java source code of BasicAuthenticationHeaderParser

ob1k-master
- ob1k-crud
  - src
    - main
      - java
        com
        outbrain
        ob1k
        crud
        dao
        MySQLRefMeta.kt
        AsyncDaoBridge.kt
        RefFieldMapper.kt
        ICrudDao.kt
        MySQLCrudDao.kt
        JsonObjectMapper.kt
        CrudAsyncDaoDelegate.kt
        DaoUtils.java
        CrudOperations.kt
        IntIntMapper.kt
        EntityFieldMapper.kt
        ICrudAsyncDao.kt
        CrudApplication.kt
        audit
        SlackAudit.kt
        ICrudAudit.kt
        CrudAuditFilter.kt
        LogAudit.kt
        service
        SwaggerUtils.kt
        ModelService.kt
        EndpointUtils.kt
        CrudDispatcher.kt
        example
        PersonDao.java
        ELiveness.java
        Person.java
        Address.java
        JobDao.java
        Job.java
        model
        CollectionOf.java
        EntityField.kt
        EntityFieldDisplay.kt
        EFieldType.kt
        RangeStyle.kt
        EFieldTypeSerializer.kt
        EntityDescription.kt
        Model.kt
        TypeToEntityDescription.kt
        EntityFields.kt
        EntityFieldOptions.kt
        EDisplayType.kt
        Entities.kt
        ComposableFutureUtils.kt
        JsonUtils.kt
    - test
      - resources
        model2.json
        model.json
      - java
        com
        outbrain
        ob1k
        crud
        dao
        CrudDaoTestBase.kt
        InMemoryCrudDaoTest.kt
        MySQLCrudDaoTest.kt
        service
        EndpointUtilsTest.kt
        model
        ModelTest.kt
        ReindexTest.kt
  - pom.xml
- ob1k-consul
  - src
    - main
      - java
        com
        outbrain
        ob1k
        consul
        ConsulCatalog.java
        ConsulServiceRegistrator.java
        HealthyTargetsList.java
        HealthInfoInstance.java
        ConsulBasedTargetProvider.java
        ThreadLocalRoundRobinLoadBalancer.java
        ConsulAPI.java
        LoadBalancer.java
        ServiceInstance.java
        ServiceRegistration.java
        ConsulServiceRegistry.java
        ServiceRegistrationDataProvider.java
        ConsulHealth.java
        filter
        TargetsContainingTagsPredicate.java
        TargetsNotContainingTagsPredicate.java
        AllTargetsPredicate.java
        TagsUtil.java
    - test
      - resources
        log4j.xml
      - java
        com
        outbrain
        ob1k
        consul
        ConsulAPITest.java
        ConsulBasedTargetProviderTest.java
  - pom.xml
- pom.xml
- ob1k-example
  - src
    - main
      - resources
        log4j.xml
      - java
        com
        outbrain
        ob1k
        example
        consul
        ExampleServiceRegistrationDataProvider.java
        hello
        client
        HelloServiceDiscoveryClient.java
        HelloServiceClient.java
        api
        HelloService.java
        README.md
        server
        services
        HelloServiceImpl.java
        HelloServer.java
        HelloServerWithConsulRegistration.java
        rest
        client
        UsersServiceClient.java
        api
        UsersService.java
        User.java
        UsersException.java
        README.md
        server
        services
        UsersServiceImpl.java
        RestServer.java
        randomcommitmessage
        client
        RandomCommitMessageClient.java
        common
        RandomCommitMessageService.java
        README.md
        server
        services
        RandomCommitMessageServiceImpl.java
        RandomCommitMessageServer.java
  - run-consul-example
  - pom.xml
- util-metrics
  - src
    - main
      - java
        com
        outbrain
        swinfra
        metrics
        codahale3
        Gauge.java
        CodahaleMetricsFactory.java
        Histogram.java
        Timer.java
        Meter.java
        Counter.java
        api
        Gauge.java
        Histogram.java
        Timer.java
        MetricFactory.java
        Meter.java
        Counter.java
    - test
      - java
        com
        outbrain
        swinfra
        metrics
        DummyMetricFactory.java
  - pom.xml
- ob1k-core
  - src
    - main
      - resources
        litany-against-fear.txt
        META-INF
        mime.types
        com
        outbrain
