Google Git
Sign in
apache / hbase-site / e3c8c83649cc6545b444ce0bc60de4ca5f95e341 / . / devapidocs / src-html / org / apache / hadoop / hbase / thrift / ThriftHttpServlet.html
blob: 41a028586a98860d2fd74540e327856b6bb8731b [file] [log] [blame]
<!DOCTYPE HTML>
<html lang="en">
<head>
<!-- Generated by javadoc (17) -->
<title>Source code</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="source: package: org.apache.hadoop.hbase.thrift, class: ThriftHttpServlet">
<meta name="generator" content="javadoc/SourceToHTMLConverter">
<link rel="stylesheet" type="text/css" href="../../../../../../stylesheet.css" title="Style">
</head>
<body class="source-page">
<main role="main">
<div class="source-container">
<pre><span class="source-line-no">001</span><span id="line-1">/*</span>
<span class="source-line-no">002</span><span id="line-2"> * Licensed to the Apache Software Foundation (ASF) under one</span>
<span class="source-line-no">003</span><span id="line-3"> * or more contributor license agreements. See the NOTICE file</span>
<span class="source-line-no">004</span><span id="line-4"> * distributed with this work for additional information</span>
<span class="source-line-no">005</span><span id="line-5"> * regarding copyright ownership. The ASF licenses this file</span>
<span class="source-line-no">006</span><span id="line-6"> * to you under the Apache License, Version 2.0 (the</span>
<span class="source-line-no">007</span><span id="line-7"> * "License"); you may not use this file except in compliance</span>
<span class="source-line-no">008</span><span id="line-8"> * with the License. You may obtain a copy of the License at</span>
<span class="source-line-no">009</span><span id="line-9"> *</span>
<span class="source-line-no">010</span><span id="line-10"> * http://www.apache.org/licenses/LICENSE-2.0</span>
<span class="source-line-no">011</span><span id="line-11"> *</span>
<span class="source-line-no">012</span><span id="line-12"> * Unless required by applicable law or agreed to in writing, software</span>
<span class="source-line-no">013</span><span id="line-13"> * distributed under the License is distributed on an "AS IS" BASIS,</span>
<span class="source-line-no">014</span><span id="line-14"> * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.</span>
<span class="source-line-no">015</span><span id="line-15"> * See the License for the specific language governing permissions and</span>
<span class="source-line-no">016</span><span id="line-16"> * limitations under the License.</span>
<span class="source-line-no">017</span><span id="line-17"> */</span>
<span class="source-line-no">018</span><span id="line-18">package org.apache.hadoop.hbase.thrift;</span>
<span class="source-line-no">019</span><span id="line-19"></span>
<span class="source-line-no">020</span><span id="line-20">import static org.apache.hadoop.hbase.http.ProxyUserAuthenticationFilter.getDoasFromHeader;</span>
<span class="source-line-no">021</span><span id="line-21"></span>
<span class="source-line-no">022</span><span id="line-22">import java.io.IOException;</span>
<span class="source-line-no">023</span><span id="line-23">import java.security.PrivilegedExceptionAction;</span>
<span class="source-line-no">024</span><span id="line-24">import java.util.Base64;</span>
<span class="source-line-no">025</span><span id="line-25">import javax.servlet.ServletException;</span>
<span class="source-line-no">026</span><span id="line-26">import javax.servlet.http.HttpServletRequest;</span>
<span class="source-line-no">027</span><span id="line-27">import javax.servlet.http.HttpServletResponse;</span>
<span class="source-line-no">028</span><span id="line-28">import org.apache.hadoop.hbase.security.SecurityUtil;</span>
<span class="source-line-no">029</span><span id="line-29">import org.apache.hadoop.security.UserGroupInformation;</span>
<span class="source-line-no">030</span><span id="line-30">import org.apache.hadoop.security.authorize.AuthorizationException;</span>
<span class="source-line-no">031</span><span id="line-31">import org.apache.hadoop.security.authorize.ProxyUsers;</span>
<span class="source-line-no">032</span><span id="line-32">import org.apache.http.HttpHeaders;</span>
<span class="source-line-no">033</span><span id="line-33">import org.apache.thrift.TProcessor;</span>
<span class="source-line-no">034</span><span id="line-34">import org.apache.thrift.protocol.TProtocolFactory;</span>
