com.gmt2001.httpwsserver.auth.HttpSharedTokenOrPasswordAuthenticationHandler

All Implemented Interfaces:: HttpAuthenticationHandler

public class HttpSharedTokenOrPasswordAuthenticationHandler extends Object implements HttpAuthenticationHandler

Provides a HttpAuthenticationHandler that implements password and token-based authentication The token must be in one of the following locations to succeed: - The header webauth - The query parameter webauth The password must be in the header password to succeed

Author:: gmt2001

Constructor Summary

Constructors

Constructor

Description

HttpSharedTokenOrPasswordAuthenticationHandler(String token, String password)

Constructor
Method Summary

Modifier and Type

Method

Description

boolean

checkAuthorization(ChannelHandlerContext ctx, FullHttpRequest req)

Checks if the given FullHttpRequest has the correct header with valid credentials

boolean

equals(Object obj)

int

hashCode()

void

invalidateAuthorization(ChannelHandlerContext ctx, FullHttpRequest req)

Invalidates the authentication of the specified ChannelHandlerContext, if supported by the authentication handler

boolean

isAuthorized(ChannelHandlerContext ctx, FullHttpRequest req)

Checks if the given FullHttpRequest is a valid authentication request, or if the underlying Channel has already been authenticated When returning false, this method MUST NOT send a response to the client

boolean

isAuthorized(ChannelHandlerContext ctx, HttpHeaders headers)

Checks if the given HttpHeaders contain a valid authorization, or if the underlying Channel has already been authenticated When returning false, this method MUST NOT send a response to the client

boolean

isAuthorized(String user, String pass)

Checks if the given username and password is a valid When returning false, this method MUST NOT send a response to the client

Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait

Constructor Details
- HttpSharedTokenOrPasswordAuthenticationHandler
  
  public HttpSharedTokenOrPasswordAuthenticationHandler(String token, String password)
  
  Constructor
  
  Parameters:
  
  token - The authorization token that grants access
  
  password - The password that also grants access
Method Details
- checkAuthorization
  
  public boolean checkAuthorization(ChannelHandlerContext ctx, FullHttpRequest req)
  
  Checks if the given FullHttpRequest has the correct header with valid credentials
  
  Specified by:
  
  checkAuthorization in interface HttpAuthenticationHandler
  
  Parameters:
  
  ctx - The ChannelHandlerContext of the session
  
  req - The FullHttpRequest to check
  
  Returns:
  
  , this method will also reply with 401 Unauthorized and then close the channel
- invalidateAuthorization
  
  public void invalidateAuthorization(ChannelHandlerContext ctx, FullHttpRequest req)
  
  Description copied from interface: HttpAuthenticationHandler
  
  Invalidates the authentication of the specified ChannelHandlerContext, if supported by the authentication handler
  
  Specified by:
  
  invalidateAuthorization in interface HttpAuthenticationHandler
  
  Parameters:
  
  ctx - The ChannelHandlerContext of the session
  
  req - The FullHttpRequest
- isAuthorized
  
  public boolean isAuthorized(ChannelHandlerContext ctx, FullHttpRequest req)
  
  Description copied from interface: HttpAuthenticationHandler
  
  Checks if the given FullHttpRequest is a valid authentication request, or if the underlying Channel has already been authenticated When returning false, this method MUST NOT send a response to the client
  
  Specified by:
  
  isAuthorized in interface HttpAuthenticationHandler
  
  Parameters:
  
  ctx - The ChannelHandlerContext of the session
  
  req - The FullHttpRequest to check
  
  Returns:
  
  otherwise
- isAuthorized
  
  public boolean isAuthorized(String user, String pass)
  
  Description copied from interface: HttpAuthenticationHandler
  
  Checks if the given username and password is a valid When returning false, this method MUST NOT send a response to the client
  
  Specified by:
  
  isAuthorized in interface HttpAuthenticationHandler
  
  Parameters:
  
  user - The username
  
  pass - The password
  
  Returns:
  
  otherwise
- isAuthorized
  
  public boolean isAuthorized(ChannelHandlerContext ctx, HttpHeaders headers)
  
  Description copied from interface: HttpAuthenticationHandler
  
  Checks if the given HttpHeaders contain a valid authorization, or if the underlying Channel has already been authenticated When returning false, this method MUST NOT send a response to the client
  
  Specified by:
  
  isAuthorized in interface HttpAuthenticationHandler
  
  Parameters:
  
  ctx - The ChannelHandlerContext of the session
  
  headers - The HttpHeaders to check
  
  Returns:
  
  otherwise
- hashCode
  
  public int hashCode()
  
  Overrides:
  
  hashCode in class Object
- equals
  
  public boolean equals(Object obj)
  
  Overrides:
  
  equals in class Object

Class HttpSharedTokenOrPasswordAuthenticationHandler

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Details

HttpSharedTokenOrPasswordAuthenticationHandler

Method Details

checkAuthorization

invalidateAuthorization

isAuthorized

isAuthorized

isAuthorized

hashCode

equals