Merge master of guterresrafael/traccar into rest

author: Anton Tananaev <anton.tananaev@gmail.com> 2015-11-30 13:55:05 +1300
committer: Anton Tananaev <anton.tananaev@gmail.com> 2015-11-30 13:55:05 +1300
commit: cefc12afe98f610aa0f266bcac4361f9ec414ee5 (patch)
tree: 48d47a0eec0c2d8a3ee7f448f8d535d7d826d546 /src/org/traccar/api/AuthorizationBasic.java
parent: c6692703c8099577cb86c3eace5d8d1bc11f212d (diff)
parent: 1a25796d62bdf88f2cba0387a09e2eb71599e588 (diff)
download: trackermap-server-cefc12afe98f610aa0f266bcac4361f9ec414ee5.tar.gz
trackermap-server-cefc12afe98f610aa0f266bcac4361f9ec414ee5.tar.bz2
trackermap-server-cefc12afe98f610aa0f266bcac4361f9ec414ee5.zip
1 files changed, 98 insertions, 0 deletions
diff --git a/src/org/traccar/api/AuthorizationBasic.java b/src/org/traccar/api/AuthorizationBasic.java
new file mode 100644
index 000000000..807320940
--- /dev/null
+++ b/src/org/traccar/api/AuthorizationBasic.java
@@ -0,0 +1,98 @@
+/*
+ * Copyright 2015 Anton Tananaev (anton.tananaev@gmail.com)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.traccar.api;
+
+import java.sql.SQLException;
+import java.util.List;
+import java.util.Set;
+import java.util.StringTokenizer;
+import java.util.TreeSet;
+import javax.ws.rs.container.ContainerRequestContext;
+import javax.ws.rs.core.MultivaluedMap;
+import org.jboss.netty.buffer.ChannelBuffer;
+import org.jboss.netty.buffer.ChannelBuffers;
+import org.jboss.netty.handler.codec.base64.Base64;
+import org.jboss.netty.util.CharsetUtil;
+import org.traccar.Context;
+import org.traccar.model.User;
+
+public final class AuthorizationBasic {
+
+    private AuthorizationBasic() {
+    }
+
+    public static final String AUTHORIZATION_HEADER = "Authorization";
+    public static final String AUTHORIZATION_SCHEME_VALUE = "Basic";
+    public static final String REGEX = AUTHORIZATION_SCHEME_VALUE + " ";
+    public static final String REPLACEMENT = "";
+    public static final String TOKENIZER = ":";
+    public static final String USERNAME = "username";
+    public static final String PASSWORD = "password";
+    public static final String WWW_AUTHENTICATE_VALUE = "Basic realm=\"api\"";
+
+    public static UserPrincipal getUserPrincipal(ContainerRequestContext requestContext) {
+        final MultivaluedMap<String, String> headers = requestContext.getHeaders();
+        final List<String> authorization = headers.get(AUTHORIZATION_HEADER);
+        if (authorization == null || authorization.isEmpty()) {
+            return null;
+        }
+        final String encodedUsernameAndPassword = authorization.get(0).replaceFirst(REGEX, REPLACEMENT);
+        ChannelBuffer buffer = ChannelBuffers.copiedBuffer(encodedUsernameAndPassword, CharsetUtil.UTF_8);
+        String usernameAndPassword = Base64.decode(buffer).toString(CharsetUtil.UTF_8);
+        final StringTokenizer tokenizer = new StringTokenizer(usernameAndPassword, TOKENIZER);
+        String username = tokenizer.nextToken();
+        String password = tokenizer.nextToken();
+        Set<String> roles = new TreeSet<>(String.CASE_INSENSITIVE_ORDER);
+        UserPrincipal userPrincipal = new UserPrincipal(username, password, roles);
+        return userPrincipal;
+    }
+
+    public static boolean isAuthenticatedUser(UserPrincipal userPrincipal) {
+        if (userPrincipal.getName() != null && userPrincipal.getPassword() != null) {
+            User user;
+            try {
+                user = Context.getDataManager().login(userPrincipal.getName(), userPrincipal.getPassword());
+            } catch (SQLException e) {
+                return false;
+            }
+            if (user != null) {
+                userPrincipal.setId(user.getId());
+                /*
+                for (Role role : user.getRoles()) {
+                    userPrincipal.getRoles().add(role.getName());
+                }
+                */
+
+                //Temporary solution
+                userPrincipal.getRoles().add(ApplicationRole.USER);
+                if (user.getAdmin()) {
+                    userPrincipal.getRoles().add(ApplicationRole.ADMIN);
+                }
+                return true;
+            }
+        }
+        return false;
+    }
+
+    public static boolean isAuthorizedUser(UserPrincipal userPrincipal, Set<String> roles) {
+        for (String role : roles) {
+            if (userPrincipal.getRoles().contains(role)) {
+                return true;
+            }
+        }
+        return false;
+    }
+}
author	Anton Tananaev <anton.tananaev@gmail.com>	2015-11-30 13:55:05 +1300
committer	Anton Tananaev <anton.tananaev@gmail.com>	2015-11-30 13:55:05 +1300
commit	cefc12afe98f610aa0f266bcac4361f9ec414ee5 (patch)
tree	48d47a0eec0c2d8a3ee7f448f8d535d7d826d546 /src/org/traccar/api/AuthorizationBasic.java
parent	c6692703c8099577cb86c3eace5d8d1bc11f212d (diff)
parent	1a25796d62bdf88f2cba0387a09e2eb71599e588 (diff)
download	trackermap-server-cefc12afe98f610aa0f266bcac4361f9ec414ee5.tar.gz trackermap-server-cefc12afe98f610aa0f266bcac4361f9ec414ee5.tar.bz2 trackermap-server-cefc12afe98f610aa0f266bcac4361f9ec414ee5.zip