<span class="source-line-no">035</span><span id="line-35">import org.apache.thrift.server.TServlet;</span>
<span class="source-line-no">036</span><span id="line-36">import org.apache.yetus.audience.InterfaceAudience;</span>
<span class="source-line-no">037</span><span id="line-37">import org.ietf.jgss.GSSContext;</span>
<span class="source-line-no">038</span><span id="line-38">import org.ietf.jgss.GSSCredential;</span>
<span class="source-line-no">039</span><span id="line-39">import org.ietf.jgss.GSSException;</span>
<span class="source-line-no">040</span><span id="line-40">import org.ietf.jgss.GSSManager;</span>
<span class="source-line-no">041</span><span id="line-41">import org.ietf.jgss.GSSName;</span>
<span class="source-line-no">042</span><span id="line-42">import org.ietf.jgss.Oid;</span>
<span class="source-line-no">043</span><span id="line-43">import org.slf4j.Logger;</span>
<span class="source-line-no">044</span><span id="line-44">import org.slf4j.LoggerFactory;</span>
<span class="source-line-no">045</span><span id="line-45"></span>
<span class="source-line-no">046</span><span id="line-46">/**</span>
<span class="source-line-no">047</span><span id="line-47"> * Thrift Http Servlet is used for performing Kerberos authentication if security is enabled and</span>
<span class="source-line-no">048</span><span id="line-48"> * also used for setting the user specified in "doAs" parameter.</span>
<span class="source-line-no">049</span><span id="line-49"> */</span>
<span class="source-line-no">050</span><span id="line-50">@InterfaceAudience.Private</span>
<span class="source-line-no">051</span><span id="line-51">public class ThriftHttpServlet extends TServlet {</span>
<span class="source-line-no">052</span><span id="line-52"> private static final long serialVersionUID = 1L;</span>
<span class="source-line-no">053</span><span id="line-53"> private static final Logger LOG = LoggerFactory.getLogger(ThriftHttpServlet.class.getName());</span>
<span class="source-line-no">054</span><span id="line-54"> private final transient UserGroupInformation serviceUGI;</span>
<span class="source-line-no">055</span><span id="line-55"> private final transient UserGroupInformation httpUGI;</span>
<span class="source-line-no">056</span><span id="line-56"> private final transient HBaseServiceHandler handler;</span>
<span class="source-line-no">057</span><span id="line-57"> private final boolean doAsEnabled;</span>
<span class="source-line-no">058</span><span id="line-58"> private final boolean securityEnabled;</span>
<span class="source-line-no">059</span><span id="line-59"></span>
<span class="source-line-no">060</span><span id="line-60"> // HTTP Header related constants.</span>
<span class="source-line-no">061</span><span id="line-61"> public static final String NEGOTIATE = "Negotiate";</span>
<span class="source-line-no">062</span><span id="line-62"></span>
<span class="source-line-no">063</span><span id="line-63"> public ThriftHttpServlet(TProcessor processor, TProtocolFactory protocolFactory,</span>
<span class="source-line-no">064</span><span id="line-64"> UserGroupInformation serviceUGI, UserGroupInformation httpUGI, HBaseServiceHandler handler,</span>
<span class="source-line-no">065</span><span id="line-65"> boolean securityEnabled, boolean doAsEnabled) {</span>
<span class="source-line-no">066</span><span id="line-66"> super(processor, protocolFactory);</span>
<span class="source-line-no">067</span><span id="line-67"> this.serviceUGI = serviceUGI;</span>
<span class="source-line-no">068</span><span id="line-68"> this.httpUGI = httpUGI;</span>
<span class="source-line-no">069</span><span id="line-69"> this.handler = handler;</span>
<span class="source-line-no">070</span><span id="line-70"> this.securityEnabled = securityEnabled;</span>
<span class="source-line-no">071</span><span id="line-71"> this.doAsEnabled = doAsEnabled;</span>
<span class="source-line-no">072</span><span id="line-72"> }</span>
<span class="source-line-no">073</span><span id="line-73"></span>
<span class="source-line-no">074</span><span id="line-74"> @Override</span>
<span class="source-line-no">075</span><span id="line-75"> protected void doPost(HttpServletRequest request, HttpServletResponse response)</span>
<span class="source-line-no">076</span><span id="line-76"> throws ServletException, IOException {</span>
