Class DigestScheme

  • All Implemented Interfaces:
    java.io.Serializable, AuthScheme

    public class DigestScheme
    extends java.lang.Object
    implements AuthScheme, java.io.Serializable
    Digest authentication scheme. Both MD5 (default) and MD5-sess are supported. Currently only qop=auth or no qop is supported. qop=auth-int is unsupported. If auth and auth-int are provided, auth is used.

    Since the digest username is included as clear text in the generated Authentication header, the charset of the username must be compatible with the HTTP element charset used by the connection.

    Since:
    4.0
    See Also:
    Serialized Form
    • Nested Class Summary

      Nested Classes 
      Modifier and Type Class Description
      private static class  DigestScheme.QualityOfProtection
      Represent the possible values of quality of protection.
    • Constructor Summary

      Constructors 
      Constructor Description
      DigestScheme()  
      DigestScheme​(java.nio.charset.Charset charset)  
    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      (package private) static byte[] createCnonce()
      Creates a random cnonce value based on the current time.
      private java.lang.String createDigestResponse​(org.apache.hc.core5.http.HttpRequest request)  
      private static java.security.MessageDigest createMessageDigest​(java.lang.String digAlg)  
      (package private) static java.lang.String formatHex​(byte[] binaryData)
      Encodes the 128 bit (16 bytes) MD5 digest into a 32 characters long string.
      java.lang.String generateAuthResponse​(org.apache.hc.core5.http.HttpHost host, org.apache.hc.core5.http.HttpRequest request, org.apache.hc.core5.http.protocol.HttpContext context)
      Generates an authorization response based on the current state.
      (package private) java.lang.String getA1()  
      (package private) java.lang.String getA2()  
      java.lang.String getCnonce()  
      java.lang.String getName()
      Returns textual designation of the given authentication scheme.
      java.lang.String getNonce()  
      long getNounceCount()  
      java.security.Principal getPrincipal()
      Returns Principal whose credentials are used to generate an authentication response.
      java.lang.String getRealm()
      Returns authentication realm.
      void initPreemptive​(Credentials credentials, java.lang.String cnonce, java.lang.String realm)  
      boolean isChallengeComplete()
      Authentication process may involve a series of challenge-response exchanges.
      boolean isConnectionBased()
      Determines if the authentication scheme is expected to provide an authorization response on a per connection basis instead of the standard per request basis
      boolean isResponseReady​(org.apache.hc.core5.http.HttpHost host, CredentialsProvider credentialsProvider, org.apache.hc.core5.http.protocol.HttpContext context)
      Determines whether or not an authorization response can be generated based on the actual authentication state.
      void processChallenge​(AuthChallenge authChallenge, org.apache.hc.core5.http.protocol.HttpContext context)
      Processes the given auth challenge.
      private void readObject​(java.io.ObjectInputStream in)  
      java.lang.String toString()  
      private void writeObject​(java.io.ObjectOutputStream out)  
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
    • Field Detail

      • LOG

        private static final org.slf4j.Logger LOG
      • HEXADECIMAL

        private static final char[] HEXADECIMAL
        Hexa values used when creating 32 character long digest in HTTP DigestScheme in case of authentication.
        See Also:
        formatHex(byte[])
      • defaultCharset

        private transient java.nio.charset.Charset defaultCharset
      • paramMap

        private final java.util.Map<java.lang.String,​java.lang.String> paramMap
      • complete

        private boolean complete
      • lastNonce

        private java.lang.String lastNonce
      • nounceCount

        private long nounceCount
      • cnonce

        private java.lang.String cnonce
      • a1

        private byte[] a1
      • a2

        private byte[] a2
    • Constructor Detail

      • DigestScheme

        public DigestScheme()
      • DigestScheme

        public DigestScheme​(java.nio.charset.Charset charset)
    • Method Detail

      • initPreemptive

        public void initPreemptive​(Credentials credentials,
                                   java.lang.String cnonce,
                                   java.lang.String realm)
      • getName

        public java.lang.String getName()
        Description copied from interface: AuthScheme
        Returns textual designation of the given authentication scheme.
        Specified by:
        getName in interface AuthScheme
        Returns:
        the name of the given authentication scheme
      • isConnectionBased

