Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
- throws IOException, ServletException {
- HttpServletRequest request = (HttpServletRequest) servletRequest;
- HttpServletResponse response = (HttpServletResponse) servletResponse;
- String authHeader = request.getHeader("Authorization");
- if (Objects.isNonNull(authHeader)) {
- StringTokenizer st = new StringTokenizer(authHeader);
- if (st.hasMoreTokens()) {
- String basic = st.nextToken();
- if (basic.equalsIgnoreCase(BASIC)) {
- try {
- String credentials = new String(Base64.decodeBase64(st.nextToken()), UTF-
- int p = credentials.indexOf(DOUBLE_DOT);
- if (isValid(p)) {
- String username = parseUsername(credentials);
- String password = parsePassword(credentials);
- if (!userService.checkUsername(username) || userService.checkPassword(password)) {
- unauthorized(response, "Bad credentials");
- }
- filterChain.doFilter(servletRequest, servletResponse);
- } else {
- unauthorized(response, "Invalid authentication token");
- }
- } catch (UnsupportedEncodingException e) {
- throw new AuthentificationException("Couldn't retrieve authentication", e);
- }
- }
- }
- } else {
- unauthorized(response);
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement