Package uk.ac.starlink.auth
Class AuthUtil
java.lang.Object
uk.ac.starlink.auth.AuthUtil
Utilities used by authentication classes.
- Since:
- 15 Jun 2020
- Author:
- Mark Taylor
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final AuthScheme[]
List of all known authentication schemes.static final String
RFC7235 Authorization header key "Authorization" (RFC 7235 sec 4.2).static final String
Header giving user authenticated ID "X-VO-Authenticated" (SSO_next).static final String
RFC 7235 challenge header key "WWW-Authenticate" (RFC 7235 sec 4.1).static final AuthScheme[]
Default list of authentication schemes in order of preference.static boolean
Global config: if true, passwords etc may be logged by logger.static final String
Name of system property "auth.logsecrets" which if set "true" will allow reporting of sensitive information such as passwords through the logging system.static final String
Name of system property "auth.schemes" giving a comma-separated list of AuthScheme instances or classnames, which overrides the default list of authentication schemes in order of preference.static final Charset
UTF-8 charset, guaranteed present. -
Method Summary
Modifier and TypeMethodDescriptionstatic String
Prepares a short user-readable message indicating the state of a connection that failed because of auth issues.static String
cookieLogText
(HttpCookie cookie) Returns a string suitable for reporting through the logging system to represent a cookie.static String
getAuthenticatedId
(AuthConnection aconn) Returns the authenticated user ID recorded in the headers of a URL connection.static Challenge[]
getChallenges
(URLConnection conn) Extracts challenges from an HTTP response.static AuthScheme[]
Returns a default list of AuthSchemes in order of preference.static int
getResponseCode
(URLConnection conn) Returns the HTTP response code from a URL connection.static void
postForm
(HttpURLConnection hconn, Map<String, String> params) Posts name=value pairs to an HTTP connection inapplication/x-www-form-urlencoded
format.static HttpURLConnection
Posts name=value pairs over HTTP inapplication/x-www-form-urlencoded
format.static String
unNullString
(String txt) Returns the input string, unless it's null, in which case it returns the empty string.
-
Field Details
-
UTF8
UTF-8 charset, guaranteed present. -
CHALLENGE_HEADER
RFC 7235 challenge header key "WWW-Authenticate" (RFC 7235 sec 4.1).- See Also:
-
AUTH_HEADER
RFC7235 Authorization header key "Authorization" (RFC 7235 sec 4.2).- See Also:
-
AUTHID_HEADER
Header giving user authenticated ID "X-VO-Authenticated" (SSO_next).- See Also:
-
LOGSECRETS_PROP
Name of system property "auth.logsecrets" which if set "true" will allow reporting of sensitive information such as passwords through the logging system.- See Also:
-
LOG_SECRETS
public static boolean LOG_SECRETSGlobal config: if true, passwords etc may be logged by logger. -
SCHEMES_PROP
Name of system property "auth.schemes" giving a comma-separated list of AuthScheme instances or classnames, which overrides the default list of authentication schemes in order of preference.- See Also:
-
DFLT_SCHEMES
Default list of authentication schemes in order of preference. -
ALL_SCHEMES
List of all known authentication schemes.
-
-
Method Details
-
getResponseCode
Returns the HTTP response code from a URL connection. In case of error (including if the connection is not an HTTP one), -1 is returned.- Parameters:
conn
- URL connection- Returns:
- HTTP response code, or -1
-
getChallenges
Extracts challenges from an HTTP response.- Parameters:
conn
- open URL connection (typically, but not necessarily, 401)- Returns:
- challenges indicated in WWW-Authenticate header(s)
-
getAuthenticatedId
Returns the authenticated user ID recorded in the headers of a URL connection. This attempts to read the non-standard header "X-VO-Authenticated". If the header is absent, some placeholder non-null value is returned. If the connection does not look like an authenticated one, null is returned.- Parameters:
aconn
- connection to endpoint expected to yield an auth ID- Returns:
- real or placeholder authenticated user ID, or null
-
authFailureMessage
Prepares a short user-readable message indicating the state of a connection that failed because of auth issues.- Parameters:
hconn
- open connection, should usually be 401 or 403- Returns:
- short message
-
unNullString
Returns the input string, unless it's null, in which case it returns the empty string.- Parameters:
txt
- string- Returns:
- non-null equivalent string
-
cookieLogText
Returns a string suitable for reporting through the logging system to represent a cookie. Depending on the value ofLOG_SECRETS
, it will or will not contain sensitive information.- Parameters:
cookie
- cookie to represent- Returns:
- loggable text
-
getDefaultSchemes
Returns a default list of AuthSchemes in order of preference. This is affected by theSCHEMES_PROP
system property; if that is not set, it will take the value ofDFLT_SCHEMES
.- Returns:
- default authentication scheme list
-
postForm
Posts name=value pairs over HTTP inapplication/x-www-form-urlencoded
format.- Parameters:
url
- destination URLparams
- map of name->value pairs- Returns:
- an opened HTTP connection from which exit status and output content can be read
- Throws:
IOException
-
postForm
Posts name=value pairs to an HTTP connection inapplication/x-www-form-urlencoded
format. The supplied connection can be the result of a call toURL.openConnection()
, with or without some customization.- Parameters:
hconn
- unopened connectionparams
- map of name->value pairs- Throws:
IOException
-