        public boolean isConnectionBased()
        Description copied from interface: AuthScheme
        Determines if the authentication scheme is expected to provide an authorization response on a per connection basis instead of the standard per request basis
        Specified by:
        isConnectionBased in interface AuthScheme
        Returns:
        true if the scheme is connection based, false if the scheme is request based.
      • getRealm

        public java.lang.String getRealm()
        Description copied from interface: AuthScheme
        Returns authentication realm. If the concept of an authentication realm is not applicable to the given authentication scheme, returns null.
        Specified by:
        getRealm in interface AuthScheme
        Returns:
        the authentication realm
      • processChallenge

        public void processChallenge​(AuthChallenge authChallenge,
                                     org.apache.hc.core5.http.protocol.HttpContext context)
                              throws MalformedChallengeException
        Description copied from interface: AuthScheme
        Processes the given auth challenge. Some authentication schemes may involve multiple challenge-response exchanges. Such schemes must be able to maintain internal state when dealing with sequential challenges
        Specified by:
        processChallenge in interface AuthScheme
        Parameters:
        authChallenge - the auth challenge
        context - HTTP context
        Throws:
        MalformedChallengeException - in case the auth challenge is incomplete, malformed or otherwise invalid.
      • isChallengeComplete

        public boolean isChallengeComplete()
        Description copied from interface: AuthScheme
        Authentication process may involve a series of challenge-response exchanges. This method tests if the authorization process has been fully completed (either successfully or unsuccessfully), that is, all the required authorization challenges have been processed in their entirety.
        Specified by:
        isChallengeComplete in interface AuthScheme
        Returns:
        true if the authentication process has been completed, false otherwise.
      • isResponseReady

        public boolean isResponseReady​(org.apache.hc.core5.http.HttpHost host,
                                       CredentialsProvider credentialsProvider,
                                       org.apache.hc.core5.http.protocol.HttpContext context)
                                throws AuthenticationException
        Description copied from interface: AuthScheme
        Determines whether or not an authorization response can be generated based on the actual authentication state. Generally the outcome of this method will depend upon availability of user credentials necessary to produce an authorization response.
        Specified by:
        isResponseReady in interface AuthScheme
        credentialsProvider - The credentials to be used for authentication
        context - HTTP context
        Returns:
        true if an authorization response can be generated and the authentication handshake can proceed, false otherwise.
        Throws:
        AuthenticationException - if authorization string cannot be generated due to an authentication failure
      • getPrincipal

        public java.security.Principal getPrincipal()
        Description copied from interface: AuthScheme
        Returns Principal whose credentials are used to generate an authentication response. Connection based schemes are required to return a user Principal if authorization applies to for the entire life span of connection.
        Specified by:
        getPrincipal in interface AuthScheme
        Returns:
        user principal
        See Also:
        AuthScheme.isConnectionBased()
      • getNonce

        @Internal
        public java.lang.String getNonce()
      • getNounceCount

        @Internal
        public long getNounceCount()
      • getCnonce

        @Internal
        public java.lang.String getCnonce()
      • getA1

        java.lang.String getA1()
      • getA2

        java.lang.String getA2()
      • formatHex

        static java.lang.String formatHex​(byte[] binaryData)
        Encodes the 128 bit (16 bytes) MD5 digest into a 32 characters long string.
        Parameters:
        binaryData - array containing the digest
        Returns:
        encoded MD5, or null if encoding failed
      • createCnonce

        static byte[] createCnonce()
        Creates a random cnonce value based on the current time.
        Returns:
        The cnonce value as String.
      • writeObject

        private void writeObject​(java.io.ObjectOutputStream out)
                          throws java.io.IOException
        Throws:
        java.io.IOException
      • readObject

        private void readObject​(java.io.ObjectInputStream in)
                         throws java.io.IOException,
                                java.lang.ClassNotFoundException
        Throws:
        java.io.IOException
        java.lang.ClassNotFoundException
      • toString

        public java.lang.String toString()
        Overrides:
        toString in class java.lang.Object