unicon.matthews.security.auth.jwt.extractor.JwtHeaderTokenExtractor.extract(String) - Code Metrics - Apereo-Learning-Analytics-Initiative/OpenLRW - Measure and Improve Code Quality continuously with Scrutinizer

extract(String) A
last analyzed 2019-01-30 08:29 UTC

↳ Parent: unicon.matthews.security.auth.jwt.extractor.JwtHeaderTokenExtractor

Complexity

Conditions

Size

Total Lines	11
Code Lines	7

Duplication

Lines	0
Ratio	0 %

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
cc	3
c	1
b	0
f	0
dl	0
loc	11
rs	10
eloc	7

package unicon.matthews.security.auth.jwt.extractor;

import org.apache.commons.lang3.StringUtils;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.stereotype.Component;

/**
 * An implementation of {@link TokenExtractor} extracts token from
 * Authorization: Bearer scheme.
 * 
 * @author vladimir.stankovic
 *
 * Aug 5, 2016
 */
@Component
public class JwtHeaderTokenExtractor implements TokenExtractor {
    public static String HEADER_PREFIX = "Bearer ";


    @Override
    public String extract(String header) {
        if (StringUtils.isBlank(header)) {
            throw new AuthenticationServiceException("Authorization header cannot be blank!");
        }

        if (header.length() < HEADER_PREFIX.length()) {
            throw new AuthenticationServiceException("Invalid authorization header size.");
        }

        return header.substring(HEADER_PREFIX.length(), header.length());
    }
}


1			package unicon.matthews.security.auth.jwt.extractor;
2
3			import org.apache.commons.lang3.StringUtils;
4			import org.springframework.security.authentication.AuthenticationServiceException;
5			import org.springframework.stereotype.Component;
6
7			/**
8			* An implementation of {@link TokenExtractor} extracts token from
9			* Authorization: Bearer scheme.
10			*
11			* @author vladimir.stankovic
12			*
13			* Aug 5, 2016
14			*/
15			@Component
16			public class JwtHeaderTokenExtractor implements TokenExtractor {
17			public static String HEADER_PREFIX = "Bearer ";
			0 ignored issues – show Security introduced 2019-01-30 08:29 UTC by Report Bug Copy Issue Report public static fields should always be marked final to prevent them being overwritten in unexpected ways. Consider making `HEADER_PREFIX` final. See this CWE advisory on why this is a security issue. Loading history... Security introduced 2019-01-30 08:29 UTC by Report Bug Copy Issue Report Make HEADER_PREFIX a static final constant or non-public and provide accessors if needed. Loading history...
18
19			@Override
20			public String extract(String header) {
21			if (StringUtils.isBlank(header)) {
22			throw new AuthenticationServiceException("Authorization header cannot be blank!");
23			}
24
25			if (header.length() < HEADER_PREFIX.length()) {
26			throw new AuthenticationServiceException("Invalid authorization header size.");
27			}
28
29			return header.substring(HEADER_PREFIX.length(), header.length());
30			}
31			}
32

Apereo-Learning-Analytics-Initiative / OpenLRW

extract(String) A last analyzed 2019-01-30 08:29 UTC

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like

extract(String) A
last analyzed 2019-01-30 08:29 UTC