<span class="source-line-no">077</span><span id="line-77"> String effectiveUser = request.getRemoteUser();</span>
<span class="source-line-no">078</span><span id="line-78"> if (securityEnabled) {</span>
<span class="source-line-no">079</span><span id="line-79"> /*</span>
<span class="source-line-no">080</span><span id="line-80"> * Check that the AUTHORIZATION header has any content. If it does not then return a 401</span>
<span class="source-line-no">081</span><span id="line-81"> * requesting AUTHORIZATION header to be sent. This is typical where the first request doesn't</span>
<span class="source-line-no">082</span><span id="line-82"> * send the AUTHORIZATION header initially.</span>
<span class="source-line-no">083</span><span id="line-83"> */</span>
<span class="source-line-no">084</span><span id="line-84"> String authHeader = request.getHeader(HttpHeaders.AUTHORIZATION);</span>
<span class="source-line-no">085</span><span id="line-85"> if (authHeader == null || authHeader.isEmpty()) {</span>
<span class="source-line-no">086</span><span id="line-86"> // Send a 401 to the client</span>
<span class="source-line-no">087</span><span id="line-87"> response.addHeader(HttpHeaders.WWW_AUTHENTICATE, NEGOTIATE);</span>
<span class="source-line-no">088</span><span id="line-88"> response.sendError(HttpServletResponse.SC_UNAUTHORIZED);</span>
<span class="source-line-no">089</span><span id="line-89"> return;</span>
<span class="source-line-no">090</span><span id="line-90"> }</span>
<span class="source-line-no">091</span><span id="line-91"></span>
<span class="source-line-no">092</span><span id="line-92"> try {</span>
<span class="source-line-no">093</span><span id="line-93"> // As Thrift HTTP transport doesn't support SPNEGO yet (THRIFT-889),</span>
<span class="source-line-no">094</span><span id="line-94"> // Kerberos authentication is being done at servlet level.</span>
<span class="source-line-no">095</span><span id="line-95"> final RemoteUserIdentity identity = doKerberosAuth(request);</span>
<span class="source-line-no">096</span><span id="line-96"> effectiveUser = identity.principal;</span>
<span class="source-line-no">097</span><span id="line-97"> // It is standard for client applications expect this header.</span>
<span class="source-line-no">098</span><span id="line-98"> // Please see http://tools.ietf.org/html/rfc4559 for more details.</span>
<span class="source-line-no">099</span><span id="line-99"> response.addHeader(HttpHeaders.WWW_AUTHENTICATE, NEGOTIATE + " " + identity.outToken);</span>
<span class="source-line-no">100</span><span id="line-100"> } catch (HttpAuthenticationException e) {</span>
<span class="source-line-no">101</span><span id="line-101"> LOG.error("Kerberos Authentication failed", e);</span>
<span class="source-line-no">102</span><span id="line-102"> // Send a 401 to the client</span>
<span class="source-line-no">103</span><span id="line-103"> response.addHeader(HttpHeaders.WWW_AUTHENTICATE, NEGOTIATE);</span>
<span class="source-line-no">104</span><span id="line-104"> response.sendError(HttpServletResponse.SC_UNAUTHORIZED,</span>
<span class="source-line-no">105</span><span id="line-105"> "Authentication Error: " + e.getMessage());</span>
<span class="source-line-no">106</span><span id="line-106"> return;</span>
<span class="source-line-no">107</span><span id="line-107"> }</span>
<span class="source-line-no">108</span><span id="line-108"> }</span>
<span class="source-line-no">109</span><span id="line-109"></span>
<span class="source-line-no">110</span><span id="line-110"> if (effectiveUser == null) {</span>
<span class="source-line-no">111</span><span id="line-111"> effectiveUser = serviceUGI.getShortUserName();</span>
<span class="source-line-no">112</span><span id="line-112"> }</span>
<span class="source-line-no">113</span><span id="line-113"></span>
<span class="source-line-no">114</span><span id="line-114"> String doAsUserFromQuery = getDoasFromHeader(request);</span>
<span class="source-line-no">115</span><span id="line-115"> if (doAsUserFromQuery != null) {</span>
<span class="source-line-no">116</span><span id="line-116"> if (!doAsEnabled) {</span>
<span class="source-line-no">117</span><span id="line-117"> throw new ServletException("Support for proxyuser is not configured");</span>
<span class="source-line-no">118</span><span id="line-118"> }</span>
<span class="source-line-no">119</span><span id="line-119"> // The authenticated remote user is attempting to perform 'doAs' proxy user.</span>
