X-Git-Url: https://git.opendaylight.org/gerrit/gitweb?a=blobdiff_plain;f=aaa-authn-basic%2Fsrc%2Fmain%2Fjava%2Forg%2Fopendaylight%2Faaa%2Fbasic%2FHttpBasicAuth.java;h=eff47e6380a677e0bb6df0fe0d8c2b56aeb1a8b9;hb=419ed9802d993e04c15592c0debe91f6d6fd8e23;hp=b00f97657bba88c1205eb471d55728d5c4b0fdc8;hpb=0a88c71216ec996b5f6127652c9257c9e89fc37f;p=aaa.git

diff --git a/aaa-authn-basic/src/main/java/org/opendaylight/aaa/basic/HttpBasicAuth.java b/aaa-authn-basic/src/main/java/org/opendaylight/aaa/basic/HttpBasicAuth.java
index b00f97657..eff47e638 100644
--- a/aaa-authn-basic/src/main/java/org/opendaylight/aaa/basic/HttpBasicAuth.java
+++ b/aaa-authn-basic/src/main/java/org/opendaylight/aaa/basic/HttpBasicAuth.java
@@ -8,9 +8,9 @@
 
 package org.opendaylight.aaa.basic;
 
+import com.sun.jersey.core.util.Base64;
 import java.util.List;
 import java.util.Map;
-
 import org.opendaylight.aaa.AuthenticationBuilder;
 import org.opendaylight.aaa.PasswordCredentialBuilder;
 import org.opendaylight.aaa.api.Authentication;
@@ -22,20 +22,17 @@ import org.opendaylight.aaa.api.TokenAuth;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import com.sun.jersey.core.util.Base64;
-
 /**
- * An HTTP Basic authenticator.  Note that this is provided as a Hydrogen
- * backward compatible authenticator, but usage of this authenticator or
- * HTTP Basic Authentication is highly discouraged due to its vulnerability.
+ * An HTTP Basic authenticator. Note that this is provided as a Hydrogen
+ * backward compatible authenticator, but usage of this authenticator or HTTP
+ * Basic Authentication is highly discouraged due to its vulnerability.
  *
- * To obtain a token using the HttpBasicAuth Strategy, add a header to your
- * HTTP request in the form:
+ * To obtain a token using the HttpBasicAuth Strategy, add a header to your HTTP
+ * request in the form:
  * <code>Authorization: Basic BASE_64_ENCODED_CREDENTIALS</code>
  *
  * Where <code>BASE_64_ENCODED_CREDENTIALS</code> is the base 64 encoded value
- * of the user's credentials in the following form:
- * <code>user:password</code>
+ * of the user's credentials in the following form: <code>user:password</code>
  *
  * For example, assuming the user is "admin" and the password is "admin":
  * <code>Authorization: Basic YWRtaW46YWRtaW4=</code>
@@ -69,32 +66,34 @@ public class HttpBasicAuth implements TokenAuth {
     volatile CredentialAuth<PasswordCredentials> credentialAuth;
 
     private static boolean checkAuthHeaderFormat(final String authHeader) {
-       return (authHeader != null && authHeader.startsWith(BASIC_PREFIX));
+        return (authHeader != null && authHeader.startsWith(BASIC_PREFIX));
     }
 
     private static String extractAuthHeader(final Map<String, List<String>> headers) {
         return headers.get(AUTH_HEADER).get(0);
     }
 
-    private static String [] extractCredentialArray(final String authHeader) {
-        return new String(Base64.base64Decode(authHeader
-                .substring(BASIC_PREFIX.length()))).split(AUTH_SEP);
+    private static String[] extractCredentialArray(final String authHeader) {
+        return new String(Base64.base64Decode(authHeader.substring(BASIC_PREFIX.length())))
+                .split(AUTH_SEP);
     }
 
-    private static boolean verifyCredentialArray(final String [] creds) {
-        return (creds!=null && creds.length==NUM_HEADER_CREDS);
+    private static boolean verifyCredentialArray(final String[] creds) {
+        return (creds != null && creds.length == NUM_HEADER_CREDS);
     }
 
-    private static String [] addDomainToCredentialArray(final String [] creds) {
+    private static String[] addDomainToCredentialArray(final String[] creds) {
         String newCredentialArray[] = new String[NUM_TOKEN_CREDS];
         System.arraycopy(creds, 0, newCredentialArray, 0, creds.length);
         newCredentialArray[2] = DEFAULT_DOMAIN;
         return newCredentialArray;
     }
 
-    private static Authentication generateAuthentication(CredentialAuth<PasswordCredentials> credentialAuth, final String [] creds) throws ArrayIndexOutOfBoundsException{
-        final PasswordCredentials pc = new PasswordCredentialBuilder()
-        .setUserName(creds[0]).setPassword(creds[1]).setDomain(creds[2]).build();
+    private static Authentication generateAuthentication(
+            CredentialAuth<PasswordCredentials> credentialAuth, final String[] creds)
+            throws ArrayIndexOutOfBoundsException {
+        final PasswordCredentials pc = new PasswordCredentialBuilder().setUserName(creds[0])
+                .setPassword(creds[1]).setDomain(creds[2]).build();
         final Claim claim = credentialAuth.authenticate(pc);
         return new AuthenticationBuilder(claim).build();
     }
@@ -107,8 +106,9 @@ public class HttpBasicAuth implements TokenAuth {
             if (checkAuthHeaderFormat(authHeader)) {
                 // HTTP Basic Auth
                 String[] creds = extractCredentialArray(authHeader);
-                // If no domain was supplied then use the default one, which is "sdn".
-                if(verifyCredentialArray(creds)){
+                // If no domain was supplied then use the default one, which is
+                // "sdn".
+                if (verifyCredentialArray(creds)) {
                     creds = addDomainToCredentialArray(creds);
                 }
                 // Assumes correct formatting in form Base64("user:password").