diff options
Diffstat (limited to 'src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java')
-rw-r--r-- | src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java b/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java index 8c5fb82a..a9f309a3 100644 --- a/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java +++ b/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java @@ -3,6 +3,7 @@ * org.onap.dcaegen2.collectors.ves * ================================================================================ * Copyright (C) 2018 - 2019 Nokia. All rights reserved. + * Copyright (C) 2023 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -115,18 +116,18 @@ public class ApiAuthInterceptor extends HandlerInterceptorAdapter { return false; } - private boolean isBasicAuth() { + boolean isBasicAuth() { return settings.authMethod().equalsIgnoreCase(AuthMethodType.CERT_BASIC_AUTH.value()); } - private boolean isAuthorized(String authorizationHeader) { + boolean isAuthorized(String authorizationHeader) { try { String decodeCredentials = decodeCredentials(authorizationHeader); String providedUser = extractUser(decodeCredentials); String providedPassword = extractPassword(decodeCredentials); Option<String> maybeSavedPassword = settings.validAuthorizationCredentials().get(providedUser); boolean userRegistered = maybeSavedPassword.isDefined(); - return userRegistered && cryptPassword.matches(providedPassword,maybeSavedPassword.get()); + return userRegistered && verifyCryptPassword(providedPassword,maybeSavedPassword); } catch (Exception e) { LOG.warn(String.format("Could not check if user is authorized (header: '%s')), probably malformed header.", authorizationHeader), e); @@ -134,6 +135,10 @@ public class ApiAuthInterceptor extends HandlerInterceptorAdapter { } } + Boolean verifyCryptPassword(String providedPassword, Option<String> maybeSavedPassword) { + return cryptPassword.matches(providedPassword,maybeSavedPassword.get()); + } + private String extractPassword(String decodeCredentials) { return decodeCredentials.split(":")[1].trim(); } @@ -146,4 +151,4 @@ public class ApiAuthInterceptor extends HandlerInterceptorAdapter { String encodedData = authorizationHeader.split(" ")[1]; return new String(Base64.getDecoder().decode(encodedData)); } -}
\ No newline at end of file +} |