X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=src%2Fmain%2Fjava%2Forg%2Fonap%2Fdmaap%2Fdbcapi%2Fservice%2FApiService.java;h=ef1e6f49c20a84bfed74b13732945d8d89b77e23;hb=ece3a625175df4d74d890d67f584560630e9ed33;hp=e1beb2872e6760ccc0c8cae87735f4686c853ab5;hpb=4444a934c6ad97d0222abc351af4c392d42f654e;p=dmaap%2Fdbcapi.git

diff --git a/src/main/java/org/onap/dmaap/dbcapi/service/ApiService.java b/src/main/java/org/onap/dmaap/dbcapi/service/ApiService.java
index e1beb28..ef1e6f4 100644
--- a/src/main/java/org/onap/dmaap/dbcapi/service/ApiService.java
+++ b/src/main/java/org/onap/dmaap/dbcapi/service/ApiService.java
@@ -21,10 +21,8 @@
 package org.onap.dmaap.dbcapi.service;
 
 import static com.att.eelf.configuration.Configuration.MDC_KEY_REQUEST_ID;
-import static com.att.eelf.configuration.Configuration.MDC_PARTNER_NAME;
 import static com.att.eelf.configuration.Configuration.MDC_SERVICE_NAME;
 
-import javax.xml.bind.DatatypeConverter;
 import org.onap.dmaap.dbcapi.aaf.DmaapPerm;
 import org.onap.dmaap.dbcapi.authentication.ApiPolicy;
 import org.onap.dmaap.dbcapi.authentication.AuthenticationErrorException;
@@ -45,6 +43,7 @@ public class ApiService extends BaseLoggingClass {
     private String requestId;
     private ApiError err;
     private ApiPolicy apiPolicy;
+    private CredentialsParser credentialsParser = new CredentialsParser();
 
     public ApiService() {
 
@@ -127,29 +126,17 @@ public class ApiService extends BaseLoggingClass {
         if (env == null || env.isEmpty()) {
             env = "boot";
         }
-        if (!apiPolicy.getUseAuthClass()) {
+        if (!apiPolicy.isPermissionClassSet()) {
             return;  // skip authorization if not enabled
         }
-        if (authorization == null || authorization.isEmpty()) {
-            String errmsg = "No basic authorization value provided ";
-            err.setMessage(errmsg);
-            logger.info(errmsg);
-            throw new AuthenticationErrorException();
-        }
-        String credentials = authorization.substring("Basic".length()).trim();
-        byte[] decoded = DatatypeConverter.parseBase64Binary(credentials);
-        String decodedString = new String(decoded);
-        String[] actualCredentials = decodedString.split(":");
-        String ID = actualCredentials[0];
-        String Password = actualCredentials[1];
-        MDC.put(MDC_PARTNER_NAME, ID);
-        try {
 
+        Credentials credentials = credentialsParser.parse(authorization);
+        try {
             DmaapPerm p = new DmaapPerm(apiNamespace + "." + uri, env, method);
-            apiPolicy.check(ID, Password, p);
+            apiPolicy.check(credentials.getId(), credentials.getPwd(), p);
         } catch (AuthenticationErrorException ae) {
             String errmsg =
-                "User " + ID + " failed authentication/authorization for " + apiNamespace + "." + uriPath + " " + env
+                "User " + credentials.getId() + " failed authentication/authorization for " + apiNamespace + "." + uriPath + " " + env
                     + " " + method;
             logger.info(errmsg);
             err.setMessage(errmsg);