Java Reference
In-Depth Information
interface is annotated with
@NameBinding
.
With our custom annotation defined, let's take a look at the filter that implements the OTP
algorithm:
src/main/java/com/restfuly/shop/features/OneTimePasswordAuthenticator.java
@OTPAuthenticated
@Priority
(
Priorities
.
AUTHENTICATION
)
public
public class
class
OneTimePasswordAuthenticator
OneTimePasswordAuthenticator
implements
implements
ContainerRequestFilter
{
The
OneTimePasswordAuthenticator
class is annotated with
@OTPAuthenticated
. This
completes the
@NameBinding
we started when we implemented the
@OTPAuthenticated
an-
notation interface. The class is also annotated with
@Priority
. This annotation affects the
ordering of filters as they are applied to a JAX-RS method. We'll discuss specifically why
we need this later in the chapter, but you usually want authentication filters to run before any
other filter.
protected
protected
Map
<
String
,
String
>
userSecretMap
;
public
public
OneTimePasswordAuthenticator
(
Map
<
String
,
String
>
userSecretMap
)
{
this
this
.
userSecretMap
=
userSecretMap
;
}
Our filter will be a singleton object and will be initialized with a map. The key of the map
will be a username, while the value will be the secret password used by the user to create a
one-time password.
@Override
public
public
void
void
filter
(
ContainerRequestContext requestContext
)
throws
throws
IOException
{
String authorization
=
requestContext
.
getHeaderString
(
HttpHeaders
.
AUTHORIZATION
);
iif
(
authorization
==
null
null
)
throw
throw new
new
NotAuthorizedException
(
"OTP"
);
String
[]
split
=
authorization
.
split
(
" "
);
final
final
String user
=
split
[
0
];
String otp
=
split
[
1
];
In the first part of our
filter()
method, we parse the
Authorization
header that was sent
by the client. The username and encoded password are extracted from the header into the
user
and
otp
variables.