org.openbmp.db_rest.helpers.AuthenticationService.java Source code

Java tutorial

  1. HOME
  2. Java
  3. org.openbmp.db_rest.helpers.AuthenticationService.java

Introduction

Here is the source code for org.openbmp.db_rest.helpers.AuthenticationService.java

Source

/*
 * Copyright (c) 2014-2016 Cisco Systems, Inc. and others.  All rights reserved.
 *
 * This program and the accompanying materials are made available under the
 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
 * and is available at http://www.eclipse.org/legal/epl-v10.html
 *
 */
package org.openbmp.db_rest.helpers;

/**
 * Created by ALEX on 3/18/16.
 */

import org.apache.commons.net.util.Base64;
import org.openbmp.db_rest.DbUtils;

import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.sql.DataSource;
import java.io.IOException;
import java.util.Map;
import java.util.StringTokenizer;

public class AuthenticationService {

    private DataSource mysql_ds;

    /**
     * Initialize the class Sets the data source
     *
     * @throws
     */

    public AuthenticationService() {
        InitialContext initctx = null;
        try {

            initctx = new InitialContext();
            mysql_ds = (DataSource) initctx.lookup("java:/comp/env/jdbc/MySQLDB");

        } catch (NamingException e) {
            System.err.println("ERROR: Cannot find resource configuration, check context.xml config");
            e.printStackTrace();
        }
    }

    public boolean authenticate(String authCredentials) {

        if (null == authCredentials)
            return false;
        // header value format will be "Basic encodedstring" for Basic
        // authentication. Example "Basic YWRtaW46YWRtaW4="
        final String encodedUserPassword = authCredentials.replaceFirst("Basic" + " ", "");
        String usernameAndPassword = null;
        try {
            byte[] decodedBytes = Base64.decodeBase64(encodedUserPassword);
            usernameAndPassword = new String(decodedBytes, "UTF-8");
        } catch (IOException e) {
            e.printStackTrace();
        }
        final StringTokenizer tokenizer = new StringTokenizer(usernameAndPassword, ":");
        final String username = tokenizer.nextToken();
        final String password = tokenizer.nextToken();

        // we have fixed the userid and password as admin
        // call some UserService/LDAP here

        StringBuilder query = new StringBuilder();

        query.append("SELECT * FROM users\n");
        query.append("WHERE username=\"" + username + "\" AND password=PASSWORD(\"" + password + "\")\n");

        Map map = DbUtils.select_DbToMap(mysql_ds, query.toString());
        boolean authenticationStatus = map.size() > 0;

        return authenticationStatus;
    }
}