Gitiles
Code Review Sign In
korap.ids-mannheim.de / KorAP / Kustvakt / 20f31232168c51c1ce3f05202020c5be6818a4cc / . / full / src / main / java / de / ids_mannheim / korap / authentication / http / HttpAuthorizationHandler.java
blob: 77963457c1f46b3894a15880d80a41bc14911ef3 [file] [log] [blame]
margaretha56e8e552017-12-05 16:31:21 +0100[diff] [blame]1package de.ids_mannheim.korap.authentication.http;
margaretha4b5c1412017-11-15 20:55:04 +0100[diff] [blame]2
3import org.springframework.beans.factory.annotation.Autowired;
4import org.springframework.stereotype.Component;
5
margaretha0e8f4e72018-04-05 14:11:52 +0200[diff] [blame]6import de.ids_mannheim.korap.constant.AuthenticationScheme;
margaretha4b5c1412017-11-15 20:55:04 +0100[diff] [blame]7import de.ids_mannheim.korap.exceptions.KustvaktException;
8import de.ids_mannheim.korap.exceptions.StatusCodes;
9import de.ids_mannheim.korap.utils.ParameterChecker;
10
margaretha2afb97d2017-12-07 19:18:44 +0100[diff] [blame]11/** Implementation of Basic HTTP authentication scheme (see RFC 7253
12 * and 7617) for client asking for authorization and sending user
13 * data.
margaretha4b5c1412017-11-15 20:55:04 +0100[diff] [blame]14 *
15 * @author margaretha
16 *
17 */
18@Component
19public class HttpAuthorizationHandler {
20
21 @Autowired
22 private TransferEncoding transferEncoding;
margaretha2afb97d2017-12-07 19:18:44 +0100[diff] [blame]23
24 public String createBasicAuthorizationHeaderValue (String username,
25 String password) throws KustvaktException {
margaretha4b5c1412017-11-15 20:55:04 +0100[diff] [blame]26 ParameterChecker.checkStringValue(username, "username");
27 ParameterChecker.checkStringValue(password, "password");
28
29 String credentials = transferEncoding.encodeBase64(username, password);
margaretha2afb97d2017-12-07 19:18:44 +0100[diff] [blame]30 return AuthenticationScheme.BASIC.displayName()+" " + credentials;
margaretha4b5c1412017-11-15 20:55:04 +0100[diff] [blame]31 }
32
margaretha2afb97d2017-12-07 19:18:44 +0100[diff] [blame]33 public AuthorizationData parseAuthorizationHeaderValue (
margaretha4b5c1412017-11-15 20:55:04 +0100[diff] [blame]34 String authorizationHeader) throws KustvaktException {
35 ParameterChecker.checkStringValue(authorizationHeader,
36 "authorization header");
37
38 String[] values = authorizationHeader.split(" ");
39 if (values.length != 2) {
margaretha56e8e552017-12-05 16:31:21 +0100[diff] [blame]40 throw new KustvaktException(StatusCodes.AUTHENTICATION_FAILED,
margaretha4b5c1412017-11-15 20:55:04 +0100[diff] [blame]41 "Cannot parse authorization header value "
42 + authorizationHeader
43 + ". Use this format: [authentication "
44 + "scheme] [Base64-encoded token]",
45 authorizationHeader);
46 }
47
48 AuthorizationData data = new AuthorizationData();
margaretha2afb97d2017-12-07 19:18:44 +0100[diff] [blame]49 data.setAuthenticationScheme(
50 AuthenticationScheme.valueOf(values[0].toUpperCase()));
margaretha4b5c1412017-11-15 20:55:04 +0100[diff] [blame]51 data.setToken(values[1]);
52 return data;
53 }
54
margaretha2afb97d2017-12-07 19:18:44 +0100[diff] [blame]55 public AuthorizationData parseBasicToken (AuthorizationData data)
margaretha56e8e552017-12-05 16:31:21 +0100[diff] [blame]56 throws KustvaktException {
margarethacd206792017-11-17 14:48:09 +0100[diff] [blame]57 String[] credentials = transferEncoding.decodeBase64(data.getToken());
58 data.setUsername(credentials[0]);
59 data.setPassword(credentials[1]);
60 return data;
margaretha4b5c1412017-11-15 20:55:04 +0100[diff] [blame]61 }
margaretha4b5c1412017-11-15 20:55:04 +0100[diff] [blame]62}