104,7 @@ public PackageURL(final String type, final String namespace, final String name,
         this.version = validateVersion(version);
         this.qualifiers = validateQualifiers(qualifiers);
         this.subpath = validatePath(subpath, true);
+        verifyTypeConstraints(this.type, this.namespace, this.name);
     }
 
     /**
@@ -533,11 +534,27 @@ private void parse(final String purl) throws MalformedPackageURLException {
                 remainder.setLength(index);
                 this.namespace = validateNamespace(parsePath(remainder.substring(start), false));
             }
+            verifyTypeConstraints(this.type, this.namespace, this.name);
         } catch (URISyntaxException e) {
             throw new MalformedPackageURLException("Invalid purl: " + e.getMessage());
         }
     }
 
+    /**
+     * Some purl types may have specific constraints. This method attempts to verify them.
+     * @param type the purl type
+     * @param namespace the purl namespace
+     * @param name the purl name
+     * @throws MalformedPackageURLException if constraints are not met
+     */
+    private void verifyTypeConstraints(String type, String namespace, String name) throws MalformedPackageURLException {
+        if (StandardTypes.MAVEN.equals(type)) {
+            if (namespace == null || namespace.isEmpty() || name == null || name.isEmpty()) {
+                throw new MalformedPackageURLException("The PackageURL specified is invalid. Maven requires both a namespace and name.");
+            }
+        }
+    }
+
     @SuppressWarnings("StringSplitter")//reason: surprising behavior is okay in this case
     private Map<String, String> parseQualifiers(final String encodedString) throws MalformedPackageURLException {
         try {
diff --git a/src/test/resources/test-suite-data.json b/src/test/resources/test-suite-data.json
@@ -227,6 +227,30 @@
     "subpath": null,
     "is_invalid": true
   },
+  {
+    "description": "a namespace is required",
+    "purl": "pkg:maven/io@1.3.4",
+    "canonical_purl": "pkg:maven/io@1.3.4",
+    "type": "maven",
+    "namespace": null,
+    "name": null,
+    "version": null,
+    "qualifiers": null,
+    "subpath": null,
+    "is_invalid": true
+  },
+  {
+    "description": "a namespace is required",
+    "purl": "pkg:maven//io@1.3.4",
+    "canonical_purl": "pkg:maven//io@1.3.4",
+    "type": "maven",
+    "namespace": null,
+    "name": null,
+    "version": null,
+    "qualifiers": null,
+    "subpath": null,
+    "is_invalid": true
+  },
   {
     "description": "slash / after scheme is not significant",
     "purl": "pkg:/maven/org.apache.commons/io",
