Exemplo n.º 1
0
  private boolean basicAuth(HttpServerRequest request, String encodedAuth) {
    byte[] authBytes = Base64.decodeBase64(encodedAuth);
    String decodedString = new String(authBytes);
    String[] splitAuth = StringUtils.split(StringUtils.trim(decodedString), ":"); // $NON-NLS-1$

    if (splitAuth.length != 2) return false;

    if (fileBasicAuthData.containsKey(splitAuth[0])) {
      String storedHash = new String(Base64.decodeBase64(fileBasicAuthData.get(splitAuth[0])));

      MessageDigest digest;
      try {
        digest = MessageDigest.getInstance("SHA-256"); // $NON-NLS-1$
        digest.update(splitAuth[1].getBytes());

        String receivedHash = new String(digest.digest());

        if (storedHash.equals(receivedHash)) {
          return true;
        }
      } catch (NoSuchAlgorithmException e) {
        logger.error(e.getMessage(), e.getCause());
      }
    }

    request
        .response()
        .headers()
        .add(
            "WWW-Authenticate",
            "Basic realm=\"" + config.getRealm() + "\""); // $NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$

    return false;
  }
Exemplo n.º 2
0
 @Override
 public void handle(HttpServerRequest request) {
   if (!config.isAuthenticationEnabled() || authenticate(request)) {
     super.handle(request);
   } else {
     notAuthorised(request.response());
   }
 }
Exemplo n.º 3
0
 public AuthenticatingRouteMatcher(VertxEngineConfig config, Logger logger) {
   this.config = config;
   this.fileBasicAuthData = config.loadFileBasicAuth();
   this.logger = logger;
 }