        ob1k
        favicon.ico
      - java
        com
        outbrain
        ob1k
        Service.java
        client
        HttpInvocationHandler.java
        Clients.java
        ClientBuilder.java
        targets
        TargetProvider.java
        SimpleTargetProvider.java
        EmptyTargetProvider.java
        ctx
        DefaultAsyncClientRequestContext.java
        ClientRequestContext.java
        StreamClientRequestContext.java
        AsyncClientRequestContext.java
        AbstractClientRequestContext.java
        DefaultStreamClientRequestContext.java
        endpoints
        ClientEndpointRequestBuilder.java
        AbstractClientEndpoint.java
        EndpointDescription.java
        AsyncClientEndpoint.java
        DispatchAction.java
        StreamClientEndpoint.java
        dispatch
        StaticDoubleDispatchStrategy.java
        DispatchStrategy.java
        DefaultDispatchStrategy.java
        common
        filters
        ServiceFilter.java
        StreamFilter.java
        AsyncFilter.java
        endpoints
        ServiceEndpointContract.java
        concurrent
        ComposableFutureHelper.java
        metrics
        NettyQueuesGaugeBuilder.java
        marshalling
        ChunkHeader.java
        RequestMarshallerRegistry.java
        EventRequestMarshaller.java
        TypeHelper.java
        ParamMarshaller.java
        MessagePackRequestMarshaller.java
        RequestMarshaller.java
        JsonRequestMarshaller.java
        Response.java
        HttpRequestMethodType.java
        Request.java
        RequestContext.java
        server
        Server.java
        cors
        CorsConfig.java
        CorsWrapperHandler.java
        MethodParamNamesExtractor.java
        netty
        HttpRequestDispatcherHandler.java
        HttpStaticFileServerHandler.java
        ServiceDispatcher.java
        ResponseBuilder.java
        ResourceRegion.java
        NettyServer.java
        NettyResponse.java
        NettyRequest.java
        RequestTimeoutException.java
        registry
        ServiceRegistryView.java
        endpoints
        ServerEndpointView.java
        ServerEndpoint.java
        AbstractServerEndpoint.java
        AsyncServerEndpoint.java
        StreamServerEndpoint.java
        PathTrie.java
        ServiceRegistry.java
        builder
        BuilderStep.java
        BuilderSection.java
        ServerBuilderState.java
        ContextPathBuildStep.java
        ServiceBindBuilder.java
        BuilderProvider.java
        AbstractServerBuilder.java
        ResourceMappingBuilder.java
        ExtensionBuilder.java
        ServerBuilder.java
        ServiceRegisterBuilder.java
        ConfigureBuilder.java
        log
        ILogService.java
        Log4jTailService.java
        StaticPathResolver.java
        ctx
        StreamServerRequestContext.java
        DefaultStreamServerRequestContext.java
        ServerRequestContext.java
        AsyncServerRequestContext.java
        DefaultAsyncServerRequestContext.java
        AbstractServerRequestContext.java
        filters
        HitsCounterFilter.java
        MetricsTimerFilter.java
        endpoints
        EndpointMappingService.java
        EndpointMappingServiceBuilder.java
        IEndpointMappingService.java
        ResponseHandler.java
        StreamRequestContext.java
        AsyncRequestContext.java
    - test
      - resources
        log4j.xml
      - java
        com
        outbrain
        ob1k
        client
        ClientBuilderTest.java
        http
        HelloService.java
        ParamsService.java
        BasicClientRpcTest.java
        IHelloService.java
        TestBean.java
        dispatch
        DispatchStrategyTest.java
        common
        marshalling
        EventRequestMarshallerTest.java
        JsonRequestMarshallerTest.java
        server
        BasicServerRpcTest.java
        cors
        CorsTest.java
        CustomMarshallerRpcTest.java
        services
        SimpleTestServiceImpl.java
        RequestsTestService.java
        SimpleTestService.java
        RequestsTestServiceImpl.java
        netty
        NettyRequestTest.java
        PathTrieTest.java
        registry
        ServiceRegistryTest.java
        builder
        ServerBuilderTest.java
