From a994931dc349c93ba9b5c9bc7b517b9dd89a10cc Mon Sep 17 00:00:00 2001 From: Chris André Date: Tue, 21 Apr 2020 20:51:42 -0400 Subject: Minor cleanups for BasicAuthenticationFilter - Changed String representing encoding to Java's StandardCharsets.UTF_8 - Added explicit else condition in order to not rely on `abortWith`'s side effects Issue-ID: SDC-2917 Signed-off-by: Chris Andre Change-Id: I81cb94c399ff1d810e85c7b63fde195928ab1b08 --- .../sdc/be/filters/BasicAuthenticationFilter.java | 34 +++++++++++----------- 1 file changed, 17 insertions(+), 17 deletions(-) (limited to 'catalog-be/src/main') diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/filters/BasicAuthenticationFilter.java b/catalog-be/src/main/java/org/openecomp/sdc/be/filters/BasicAuthenticationFilter.java index 1747525417..8c81464ac5 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/filters/BasicAuthenticationFilter.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/filters/BasicAuthenticationFilter.java @@ -23,6 +23,7 @@ package org.openecomp.sdc.be.filters; import com.google.gson.Gson; import com.google.gson.GsonBuilder; import fj.data.Either; +import java.nio.charset.StandardCharsets; import org.apache.commons.codec.binary.Base64; import org.onap.sdc.security.Passwords; import org.openecomp.sdc.be.components.impl.ConsumerBusinessLogic; @@ -48,7 +49,6 @@ import javax.ws.rs.core.Response; import javax.ws.rs.core.Response.ResponseBuilder; import javax.ws.rs.core.Response.Status; import java.io.IOException; -import java.io.UnsupportedEncodingException; import java.util.StringTokenizer; @Priority(10) @@ -81,14 +81,9 @@ public class BasicAuthenticationFilter implements ContainerRequestFilter { String basic = st.nextToken(); if ("Basic".equalsIgnoreCase(basic)) { - try { - String credentials = new String(Base64.decodeBase64(st.nextToken()), "UTF-8"); - log.debug("Credentials: {}", credentials); - checkUserCredentials(requestContext, credentials); - } catch (UnsupportedEncodingException e) { - log.error("Authentication Filter Failed Couldn't retrieve authentication", e); - authInvalidHeaderError(requestContext); - } + String credentials = new String(Base64.decodeBase64(st.nextToken()), StandardCharsets.UTF_8); + log.debug("Credentials: {}", credentials); + checkUserCredentials(requestContext, credentials); } else { log.error(failedToRetrieveAuthErrorMsg); authInvalidHeaderError(requestContext); @@ -144,22 +139,27 @@ public class BasicAuthenticationFilter implements ContainerRequestFilter { } } - private void authSuccessful(ContainerRequestContext requestContext, String userName) { + private void authSuccessful(ContainerRequestContext requestContext, String userName) { ComponentsUtils componentUtils = getComponentsUtils(); if (componentUtils == null) { - abortWith(requestContext, COMPONENT_UTILS_FAILED, Response.status(Status.INTERNAL_SERVER_ERROR).build()); + abortWith(requestContext, COMPONENT_UTILS_FAILED, Response.status(Status.INTERNAL_SERVER_ERROR).build()); + } else { + componentUtils + .auditAuthEvent(requestContext.getUriInfo().getPath(), userName, AuthStatus.AUTH_SUCCESS.toString(), + realm); } - componentUtils.auditAuthEvent(requestContext.getUriInfo().getPath(), userName, AuthStatus.AUTH_SUCCESS.toString(), realm); } - private void authInvalidPasswordError(ContainerRequestContext requestContext, String userName) { + private void authInvalidPasswordError(ContainerRequestContext requestContext, String userName) { ComponentsUtils componentUtils = getComponentsUtils(); if (componentUtils == null) { - abortWith(requestContext, COMPONENT_UTILS_FAILED, Response.status(Status.INTERNAL_SERVER_ERROR).build()); + abortWith(requestContext, COMPONENT_UTILS_FAILED, Response.status(Status.INTERNAL_SERVER_ERROR).build()); + } else { + componentUtils.auditAuthEvent(requestContext.getUriInfo().getPath(), userName, + AuthStatus.AUTH_FAILED_INVALID_PASSWORD.toString(), realm); + ResponseFormat responseFormat = getComponentsUtils().getResponseFormat(ActionStatus.AUTH_FAILED); + abortWith(requestContext, responseFormat.getFormattedMessage(), buildErrorResponse(responseFormat, false)); } - componentUtils.auditAuthEvent(requestContext.getUriInfo().getPath(), userName, AuthStatus.AUTH_FAILED_INVALID_PASSWORD.toString(), realm); - ResponseFormat responseFormat = getComponentsUtils().getResponseFormat(ActionStatus.AUTH_FAILED); - abortWith(requestContext, responseFormat.getFormattedMessage(), buildErrorResponse(responseFormat, false)); } private void authUserNotFoundError(ContainerRequestContext requestContext, String userName) { -- cgit 1.2.3-korg