package org.opendaylight.aaa.basic;
+import com.sun.jersey.core.util.Base64;
import java.util.List;
import java.util.Map;
-
import org.opendaylight.aaa.AuthenticationBuilder;
import org.opendaylight.aaa.PasswordCredentialBuilder;
import org.opendaylight.aaa.api.Authentication;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import com.sun.jersey.core.util.Base64;
-
/**
- * An HTTP Basic authenticator. Note that this is provided as a Hydrogen
- * backward compatible authenticator, but usage of this authenticator or
- * HTTP Basic Authentication is highly discouraged due to its vulnerability.
+ * An HTTP Basic authenticator. Note that this is provided as a Hydrogen
+ * backward compatible authenticator, but usage of this authenticator or HTTP
+ * Basic Authentication is highly discouraged due to its vulnerability.
*
- * To obtain a token using the HttpBasicAuth Strategy, add a header to your
- * HTTP request in the form:
+ * To obtain a token using the HttpBasicAuth Strategy, add a header to your HTTP
+ * request in the form:
* <code>Authorization: Basic BASE_64_ENCODED_CREDENTIALS</code>
*
* Where <code>BASE_64_ENCODED_CREDENTIALS</code> is the base 64 encoded value
- * of the user's credentials in the following form:
- * <code>user:password</code>
+ * of the user's credentials in the following form: <code>user:password</code>
*
* For example, assuming the user is "admin" and the password is "admin":
* <code>Authorization: Basic YWRtaW46YWRtaW4=</code>
volatile CredentialAuth<PasswordCredentials> credentialAuth;
private static boolean checkAuthHeaderFormat(final String authHeader) {
- return (authHeader != null && authHeader.startsWith(BASIC_PREFIX));
+ return (authHeader != null && authHeader.startsWith(BASIC_PREFIX));
}
private static String extractAuthHeader(final Map<String, List<String>> headers) {
return headers.get(AUTH_HEADER).get(0);
}
- private static String [] extractCredentialArray(final String authHeader) {
- return new String(Base64.base64Decode(authHeader
- .substring(BASIC_PREFIX.length()))).split(AUTH_SEP);
+ private static String[] extractCredentialArray(final String authHeader) {
+ return new String(Base64.base64Decode(authHeader.substring(BASIC_PREFIX.length())))
+ .split(AUTH_SEP);
}
- private static boolean verifyCredentialArray(final String [] creds) {
- return (creds!=null && creds.length==NUM_HEADER_CREDS);
+ private static boolean verifyCredentialArray(final String[] creds) {
+ return (creds != null && creds.length == NUM_HEADER_CREDS);
}
- private static String [] addDomainToCredentialArray(final String [] creds) {
+ private static String[] addDomainToCredentialArray(final String[] creds) {
String newCredentialArray[] = new String[NUM_TOKEN_CREDS];
System.arraycopy(creds, 0, newCredentialArray, 0, creds.length);
newCredentialArray[2] = DEFAULT_DOMAIN;
return newCredentialArray;
}
- private static Authentication generateAuthentication(CredentialAuth<PasswordCredentials> credentialAuth, final String [] creds) throws ArrayIndexOutOfBoundsException{
- final PasswordCredentials pc = new PasswordCredentialBuilder()
- .setUserName(creds[0]).setPassword(creds[1]).setDomain(creds[2]).build();
+ private static Authentication generateAuthentication(
+ CredentialAuth<PasswordCredentials> credentialAuth, final String[] creds)
+ throws ArrayIndexOutOfBoundsException {
+ final PasswordCredentials pc = new PasswordCredentialBuilder().setUserName(creds[0])
+ .setPassword(creds[1]).setDomain(creds[2]).build();
final Claim claim = credentialAuth.authenticate(pc);
return new AuthenticationBuilder(claim).build();
}
if (checkAuthHeaderFormat(authHeader)) {
// HTTP Basic Auth
String[] creds = extractCredentialArray(authHeader);
- // If no domain was supplied then use the default one, which is "sdn".
- if(verifyCredentialArray(creds)){
+ // If no domain was supplied then use the default one, which is
+ // "sdn".
+ if (verifyCredentialArray(creds)) {
creds = addDomainToCredentialArray(creds);
}
// Assumes correct formatting in form Base64("user:password").