        MethodParamNamesExtractorTest.java
        endpoints
        EndpointMappingServiceBuilderTest.java
        entities
        TestEntity.java
        OtherEntity.java
        TestEnum.java
  - pom.xml
  - LICENSE
- LICENSE
- ob1k-spring
  - src
    - main
      - java
        com
        outbrain
        ob1k
        server
        spring
        SpringServiceRegisterBuilder.java
        SpringBeanContext.java
        SpringServiceBindBuilder.java
        ExtendableSpringServiceRegisterBuilder.java
        SpringContextServerBuilder.java
        SpringContextBuilder.java
        ExtendableSpringServiceBindBuilder.java
    - test
      - java
        com
        outbrain
        ob1k
        server
        spring
        SpringContextServerBuilderTest.java
  - pom.xml
- ob1k-db
  - src
    - main
      - java
        com
        outbrain
        ob1k
        db
        SqlSanitizer.java
        MySqlConnectionPoolBuilder.java
        ResultSetMapper.java
        springsupport
        MySqlConnectionPoolFactoryBean.java
        IBasicDao.java
        TypedRowDataImpl.java
        DbConnectionPool.java
        BasicDao.java
        TransactionHandler.java
        ScalaFutureHelper.java
        experimental
        MySqlConnectionPoolBuilder.java
        springsupport
        MySqlConnectionPoolFactoryBean.java
        TypedRowDataImpl.java
        DbConnectionPool.java
        BasicDao.java
        TransactionHandler.java
        JavaFutureHelper.java
        MySqlAsyncConnection.java
        MySqlConnectionPool.java
        GenericResultSetMapper.java
        EntityMapper.java
        TypedRowData.java
        MySqlAsyncConnection.java
        MySqlConnectionPool.java
        GenericResultSetMapper.java
    - test
      - java
        com
        outbrain
        ob1k
        db
        dao
        AbstractBasicDaoTestCase.java
        BasicDaoQueryTest.java
        BasicTestingDao.java
        experimental
        BasicDaoQueryTest.java
        BasicTestingDao.java
  - pom.xml
- ob1k-swagger
  - src
    - main
      - resources
        swagger-ui
        configuration
        security
        ui
        swagger-resources
      - java
        com
        outbrain
        ob1k
        swagger
        service
        SwaggerService.java
        ISwaggerAware.java
        SwaggerServiceBuilder.java
        SwaggerDataType.java
    - test
      - java
        com
        outbrain
        ob1k
        swagger
        service
        SwaggerServiceBuilderTest.java
        SwaggerServiceTest.java
        DummyService.java
        IgnoredService.java
        AnnotatedDummyService.java
  - pom.xml
  - README.md
- .travis.yml
- README.md
- ob1k-security
  - src
    - main
      - java
        com
        outbrain
        ob1k
        security
        providers
        LdapCredentialsAuthenticator.java
        server
        UserPasswordToken.java
        CredentialsAuthenticator.java
        AuthenticationCookie.java
        Credentials.java
        HttpBasicAuthenticationFilter.java
        AuthenticationCookieAesEncryptor.java
        BasicAuthenticationHeaderParser.java
        AuthenticationCookieEncryptor.java
        HttpBasicCredentials.java
    - test
      - java
        com
        outbrain
        ob1k
        security
        common
        UnsecureServiceImpl.java
        TestServer.java
        UserPassEqualAuthenticator.java
        SecureService.java
        TestClient.java
        UnsecureService.java
        SecureServiceImpl.java
        server
        HttpBasicAccessAuthenticatorTest.java
        AuthenticationCookieAesEncryptorTest.java
        SecureServerTest.java
        AuthenticationCookieTest.java
        BasicAuthenticationHeaderParserTest.java
  - pom.xml
- ob1k-cql
  - src
    - main
      - java
        com
        outbrain
        cqllib
        CqlStatementFactory.java
        TagMetrics.java
        CqlStatement.java
        RetryPolicyWithMetrics.java
        CqlPreparedStatement.java
        CqlSession.java
  - pom.xml
- ob1k-cache
  - src
    - main
      - java
        com
        outbrain
        ob1k
        cache
        EntryMapper.java
        memcache
        IdentityCacheKeyTranslator.java
        SpyFutureHelper.java
        folsom
        MemcachedClient.java
        JsonTranscoder.java
        HealthyMemcachedResolver.java
        MessagePackTranscoder.java
        ObjectSizeMonitoringTranscoder.java
        MetricsAdapter.java
        CompressionTranscoder.java
        MemcachedClientBuilder.java
        MemcacheClient.java
        CacheKeyTranslator.java
        compression
        GzipCompressor.java
        Compressor.java
        DeflateCompressor.java
        LZ4Compressor.java
        CompressionAlgorithm.java
        LoadingCacheDelegate.java
        GuavaCacheGaugesFactory.java
        LocalAsyncCache.java
        filters
        CachingFilter.java
        CacheLoader.java
        TypedCache.java
        metrics
        MonitoringCacheDelegate.java
        AsyncOperationMetrics.java
    - test
      - resources
        log4j.xml
      - java
        com
        outbrain
        ob1k
        cache
        memcache
        folsom
        HealthyMemcachedResolverTest.java
        JsonTranscoderTest.java
        Person.java
        MessagePackTranscoderTest.java
        MemcachedClientTest.java
        ObjectSizeMonitoringTranscoderTest.java
        CompressionTranscoderTest.java
        compression
        CompressionAlgorithmsTest.java
        IdentityCacheKeyTranslatorTest.java
        LocalAsyncCacheTest.java
        filters
        CachingFilterTest.java
        MemcacheClientTest.java
        CacheLoaderTest.java
        metrics
        MonitoringCacheDelegateTest.java
        AbstractMemcachedClientTest.java
        TestLoadingCacheDelegate.java
  - pom.xml
- .gitignore
- findbugs-exclude.xml
- ob1k-concurrent
  - src
    - main
      - scala
        com
        outbrain
        ob1k
        concurrent
        scalaapi
        ComposablePromise.scala
        ComposableFuture.scala
      - java
        com
        outbrain
        ob1k
        concurrent
        lazy
        LazyComposableFuture.java
        Producer.java
        eager
        HandlersList.java
        EagerComposableFuture.java
        ComposablePromise.java
        ComposableFutures.java
        stream
        FutureProviderToStreamHandler.java
        PrefixBasedThreadFactory.java
        combiners
        BiFunction.java
        Combiner.java
        TriContainer.java
        BiContainer.java
        FutureBiFunction.java
        TriFunction.java
        FutureTriFunction.java
        handlers
        RecursiveFutureProvider.java
        FutureProvider.java
        FutureSuccessHandler.java
        ForeachHandler.java
        ErrorHandler.java
        FutureErrorHandler.java
        FutureAction.java
        SuccessHandler.java
        FutureResultHandler.java
        ResultHandler.java
        ComposableFuture.java
        ThreadPoolBasedScheduler.java
        config
        Configuration.java
        Consumer.java
        UncheckedExecutionException.java
        Scheduler.java
        ScheduledFutureCancellationToken.java
        CancellationToken.java
        CheckedSupplier.java
        Try.java
    - test
      - resources
        log4j.xml
      - scala
        com
        outbrain
        ob1k
        concurrent
        scalaapi
        ComposableFutureTest.scala
      - java
        com
        outbrain
        ob1k
        concurrent
        LazyComposableFutureTest.java
        examples
        ComposableFuturesHelpers.java
        BasicComposableFutureUsages.java
        TryTest.java
        ComposableFutureTest.java
  - pom.xml
  - README.md
- ob1k-http
  - src
    - main
      - java
        com
        outbrain
        ob1k
        http
        utils
        UrlUtils.java
        ComposableFutureAdapter.java
        HttpClient.java
        common
        Cookie.java
        Header.java
        ContentType.java
        Param.java
        Response.java
        TypedResponse.java
        RequestBuilder.java
        ning
        NingRequestBuilder.java
        NingHttpStreamHandler.java
        NingHttpTypedStreamHandler.java
        NingResponse.java
        marshalling
        JacksonMarshallingStrategy.java
        MessagePackMarshallingStrategy.java
        MarshallingStrategy.java
    - test
      - java
        com
        outbrain
        ob1k
        http
        ClientBasicFlowsTest.java
  - pom.xml

