aboutsummaryrefslogtreecommitdiff
path: root/src/main/java
diff options
context:
space:
mode:
authorAnton Tananaev <anton@traccar.org>2024-05-05 07:52:39 -0700
committerAnton Tananaev <anton@traccar.org>2024-05-05 07:52:39 -0700
commit25bda2559356b7fc4388069b641da16a35bcd0cc (patch)
treecad9bdc5a987a843ff4bb0929d875ad47fd8b8cc /src/main/java
parent5d647be37332790aab41731d52e8dcadac9d5eb4 (diff)
downloadtrackermap-server-25bda2559356b7fc4388069b641da16a35bcd0cc.tar.gz
trackermap-server-25bda2559356b7fc4388069b641da16a35bcd0cc.tar.bz2
trackermap-server-25bda2559356b7fc4388069b641da16a35bcd0cc.zip
Refactor scheme login
Diffstat (limited to 'src/main/java')
-rw-r--r--src/main/java/org/traccar/api/security/LoginService.java18
-rw-r--r--src/main/java/org/traccar/api/security/SecurityRequestFilter.java22
2 files changed, 20 insertions, 20 deletions
diff --git a/src/main/java/org/traccar/api/security/LoginService.java b/src/main/java/org/traccar/api/security/LoginService.java
index 930c4fa46..507288c31 100644
--- a/src/main/java/org/traccar/api/security/LoginService.java
+++ b/src/main/java/org/traccar/api/security/LoginService.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2022 - 2023 Anton Tananaev (anton@traccar.org)
+ * Copyright 2022 - 2024 Anton Tananaev (anton@traccar.org)
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -20,6 +20,7 @@ import org.traccar.api.signature.TokenManager;
import org.traccar.config.Config;
import org.traccar.config.Keys;
import org.traccar.database.LdapProvider;
+import org.traccar.helper.DataConverter;
import org.traccar.helper.model.UserUtil;
import org.traccar.model.User;
import org.traccar.storage.Storage;
@@ -32,6 +33,7 @@ import jakarta.annotation.Nullable;
import jakarta.inject.Inject;
import jakarta.inject.Singleton;
import java.io.IOException;
+import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
@Singleton
@@ -58,6 +60,20 @@ public class LoginService {
forceOpenId = config.getBoolean(Keys.OPENID_FORCE);
}
+ public LoginResult login(
+ String scheme, String credentials) throws StorageException, GeneralSecurityException, IOException {
+ switch (scheme.toLowerCase()) {
+ case "bearer":
+ return login(credentials);
+ case "basic":
+ byte[] decodedBytes = DataConverter.parseBase64(credentials);
+ String[] auth = new String(decodedBytes, StandardCharsets.US_ASCII).split(":", 2);
+ return login(auth[0], auth[1], null);
+ default:
+ throw new SecurityException("Unsupported authorization scheme");
+ }
+ }
+
public LoginResult login(String token) throws StorageException, GeneralSecurityException, IOException {
if (serviceAccountToken != null && serviceAccountToken.equals(token)) {
return new LoginResult(new ServiceAccountUser());
diff --git a/src/main/java/org/traccar/api/security/SecurityRequestFilter.java b/src/main/java/org/traccar/api/security/SecurityRequestFilter.java
index 12a5dbecf..07083e7a8 100644
--- a/src/main/java/org/traccar/api/security/SecurityRequestFilter.java
+++ b/src/main/java/org/traccar/api/security/SecurityRequestFilter.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2015 - 2023 Anton Tananaev (anton@traccar.org)
+ * Copyright 2015 - 2024 Anton Tananaev (anton@traccar.org)
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -20,7 +20,6 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.traccar.api.resource.SessionResource;
import org.traccar.database.StatisticsManager;
-import org.traccar.helper.DataConverter;
import org.traccar.model.User;
import org.traccar.storage.StorageException;
@@ -36,7 +35,6 @@ import jakarta.ws.rs.core.Response;
import jakarta.ws.rs.core.SecurityContext;
import java.io.IOException;
import java.lang.reflect.Method;
-import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.util.Date;
@@ -44,15 +42,6 @@ public class SecurityRequestFilter implements ContainerRequestFilter {
private static final Logger LOGGER = LoggerFactory.getLogger(SecurityRequestFilter.class);
- public static String[] decodeBasicAuth(String auth) {
- auth = auth.replaceFirst("[B|b]asic ", "");
- byte[] decodedBytes = DataConverter.parseBase64(auth);
- if (decodedBytes != null && decodedBytes.length > 0) {
- return new String(decodedBytes, StandardCharsets.US_ASCII).split(":", 2);
- }
- return null;
- }
-
@Context
private HttpServletRequest request;
@@ -83,13 +72,8 @@ public class SecurityRequestFilter implements ContainerRequestFilter {
if (authHeader != null) {
try {
- LoginResult loginResult;
- if (authHeader.startsWith("Bearer ")) {
- loginResult = loginService.login(authHeader.substring(7));
- } else {
- String[] auth = decodeBasicAuth(authHeader);
- loginResult = loginService.login(auth[0], auth[1], null);
- }
+ String[] auth = authHeader.split(" ");
+ LoginResult loginResult = loginService.login(auth[0], auth[1]);
if (loginResult != null) {
User user = loginResult.getUser();
statisticsManager.registerRequest(user.getId());