package aQute.bnd.url;
import static java.nio.charset.StandardCharsets.UTF_8;
import java.net.HttpURLConnection;
import java.net.URLConnection;
import java.util.Map;
import javax.net.ssl.HttpsURLConnection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import aQute.lib.base64.Base64;
import aQute.libg.cryptography.SHA1;
import aQute.service.reporter.Reporter;
/**
* Provide Http Basic Authentication. This URL Connection Handler plugin will
* add basic authentication to the matching URL Connections. The following
* properties must be specified.
* <ul>
* <li>{@link aQute.bnd.service.url.URLConnectionHandler#MATCH MATCH} — The URL
* {@link aQute.libg.glob.Glob Glob} expressions
* <li>{@code .password} — The password for basic authentication
* <li>{@code user} — The user ID
* </ul>
*/
@aQute.bnd.annotation.plugin.BndPlugin(name = "url.basic.authentication", parameters = BasicAuthentication.Config.class)
public class BasicAuthentication extends DefaultURLConnectionHandler {
private final static Logger logger = LoggerFactory.getLogger(BasicAuthentication.class);
interface Config extends DefaultURLConnectionHandler.Config {
String user();
String _password();
}
private static final String USER = "user";
private static final String PASSWORD = ".password";
private static final String HEADER_AUTHORIZATION = "Authorization";
private static final String PREFIX_BASIC_AUTH = "Basic ";
private String password;
private String user;
private String authentication;
private String sha;
public BasicAuthentication() {
}
public BasicAuthentication(String user, String password, Reporter reporter) {
this.user = user;
this.password = password;
this.setReporter(reporter);
init(null);
}
public void setProperties(Map<String,String> map) throws Exception {
super.setProperties(map);
this.password = map.get(PASSWORD);
this.user = map.get(USER);
init(map);
}
void init(Map<String,String> map) {
if (this.password == null) {
error("No .password property set on this plugin %s", map);
}
if (this.password == null) {
error("No user property set on this plugin %s", map);
}
String authString = user + ":" + password;
try {
String encoded = Base64.encodeBase64(authString.getBytes(UTF_8));
this.authentication = PREFIX_BASIC_AUTH + encoded;
sha = SHA1.digest(password.getBytes()).asHex();
} catch (Exception e) {
// cannot happen, UTF-8 is always present
}
}
public void handle(URLConnection connection) {
if (connection instanceof HttpURLConnection && matches(connection) && password != null && user != null) {
if (!(connection instanceof HttpsURLConnection))
logger.debug("using basic authentication with http instead of https, this is very insecure: {}",
connection.getURL());
connection.setRequestProperty(HEADER_AUTHORIZATION, authentication);
}
}
@Override
public String toString() {
return "BasicAuthentication [password=" + sha + ", user=" + user + "]";
}
}