1 files changed, 9 insertions, 4 deletions

diff --git a/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java b/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java
index 8c5fb82a..a9f309a3 100644
--- a/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java
+++ b/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java
@@ -3,6 +3,7 @@
  * org.onap.dcaegen2.collectors.ves
  * ================================================================================
  * Copyright (C) 2018 - 2019 Nokia. All rights reserved.
+ * Copyright (C) 2023 AT&T Intellectual Property. All rights reserved.
  * ================================================================================
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -115,18 +116,18 @@ public class ApiAuthInterceptor extends HandlerInterceptorAdapter {
         return false;
     }
 
-    private boolean isBasicAuth() {
+    boolean isBasicAuth() {
         return settings.authMethod().equalsIgnoreCase(AuthMethodType.CERT_BASIC_AUTH.value());
     }
 
-    private boolean isAuthorized(String authorizationHeader) {
+    boolean isAuthorized(String authorizationHeader) {
         try  {
             String decodeCredentials = decodeCredentials(authorizationHeader);
             String providedUser = extractUser(decodeCredentials);
             String providedPassword = extractPassword(decodeCredentials);
             Option<String> maybeSavedPassword = settings.validAuthorizationCredentials().get(providedUser);
             boolean userRegistered = maybeSavedPassword.isDefined();
-            return userRegistered && cryptPassword.matches(providedPassword,maybeSavedPassword.get());
+            return userRegistered && verifyCryptPassword(providedPassword,maybeSavedPassword);
         } catch (Exception e) {
             LOG.warn(String.format("Could not check if user is authorized (header: '%s')), probably malformed header.",
                 authorizationHeader), e);
@@ -134,6 +135,10 @@ public class ApiAuthInterceptor extends HandlerInterceptorAdapter {
         }
     }
 
+    Boolean verifyCryptPassword(String providedPassword, Option<String> maybeSavedPassword) {
+        return cryptPassword.matches(providedPassword,maybeSavedPassword.get());
+    }
+
     private String extractPassword(String decodeCredentials) {
         return decodeCredentials.split(":")[1].trim();
     }
@@ -146,4 +151,4 @@ public class ApiAuthInterceptor extends HandlerInterceptorAdapter {
         String encodedData = authorizationHeader.split(" ")[1];
         return new String(Base64.getDecoder().decode(encodedData));
     }
-}
\ No newline at end of file
+}