Class DigestScheme
- java.lang.Object
-
- org.apache.hc.client5.http.impl.auth.DigestScheme
-
- All Implemented Interfaces:
java.io.Serializable
,AuthScheme
public class DigestScheme extends java.lang.Object implements AuthScheme, java.io.Serializable
Digest authentication scheme. Both MD5 (default) and MD5-sess are supported. Currently only qop=auth or no qop is supported. qop=auth-int is unsupported. If auth and auth-int are provided, auth is used.Since the digest username is included as clear text in the generated Authentication header, the charset of the username must be compatible with the HTTP element charset used by the connection.
- Since:
- 4.0
- See Also:
- Serialized Form
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description private static class
DigestScheme.QualityOfProtection
Represent the possible values of quality of protection.
-
Field Summary
Fields Modifier and Type Field Description private byte[]
a1
private byte[]
a2
private ByteArrayBuilder
buffer
private java.lang.String
cnonce
private boolean
complete
private UsernamePasswordCredentials
credentials
private java.nio.charset.Charset
defaultCharset
private static char[]
HEXADECIMAL
Hexa values used when creating 32 character long digest in HTTP DigestScheme in case of authentication.private java.lang.String
lastNonce
private static org.slf4j.Logger
LOG
private long
nounceCount
private java.util.Map<java.lang.String,java.lang.String>
paramMap
private static long
serialVersionUID
-
Constructor Summary
Constructors Constructor Description DigestScheme()
DigestScheme(java.nio.charset.Charset charset)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description (package private) static byte[]
createCnonce()
Creates a random cnonce value based on the current time.private java.lang.String
createDigestResponse(org.apache.hc.core5.http.HttpRequest request)
private static java.security.MessageDigest
createMessageDigest(java.lang.String digAlg)
(package private) static java.lang.String
formatHex(byte[] binaryData)
Encodes the 128 bit (16 bytes) MD5 digest into a 32 characters long string.java.lang.String
generateAuthResponse(org.apache.hc.core5.http.HttpHost host, org.apache.hc.core5.http.HttpRequest request, org.apache.hc.core5.http.protocol.HttpContext context)
Generates an authorization response based on the current state.(package private) java.lang.String
getA1()
(package private) java.lang.String
getA2()
java.lang.String
getCnonce()
java.lang.String
getName()
Returns textual designation of the given authentication scheme.java.lang.String
getNonce()
long
getNounceCount()
java.security.Principal
getPrincipal()
ReturnsPrincipal
whose credentials are used to generate an authentication response.java.lang.String
getRealm()
Returns authentication realm.void
initPreemptive(Credentials credentials, java.lang.String cnonce, java.lang.String realm)
boolean
isChallengeComplete()
Authentication process may involve a series of challenge-response exchanges.boolean
isConnectionBased()
Determines if the authentication scheme is expected to provide an authorization response on a per connection basis instead of the standard per request basisboolean
isResponseReady(org.apache.hc.core5.http.HttpHost host, CredentialsProvider credentialsProvider, org.apache.hc.core5.http.protocol.HttpContext context)
Determines whether or not an authorization response can be generated based on the actual authentication state.void
processChallenge(AuthChallenge authChallenge, org.apache.hc.core5.http.protocol.HttpContext context)
Processes the given auth challenge.private void
readObject(java.io.ObjectInputStream in)
java.lang.String
toString()
private void
writeObject(java.io.ObjectOutputStream out)
-
-
-
Field Detail
-
serialVersionUID
private static final long serialVersionUID
- See Also:
- Constant Field Values
-
LOG
private static final org.slf4j.Logger LOG
-
HEXADECIMAL
private static final char[] HEXADECIMAL
Hexa values used when creating 32 character long digest in HTTP DigestScheme in case of authentication.- See Also:
formatHex(byte[])
-
defaultCharset
private transient java.nio.charset.Charset defaultCharset
-
paramMap
private final java.util.Map<java.lang.String,java.lang.String> paramMap
-
complete
private boolean complete
-
buffer
private transient ByteArrayBuilder buffer
-
lastNonce
private java.lang.String lastNonce
-
nounceCount
private long nounceCount
-
cnonce
private java.lang.String cnonce
-
a1
private byte[] a1
-
a2
private byte[] a2
-
credentials
private UsernamePasswordCredentials credentials
-
-
Method Detail
-
initPreemptive
public void initPreemptive(Credentials credentials, java.lang.String cnonce, java.lang.String realm)
-
getName
public java.lang.String getName()
Description copied from interface:AuthScheme
Returns textual designation of the given authentication scheme.- Specified by:
getName
in interfaceAuthScheme
- Returns:
- the name of the given authentication scheme
-
isConnectionBased
public boolean isConnectionBased()
Description copied from interface:AuthScheme
Determines if the authentication scheme is expected to provide an authorization response on a per connection basis instead of the standard per request basis- Specified by:
isConnectionBased
in interfaceAuthScheme
- Returns:
true
if the scheme is connection based,false
if the scheme is request based.
