-
Notifications
You must be signed in to change notification settings - Fork 35
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #280 from sphereio/basic-auth
Basic auth, closes #244
- Loading branch information
Showing
46 changed files
with
634 additions
and
188 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
package basicauth; | ||
|
||
import io.sphere.sdk.models.Base; | ||
|
||
import java.util.Base64; | ||
|
||
/** | ||
* Contains information related to the HTTP basic access authentication. | ||
*/ | ||
public class BasicAuth extends Base { | ||
private final String realm; | ||
private final String encodedCredentials; | ||
|
||
private BasicAuth(final String realm, final String encodedCredentials) { | ||
this.realm = realm; | ||
this.encodedCredentials = encodedCredentials; | ||
} | ||
|
||
public String getRealm() { | ||
return realm; | ||
} | ||
|
||
/** | ||
* Decides whether the authentication header is valid, i.e. it is equal to "Basic username:password", | ||
* where "username:password" is encoded in Base64 scheme. | ||
* @param authorizationHeader the contents of the HTTP Authorization header | ||
* @return true if the header complies with an Authorization header and contains the correct credentials, | ||
* false otherwise | ||
*/ | ||
public boolean isAuthorized(final String authorizationHeader) { | ||
final String expectedAuthHeader = "Basic " + encodedCredentials; | ||
return expectedAuthHeader.equals(authorizationHeader); | ||
} | ||
|
||
public static BasicAuth of(final String realm, final String credentials) { | ||
final String encodedCredentials = Base64.getEncoder().encodeToString(credentials.getBytes()); | ||
return new BasicAuth(realm, encodedCredentials); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
package basicauth; | ||
|
||
import com.google.inject.AbstractModule; | ||
|
||
import javax.inject.Singleton; | ||
|
||
/** | ||
* Configuration for the Guice {@link com.google.inject.Injector} which shall be used in production. | ||
*/ | ||
public class BasicAuthProductionModule extends AbstractModule { | ||
|
||
@Override | ||
protected void configure() { | ||
bind(BasicAuth.class).toProvider(BasicAuthProvider.class).in(Singleton.class); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
package basicauth; | ||
|
||
import inject.SunriseInitializationException; | ||
import play.Configuration; | ||
import play.Logger; | ||
|
||
import javax.annotation.Nullable; | ||
import javax.inject.Inject; | ||
import javax.inject.Provider; | ||
|
||
class BasicAuthProvider implements Provider<BasicAuth> { | ||
public static final String CONFIG_REALM = "application.auth.realm"; | ||
public static final String CONFIG_CREDENTIALS = "application.auth.credentials"; | ||
public static final String REGEX_CREDENTIALS = "^[^ :]+:[^ :]+$"; | ||
private final Configuration configuration; | ||
|
||
@Inject | ||
public BasicAuthProvider(final Configuration configuration) { | ||
this.configuration = configuration; | ||
} | ||
|
||
@Nullable | ||
@Override | ||
public BasicAuth get() { | ||
final String realm = configuration.getString(CONFIG_REALM, "Sunrise Authentication"); | ||
final String credentials = configuration.getString(CONFIG_CREDENTIALS); | ||
if (credentials != null && !credentials.isEmpty()) { | ||
if (credentials.matches(REGEX_CREDENTIALS)) { | ||
Logger.debug("Basic authentication: enabled for realm \"{}\"", realm); | ||
return BasicAuth.of(realm, credentials); | ||
} else { | ||
throw new SunriseInitializationException("Basic access authentication credentials must be of the form 'username:password', matching: " + REGEX_CREDENTIALS); | ||
} | ||
} else { | ||
Logger.debug("Basic authentication: disabled"); | ||
return null; | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,66 @@ | ||
package basicauth; | ||
|
||
import play.Logger; | ||
import play.http.DefaultHttpRequestHandler; | ||
import play.libs.F; | ||
import play.mvc.Action; | ||
import play.mvc.Http; | ||