<span class="source-line-no">120</span><span id="line-120"> UserGroupInformation remoteUser = UserGroupInformation.createRemoteUser(effectiveUser);</span>
<span class="source-line-no">121</span><span id="line-121"> // create and attempt to authorize a proxy user (the client is attempting</span>
<span class="source-line-no">122</span><span id="line-122"> // to do proxy user)</span>
<span class="source-line-no">123</span><span id="line-123"> UserGroupInformation ugi =</span>
<span class="source-line-no">124</span><span id="line-124"> UserGroupInformation.createProxyUser(doAsUserFromQuery, remoteUser);</span>
<span class="source-line-no">125</span><span id="line-125"> // validate the proxy user authorization</span>
<span class="source-line-no">126</span><span id="line-126"> try {</span>
<span class="source-line-no">127</span><span id="line-127"> ProxyUsers.authorize(ugi, request.getRemoteAddr());</span>
<span class="source-line-no">128</span><span id="line-128"> } catch (AuthorizationException e) {</span>
<span class="source-line-no">129</span><span id="line-129"> throw new ServletException(e);</span>
<span class="source-line-no">130</span><span id="line-130"> }</span>
<span class="source-line-no">131</span><span id="line-131"> effectiveUser = doAsUserFromQuery;</span>
<span class="source-line-no">132</span><span id="line-132"> }</span>
<span class="source-line-no">133</span><span id="line-133"> handler.setEffectiveUser(effectiveUser);</span>
<span class="source-line-no">134</span><span id="line-134"> super.doPost(request, response);</span>
<span class="source-line-no">135</span><span id="line-135"> }</span>
<span class="source-line-no">136</span><span id="line-136"></span>
<span class="source-line-no">137</span><span id="line-137"> /**</span>
<span class="source-line-no">138</span><span id="line-138"> * Do the GSS-API kerberos authentication. We already have a logged in subject in the form of</span>
<span class="source-line-no">139</span><span id="line-139"> * httpUGI, which GSS-API will extract information from.</span>
<span class="source-line-no">140</span><span id="line-140"> */</span>
<span class="source-line-no">141</span><span id="line-141"> private RemoteUserIdentity doKerberosAuth(HttpServletRequest request)</span>
<span class="source-line-no">142</span><span id="line-142"> throws HttpAuthenticationException {</span>
<span class="source-line-no">143</span><span id="line-143"> HttpKerberosServerAction action = new HttpKerberosServerAction(request, httpUGI);</span>
<span class="source-line-no">144</span><span id="line-144"> try {</span>
<span class="source-line-no">145</span><span id="line-145"> String principal = httpUGI.doAs(action);</span>
<span class="source-line-no">146</span><span id="line-146"> return new RemoteUserIdentity(principal, action.outToken);</span>
<span class="source-line-no">147</span><span id="line-147"> } catch (Exception e) {</span>
<span class="source-line-no">148</span><span id="line-148"> LOG.info("Failed to authenticate with {} kerberos principal", httpUGI.getUserName());</span>
<span class="source-line-no">149</span><span id="line-149"> throw new HttpAuthenticationException(e);</span>
<span class="source-line-no">150</span><span id="line-150"> }</span>
<span class="source-line-no">151</span><span id="line-151"> }</span>
<span class="source-line-no">152</span><span id="line-152"></span>
<span class="source-line-no">153</span><span id="line-153"> /**</span>
<span class="source-line-no">154</span><span id="line-154"> * Basic "struct" class to hold the final base64-encoded, authenticated GSSAPI token for the user</span>
<span class="source-line-no">155</span><span id="line-155"> * with the given principal talking to the Thrift server.</span>
<span class="source-line-no">156</span><span id="line-156"> */</span>
<span class="source-line-no">157</span><span id="line-157"> private static class RemoteUserIdentity {</span>
<span class="source-line-no">158</span><span id="line-158"> final String outToken;</span>
<span class="source-line-no">159</span><span id="line-159"> final String principal;</span>
<span class="source-line-no">160</span><span id="line-160"></span>
<span class="source-line-no">161</span><span id="line-161"> RemoteUserIdentity(String principal, String outToken) {</span>
<span class="source-line-no">162</span><span id="line-162"> this.principal = principal;</span>
