X-Git-Url: https://git.opendaylight.org/gerrit/gitweb?a=blobdiff_plain;f=aaa-shiro%2Fimpl%2Fsrc%2Fmain%2Fjava%2Forg%2Fopendaylight%2Faaa%2Fshiro%2Ftokenauthrealm%2Fauth%2FHttpBasicAuth.java;fp=aaa-shiro%2Fimpl%2Fsrc%2Fmain%2Fjava%2Forg%2Fopendaylight%2Faaa%2Fshiro%2Ftokenauthrealm%2Fauth%2FHttpBasicAuth.java;h=bcc7ae67a7654fb290f1f927ec00e01bbfaa9bf1;hb=b490113ac1d67a225f228e767474a360bb1c714e;hp=0000000000000000000000000000000000000000;hpb=7c911f7cf3a70cbd77616cd11e75288a8315b173;p=aaa.git diff --git a/aaa-shiro/impl/src/main/java/org/opendaylight/aaa/shiro/tokenauthrealm/auth/HttpBasicAuth.java b/aaa-shiro/impl/src/main/java/org/opendaylight/aaa/shiro/tokenauthrealm/auth/HttpBasicAuth.java new file mode 100644 index 000000000..bcc7ae67a --- /dev/null +++ b/aaa-shiro/impl/src/main/java/org/opendaylight/aaa/shiro/tokenauthrealm/auth/HttpBasicAuth.java @@ -0,0 +1,130 @@ +/* + * Copyright (c) 2014, 2017 Hewlett-Packard Development Company, L.P. and others. All rights reserved. + * + * This program and the accompanying materials are made available under the + * terms of the Eclipse Public License v1.0 which accompanies this distribution, + * and is available at http://www.eclipse.org/legal/epl-v10.html + */ + +package org.opendaylight.aaa.shiro.tokenauthrealm.auth; + +import java.util.Base64; +import java.util.List; +import java.util.Map; +import org.opendaylight.aaa.api.Authentication; +import org.opendaylight.aaa.api.AuthenticationException; +import org.opendaylight.aaa.api.Claim; +import org.opendaylight.aaa.api.CredentialAuth; +import org.opendaylight.aaa.api.PasswordCredentials; +import org.opendaylight.aaa.api.TokenAuth; +import org.opendaylight.aaa.shiro.tokenauthrealm.ServiceLocator; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * An HTTP Basic authenticator. Note that this is provided as a Hydrogen + * backward compatible authenticator, but usage of this authenticator or HTTP + * Basic Authentication is highly discouraged due to its vulnerability. + * + *
+ * To obtain a token using the HttpBasicAuth Strategy, add a header to your HTTP
+ * request in the form:
+ * Authorization: Basic BASE_64_ENCODED_CREDENTIALS
+ *
+ *
+ * Where BASE_64_ENCODED_CREDENTIALS
is the base 64 encoded value
+ * of the user's credentials in the following form: user:password
+ *
+ *
+ * For example, assuming the user is "admin" and the password is "admin":
+ * Authorization: Basic YWRtaW46YWRtaW4=
+ *
+ * @author liemmn
+ */
+public class HttpBasicAuth implements TokenAuth {
+
+ public static final String AUTH_HEADER = "Authorization";
+
+ public static final String AUTH_SEP = ":";
+
+ public static final String BASIC_PREFIX = "Basic ";
+
+ // TODO relocate this constant
+ public static final String DEFAULT_DOMAIN = "sdn";
+
+ /**
+ * username and password.
+ */
+ private static final int NUM_HEADER_CREDS = 2;
+
+ /**
+ * username, password and domain.
+ */
+ private static final int NUM_TOKEN_CREDS = 3;
+
+ private static final Logger LOG = LoggerFactory.getLogger(HttpBasicAuth.class);
+
+ volatile CredentialAuth