Class AbstractHttpServerAuthFilter<T>
- java.lang.Object
-
- org.apache.hc.core5.http.io.support.AbstractHttpServerAuthFilter<T>
-
- Type Parameters:
T
- authorization token representation.
- All Implemented Interfaces:
HttpFilterHandler
@Contract(threading=STATELESS) public abstract class AbstractHttpServerAuthFilter<T> extends java.lang.Object implements HttpFilterHandler
Abstract HTTP request filter that implements standard HTTP authentication handshake.- Since:
- 5.0
-
-
Field Summary
Fields Modifier and Type Field Description private boolean
respondImmediately
-
Constructor Summary
Constructors Modifier Constructor Description protected
AbstractHttpServerAuthFilter(boolean respondImmediately)
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description protected abstract boolean
authenticate(T challengeResponse, URIAuthority authority, java.lang.String requestUri, HttpContext context)
Authenticates the client using the authentication token sent by the client as a response to an authentication challenge.protected abstract java.lang.String
generateChallenge(T challengeResponse, URIAuthority authority, java.lang.String requestUri, HttpContext context)
Generates an authentication challenge in case of unsuccessful authentication.protected HttpEntity
generateResponseContent(HttpResponse unauthorized)
Generates response body for UNAUTHORIZED response.void
handle(ClassicHttpRequest request, HttpFilterChain.ResponseTrigger responseTrigger, HttpContext context, HttpFilterChain chain)
Processes the incoming HTTP request and if processing has been completed submits a final response to the client.protected abstract T
parseChallengeResponse(java.lang.String authorizationValue, HttpContext context)
Parses authorization header value into an authentication token sent by the client as a response to an authentication challenge.
-
-
-
Method Detail
-
parseChallengeResponse
protected abstract T parseChallengeResponse(java.lang.String authorizationValue, HttpContext context) throws HttpException
Parses authorization header value into an authentication token sent by the client as a response to an authentication challenge.- Parameters:
authorizationValue
- the authorization header value.context
- the actual execution context.- Returns:
- authorization token
- Throws:
HttpException
-
authenticate
protected abstract boolean authenticate(T challengeResponse, URIAuthority authority, java.lang.String requestUri, HttpContext context)
Authenticates the client using the authentication token sent by the client as a response to an authentication challenge.- Parameters:
challengeResponse
- the authentication token sent by the client as a response to an authentication challenge.authority
- the URI authority.requestUri
- the request URI.context
- the actual execution context.- Returns:
true
if the client could be successfully authenticatedfalse
otherwise.
-
generateChallenge
protected abstract java.lang.String generateChallenge(T challengeResponse, URIAuthority authority, java.lang.String requestUri, HttpContext context)
Generates an authentication challenge in case of unsuccessful authentication.- Parameters:
challengeResponse
- the authentication token sent by the client as a response to an authentication challenge ornull
if the client has not sent any.authority
- the URI authority.requestUri
- the request URI.context
- the actual execution context.- Returns:
- an authorization challenge value.
-
generateResponseContent
protected HttpEntity generateResponseContent(HttpResponse unauthorized)
Generates response body for UNAUTHORIZED response.- Parameters:
unauthorized
- the response to return as a result of authentication failure.- Returns:
- the response content entity.
-
handle
public final void handle(ClassicHttpRequest request, HttpFilterChain.ResponseTrigger responseTrigger, HttpContext context, HttpFilterChain chain) throws HttpException, java.io.IOException
Description copied from interface:HttpFilterHandler
Processes the incoming HTTP request and if processing has been completed submits a final response to the client. The handler must not use the response trigger after passing control to the next filter with theHttpFilterChain.proceed(ClassicHttpRequest, HttpFilterChain.ResponseTrigger, HttpContext)
method.- Specified by:
handle
in interfaceHttpFilterHandler
- Parameters:
request
- the actual request.responseTrigger
- the response trigger.context
- the actual execution context.chain
- the next element in the request processing chain.- Throws:
HttpException
java.io.IOException
-
-