import play.mvc.Result; | ||
|
||
import javax.annotation.Nullable; | ||
import javax.inject.Inject; | ||
import java.lang.reflect.Method; | ||
import java.util.Optional; | ||
|
||
import static play.mvc.Http.HeaderNames.AUTHORIZATION; | ||
import static play.mvc.Http.HeaderNames.WWW_AUTHENTICATE; | ||
|
||
/** | ||
* Request handler that enables HTTP basic access authentication. | ||
*/ | ||
public class BasicAuthRequestHandler extends DefaultHttpRequestHandler { | ||
private static final Logger.ALogger LOGGER = Logger.of(BasicAuthRequestHandler.class); | ||
private final Optional<BasicAuth> basicAuth; | ||
|
||
@Inject | ||
public BasicAuthRequestHandler(@Nullable final BasicAuth basicAuth) { | ||
this.basicAuth = Optional.ofNullable(basicAuth); | ||
} | ||
|
||
@Override | ||
public Action createAction(final Http.Request request, final Method actionMethod) { | ||
if (basicAuth.isPresent()) { | ||
return authenticate(basicAuth.get()); | ||
} else { | ||
return super.createAction(request, actionMethod); | ||
} | ||
} | ||
|
||
private Action authenticate(final BasicAuth basicAuth) { | ||
return new Action.Simple() { | ||
|
||
@Override | ||
public F.Promise<Result> call(final Http.Context ctx) throws Throwable { | ||
final boolean isAuthorized; | ||
final String authorizationHeader = ctx.request().getHeader(AUTHORIZATION); | ||
if (authorizationHeader != null) { | ||
isAuthorized = basicAuth.isAuthorized(authorizationHeader); | ||
} else { | ||
isAuthorized = false; | ||
ctx.response().setHeader(WWW_AUTHENTICATE, "Basic realm=\"" + basicAuth.getRealm() + "\""); | ||
} | ||
return authenticationResult(ctx, isAuthorized); | ||
} | ||
|
||
private F.Promise<Result> authenticationResult(final Http.Context ctx, final boolean isAuthorized) throws Throwable { | ||
if (isAuthorized) { | ||
LOGGER.debug("Authorized"); | ||
return delegate.call(ctx); | ||
} else { | ||
LOGGER.info("Unauthorized"); | ||
return F.Promise.pure(unauthorized()); | ||
} | ||
} | ||
}; | ||
} | ||
} |
2 changes: 1 addition & 1 deletion
2
...trollers/CategoriesRefreshController.java → ...gorytree/CategoriesRefreshController.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
package categorytree; | ||
|
||
import com.google.inject.AbstractModule; | ||
import io.sphere.sdk.categories.CategoryTreeExtended; | ||
|
||
import javax.inject.Singleton; | ||
|
||
public class CategoryTreeProductionModule extends AbstractModule { | ||
|
||
@Override | ||
protected void configure() { | ||
bind(CategoryTreeExtended.class).toProvider(CategoryTreeProvider.class).in(Singleton.class); | ||
} | ||
} |
4 changes: 2 additions & 2 deletions
4
app/inject/CategoryTreeProvider.java → app/categorytree/CategoryTreeProvider.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 1 addition & 1 deletion
2
app/controllers/RefreshableCategoryTree.java → ...categorytree/RefreshableCategoryTree.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 1 addition & 1 deletion
2
app/inject/PlayJavaSphereClientProvider.java → ...pclient/PlayJavaSphereClientProvider.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 1 addition & 1 deletion
2
app/inject/SphereClientProvider.java → app/ctpclient/SphereClientProvider.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,4 @@ | ||
package inject; | ||
package ctpclient; | ||
|
||
import com.google.inject.Provider; | ||
import io.sphere.sdk.client.*; | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 1 addition & 1 deletion
2
app/pages/ReverseRouterImpl.java → app/reverserouter/ReverseRouterImpl.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
package reverserouter; | ||
|
||
import com.google.inject.AbstractModule; | ||
import common.controllers.ReverseRouter; | ||
|
||
public class ReverseRouterProductionModule extends AbstractModule { | ||
|
||
@Override | ||
protected void configure() { | ||
bind(ReverseRouter.class).toInstance(new ReverseRouterImpl()); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.