HTTP transport implementation

[netconf.git] / transport / transport-http / src / main / java / org / opendaylight / netconf / transport / http / ClientAuthProvider.java

diff --git a/transport/transport-http/src/main/java/org/opendaylight/netconf/transport/http/ClientAuthProvider.java b/transport/transport-http/src/main/java/org/opendaylight/netconf/transport/http/ClientAuthProvider.java
new file mode 100644 (file)
index 0000000..b88cd8f
--- /dev/null
+++ b/transport/transport-http/src/main/java/org/opendaylight/netconf/transport/http/ClientAuthProvider.java
@@ -0,0 +1,68 @@
+/*
+ * Copyright (c) 2024 PANTHEON.tech, s.r.o. and others.  All rights reserved.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Eclipse Public License v1.0 which accompanies this distribution,
+ * and is available at http://www.eclipse.org/legal/epl-v10.html
+ */
+package org.opendaylight.netconf.transport.http;
+
+import static org.opendaylight.netconf.transport.http.BasicAuthHandler.BASIC_AUTH_PREFIX;
+
+import io.netty.channel.ChannelHandlerContext;
+import io.netty.channel.ChannelOutboundHandlerAdapter;
+import io.netty.channel.ChannelPromise;
+import io.netty.handler.codec.http.HttpHeaderNames;
+import io.netty.handler.codec.http.HttpRequest;
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
+import org.eclipse.jdt.annotation.Nullable;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.password.grouping.password.type.CleartextPassword;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.http.client.rev240208.HttpClientGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.http.client.rev240208.http.client.identity.grouping.client.identity.auth.type.Basic;
+
+/**
+ * A client-side channel handler adding HTTP headers.
+ */
+abstract sealed class ClientAuthProvider extends ChannelOutboundHandlerAdapter {
+    private static final class ClientBasicAuthProvider extends ClientAuthProvider {
+        private final String authHeader;
+
+        ClientBasicAuthProvider(final String username, final String password) {
+            authHeader = BASIC_AUTH_PREFIX + Base64.getEncoder().encodeToString(
+                (username + ":" + password).getBytes(StandardCharsets.UTF_8));
+        }
+
+        @Override
+        public void write(final ChannelHandlerContext ctx, final Object msg, final ChannelPromise promise)
+                throws Exception {
+            if (msg instanceof HttpRequest request) {
+                request.headers().set(HttpHeaderNames.AUTHORIZATION, authHeader);
+            }
+            super.write(ctx, msg, promise);
+        }
+    }
+
+    private ClientAuthProvider() {
+        // Hidden on purpose
+    }
+
+    static @Nullable ClientAuthProvider ofNullable(final HttpClientGrouping httpParams) {
+        if (httpParams == null) {
+            return null;
+        }
+        final var clientIdentity = httpParams.getClientIdentity();
+        if (clientIdentity == null) {
+            return null;
+        }
+        final var authType = clientIdentity.getAuthType();
+        if (authType instanceof Basic basicAuth) {
+            // Basic authorization handler, sets authorization header on outgoing requests
+            final var basic = basicAuth.nonnullBasic();
+            return new ClientBasicAuthProvider(basic.getUserId(),
+                basic.getPasswordType() instanceof CleartextPassword clearText ? clearText.requireCleartextPassword()
+                    : "");
+        }
+        return null;
+    }
+}