net.intelie.liverig.witsml.BasicAuthenticationHandler Maven / Gradle / Ivy
The newest version!
package net.intelie.liverig.witsml;
import javax.xml.bind.DatatypeConverter;
import javax.xml.namespace.QName;
import javax.xml.ws.Binding;
import javax.xml.ws.Endpoint;
import javax.xml.ws.handler.Handler;
import javax.xml.ws.handler.MessageContext;
import javax.xml.ws.handler.soap.SOAPHandler;
import javax.xml.ws.handler.soap.SOAPMessageContext;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.util.*;
import java.util.function.Function;
public class BasicAuthenticationHandler implements SOAPHandler {
private final String realm;
private final Function userPassword;
public BasicAuthenticationHandler(String realm, Function userPassword) {
this.realm = realm;
this.userPassword = userPassword;
}
public void addToHandlerChainOf(Endpoint endpoint) {
addToHandlerChainOf(endpoint.getBinding());
}
public void addToHandlerChainOf(Binding binding) {
@SuppressWarnings("rawtypes")
List chain = binding.getHandlerChain();
chain.add(this);
binding.setHandlerChain(chain);
}
private String realm() {
return realm.replace('"', '\'');
}
@Override
public Set getHeaders() {
return Collections.emptySet();
}
@Override
public boolean handleMessage(SOAPMessageContext context) {
if ((boolean) context.get(MessageContext.MESSAGE_OUTBOUND_PROPERTY))
return true;
@SuppressWarnings("unchecked")
Map> requestHeaders = (Map>) context.get(MessageContext.HTTP_REQUEST_HEADERS);
List authorizationHeaders = requestHeaders.get("Authorization");
if (authorizationHeaders == null || authorizationHeaders.isEmpty()) {
@SuppressWarnings("unchecked")
Map> responseHeaders = (Map>) context.get(MessageContext.HTTP_RESPONSE_HEADERS);
if (responseHeaders == null) {
responseHeaders = new HashMap<>();
context.put(MessageContext.HTTP_RESPONSE_HEADERS, responseHeaders);
}
List authenticateHeaders = responseHeaders.get("WWW-Authenticate");
if (authenticateHeaders == null) {
authenticateHeaders = new ArrayList<>();
responseHeaders.put("WWW-Authenticate", authenticateHeaders);
}
if (authenticateHeaders.isEmpty())
authenticateHeaders.add("Basic realm=\"" + realm() + "\"");
context.put(MessageContext.HTTP_RESPONSE_CODE, 401);
return false;
}
if (authorizationHeaders.size() > 1) {
context.put(MessageContext.HTTP_RESPONSE_CODE, 400);
return false;
}
if (!authenticate(authorizationHeaders.get(0))) {
context.put(MessageContext.HTTP_RESPONSE_CODE, 403);
return false;
}
return true;
}
private boolean authenticate(String header) {
String[] header_split = header.split(" ");
if (header_split.length != 2 || !"Basic".equals(header_split[0]))
return false;
String[] username_password = new String(DatatypeConverter.parseBase64Binary(header_split[1]),
StandardCharsets.ISO_8859_1).split(":", 2);
if (username_password.length != 2)
return false;
String username = username_password[0];
String password = userPassword.apply(username);
if (password == null)
return false;
String encoded = DatatypeConverter.printBase64Binary((username + ':' + password).getBytes(StandardCharsets.UTF_8));
return MessageDigest.isEqual(encoded.getBytes(StandardCharsets.UTF_8), header_split[1].getBytes(StandardCharsets.UTF_8));
}
@Override
public boolean handleFault(SOAPMessageContext context) {
return true;
}
@Override
public void close(MessageContext context) { }
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy