Updated security to have basic auth and also remove login when reinit

happens.
2025-12-19 08:28:46 +00:00 · 2017-04-03 16:40:46 -05:00
parent 2f1adf9d4b
commit a7e516925c
8 changed files with 93 additions and 48 deletions
--- a/src/main/java/com/bwssystems/HABridge/AuthFramework.java
+++ b/src/main/java/com/bwssystems/HABridge/AuthFramework.java
@@ -1,25 +0,0 @@
-package com.bwssystems.HABridge;
-
-import spark.Request;
-
-public abstract class AuthFramework {
-	private static final String USER_SESSION_ID = "user";
-
-	public AuthFramework() {
-		// TODO Auto-generated constructor stub
-	}
-
-	public void addAuthenticatedUser(Request request, User u) {
-		request.session().attribute(USER_SESSION_ID, u);
-		
-	}
-
-	public void removeAuthenticatedUser(Request request) {
-		request.session().removeAttribute(USER_SESSION_ID);
-		
-	}
-
-	public User getAuthenticatedUser(Request request) {
-		return request.session().attribute(USER_SESSION_ID);
-	}
-}
--- a/src/main/java/com/bwssystems/HABridge/BridgeSecurity.java
+++ b/src/main/java/com/bwssystems/HABridge/BridgeSecurity.java
@@ -18,20 +18,26 @@ import org.slf4j.LoggerFactory;
 import com.google.gson.Gson;
 import com.google.gson.JsonSyntaxException;

-public class BridgeSecurity extends AuthFramework {
+import spark.Request;
+
+public class BridgeSecurity {
 	private static final Logger log = LoggerFactory.getLogger(BridgeSecurity.class);
-	private char[] habridgeKey;
+	private static final String USER_SESSION_ID = "user";
    private static final byte[] SALT = {
            (byte) 0xde, (byte) 0x33, (byte) 0x10, (byte) 0x12,
            (byte) 0xde, (byte) 0x33, (byte) 0x10, (byte) 0x12,
        };
+	private char[] habridgeKey;
    private BridgeSecurityDescriptor securityDescriptor;
 	private boolean settingsChanged;

-	public BridgeSecurity(char[] theKey, String theData) {
+	public BridgeSecurity(char[] theKey) {
 		habridgeKey = theKey;
 		securityDescriptor = null;
 		settingsChanged = false;
+	}
+
+	public void setSecurityData(String theData) {
 		String anError = null;
 		if(theData != null && !theData.isEmpty()) {
 			try {
@@ -211,4 +217,47 @@ public class BridgeSecurity extends AuthFramework {
    private static byte[] base64Decode(String property) throws IOException {
        return Base64.getDecoder().decode(property);
    }
-}
+
+    public void addAuthenticatedUser(Request request, User u) {
+		request.session().attribute(USER_SESSION_ID, u);
+		
+	}
+
+	public void removeAuthenticatedUser(Request request) {
+		request.session().removeAttribute(USER_SESSION_ID);
+		
+	}
+
+	public User getAuthenticatedUser(Request request) {
+		User theUser = request.session().attribute(USER_SESSION_ID);
+		if(theUser == null) {
+			String authHeader = request.headers("Authorization");
+			if(authHeader != null) {
+			    byte[] authData;
+				try {
+					authData = base64Decode(authHeader.substring(6));
+				} catch (IOException e1) {
+					// TODO Auto-generated catch block
+					return theUser;
+				}
+			    String[] credentials = new String(authData).split(":");
+			    String username = credentials[0];
+			    String password = credentials[1];
+			    theUser = new User();
+			    theUser.setUsername(username);
+			    theUser.setPassword(password);
+			    LoginResult theResult = null;
+				try {
+					theResult = validatePassword(theUser);
+				} catch (IOException e) {
+					// TODO Auto-generated catch block
+					return null;
+				}
+				if(theResult != null && theResult.getError() == null) {
+					addAuthenticatedUser(request, theUser);
+				}
+			}
+		}
+		return theUser;
+	}
+}
--- a/src/main/java/com/bwssystems/HABridge/BridgeSettings.java
+++ b/src/main/java/com/bwssystems/HABridge/BridgeSettings.java
@@ -35,6 +35,10 @@ public class BridgeSettings extends BackupHandler {
 		bridgeControl = new BridgeControlDescriptor();
 		theBridgeSettings = new BridgeSettingsDescriptor();
 		bridgeSecurity = null;
+		String theKey = System.getProperty("security.key");
+		if(theKey == null)
+			theKey = "IWantMyPasswordsToBeAbleToBeDecodedPleaseSeeTheReadme";
+		bridgeSecurity = new BridgeSecurity(theKey.toCharArray());
 		String ipV6Stack = System.getProperty("ipV6Stack");
        if(ipV6Stack == null || !ipV6Stack.equalsIgnoreCase("true")) {
        	System.setProperty("java.net.preferIPv4Stack" , "true");
@@ -183,10 +187,7 @@ public class BridgeSettings extends BackupHandler {
 		
 		setupInternalTestUser();
 		
-		String theKey = System.getProperty("security.key");
-		if(theKey == null)
-			theKey = "IWantMyPasswordsToBeAbleToBeDecodedPleaseSeeTheReadme";
-		bridgeSecurity = new BridgeSecurity(theKey.toCharArray(), theBridgeSettings.getSecurityData());
+		bridgeSecurity.setSecurityData(theBridgeSettings.getSecurityData());
 	}

 	public void loadConfig() {
@@ -273,7 +274,8 @@ public class BridgeSettings extends BackupHandler {
 	        perms.add(PosixFilePermission.OWNER_WRITE);
 	        
 	        try {
-	        	if(System.getProperty("os.name").toLowerCase().indexOf("win") <= 0)
+	        	String osName = System.getProperty("os.name");
+	        	if(osName.toLowerCase().indexOf("win") < 0)
 	        		Files.setPosixFilePermissions(filePath, perms);
 	        } catch(UnsupportedOperationException e) {
 	        	log.info("Cannot set permissions for config file on this system as it is not supported. Continuing");