001    package de.deepamehta.core.service.accesscontrol;
002    
003    import de.deepamehta.core.util.JavaUtils;
004    
005    import org.codehaus.jettison.json.JSONObject;
006    
007    import com.sun.jersey.core.util.Base64;
008    
009    
010    
011    /**
012     * A pair of username and SHA256 encoded password.
013     */
014    public class Credentials {
015    
016        // ------------------------------------------------------------------------------------------------------- Constants
017    
018        private static final String ENCODED_PASSWORD_PREFIX = "-SHA256-";
019    
020        // ---------------------------------------------------------------------------------------------- Instance Variables
021    
022        public String username;
023        public String password;     // encoded
024    
025        // ---------------------------------------------------------------------------------------------------- Constructors
026    
027        /**
028         * @param   password    as plain text
029         */
030        public Credentials(String username, String password) {
031            this.username = username;
032            this.password = encodePassword(password);
033        }
034    
035        /**
036         * Note: invoked from JAX-RS message body reader (see Webservice's ObjectProvider.java).
037         *
038         * @param   cred    A JSON object with 2 properties: "username" and "password".
039         *                  The password is expected to be SHA256 encoded.
040         */
041        public Credentials(JSONObject cred) {
042            try {
043                this.username = cred.getString("username");
044                this.password = cred.getString("password");
045            } catch (Exception e) {
046                throw new IllegalArgumentException("Illegal JSON argument " + cred, e);
047            }
048        }
049    
050        public Credentials(String authHeader) {
051            authHeader = authHeader.substring("Basic ".length());
052            String[] values = new String(Base64.base64Decode(authHeader)).split(":");
053            // Note: values.length is 0 if neither a username nor a password is entered
054            //       values.length is 1 if no password is entered
055            this.username = values.length > 0 ? values[0] : "";
056            this.password = encodePassword(values.length > 1 ? values[1] : "");
057            // Note: credentials obtained through Basic authorization are always plain text
058        }
059    
060        // -------------------------------------------------------------------------------------------------- Public Methods
061    
062        public String toString() {
063            return "username=\"" + username + "\", password=\""+ password + "\"";
064        }
065    
066        // ------------------------------------------------------------------------------------------------- Private Methods
067    
068        private String encodePassword(String password) {
069            return ENCODED_PASSWORD_PREFIX + JavaUtils.encodeSHA256(password);
070        }
071    }