source: trunk/src/groovy/nl/metabolomicscentre/dsp/http/BasicAuthentication.groovy @ 831

Last change on this file since 831 was 831, checked in by keesvb, 10 years ago

first implementation of user-based REST services, only checks whether a user is owner of a study and returns the studies and assays only for his/her owned studies. The other methods are not secured yet, but ought to go via study or assay.

File size: 1.3 KB
Line 
1package nl.metabolomicscentre.dsp.http
2
3class BasicAuthentication {
4
5        static public credentialsFromRequest(req){
6
7                // default response
8                def credFromRequest = [u: "", p: ""] // by default u(sername) and p(assword) are empty
9
10                // u and p from Basic HTTP
11                def httpAuthenticationUsername
12                def httpAuthenticationPassword
13
14                if (req){
15
16                        // get the authorization header from the request
17                        def authString = req.getHeader('Authorization')
18
19                        if(authString){ // a authorization string was found in the request header, now decode en retrieve the u and p
20                                def encodedPair = authString - 'Basic '
21                                def decodedPair =  new String(new sun.misc.BASE64Decoder().decodeBuffer(encodedPair));
22                                def credentials = decodedPair.split(':')
23
24                                httpAuthenticationUsername = credentials[0] // u from Basic HTTP Auth
25                                httpAuthenticationPassword = credentials[1] // p from Basic HTTP Auth
26
27                                credFromRequest = [ u: httpAuthenticationUsername, p: httpAuthenticationPassword ]
28                        }
29                }
30
31                return credFromRequest
32        }
33
34        static public callSecure(String username, String password, String url){
35
36                def authString = "${username}:${password}".getBytes().encodeBase64().toString()
37                def conn = url.toURL().openConnection()
38                conn.setRequestProperty("Authorization", "Basic ${authString}")
39                return conn.content.text
40        }
41}
Note: See TracBrowser for help on using the repository browser.