package com.outbrain.ob1k.security.server;

import java.util.Base64;

import com.outbrain.ob1k.Request;
import io.netty.util.CharsetUtil;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
 * Parses an "Authorization" header of a HTTP request
 */
public class BasicAuthenticationHeaderParser {

  private final static Logger logger = LoggerFactory.getLogger(BasicAuthenticationHeaderParser.class);

  public static final String BASIC_AUTHORIZATION_HEADER = "Authorization";
  public static final String BASIC_PREFIX = "Basic";

  /**
   * <p>
   * Extracts the credentials from the request by obtaining the Authorization header's value
   * and parsing it. Everything after the &quot;Basic&quot; prefix will be Base64 decoded and returns.
   * </p>
   * Examples:<br>
   * <pre>
   *   Authorization Header            Result
   *   ---------------------------------------------
   *   null                            null
   *   ""                              null
   *   "Basic unencoded_string"        null
   *   "Basic dXNlcjpwYXNzd29yZA=="    {@code new UsernamePasswordTuple("user", "password"}
   * </pre>
   *
   * @return the decoded credentials, or null if any error occured
   */
  public Credentials<UserPasswordToken> extractCredentials(final Request request) {
    final String basicAuthHeader = request.getHeader(BASIC_AUTHORIZATION_HEADER);
    if (StringUtils.isNotBlank(basicAuthHeader) && basicAuthHeader.startsWith(BASIC_PREFIX)) {
      return extractCredentials(basicAuthHeader);
    } else {
      return null;
    }
  }

  private Credentials<UserPasswordToken> extractCredentials(final String basicAuthHeader) {
    final String encodedCredentials = basicAuthHeader.substring(BASIC_PREFIX.length()).trim();
    if (StringUtils.isNotBlank(encodedCredentials)) {
      final String decodedCredentials = decode(encodedCredentials);

      if (StringUtils.isNotBlank(decodedCredentials)) {
        return splitCredentials(decodedCredentials);
      } else {
        return null;
      }
    } else {
      return null;
    }
  }

  //Splits a string in the form "username:password" into the UsernamePasswordTuple
  private Credentials<UserPasswordToken> splitCredentials(final String credentials) {
    final String[] splitCredentials = credentials.split(":");
    if (splitCredentials.length != 2) {
      logger.error("Error splitting credentials {}", credentials);
      return null;
    } else {
      final UserPasswordToken userPassTuple = new UserPasswordToken(splitCredentials[0],
                                                                            splitCredentials[1].toCharArray());
      return new HttpBasicCredentials(userPassTuple);
    }
  }

  private String decode(final String encodedCredentials) {
    try {
      return new String(Base64.getDecoder().decode(encodedCredentials), CharsetUtil.UTF_8);
    } catch (final Exception e) {
      logger.error("Error decoding credentials " + encodedCredentials, e);
      return null;
    }
  }

}