Context Navigation

BasicAuthentication.groovy @ 831

Last change on this file since 831 was 831, checked in by keesvb, 10 years ago
first implementation of user-based REST services, only checks whether a user is owner of a study and returns the studies and assays only for his/her owned studies. The other methods are not secured yet, but ought to go via study or assay.
File size: 1.3 KB

Line
1	package nl.metabolomicscentre.dsp.http
2
3	class BasicAuthentication {
4
5	static public credentialsFromRequest(req){
6
7	// default response
8	def credFromRequest = [u: "", p: ""] // by default u(sername) and p(assword) are empty
9
10	// u and p from Basic HTTP
11	def httpAuthenticationUsername
12	def httpAuthenticationPassword
13
14	if (req){
15
16	// get the authorization header from the request
17	def authString = req.getHeader('Authorization')
18
19	if(authString){ // a authorization string was found in the request header, now decode en retrieve the u and p
20	def encodedPair = authString - 'Basic '
21	def decodedPair = new String(new sun.misc.BASE64Decoder().decodeBuffer(encodedPair));
22	def credentials = decodedPair.split(':')
23
24	httpAuthenticationUsername = credentials[0] // u from Basic HTTP Auth
25	httpAuthenticationPassword = credentials[1] // p from Basic HTTP Auth
26
27	credFromRequest = [ u: httpAuthenticationUsername, p: httpAuthenticationPassword ]
28	}
29	}
30
31	return credFromRequest
32	}
33
34	static public callSecure(String username, String password, String url){
35
36	def authString = "${username}:${password}".getBytes().encodeBase64().toString()
37	def conn = url.toURL().openConnection()
38	conn.setRequestProperty("Authorization", "Basic ${authString}")
39	return conn.content.text
40	}
41	}

Note: See TracBrowser for help on using the repository browser.