-
getRealm
public java.lang.String getRealm()
Description copied from interface:AuthScheme
Returns authentication realm. If the concept of an authentication realm is not applicable to the given authentication scheme, returnsnull
.- Specified by:
getRealm
in interfaceAuthScheme
- Returns:
- the authentication realm
-
processChallenge
public void processChallenge(AuthChallenge authChallenge, org.apache.hc.core5.http.protocol.HttpContext context) throws MalformedChallengeException
Description copied from interface:AuthScheme
Processes the given auth challenge. Some authentication schemes may involve multiple challenge-response exchanges. Such schemes must be able to maintain internal state when dealing with sequential challenges- Specified by:
processChallenge
in interfaceAuthScheme
- Parameters:
authChallenge
- the auth challengecontext
- HTTP context- Throws:
MalformedChallengeException
- in case the auth challenge is incomplete, malformed or otherwise invalid.
-
isChallengeComplete
public boolean isChallengeComplete()
Description copied from interface:AuthScheme
Authentication process may involve a series of challenge-response exchanges. This method tests if the authorization process has been fully completed (either successfully or unsuccessfully), that is, all the required authorization challenges have been processed in their entirety.- Specified by:
isChallengeComplete
in interfaceAuthScheme
- Returns:
true
if the authentication process has been completed,false
otherwise.
-
isResponseReady
public boolean isResponseReady(org.apache.hc.core5.http.HttpHost host, CredentialsProvider credentialsProvider, org.apache.hc.core5.http.protocol.HttpContext context) throws AuthenticationException
Description copied from interface:AuthScheme
Determines whether or not an authorization response can be generated based on the actual authentication state. Generally the outcome of this method will depend upon availability of user credentials necessary to produce an authorization response.- Specified by:
isResponseReady
in interfaceAuthScheme
credentialsProvider
- The credentials to be used for authenticationcontext
- HTTP context- Returns:
true
if an authorization response can be generated and the authentication handshake can proceed,false
otherwise.- Throws:
AuthenticationException
- if authorization string cannot be generated due to an authentication failure
-
getPrincipal
public java.security.Principal getPrincipal()
Description copied from interface:AuthScheme
ReturnsPrincipal
whose credentials are used to generate an authentication response. Connection based schemes are required to return a userPrincipal
if authorization applies to for the entire life span of connection.- Specified by:
getPrincipal
in interfaceAuthScheme
- Returns:
- user principal
- See Also:
AuthScheme.isConnectionBased()
-
generateAuthResponse
public java.lang.String generateAuthResponse(org.apache.hc.core5.http.HttpHost host, org.apache.hc.core5.http.HttpRequest request, org.apache.hc.core5.http.protocol.HttpContext context) throws AuthenticationException
Description copied from interface:AuthScheme
Generates an authorization response based on the current state. Some authentication schemes may need to load user credentials required to generate an authorization response from aCredentialsProvider
prior to this method call.- Specified by:
generateAuthResponse
in interfaceAuthScheme
request
- The request being authenticatedcontext
- HTTP context- Returns:
- authorization header
- Throws:
AuthenticationException
- if authorization string cannot be generated due to an authentication failure- See Also:
AuthScheme.isResponseReady(HttpHost, CredentialsProvider, HttpContext)
-
createMessageDigest
private static java.security.MessageDigest createMessageDigest(java.lang.String digAlg) throws UnsupportedDigestAlgorithmException
-
createDigestResponse
private java.lang.String createDigestResponse(org.apache.hc.core5.http.HttpRequest request) throws AuthenticationException
- Throws:
AuthenticationException
-
getNonce
@Internal public java.lang.String getNonce()
-
getNounceCount
@Internal public long getNounceCount()
-
getCnonce
@Internal public java.lang.String getCnonce()
-
getA1
java.lang.String getA1()
-
getA2
java.lang.String getA2()
-
formatHex
static java.lang.String formatHex(byte[] binaryData)
Encodes the 128 bit (16 bytes) MD5 digest into a 32 characters long string.- Parameters:
binaryData
- array containing the digest- Returns:
- encoded MD5, or
null
if encoding failed
-
createCnonce
static byte[] createCnonce()
Creates a random cnonce value based on the current time.- Returns:
- The cnonce value as String.
-
writeObject
private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException
- Throws:
java.io.IOException
-
readObject
private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, java.lang.ClassNotFoundException
- Throws:
java.io.IOException
java.lang.ClassNotFoundException
-
toString
public java.lang.String toString()
- Overrides:
toString
in classjava.lang.Object
-
-