view src/goodjava/webserver/handlers/BasicAuthHandler.java @ 1660:2968e43cdd44

manual work
author Franklin Schmidt <fschmidt@gmail.com>
date Tue, 19 Apr 2022 23:46:06 -0600
parents 557bb90b70d7
children
line wrap: on
line source

package goodjava.webserver.handlers;

import goodjava.util.GoodUtils;
import goodjava.webserver.Handler;
import goodjava.webserver.Request;
import goodjava.webserver.Response;
import goodjava.webserver.Status;


public final class BasicAuthHandler implements Handler {
	private final Handler handler;
	private final String realm;
	private final String match;

	public BasicAuthHandler(Handler handler,String realm,String username,String password) {
		this.handler = handler;
		this.realm = realm;
		this.match = GoodUtils.base64Encode(username+":"+password);
	}

	private Response unauthorized() {
		Response response = new Response();
		response.status = Status.UNAUTHORIZED;
		response.headers.put("WWW-Authenticate","Basic realm=\""+realm+"\"");
		return response;
	}

	public Response handle(Request request) {
		String auth = (String)request.headers.get("Authorization");
		if( auth==null )
			return unauthorized();
		String[] a = auth.split(" ");
		if( a.length!=2 || !a[0].equals("Basic") || !a[1].equals(match) )
			return unauthorized();
		Response response = handler.handle(request);
		if( response != null )
			response.headers.put("X-Accel-Expires","0");
		return response;
	}
}