Change logic of token extraction

merge-requests/7/head
manoj 10 years ago
parent 54290e0ab3
commit eda34cf4de

@ -34,11 +34,14 @@ import org.wso2.carbon.webapp.authenticator.framework.Constants;
import org.wso2.carbon.webapp.authenticator.framework.WebappAuthenticator; import org.wso2.carbon.webapp.authenticator.framework.WebappAuthenticator;
import java.util.StringTokenizer; import java.util.StringTokenizer;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
public class OAuthAuthenticator implements WebappAuthenticator { public class OAuthAuthenticator implements WebappAuthenticator {
private static final String OAUTH_AUTHENTICATOR = "OAuth"; private static final String OAUTH_AUTHENTICATOR = "OAuth";
private static APITokenAuthenticator authenticator = new APITokenAuthenticator(); private static APITokenAuthenticator authenticator = new APITokenAuthenticator();
private static final String REGEX_BEARER_PATTERN = "\"[B|b]earer\\\\s\"";
private static final Log log = LogFactory.getLog(OAuthAuthenticator.class); private static final Log log = LogFactory.getLog(OAuthAuthenticator.class);
@ -90,15 +93,21 @@ public class OAuthAuthenticator implements WebappAuthenticator {
} }
private String getBearerToken(Request request) { private String getBearerToken(Request request) {
MessageBytes authorization = MessageBytes authorization =
request.getCoyoteRequest().getMimeHeaders().getValue(Constants.HTTPHeaders.HEADER_HTTP_AUTHORIZATION); request.getCoyoteRequest().getMimeHeaders().getValue(Constants.HTTPHeaders.HEADER_HTTP_AUTHORIZATION);
String tokenValue = null; String tokenValue = null;
if (authorization != null) { if (authorization != null) {
authorization.toBytes(); authorization.toBytes();
ByteChunk authBC = authorization.getByteChunk(); ByteChunk authBC = authorization.getByteChunk();
if (authBC.startsWithIgnoreCase("bearer ", 0)) { tokenValue = authBC.toString();
String bearerToken = authBC.toString(); Pattern pattern = Pattern.compile(REGEX_BEARER_PATTERN);
tokenValue = bearerToken.substring(8, bearerToken.length() - 1); Matcher matcher = pattern.matcher(tokenValue);
if (matcher.find()){
tokenValue = tokenValue.substring(matcher.end());
} }
} }
return tokenValue; return tokenValue;

Loading…
Cancel
Save