Source code

001package org.apache.maven.wagon.tck.http.fixture;
002
003/*
004 * Licensed to the Apache Software Foundation (ASF) under one
005 * or more contributor license agreements.  See the NOTICE file
006 * distributed with this work for additional information
007 * regarding copyright ownership.  The ASF licenses this file
008 * to you under the Apache License, Version 2.0 (the
009 * "License"); you may not use this file except in compliance
010 * with the License.  You may obtain a copy of the License at
011 *
012 *   http://www.apache.org/licenses/LICENSE-2.0
013 *
014 * Unless required by applicable law or agreed to in writing,
015 * software distributed under the License is distributed on an
016 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
017 * KIND, either express or implied.  See the License for the
018 * specific language governing permissions and limitations
019 * under the License.
020 */
021
022import java.io.IOException;
023import java.nio.charset.StandardCharsets;
024
025import javax.servlet.Filter;
026import javax.servlet.FilterChain;
027import javax.servlet.FilterConfig;
028import javax.servlet.ServletException;
029import javax.servlet.ServletRequest;
030import javax.servlet.ServletResponse;
031import javax.servlet.http.HttpServletRequest;
032import javax.servlet.http.HttpServletResponse;
033
034import org.codehaus.plexus.util.Base64;
035
036/**
037 *
038 */
039public class ProxyAuthenticationFilter
040    implements Filter
041{
042
043    private final String username;
044
045    private final String password;
046
047    public ProxyAuthenticationFilter( final String username, final String password )
048    {
049        this.username = username;
050        this.password = password;
051    }
052
053    public void destroy()
054    {
055    }
056
057    public void doFilter( final ServletRequest req, final ServletResponse resp, final FilterChain chain )
058        throws IOException, ServletException
059    {
060        HttpServletRequest request = (HttpServletRequest) req;
061        HttpServletResponse response = (HttpServletResponse) resp;
062
063        String header = request.getHeader( "Proxy-Authorization" );
064        if ( header == null )
065        {
066            response.setStatus( HttpServletResponse.SC_PROXY_AUTHENTICATION_REQUIRED );
067            response.addHeader( "Proxy-Authenticate", "Basic realm=\"Squid proxy-caching web server\"" );
068            return;
069        }
070        else
071        {
072            String data = header.substring( "BASIC ".length() );
073            data = new String( Base64.decodeBase64( data.getBytes( StandardCharsets.US_ASCII ) ) );
074            String[] creds = data.split( ":" );
075
076            if ( !creds[0].equals( username ) || !creds[1].equals( password ) )
077            {
078                response.sendError( HttpServletResponse.SC_UNAUTHORIZED );
079            }
080        }
081
082        chain.doFilter( req, resp );
083    }
084
085    public void init( final FilterConfig filterConfig )
086        throws ServletException
087    {
088    }
089
090}