All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.blade.security.web.auth.BasicAuthMiddleware Maven / Gradle / Ivy

There is a newer version: 2.0.15.RELEASE
Show newest version
package com.blade.security.web.auth;

import com.blade.kit.StringKit;
import com.blade.mvc.RouteContext;
import com.blade.mvc.hook.Signature;
import com.blade.mvc.hook.WebHook;
import com.blade.mvc.http.Request;
import com.blade.mvc.http.Response;
import lombok.extern.slf4j.Slf4j;

import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Base64;
import java.util.List;
import java.util.Map;

/**
 * BasicAuth Middleware
 * 

* Created by biezhi on 11/07/2017. */ @Slf4j public class BasicAuthMiddleware implements WebHook { private final String authUserKey = "basic_user"; private String realm; private List authPairs = new ArrayList<>(); public BasicAuthMiddleware() { } public BasicAuthMiddleware(Map accounts) { this(accounts, "Authorization Required"); } public BasicAuthMiddleware(Map accounts, String realm) { this.realm = "Basic realm=" + realm; accounts.forEach((user, pass) -> this.authPairs.add(new AuthPair(user, authorizationHeader(user, pass)))); } private String authorizationHeader(String user, String password) { String base = user + ":" + password; return "Basic " + Base64.getEncoder().encodeToString(base.getBytes(StandardCharsets.UTF_8)); } private String searchCredential(String authValue) { if (StringKit.isEmpty(authValue)) { return null; } return authPairs.stream() .filter(authPair -> authPair.getValue().equals(authValue)) .map(AuthPair::getUser) .findFirst().orElse(null); } @Override public boolean before(RouteContext context) { if (null != context.session().attribute(authUserKey)) { return true; } String authorization = context.header("Authorization"); String user = this.searchCredential(authorization); if (null == user) { context.header("WWW-Authenticate", this.realm).status(401); return false; } context.session().attribute(authUserKey, user); return true; } }





© 2015 - 2024 Weber Informatics LLC | Privacy Policy