<span class="source-line-no">163</span><span id="line-163"> this.outToken = outToken;</span>
<span class="source-line-no">164</span><span id="line-164"> }</span>
<span class="source-line-no">165</span><span id="line-165"> }</span>
<span class="source-line-no">166</span><span id="line-166"></span>
<span class="source-line-no">167</span><span id="line-167"> private static class HttpKerberosServerAction implements PrivilegedExceptionAction&lt;String&gt; {</span>
<span class="source-line-no">168</span><span id="line-168"> final HttpServletRequest request;</span>
<span class="source-line-no">169</span><span id="line-169"> final UserGroupInformation httpUGI;</span>
<span class="source-line-no">170</span><span id="line-170"> String outToken = null;</span>
<span class="source-line-no">171</span><span id="line-171"></span>
<span class="source-line-no">172</span><span id="line-172"> HttpKerberosServerAction(HttpServletRequest request, UserGroupInformation httpUGI) {</span>
<span class="source-line-no">173</span><span id="line-173"> this.request = request;</span>
<span class="source-line-no">174</span><span id="line-174"> this.httpUGI = httpUGI;</span>
<span class="source-line-no">175</span><span id="line-175"> }</span>
<span class="source-line-no">176</span><span id="line-176"></span>
<span class="source-line-no">177</span><span id="line-177"> @Override</span>
<span class="source-line-no">178</span><span id="line-178"> public String run() throws HttpAuthenticationException {</span>
<span class="source-line-no">179</span><span id="line-179"> // Get own Kerberos credentials for accepting connection</span>
<span class="source-line-no">180</span><span id="line-180"> GSSManager manager = GSSManager.getInstance();</span>
<span class="source-line-no">181</span><span id="line-181"> GSSContext gssContext = null;</span>
<span class="source-line-no">182</span><span id="line-182"> String serverPrincipal = SecurityUtil.getPrincipalWithoutRealm(httpUGI.getUserName());</span>
<span class="source-line-no">183</span><span id="line-183"> try {</span>
<span class="source-line-no">184</span><span id="line-184"> // This Oid for Kerberos GSS-API mechanism.</span>
<span class="source-line-no">185</span><span id="line-185"> Oid kerberosMechOid = new Oid("1.2.840.113554.1.2.2");</span>
<span class="source-line-no">186</span><span id="line-186"> // Oid for SPNego GSS-API mechanism.</span>
<span class="source-line-no">187</span><span id="line-187"> Oid spnegoMechOid = new Oid("1.3.6.1.5.5.2");</span>
<span class="source-line-no">188</span><span id="line-188"> // Oid for kerberos principal name</span>
<span class="source-line-no">189</span><span id="line-189"> Oid krb5PrincipalOid = new Oid("1.2.840.113554.1.2.2.1");</span>
<span class="source-line-no">190</span><span id="line-190"> // GSS name for server</span>
<span class="source-line-no">191</span><span id="line-191"> GSSName serverName = manager.createName(serverPrincipal, krb5PrincipalOid);</span>
<span class="source-line-no">192</span><span id="line-192"> // GSS credentials for server</span>
<span class="source-line-no">193</span><span id="line-193"> GSSCredential serverCreds =</span>
<span class="source-line-no">194</span><span id="line-194"> manager.createCredential(serverName, GSSCredential.DEFAULT_LIFETIME,</span>
<span class="source-line-no">195</span><span id="line-195"> new Oid[] { kerberosMechOid, spnegoMechOid }, GSSCredential.ACCEPT_ONLY);</span>
<span class="source-line-no">196</span><span id="line-196"> // Create a GSS context</span>
<span class="source-line-no">197</span><span id="line-197"> gssContext = manager.createContext(serverCreds);</span>
<span class="source-line-no">198</span><span id="line-198"> // Get service ticket from the authorization header</span>
<span class="source-line-no">199</span><span id="line-199"> String serviceTicketBase64 = getAuthHeader(request);</span>
<span class="source-line-no">200</span><span id="line-200"> byte[] inToken = Base64.getDecoder().decode(serviceTicketBase64);</span>
<span class="source-line-no">201</span><span id="line-201"> byte[] res = gssContext.acceptSecContext(inToken, 0, inToken.length);</span>
<span class="source-line-no">202</span><span id="line-202"> if (res != null) {</span>
<span class="source-line-no">203</span><span id="line-203"> outToken = Base64.getEncoder().encodeToString(res).replace("\n", "");</span>
