Android examples for Network:HTTP Request
Extract authorization info from the HTTP request header or query param.
/*//from w w w . j ava 2s.c o m * Copyright 2014 Google Inc. All rights reserved. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ import javax.servlet.http.HttpServletRequest; public class Main{ /** Keys that can be used to request GCM registration */ private static final String[][] REGISTRATION_KEYS = { //{"REG-your-key-here", "Android app registration key"}, }; /** Keys that can be used to request full admin privileges. */ private static final String[][] ADMIN_KEYS = { // {"ADM-your-key-here", "Command line tool admin key"}, // {"ADM-your-key-here2", "Updater AppEngine app"} }; /** * Extract authorization info from the HTTP request header or query param. * @param req * @return null if no authorization found. An AuthInfo with admin set to true if a valid admin key * is used, or set to false if any non-admin key is present. */ public static AuthInfo processAuthorization(HttpServletRequest req) { // Authenticate request // Auth key defaults to the 'key' query parameter String authKey = req.getParameter("key"); String authHeader = req.getHeader("Authorization"); if (authHeader != null) { // Use 'Authorization: key=...' header String splitHeader[] = authHeader.split("="); if ("key".equals(splitHeader[0])) { authKey = splitHeader[1]; } } if (authKey == null) { return null; } for (String[] candidateKey : ADMIN_KEYS) { if (candidateKey[0].equals(authKey)) { // caller is an admin AuthInfo info = new AuthInfo(candidateKey[0], candidateKey[1]); info.permAdmin = true; return info; } } for (String[] candidateKey : REGISTRATION_KEYS) { if (candidateKey[0].equals(authKey)) { // caller is using a valid registration API key, so they // can register AuthInfo info = new AuthInfo(candidateKey[0], candidateKey[1]); info.permRegister = true; return info; } } // the key is not a special admin or registration key, so all the user can do is // send message to themselves AuthInfo info = new AuthInfo(authKey, "User"); info.permSendSelfMessage = true; return info; } }