private PasswordAuthentication basicAuth() throws IOException {
final String authHeader = header("Authorization");
if (authHeader == null) {
logger.log(PROGRESS_LEVEL, "No Authorization header found; preparing default with username {0} and empty password", defaultAdminUsername);
return new PasswordAuthentication(defaultAdminUsername, new char[0]);
}
String enc = authHeader.substring(BASIC.length());
String dec = new String(decoder.decodeBuffer(enc));
int i = dec.indexOf(':');
if (i < 0) {
logger.log(PROGRESS_LEVEL, "Authorization header contained no : to separate the username from the password; proceeding with an empty username and empty password");
return new PasswordAuthentication("", new char[0]);
}
final char[] password = dec.substring(i + 1).toCharArray();
String username = dec.substring(0, i);
if (username.isEmpty() && ! localPassword.isLocalPassword(new String(password))) {
logger.log(PROGRESS_LEVEL, "Authorization header contained no username and the password is not the local password, so continue with the default username {0}", defaultAdminUsername);
username = defaultAdminUsername;
}
logger.log(PROGRESS_LEVEL, "basicAuth processing returning PasswordAuthentication with username {0}", username);
return new PasswordAuthentication(username, password);
}