2 * Copyright (c) 2017 Inocybe Technologies and others. All rights reserved.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
9 package org.opendaylight.aaa.shiro.realm.util.http.header;
11 import java.util.ArrayList;
12 import java.util.HashMap;
13 import java.util.List;
15 import org.apache.shiro.codec.Base64;
16 import org.opendaylight.aaa.shiro.tokenauthrealm.auth.HttpBasicAuth;
19 * Utilities for HTTP header manipulation.
21 public class HeaderUtils {
23 public static final String USERNAME_DOMAIN_SEPARATOR = "@";
27 * @param credentialToken
28 * @return Base64 encoded token
30 public static String getEncodedToken(final String credentialToken) {
31 return Base64.encodeToString(credentialToken.getBytes());
35 * Bridge new to old style <code>TokenAuth</code> interface.
37 * @param username The request username
38 * @param password The request password
39 * @param domain The request domain
40 * @return <code>username:password:domain</code>
42 public static String getUsernamePasswordDomainString(final String username, final String password,
43 final String domain) {
44 return username + HttpBasicAuth.AUTH_SEP + password + HttpBasicAuth.AUTH_SEP + domain;
50 * @return Basic <code>encodedToken</code>
52 public static String getTokenAuthHeader(final String encodedToken) {
53 return HttpBasicAuth.BASIC_PREFIX + encodedToken;
58 * @param tokenAuthHeader
59 * @return a map with the basic auth header
61 public static Map<String, List<String>> formHeadersWithToken(final String tokenAuthHeader) {
62 final Map<String, List<String>> headers = new HashMap<String, List<String>>();
63 final List<String> headerValue = new ArrayList<String>();
64 headerValue.add(tokenAuthHeader);
65 headers.put(HttpBasicAuth.AUTH_HEADER, headerValue);
70 * Adapter between basic authentication mechanism and existing
71 * <code>TokenAuth</code> interface.
73 * @param username Username from the request
74 * @param password Password from the request
75 * @param domain Domain from the request
76 * @return input map for <code>TokenAuth.validate()</code>
78 public static Map<String, List<String>> formHeaders(final String username, final String password,
79 final String domain) {
80 String usernamePasswordToken = getUsernamePasswordDomainString(username, password, domain);
81 String encodedToken = getEncodedToken(usernamePasswordToken);
82 String tokenAuthHeader = getTokenAuthHeader(encodedToken);
83 return formHeadersWithToken(tokenAuthHeader);
87 * Extract username from the form <code>user</code> or <code>user@domain</code>
89 * @param possiblyQualifiedUsername <code>user</code> or <code>user@domain</code>
92 public static String extractUsername(final String possiblyQualifiedUsername) {
93 if (possiblyQualifiedUsername.contains(USERNAME_DOMAIN_SEPARATOR)) {
94 final String [] qualifiedUserArray = possiblyQualifiedUsername.split(USERNAME_DOMAIN_SEPARATOR);
95 return qualifiedUserArray[0];
97 return possiblyQualifiedUsername;
101 * Extract domain from the form <code>user</code> or <code>user@domain</code>
103 * @param possiblyQualifiedUsername <code>user</code> or <code>user@domain</code>
104 * @return the domain or <code>HttpBasicAuth.DEFAULT_DOMAIN</code>
106 public static String extractDomain(final String possiblyQualifiedUsername) {
107 if (possiblyQualifiedUsername.contains(USERNAME_DOMAIN_SEPARATOR)) {
108 final String [] qualifiedUserArray = possiblyQualifiedUsername.split(USERNAME_DOMAIN_SEPARATOR);
109 return qualifiedUserArray[1];
111 return HttpBasicAuth.DEFAULT_DOMAIN;