*/
public class TokenAuthRealm extends AuthorizingRealm {
+ private static final String USERNAME_DOMAIN_SEPARATOR = "@";
+
/**
* The unique identifying name for <code>TokenAuthRealm</code>
*/
}
/**
+ * Bridge new to old style <code>TokenAuth</code> interface.
*
- * @param username
- * @param password
- * @return <code>username</code>:<code>password</code>
+ * @param username The request username
+ * @param password The request password
+ * @param domain The request domain
+ * @return <code>username:password:domain</code>
*/
- static String getUsernamePasswordString(final String username, final String password) {
- return username + HttpBasicAuth.AUTH_SEP + password;
+ static String getUsernamePasswordDomainString(final String username, final String password,
+ final String domain) {
+ return username + HttpBasicAuth.AUTH_SEP + password + HttpBasicAuth.AUTH_SEP + domain;
}
/**
* Adapter between basic authentication mechanism and existing
* <code>TokenAuth</code> interface.
*
- * @param username
- * @param password
+ * @param username Username from the request
+ * @param password Password from the request
+ * @param domain Domain from the request
* @return input map for <code>TokenAuth.validate()</code>
*/
- Map<String, List<String>> formHeaders(final String username, final String password) {
- String usernamePasswordToken = getUsernamePasswordString(username, password);
+ Map<String, List<String>> formHeaders(final String username, final String password,
+ final String domain) {
+ String usernamePasswordToken = getUsernamePasswordDomainString(username, password, domain);
String encodedToken = getEncodedToken(usernamePasswordToken);
String tokenAuthHeader = getTokenAuthHeader(encodedToken);
return formHeadersWithToken(tokenAuthHeader);
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken)
throws AuthenticationException {
- String username;
- String password;
+ String username = "";
+ String password = "";
+ String domain = HttpBasicAuth.DEFAULT_DOMAIN;
try {
- username = extractUsername(authenticationToken);
+ final String qualifiedUser = extractUsername(authenticationToken);
+ if (qualifiedUser.contains(USERNAME_DOMAIN_SEPARATOR)) {
+ final String [] qualifiedUserArray = qualifiedUser.split(USERNAME_DOMAIN_SEPARATOR);
+ try {
+ username = qualifiedUserArray[0];
+ domain = qualifiedUserArray[1];
+ } catch (ArrayIndexOutOfBoundsException e) {
+ LOG.trace("Couldn't parse domain from {}; trying without one",
+ qualifiedUser, e);
+ }
+ } else {
+ username = qualifiedUser;
+ }
password = extractPassword(authenticationToken);
+
} catch (NullPointerException e) {
throw new AuthenticationException(FATAL_ERROR_DECODING_CREDENTIALS, e);
} catch (ClassCastException e) {
// Auth request
if (!Strings.isNullOrEmpty(password)) {
if (ServiceLocator.getInstance().getAuthenticationService().isAuthEnabled()) {
- Map<String, List<String>> headers = formHeaders(username, password);
+ Map<String, List<String>> headers = formHeaders(username, password, domain);
// iterate over <code>TokenAuth</code> implementations and
// attempt to
// authentication with each one
}
@Test
- public void testGetUsernamePasswordString() {
+ public void testGetUsernamePasswordDomainString() {
final String username = "user";
final String password = "password";
- final String expectedUsernamePasswordString = "user:password";
- assertEquals(expectedUsernamePasswordString, getUsernamePasswordString(username, password));
+ final String domain = "domain";
+ final String expectedUsernamePasswordString = "user:password:domain";
+ assertEquals(expectedUsernamePasswordString, getUsernamePasswordDomainString(username, password, domain));
}
@Test
@Test
public void testGetTokenAuthHeader() {
- final String encodedCredentials = getEncodedToken(getUsernamePasswordString("user1",
- "password"));
+ final String encodedCredentials = getEncodedToken(getUsernamePasswordDomainString("user1",
+ "password", "sdn"));
final String expectedTokenAuthHeader = "Basic " + encodedCredentials;
assertEquals(expectedTokenAuthHeader, getTokenAuthHeader(encodedCredentials));
}
@Test
public void testFormHeadersWithToken() {
- final String authHeader = getEncodedToken(getTokenAuthHeader(getUsernamePasswordString(
- "user1", "password")));
+ final String authHeader = getEncodedToken(getTokenAuthHeader(getUsernamePasswordDomainString(
+ "user1", "password", "sdn")));
final Map<String, List<String>> expectedHeaders = new HashMap<String, List<String>>();
expectedHeaders.put("Authorization", Lists.newArrayList(authHeader));
final Map<String, List<String>> actualHeaders = formHeadersWithToken(authHeader);
public void testFormHeaders() {
final String username = "basicUser";
final String password = "basicPassword";
- final String authHeader = getTokenAuthHeader(getEncodedToken(getUsernamePasswordString(
- username, password)));
+ final String domain = "basicDomain";
+ final String authHeader = getTokenAuthHeader(getEncodedToken(getUsernamePasswordDomainString(
+ username, password, domain)));
final Map<String, List<String>> expectedHeaders = new HashMap<String, List<String>>();
expectedHeaders.put("Authorization", Lists.newArrayList(authHeader));
- final Map<String, List<String>> actualHeaders = formHeaders(username, password);
+ final Map<String, List<String>> actualHeaders = formHeaders(username, password, domain);
List<String> value;
for (String key : expectedHeaders.keySet()) {
value = expectedHeaders.get(key);