List of usage examples for org.springframework.security.crypto.codec Base64 Base64
Base64
From source file:org.cloudfoundry.identity.uaa.login.LoginInfoEndpoint.java
@RequestMapping(value = "/autologin", method = RequestMethod.POST) @ResponseBody/*from www . j a v a2s. c o m*/ public AutologinResponse generateAutologinCode(@RequestBody AutologinRequest request, @RequestHeader(value = "Authorization", required = false) String auth) throws Exception { if (auth == null || (!auth.startsWith("Basic"))) { throw new BadCredentialsException("No basic authorization client information in request"); } String username = request.getUsername(); if (username == null) { throw new BadCredentialsException("No username in request"); } Authentication userAuthentication = null; if (authenticationManager != null) { String password = request.getPassword(); if (!hasText(password)) { throw new BadCredentialsException("No password in request"); } userAuthentication = authenticationManager .authenticate(new AuthzAuthenticationRequest(username, password, null)); } String base64Credentials = auth.substring("Basic".length()).trim(); String credentials = new String(new Base64().decode(base64Credentials.getBytes()), UTF_8.name()); // credentials = username:password final String[] values = credentials.split(":", 2); if (values == null || values.length == 0) { throw new BadCredentialsException("Invalid authorization header."); } String clientId = values[0]; Map<String, String> codeData = new HashMap<>(); codeData.put("client_id", clientId); codeData.put("username", username); if (userAuthentication != null && userAuthentication.getPrincipal() instanceof UaaPrincipal) { UaaPrincipal p = (UaaPrincipal) userAuthentication.getPrincipal(); if (p != null) { codeData.put("user_id", p.getId()); codeData.put(OriginKeys.ORIGIN, p.getOrigin()); } } ExpiringCode expiringCode = expiringCodeStore.generateCode(JsonUtils.writeValueAsString(codeData), new Timestamp(System.currentTimeMillis() + 5 * 60 * 1000), ExpiringCodeType.AUTOLOGIN.name(), IdentityZoneHolder.get().getId()); return new AutologinResponse(expiringCode.getCode()); }