diff options
Diffstat (limited to 'src/org/traccar/api/AuthorizationBasic.java')
| -rw-r--r-- | src/org/traccar/api/AuthorizationBasic.java | 98 |
1 files changed, 0 insertions, 98 deletions
diff --git a/src/org/traccar/api/AuthorizationBasic.java b/src/org/traccar/api/AuthorizationBasic.java deleted file mode 100644 index 291d0e5d6..000000000 --- a/src/org/traccar/api/AuthorizationBasic.java +++ /dev/null @@ -1,98 +0,0 @@ -/* - * Copyright 2015 Anton Tananaev (anton.tananaev@gmail.com) - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.traccar.api; - -import java.sql.SQLException; -import java.util.List; -import java.util.Set; -import java.util.StringTokenizer; -import java.util.TreeSet; -import javax.ws.rs.container.ContainerRequestContext; -import javax.ws.rs.core.MultivaluedMap; -import org.jboss.netty.buffer.ChannelBuffer; -import org.jboss.netty.buffer.ChannelBuffers; -import org.jboss.netty.handler.codec.base64.Base64; -import org.jboss.netty.util.CharsetUtil; -import org.traccar.Context; -import org.traccar.model.User; - -public final class AuthorizationBasic { - - private AuthorizationBasic() { - } - - public static final String AUTHORIZATION_HEADER = "Authorization"; - public static final String AUTHORIZATION_SCHEME_VALUE = "Basic"; - public static final String REGEX = AUTHORIZATION_SCHEME_VALUE + " "; - public static final String REPLACEMENT = ""; - public static final String TOKENIZER = ":"; - public static final String USERNAME = "username"; - public static final String PASSWORD = "password"; - public static final String WWW_AUTHENTICATE_VALUE = "Basic realm=\"api\""; - - public static UserPrincipal getUserPrincipal(ContainerRequestContext requestContext) { - final MultivaluedMap<String, String> headers = requestContext.getHeaders(); - final List<String> authorization = headers.get(AUTHORIZATION_HEADER); - if (authorization == null || authorization.isEmpty()) { - return null; - } - final String encodedUsernameAndPassword = authorization.get(0).replaceFirst(REGEX, REPLACEMENT); - ChannelBuffer buffer = ChannelBuffers.copiedBuffer(encodedUsernameAndPassword, CharsetUtil.UTF_8); - String usernameAndPassword = Base64.decode(buffer).toString(CharsetUtil.UTF_8); - final StringTokenizer tokenizer = new StringTokenizer(usernameAndPassword, TOKENIZER); - String username = tokenizer.nextToken(); - String password = tokenizer.nextToken(); - Set<String> roles = new TreeSet<>(String.CASE_INSENSITIVE_ORDER); - UserPrincipal userPrincipal = new UserPrincipal(username, password, roles); - return userPrincipal; - } - - public static boolean isAuthenticatedUser(UserPrincipal userPrincipal) { - if (userPrincipal.getName() != null && userPrincipal.getPassword() != null) { - User user; - try { - user = Context.getDataManager().login(userPrincipal.getName(), userPrincipal.getPassword()); - } catch (SQLException e) { - return false; - } - if (user != null) { - userPrincipal.setId(user.getId()); - /* - for (Role role : user.getRoles()) { - userPrincipal.getRoles().add(role.getName()); - } - */ - - //Temporary solution - userPrincipal.getRoles().add(User.ROLE_USER); - if (user.getAdmin()) { - userPrincipal.getRoles().add(User.ROLE_ADMIN); - } - return true; - } - } - return false; - } - - public static boolean isAuthorizedUser(UserPrincipal userPrincipal, Set<String> roles) { - for (String role : roles) { - if (userPrincipal.getRoles().contains(role)) { - return true; - } - } - return false; - } -} |