<span class="source-line-no">204</span><span id="line-204"> }</span>
<span class="source-line-no">205</span><span id="line-205"> // Authenticate or deny based on its context completion</span>
<span class="source-line-no">206</span><span id="line-206"> if (!gssContext.isEstablished()) {</span>
<span class="source-line-no">207</span><span id="line-207"> throw new HttpAuthenticationException("Kerberos authentication failed: "</span>
<span class="source-line-no">208</span><span id="line-208"> + "unable to establish context with the service ticket " + "provided by the client.");</span>
<span class="source-line-no">209</span><span id="line-209"> }</span>
<span class="source-line-no">210</span><span id="line-210"> return SecurityUtil.getUserFromPrincipal(gssContext.getSrcName().toString());</span>
<span class="source-line-no">211</span><span id="line-211"> } catch (GSSException e) {</span>
<span class="source-line-no">212</span><span id="line-212"> throw new HttpAuthenticationException("Kerberos authentication failed: ", e);</span>
<span class="source-line-no">213</span><span id="line-213"> } finally {</span>
<span class="source-line-no">214</span><span id="line-214"> if (gssContext != null) {</span>
<span class="source-line-no">215</span><span id="line-215"> try {</span>
<span class="source-line-no">216</span><span id="line-216"> gssContext.dispose();</span>
<span class="source-line-no">217</span><span id="line-217"> } catch (GSSException e) {</span>
<span class="source-line-no">218</span><span id="line-218"> LOG.warn("Error while disposing GSS Context", e);</span>
<span class="source-line-no">219</span><span id="line-219"> }</span>
<span class="source-line-no">220</span><span id="line-220"> }</span>
<span class="source-line-no">221</span><span id="line-221"> }</span>
<span class="source-line-no">222</span><span id="line-222"> }</span>
<span class="source-line-no">223</span><span id="line-223"></span>
<span class="source-line-no">224</span><span id="line-224"> /**</span>
<span class="source-line-no">225</span><span id="line-225"> * Returns the base64 encoded auth header payload</span>
<span class="source-line-no">226</span><span id="line-226"> * @throws HttpAuthenticationException if a remote or network exception occurs</span>
<span class="source-line-no">227</span><span id="line-227"> */</span>
<span class="source-line-no">228</span><span id="line-228"> private String getAuthHeader(HttpServletRequest request) throws HttpAuthenticationException {</span>
<span class="source-line-no">229</span><span id="line-229"> String authHeader = request.getHeader(HttpHeaders.AUTHORIZATION);</span>
<span class="source-line-no">230</span><span id="line-230"> // Each http request must have an Authorization header</span>
<span class="source-line-no">231</span><span id="line-231"> if (authHeader == null || authHeader.isEmpty()) {</span>
<span class="source-line-no">232</span><span id="line-232"> throw new HttpAuthenticationException(</span>
<span class="source-line-no">233</span><span id="line-233"> "Authorization header received " + "from the client is empty.");</span>
<span class="source-line-no">234</span><span id="line-234"> }</span>
<span class="source-line-no">235</span><span id="line-235"> String authHeaderBase64String;</span>
<span class="source-line-no">236</span><span id="line-236"> int beginIndex = (NEGOTIATE + " ").length();</span>
<span class="source-line-no">237</span><span id="line-237"> authHeaderBase64String = authHeader.substring(beginIndex);</span>
<span class="source-line-no">238</span><span id="line-238"> // Authorization header must have a payload</span>
<span class="source-line-no">239</span><span id="line-239"> if (authHeaderBase64String.isEmpty()) {</span>
<span class="source-line-no">240</span><span id="line-240"> throw new HttpAuthenticationException(</span>
<span class="source-line-no">241</span><span id="line-241"> "Authorization header received " + "from the client does not contain any data.");</span>
<span class="source-line-no">242</span><span id="line-242"> }</span>
<span class="source-line-no">243</span><span id="line-243"> return authHeaderBase64String;</span>
<span class="source-line-no">244</span><span id="line-244"> }</span>
<span class="source-line-no">245</span><span id="line-245"> }</span>
<span class="source-line-no">246</span><span id="line-246">}</span>
</pre>
</div>
</main>
</body>
</html>