[DM-37318] Switch to AuthorizationTokenPrincipal

Pat says this is the future proof way of doing this, and they will be getting rid of the BearerTokenPrincipal probably sometime in the future.
lsst-sqre · Dec 13, 2022 · 44a5f2b · 44a5f2b
1 parent 68edfdb
commit 44a5f2b
Showing 1 changed file with 6 additions and 6 deletions.
diff --git a/src/main/java/org/opencadc/tap/impl/AuthenticatorImpl.java b/src/main/java/org/opencadc/tap/impl/AuthenticatorImpl.java
@@ -19,9 +19,9 @@
 
 import ca.nrc.cadc.auth.Authenticator;
 import ca.nrc.cadc.auth.AuthMethod;
+import ca.nrc.cadc.auth.AuthorizationTokenPrincipal;
 import ca.nrc.cadc.auth.HttpPrincipal;
 import ca.nrc.cadc.auth.NumericPrincipal;
-import ca.nrc.cadc.auth.BearerTokenPrincipal;
 
 import com.google.gson.Gson;
 import com.google.gson.JsonObject;
@@ -76,16 +76,16 @@ public Subject validate(Subject subject) throws AccessControlException {
         }
 
         List<Principal> addedPrincipals = new ArrayList<Principal>();
-        BearerTokenPrincipal tokenPrincipal = null;
+        AuthorizationTokenPrincipal tokenPrincipal = null;
 
         for (Principal principal : subject.getPrincipals()) {
-            if (principal instanceof BearerTokenPrincipal) {
-                tokenPrincipal = (BearerTokenPrincipal) principal;
+            if (principal instanceof AuthorizationTokenPrincipal) {
+                tokenPrincipal = (AuthorizationTokenPrincipal) principal;
                 TokenInfo tokenInfo = null;
 
                 for (int i = 1; i < 5 && tokenInfo == null; i++) {
                     try {
-                        tokenInfo = getTokenInfo(tokenPrincipal.getName());
+                        tokenInfo = getTokenInfo(tokenPrincipal.getHeaderValue());
                     } catch (IOException|InterruptedException e) {
                         log.warn("Exception thrown while getting info from Gafaelfawr");
                         log.warn(e);
@@ -134,7 +134,7 @@ private TokenInfo getTokenInfo(String token) throws IOException, InterruptedExce
         if (!tokenCache.containsKey(token)) {
             HttpRequest request = HttpRequest.newBuilder(URI.create(gafaelfawr_url))
                 .header("Accept", "application/json")
-                .header("Authorization", "bearer " + token)
+                .header("Authorization", token)
                 .build();
 
             HttpResponse<String> response = client.send(request, BodyHandlers.ofString());