| | |
| | | import com.sun.net.httpserver.HttpExchange; |
| | | import com.sun.net.httpserver.HttpPrincipal; |
| | | import de.uhilger.httpserver.auth.realm.Realm; |
| | | import de.uhilger.httpserver.base.handler.HttpResponder; |
| | | import de.uhilger.httpserver.base.HttpResponder; |
| | | import io.jsonwebtoken.Claims; |
| | | import io.jsonwebtoken.JwtException; |
| | | import io.jsonwebtoken.Jwts; |
| | |
| | | |
| | | /** |
| | | * Die Klasse Authenticator authentifziert gemäß OAuth-Spezifikation |
| | | * |
| | | * |
| | | * "The OAuth 2.0 Authorization Framework: Bearer Token Usage" |
| | | * https://datatracker.ietf.org/doc/html/rfc6750 |
| | | * |
| | | * |
| | | * weitere Info-Links |
| | | * https://www.oauth.com/oauth2-servers/making-authenticated-requests/refreshing-an-access-token/ |
| | | * https://swagger.io/docs/specification/authentication/bearer-authentication/ |
| | | * |
| | |
| | | if(parts != null && parts.length > 1) { |
| | | token = parts[1].trim(); |
| | | } |
| | | } else { |
| | | // unschoen, aber fuer Image-Links in HTML-Inhalten |
| | | // mit Query versuchen |
| | | // z.B. |
| | | // GET /resource?access_token=mF_9.B5f-4.1JqM HTTP/1.1 |
| | | // Host: server.example.com |
| | | String query = exchange.getRequestURI().getQuery(); |
| | | if(query != null && query.toLowerCase().contains("access_token")) { |
| | | String[] parts = query.split("&"); |
| | | for(String part : parts) { |
| | | String[] keyVal = part.split("="); |
| | | if(keyVal[0].equalsIgnoreCase("access_token")) { |
| | | token = keyVal[1].trim(); |
| | | } |
| | | } |
| | | } |
| | | } |
| | | return token; |
| | | } |
| | |
| | | * im WWW-Authenticate Header bestimmen |
| | | * |
| | | * @param exchange |
| | | * @return den Ausdruck fuer den WWW-Authenticate Header |
| | | */ |
| | | protected String getWWWAuthRealm(HttpExchange exchange) { |
| | | return wwwAuthRealm; |
| | |
| | | * WWW-Authenticate: Bearer realm="example" |
| | | * |
| | | * @param exchange |
| | | * @return |
| | | * @throws java.io.IOException |
| | | * @return das Ergebnis |
| | | */ |
| | | protected Result unauthorized(HttpExchange exchange) { |
| | | StringBuilder sb = new StringBuilder(); |
| | |
| | | this.realm = realm; |
| | | } |
| | | |
| | | public Realm getRealm() { |
| | | return realm; |
| | | } |
| | | |
| | | public void setWWWAuthRealm(String wwwAuthRealm) { |
| | | this.wwwAuthRealm = wwwAuthRealm; |
| | | } |