View Javadoc

1   package com.atlassian.asap.core.server.springsecurity;
2   
3   import com.atlassian.asap.core.JwtConstants;
4   import org.apache.commons.lang3.StringUtils;
5   import org.springframework.http.HttpHeaders;
6   import org.springframework.security.web.util.matcher.RequestMatcher;
7   
8   import javax.servlet.http.HttpServletRequest;
9   
10  /**
11   * Checks that the request contains a bearer token.
12   */
13  class BearerTokenRequestMatcher implements RequestMatcher {
14      @Override
15      public boolean matches(HttpServletRequest request) {
16          String authorizationHeader = request.getHeader(HttpHeaders.AUTHORIZATION);
17          return StringUtils.isNotBlank(authorizationHeader) &&
18                  authorizationHeader.startsWith(JwtConstants.HTTP_AUTHORIZATION_HEADER_VALUE_PREFIX);
19      }
20  }