TrustedConsumerAuth.java

/**
 * Copyright (c) 2009 - 2012 Red Hat, Inc.
 *
 * This software is licensed to you under the GNU General Public License,
 * version 2 (GPLv2). There is NO WARRANTY for this software, express or
 * implied, including the implied warranties of MERCHANTABILITY or FITNESS
 * FOR A PARTICULAR PURPOSE. You should have received a copy of GPLv2
 * along with this software; if not, see
 * http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
 *
 * Red Hat trademarks are not licensed under GPLv2. No permission is
 * granted to use or replicate Red Hat trademarks that are incorporated
 * in this software or its documentation.
 */
package org.candlepin.auth;

import org.candlepin.model.ConsumerCurator;
import org.candlepin.model.DeletedConsumerCurator;

import com.google.inject.Inject;

import org.jboss.resteasy.spi.HttpRequest;
import org.xnap.commons.i18n.I18n;

import java.util.List;

import javax.inject.Provider;
/**
 * This auth form allows for a consumer id to
 * be passed in a clear http header. This should
 * be used only if the environment is known to be secure
 */
public class TrustedConsumerAuth extends ConsumerAuth {

    public static final String CONSUMER_HEADER = "cp-consumer";

    @Inject
    TrustedConsumerAuth(ConsumerCurator consumerCurator,
        DeletedConsumerCurator deletedConsumerCurator,
        Provider<I18n> i18nProvider) {
        super(consumerCurator, deletedConsumerCurator, i18nProvider);
    }

    public Principal getPrincipal(HttpRequest httpRequest) {
        ConsumerPrincipal principal = null;

        List<String> header = httpRequest.getHttpHeaders().getRequestHeader(CONSUMER_HEADER);
        String consumerUUID = null;

        if (null != header && header.size() > 0) {
            consumerUUID = header.get(0);
        }

        if (consumerUUID != null) {
            principal = createPrincipal(consumerUUID);
        }

        return principal;
    }
}