Return to BasicAuthPrincipal.java CVS log

Up to [Public] / java / classes / org / w3c / jigsaw / acl

awful gift in lenient mode for broken webdav clients

// BasicAuthprincipal.java
// $Id: BasicAuthPrincipal.java,v 1.5 2005/02/18 17:35:13 ylafon Exp $
// (c) COPYRIGHT MIT, INRIA and Keio, 1999.
// Please first read the full copyright statement in file COPYRIGHT.html

package org.w3c.jigsaw.acl;

import org.w3c.jigsaw.http.Request;
import org.w3c.tools.codec.Base64Decoder;
import org.w3c.tools.codec.Base64FormatException;
import org.w3c.www.http.HttpCredential;

/**
 * @version $Revision: 1.5 $
 * @author  Benoît Mahé (bmahe@w3.org)
 */
public class BasicAuthPrincipal extends HTTPPrincipal {

    // original name is there to cope with a MS weirdness on MiniRedir
    protected String      origname = null;
    protected String      name     = null;
    protected String      password = null;
    protected String      cookie   = null;

    protected String getCookie() {
	return cookie;
    }

    public boolean equals(Object another) {
	if (another instanceof AclPrincipal) {
	    AclPrincipal aclp = (AclPrincipal) another;
	    if (aclp.matchIP(getInetAddress())) {
		if (aclp.getPassword() != null) {
		    return ((name != null) &&
			    (password != null) &&
			    name.equals(aclp.getName()) &&
			    password.equals(aclp.getPassword()));
		} else {
		    return true;
		}
	    } else {
		return ((name != null) &&
			(password != null) &&
			name.equals(aclp.getName()) &&
			password.equals(aclp.getPassword()));
	    }
	} else {
	    return toString().equals(another.toString());
	}
    }

    public String toString() {
	if (name == null)
	    return super.toString();
	return name+":"+password;
    }

    public int hashCode() {
	return toString().hashCode();
    }

    public String getName() {
	return name;
    }

    public String getOriginalName() {
	return (origname == null) ? name : origname;
    }

    public BasicAuthPrincipal(Request request) 
	throws InvalidAuthException
    {
	this(request, false);
    }

    public BasicAuthPrincipal(Request request, boolean lenient) 
	throws InvalidAuthException
    {
	super(request, lenient);
	HttpCredential credential = null;
	credential = (request.isProxy()
		      ? request.getProxyAuthorization()
		      : request.getAuthorization());
	if (credential == null) {
	    this.name     = null;
	    this.password = null;
	} else if ( ! credential.getScheme().equalsIgnoreCase("Basic") ) {
	    String msg = ("Invalid authentication scheme \""
			  + credential.getScheme()
			  + " expecting \"Basic\"");
	    throw new InvalidAuthException (msg) ;
	} else {
	    // Decode the credentials:
	    String decoded = null ;
	    this.cookie    = credential.getAuthParameter("cookie");
	    try {
		Base64Decoder b  = new Base64Decoder (cookie) ;
		decoded          = b.processString() ;
	    } catch (Base64FormatException e) {
		String msg = "Invalid BASE64 encoding of credentials." ;
		throw new InvalidAuthException (msg) ;
	    }
	    // Get user and password:
	    origname = null;
	    int icolon = decoded.indexOf (':') ;
	    if ( (icolon > 0) && (icolon+1 < decoded.length()) ) {
		// ok, parse was find, check user:
		if (lenient) {
		    String _name = decoded.substring (0, icolon) ;
		    int _slashIdx = _name.lastIndexOf('\\');
		    if ( _slashIdx != -1) {
			this.origname = _name;
			this.name = _name.substring(_slashIdx+1);
		    } else {
			this.name = _name;
		    }
		} else {
		    this.name     = decoded.substring (0, icolon) ;
		}
		this.password = decoded.substring (icolon+1) ;
	    } else {
		String msg = "Invalid credentials syntax in " + decoded ;
		throw new InvalidAuthException (msg) ;
	    }
	}
    }
}