The process of initiating an action on a server is done through HTTP requests which are messages sent by the client. The two most commonly used HTTP requests are GET and POST. This task involves validating requests and parsing URL parameters as a comma-separated string. Authentication tokens for both GET and POST requests are sent as a URL parameter named "token". For validation of authentication, the tokens must be in a set of valid authentication tokens. In the case of a POST request, a CSRF (cross-site request forgery) token must also be provided. A POST request is considered valid if its authentication token is valid and its CSRF token is an alphanumeric value consisting only of lowercase letters and/or numbers with a minimum length of 8. Once a request is validated, the URL parameters must be parsed as a comma-separated string.
URL parameters are identified by the portion of the URL that comes after a question mark (?). They consist of a key and a value, separated by an equal sign (=). Multiple parameters are separated by an ampersand (&).
Implementation a request parser prototype. Given an array of strings, valid_auth_tokens, representing the valid authentication tokens, and a 2D array of strings, requests, representing the request types and URLs, for each request, return the request status ("VALID" or "INVALID"). If VALID, include a comma-separated string of parameters, i.e. "VALID,<param1_key>,<param1_value>,<param2_key>,<param2_value>".
Example 1:
Input: validAuthTokens = ["ah37j2ha483u", "safh34yw0bp5", "ba34wyi8t902"], requests = [["GET", "https://example.com/?token=347sd6yk8iu2&name=alex"], ["GET", "https://example.com/?token=safh34yw0bp5&name=sam"], ["POST", "https://example.com/?token=safh34yw0bp5&name=alex"], ["POST", "https://example.com/?token=safh34yw0bp5&csrf=ak2sh32dy&name=chris"]]
Output: ["INVALID", "VALID,name,sam", "INVALID", "VALID,name,chris"]
Explanation:
- In the first request, the auth_token = 347sd6yk8iu2, which is not in the list of given tokens, so the request is INVALID. The string to be returned is "INVALID".
- In the second request, the auth_token = safh34yw0bp5, which is in the list of valid tokens, so the request is VALID. The request parameters are - name = sam. The string to be returned is "VALID,name,sam".
- In the third request, the auth_token = safh34yw0bp5, which is in the list of valid tokens, but since the request is a POST request, it must have a valid CSRF token. Since the given request doesn't have a CSRF token, the request is INVALID. The string to be returned is "INVALID".
- In the fourth request, the auth_token = safh34yw0bp5, which is in the list of valid tokens, but since the request is a POST request, it must have a valid CSRF token. CSRF_token = ak2sh32dy. It is an alphanumeric string with length 9 (>=8), so the given request is VALID. The request parameters are - name = chris. The string to be returned is "VALID,name,chris".
Unknown for now
input:
output: