org.eclipse.emf.emfstore.jax2/src/org/eclipse/emf/emfstore/jax/server/security/SecurityHandler.java - emf-store/org.eclipse.emf.emfstore.core - Git at Google

 package org.eclipse.emf.emfstore.jax.server.security;

 import java.security.Principal;

 import javax.ws.rs.container.ContainerRequestContext;
 import javax.ws.rs.core.HttpHeaders;
 import javax.ws.rs.core.SecurityContext;

 import com.eclipsesource.jaxrs.provider.security.AuthenticationHandler;
 import com.eclipsesource.jaxrs.provider.security.AuthorizationHandler;
 import com.sun.xml.internal.messaging.saaj.util.Base64;

 /**
  * class which is responsible for authentication and authorization
  *
  * @author Pascal Schliski
  *
  */
 public class SecurityHandler implements AuthenticationHandler, AuthorizationHandler {

 	/**
 	 *
 	 * {@inheritDoc}
 	 *
 	 * @see com.eclipsesource.jaxrs.provider.security.AuthorizationHandler#isUserInRole(java.security.Principal,
 	 *      java.lang.String)
 	 */
 	public boolean isUserInRole(Principal user, String role) {

 		return true; // authorization not needed, because this is done internally on server
 	}

 	/**
 	 *
 	 * {@inheritDoc}
 	 *
 	 * @see com.eclipsesource.jaxrs.provider.security.AuthenticationHandler#authenticate(javax.ws.rs.container.ContainerRequestContext)
 	 */
 	public Principal authenticate(ContainerRequestContext requestContext) {

 		// get the base64 encoded user:pw combination
 		final String userCredentials = requestContext.getHeaderString(HttpHeaders.AUTHORIZATION);

 		final User user = decodeBase64EncodedCredentials(userCredentials);

 		return user;

 	}

 	/**
 	 * decode a base64-encoded HTTP auth String into a User object
 	 *
 	 * @param userCredentials a base64 decoded user:pw String
 	 * @return the User, null if username and password are both empty
 	 */
 	private User decodeBase64EncodedCredentials(
 		String userCredentials) {

 		// a userCredentials String starts with "Basic ". This needs to be cut off
 		final int spaceAfterBasic = userCredentials.indexOf(" "); //$NON-NLS-1$
 		if (spaceAfterBasic + 1 == userCredentials.length()) {
 			return null;
 		}
 		final String decoded = Base64.base64Decode(userCredentials.substring(spaceAfterBasic + 1));

 		final int colon = decoded.indexOf(":"); //$NON-NLS-1$
 		if (colon == decoded.length() - 1) {
 			// empty password not allowed
 			return null;
 		}
 		final String name = decoded.substring(0, colon);
 		final String password = decoded.substring(colon + 1);

 		return new User(name, password);
 	}

 	/**
 	 *
 	 * {@inheritDoc}
 	 *
 	 * @see com.eclipsesource.jaxrs.provider.security.AuthenticationHandler#getAuthenticationScheme()
 	 */
 	public String getAuthenticationScheme() {

 		return SecurityContext.BASIC_AUTH;
 	}

 }
	package org.eclipse.emf.emfstore.jax.server.security;

	import java.security.Principal;

	import javax.ws.rs.container.ContainerRequestContext;
	import javax.ws.rs.core.HttpHeaders;
	import javax.ws.rs.core.SecurityContext;

	import com.eclipsesource.jaxrs.provider.security.AuthenticationHandler;
	import com.eclipsesource.jaxrs.provider.security.AuthorizationHandler;
	import com.sun.xml.internal.messaging.saaj.util.Base64;

	/**
	* class which is responsible for authentication and authorization
	*
	* @author Pascal Schliski
	*
	*/
	public class SecurityHandler implements AuthenticationHandler, AuthorizationHandler {

	/**
	*
	* {@inheritDoc}
	*
	* @see com.eclipsesource.jaxrs.provider.security.AuthorizationHandler#isUserInRole(java.security.Principal,
	* java.lang.String)
	*/
	public boolean isUserInRole(Principal user, String role) {

	return true; // authorization not needed, because this is done internally on server
	}

	/**
	*
	* {@inheritDoc}
	*
	* @see com.eclipsesource.jaxrs.provider.security.AuthenticationHandler#authenticate(javax.ws.rs.container.ContainerRequestContext)
	*/
	public Principal authenticate(ContainerRequestContext requestContext) {

	// get the base64 encoded user:pw combination
	final String userCredentials = requestContext.getHeaderString(HttpHeaders.AUTHORIZATION);

	final User user = decodeBase64EncodedCredentials(userCredentials);

	return user;

	}

	/**
	* decode a base64-encoded HTTP auth String into a User object
	*
	* @param userCredentials a base64 decoded user:pw String
	* @return the User, null if username and password are both empty
	*/
	private User decodeBase64EncodedCredentials(
	String userCredentials) {

	// a userCredentials String starts with "Basic ". This needs to be cut off
	final int spaceAfterBasic = userCredentials.indexOf(" "); //$NON-NLS-1$
	if (spaceAfterBasic + 1 == userCredentials.length()) {
	return null;
	}
	final String decoded = Base64.base64Decode(userCredentials.substring(spaceAfterBasic + 1));

	final int colon = decoded.indexOf(":"); //$NON-NLS-1$
	if (colon == decoded.length() - 1) {
	// empty password not allowed
	return null;
	}
	final String name = decoded.substring(0, colon);
	final String password = decoded.substring(colon + 1);

	return new User(name, password);
	}

	/**
	*
	* {@inheritDoc}
	*
	* @see com.eclipsesource.jaxrs.provider.security.AuthenticationHandler#getAuthenticationScheme()
	*/
	public String getAuthenticationScheme() {

	return SecurityContext.BASIC_AUTH;
	}

	}