commit 2afb97d7c5ab4f56cba67fce0659bfd883d6fdff
author margaretha <margaretha@ids-mannheim.de> Thu Dec 07 19:18:44 2017 +0100
committer margaretha <margaretha@ids-mannheim.de> Thu Dec 07 19:18:44 2017 +0100
tree d700bedea0b02847608c0a13a5b93a46cc71545d
parent 56e8e5506a84c000d0fd179202cffcf49e6e7eff

Defined authentication method, scheme and token type separately.

Change-Id: I4455b8c6b68cb2956eb0e7d99a3e91ffbd5a6421

full/src/main/java/de/ids_mannheim/korap/authentication/BasicAuthentication.java

diff --git a/full/src/main/java/de/ids_mannheim/korap/authentication/BasicAuthentication.java b/full/src/main/java/de/ids_mannheim/korap/authentication/BasicAuthentication.java
index 793b990..96b5800 100644
--- a/full/src/main/java/de/ids_mannheim/korap/authentication/BasicAuthentication.java
+++ b/full/src/main/java/de/ids_mannheim/korap/authentication/BasicAuthentication.java
@@ -7,7 +7,7 @@
 import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
 import de.ids_mannheim.korap.authentication.http.TransferEncoding;
 import de.ids_mannheim.korap.config.Attributes;
-import de.ids_mannheim.korap.config.AuthenticationType;
+import de.ids_mannheim.korap.config.TokenType;
 import de.ids_mannheim.korap.config.KustvaktConfiguration;
 import de.ids_mannheim.korap.config.Scopes;
 import de.ids_mannheim.korap.dao.UserDao;
@@ -28,7 +28,8 @@
  * is defined in {@link HttpAuthorizationHandler}. 
  * 
  * Basic authentication is intended to be used with a database. It is 
- * currently only used for testing using a dummy DAO (@see {@link UserDao}). 
+ * currently only used for testing using a dummy DAO (@see {@link UserDao}) 
+ * without passwords.
  *   
  * 
  * @author margaretha
@@ -55,23 +56,13 @@
     @Override
     public TokenContext getTokenContext (String authToken)
             throws KustvaktException {
-        // Hanl: fixme: handle via constructor
-        // EM: ?
         String[] values = transferEncoding.decodeBase64(authToken);
         if (values != null) {
             TokenContext c = new TokenContext();
-            User user = dao.getAccount(values[0]);
-            if (user instanceof KorAPUser
-                    && ((KorAPUser) user).getPassword() != null) {
-                boolean check = crypto.checkHash(values[1],
-                        ((KorAPUser) user).getPassword());
-
-                if (!check) return null;
-            }
             c.setUsername(values[0]);
             c.setExpirationTime(TimeUtils.plusSeconds(this.config.getTokenTTL())
                     .getMillis());
-            c.setAuthenticationType(AuthenticationType.BASIC);
+            c.setTokenType(getTokenType());
             // todo: for production mode, set true
             c.setSecureRequired(false);
             // EM: is this secure?
@@ -107,7 +98,7 @@
 
 
     @Override
-    public AuthenticationType getIdentifier () {
-        return AuthenticationType.BASIC;
+    public TokenType getTokenType () {
+        return TokenType.BASIC;
     }
 }