53 lines
1.8 KiB
Java
53 lines
1.8 KiB
Java
package com.noblelift.ota.config;
|
|
|
|
import jakarta.servlet.http.HttpServletRequest;
|
|
import org.springframework.http.HttpStatus;
|
|
import org.springframework.stereotype.Component;
|
|
import org.springframework.web.server.ResponseStatusException;
|
|
|
|
@Component
|
|
public class AgentTokenAuthenticator {
|
|
|
|
private static final String TOKEN_HEADER = "X-OTA-TOKEN";
|
|
private static final String AUTHORIZATION_HEADER = "Authorization";
|
|
private static final String BEARER_PREFIX = "Bearer ";
|
|
|
|
private final OtaProperties otaProperties;
|
|
|
|
public AgentTokenAuthenticator(OtaProperties otaProperties) {
|
|
this.otaProperties = otaProperties;
|
|
}
|
|
|
|
public void verify(HttpServletRequest request) {
|
|
String expectedToken = trimToNull(otaProperties.getAuthToken());
|
|
if (expectedToken == null) {
|
|
throw new ResponseStatusException(HttpStatus.UNAUTHORIZED, "OTA agent token is not configured");
|
|
}
|
|
|
|
String providedToken = extractToken(request);
|
|
if (!expectedToken.equals(providedToken)) {
|
|
throw new ResponseStatusException(HttpStatus.UNAUTHORIZED, "Invalid OTA agent token");
|
|
}
|
|
}
|
|
|
|
private String extractToken(HttpServletRequest request) {
|
|
String token = trimToNull(request.getHeader(TOKEN_HEADER));
|
|
if (token != null) {
|
|
return token;
|
|
}
|
|
String authorization = trimToNull(request.getHeader(AUTHORIZATION_HEADER));
|
|
if (authorization != null && authorization.regionMatches(true, 0, BEARER_PREFIX, 0, BEARER_PREFIX.length())) {
|
|
return trimToNull(authorization.substring(BEARER_PREFIX.length()));
|
|
}
|
|
return null;
|
|
}
|
|
|
|
private String trimToNull(String value) {
|
|
if (value == null) {
|
|
return null;
|
|
}
|
|
String trimmed = value.trim();
|
|
return trimmed.isEmpty() ? null : trimmed;
|
|
}
|
|
}
|