X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fauth-locate%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fauth%2Flocate%2FBasicAuthCode.java;h=80dffc274a46ce76279a71ac222f881bf7feb356;hb=1296352d8eafee57f982a4342ad79ada4aa56d28;hp=ac348f3fd01c870c68f18121f450146c707b4331;hpb=71037c39a37d3549dcfe31926832a657744fbe05;p=aaf%2Fauthz.git

diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/BasicAuthCode.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/BasicAuthCode.java
index ac348f3f..80dffc27 100644
--- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/BasicAuthCode.java
+++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/BasicAuthCode.java
@@ -7,9 +7,9 @@
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
- * 
+ *
  *      http://www.apache.org/licenses/LICENSE-2.0
- * 
+ *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -35,43 +35,43 @@ import org.onap.aaf.cadi.principal.BasicPrincipal;
 import org.onap.aaf.cadi.principal.X509Principal;
 
 public class BasicAuthCode extends LocateCode {
-	private AAFAuthn<?> authn;
+    private AAFAuthn<?> authn;
 
-	public BasicAuthCode(AAFAuthn<?> authn, LocateFacade facade) {
-		super(facade, "AAF Basic Auth",true);
-		this.authn = authn;
-	}
+    public BasicAuthCode(AAFAuthn<?> authn, LocateFacade facade) {
+        super(facade, "AAF Basic Auth",true);
+        this.authn = authn;
+    }
 
-	@Override
-	public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
-		Principal p = trans.getUserPrincipal();
-		if(p == null) {
-			trans.error().log("Transaction not Authenticated... no Principal");
-		} else if (p instanceof BasicPrincipal) {
-			// the idea is that if call is made with this credential, and it's a BasicPrincipal, it's ok
-			// otherwise, it wouldn't have gotten here.
-			resp.setStatus(HttpStatus.OK_200);
-			return;
-		} else if (p instanceof X509Principal) {
-			// Since X509Principal has priority, BasicAuth Info might be there, but not validated.
-			String ba;
-			if((ba=req.getHeader("Authorization"))!=null && ba.startsWith("Basic ")) {
-				ba = Symm.base64noSplit.decode(ba.substring(6));
-				int colon = ba.indexOf(':');
-				if(colon>=0) {
-					String err;
-					if((err=authn.validate(ba.substring(0, colon), ba.substring(colon+1),trans))==null) {
-						resp.setStatus(HttpStatus.OK_200);
-					} else {
-						trans.audit().log(ba.substring(0,colon),": ",err);
-						resp.setStatus(HttpStatus.UNAUTHORIZED_401);
-					}
-					return;
-				}
-			}
-		}
-		trans.checkpoint("Basic Auth Check Failed: This wasn't a Basic Auth Trans");
-		// For Auth Security questions, we don't give any info to client on why failed
-		resp.setStatus(HttpStatus.FORBIDDEN_403);
-	}
+    @Override
+    public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+        Principal p = trans.getUserPrincipal();
+        if (p == null) {
+            trans.error().log("Transaction not Authenticated... no Principal");
+        } else if (p instanceof BasicPrincipal) {
+            // the idea is that if call is made with this credential, and it's a BasicPrincipal, it's ok
+            // otherwise, it wouldn't have gotten here.
+            resp.setStatus(HttpStatus.OK_200);
+            return;
+        } else if (p instanceof X509Principal) {
+            // Since X509Principal has priority, BasicAuth Info might be there, but not validated.
+            String ba;
+            if ((ba=req.getHeader("Authorization"))!=null && ba.startsWith("Basic ")) {
+                ba = Symm.base64noSplit.decode(ba.substring(6));
+                int colon = ba.indexOf(':');
+                if (colon>=0) {
+                    String err;
+                    if ((err=authn.validate(ba.substring(0, colon), ba.substring(colon+1),trans))==null) {
+                        resp.setStatus(HttpStatus.OK_200);
+                    } else {
+                        trans.audit().log(ba.substring(0,colon),": ",err);
+                        resp.setStatus(HttpStatus.UNAUTHORIZED_401);
+                    }
+                    return;
+                }
+            }
+        }
+        trans.checkpoint("Basic Auth Check Failed: This wasn't a Basic Auth Trans");
+        // For Auth Security questions, we don't give any info to client on why failed
+        resp.setStatus(HttpStatus.FORBIDDEN_403);
+    }
 }