[#171] Support passwordless authentication

paypal · Jan 4, 2019 · 0cd6dc7 · 0cd6dc7
1 parent 9e7c2c9
commit 0cd6dc7
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 4 deletions.
diff --git a/src/main/java/com/paypal/security/SecurityConfiguration.java b/src/main/java/com/paypal/security/SecurityConfiguration.java
@@ -223,7 +223,7 @@ public Map<String, String> getLocalOnlyUsers() {
         for (String split : splits) {
           String[] usernamePassword = split.split(":");
           String username = usernamePassword[0];
-          String password = usernamePassword[1];
+          String password = (usernamePassword.length == 1) ? "" : usernamePassword[1];
           localOnlyUsers.put(username, password);
         }
       } catch (ArrayIndexOutOfBoundsException e) {

diff --git a/src/main/java/com/paypal/security/SecurityContext.java b/src/main/java/com/paypal/security/SecurityContext.java
@@ -136,7 +136,7 @@ public void login(Request req, Response res) throws AuthenticationException, Htt
     String username = req.queryMap().get("username").value();
     String password = req.queryMap().get("password").value();
 
-    if (username == null || username.isEmpty() || password == null || password.isEmpty()) {
+    if (username == null || password == null) {
       LOG.info("Corrupt login credentials for: {}", req.ip());
       throw new AuthenticationException("Bad username / password provided.");
     }
@@ -272,7 +272,7 @@ public void handleAuthentication(Request req, Response res)
           new String(Base64.getDecoder().decode(b64Credentials), Charset.defaultCharset());
       String[] split = nameAndPassword.split(":");
       String username = split[0];
-      String password = split[1];
+      String password = (split.length == 1) ? "" : split[1];
       // Perform local authentication if found.
       if (localLogin(req, res, username, password)) {
         return;

diff --git a/src/test/java/com/paypal/nnanalytics/TestLdapAuth.java b/src/test/java/com/paypal/nnanalytics/TestLdapAuth.java
@@ -69,7 +69,7 @@ public static void beforeClass() throws Exception {
     conf.set("ldap.enable", "false");
     conf.set("authorization.enable", "false");
     conf.set("nna.historical", "false");
-    conf.set("nna.localonly.users", "hdfs:hdfs,hdfsW:hdfsW,hdfsR:hdfsR");
+    conf.set("nna.localonly.users", "hdfs:hdfs,hdfsW:hdfsW,hdfsR:hdfsR,testEmpty:");
     conf.set("nna.base.dir", MiniDFSCluster.getBaseDirectory());
     nna.init(conf, gset);
     hostPort = new HttpHost("localhost", 4567);
@@ -121,6 +121,17 @@ public void testLocalBasicAuthentication() throws IOException {
     assertThat(res2.getStatusLine().getStatusCode(), is(200));
   }
 
+  @Test
+  public void testLocalBasicAuthenticationEmptyPass() throws IOException {
+    // Do local basic auth.
+    byte[] encode = Base64.getEncoder().encode("testEmpty:".getBytes());
+    HttpGet get = new HttpGet("http://localhost:4567/info");
+    get.addHeader("Authorization", "Basic " + new String(encode));
+    HttpResponse res2 = client.execute(hostPort, get);
+    System.out.println(IOUtils.toString(res2.getEntity().getContent()));
+    assertThat(res2.getStatusLine().getStatusCode(), is(200));
+  }
+
   @Test
   public void testLocalAuthentication() throws IOException {
     // Test authentication required.