Package org.apache.http.impl.auth
Class DigestScheme
- java.lang.Object
-
- org.apache.http.impl.auth.AuthSchemeBase
-
- org.apache.http.impl.auth.RFC2617Scheme
-
- org.apache.http.impl.auth.DigestScheme
-
- All Implemented Interfaces:
java.io.Serializable,AuthScheme,ContextAwareAuthScheme
public class DigestScheme extends RFC2617Scheme
Digest authentication scheme as defined in RFC 2617. Both MD5 (default) and MD5-sess are supported. Currently only qop=auth or no qop is supported. qop=auth-int is unsupported. If auth and auth-int are provided, auth is used.Since the digest username is included as clear text in the generated Authentication header, the charset of the username must be compatible with the HTTP element charset used by the connection.
- Since:
- 4.0
- See Also:
- Serialized Form
-
-
Field Summary
Fields Modifier and Type Field Description private java.lang.Stringa1private java.lang.Stringa2private java.lang.Stringcnonceprivate booleancompleteWhether the digest authentication process is completeprivate static char[]HEXADECIMALHexa values used when creating 32 character long digest in HTTP DigestScheme in case of authentication.private java.lang.StringlastNonceprivate longnounceCountprivate static intQOP_AUTHprivate static intQOP_AUTH_INTprivate static intQOP_MISSINGprivate static intQOP_UNKNOWNprivate static longserialVersionUID-
Fields inherited from class org.apache.http.impl.auth.AuthSchemeBase
challengeState
-
-
Constructor Summary
Constructors Constructor Description DigestScheme()DigestScheme(java.nio.charset.Charset credentialsCharset)DigestScheme(ChallengeState challengeState)Deprecated.(4.3) do not use.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description org.apache.http.Headerauthenticate(Credentials credentials, org.apache.http.HttpRequest request)org.apache.http.Headerauthenticate(Credentials credentials, org.apache.http.HttpRequest request, org.apache.http.protocol.HttpContext context)Produces a digest authorization string for the given set ofCredentials, method name and URI.static java.lang.StringcreateCnonce()Creates a random cnonce value based on the current time.private org.apache.http.HeadercreateDigestHeader(Credentials credentials, org.apache.http.HttpRequest request)Creates digest-response header as defined in RFC2617.private static java.security.MessageDigestcreateMessageDigest(java.lang.String digAlg)(package private) static java.lang.Stringencode(byte[] binaryData)Encodes the 128 bit (16 bytes) MD5 digest into a 32 characters longStringaccording to RFC 2617.(package private) java.lang.StringgetA1()(package private) java.lang.StringgetA2()(package private) java.lang.StringgetCnonce()java.lang.StringgetSchemeName()Returns textual designation of the digest authentication scheme.booleanisComplete()Tests if the Digest authentication process has been completed.booleanisConnectionBased()Returnsfalse.voidoverrideParamter(java.lang.String name, java.lang.String value)voidprocessChallenge(org.apache.http.Header header)Processes the Digest challenge.java.lang.StringtoString()-
Methods inherited from class org.apache.http.impl.auth.RFC2617Scheme
getCredentialsCharset, getCredentialsCharset, getParameter, getParameters, getRealm, parseChallenge
-
Methods inherited from class org.apache.http.impl.auth.AuthSchemeBase
getChallengeState, isProxy
-
-
-
-
Field Detail
-
serialVersionUID
private static final long serialVersionUID
- See Also:
- Constant Field Values
-
HEXADECIMAL
private static final char[] HEXADECIMAL
Hexa values used when creating 32 character long digest in HTTP DigestScheme in case of authentication.- See Also:
encode(byte[])
-
complete
private boolean complete
Whether the digest authentication process is complete
-
QOP_UNKNOWN
private static final int QOP_UNKNOWN
- See Also:
- Constant Field Values
-
QOP_MISSING
private static final int QOP_MISSING
- See Also:
- Constant Field Values
-
QOP_AUTH_INT
private static final int QOP_AUTH_INT
- See Also:
- Constant Field Values
-
QOP_AUTH
private static final int QOP_AUTH
- See Also:
- Constant Field Values
-
lastNonce
private java.lang.String lastNonce
-
nounceCount
private long nounceCount
-
cnonce
private java.lang.String cnonce
-
a1
private java.lang.String a1
-
a2
private java.lang.String a2
-
-
Constructor Detail
-
DigestScheme
public DigestScheme(java.nio.charset.Charset credentialsCharset)
- Since:
- 4.3
-
DigestScheme
@Deprecated public DigestScheme(ChallengeState challengeState)
Deprecated.(4.3) do not use.Creates an instance ofDigestSchemewith the given challenge state.- Since:
- 4.2
-
DigestScheme
public DigestScheme()
-
-
Method Detail
-
processChallenge
public void processChallenge(org.apache.http.Header header) throws MalformedChallengeExceptionProcesses the Digest challenge.- Specified by:
processChallengein interfaceAuthScheme- Overrides:
processChallengein classAuthSchemeBase- Parameters:
header- the challenge header- Throws:
MalformedChallengeException- is thrown if the authentication challenge is malformed
-
isComplete
public boolean isComplete()
Tests if the Digest authentication process has been completed.- Returns:
trueif Digest authorization has been processed,falseotherwise.
-
getSchemeName
public java.lang.String getSchemeName()
Returns textual designation of the digest authentication scheme.- Returns:
digest
-
isConnectionBased
public boolean isConnectionBased()
Returnsfalse. Digest authentication scheme is request based.- Returns:
false.
-
overrideParamter
public void overrideParamter(java.lang.String name, java.lang.String value)
-
authenticate
@Deprecated public org.apache.http.Header authenticate(Credentials credentials, org.apache.http.HttpRequest request) throws AuthenticationException
Deprecated.Description copied from interface:AuthSchemeProduces an authorization string for the given set ofCredentials.- Parameters:
credentials- The set of credentials to be used for athenticationrequest- The request being authenticated- Returns:
- the authorization string
- Throws:
AuthenticationException- if authorization string cannot be generated due to an authentication failure
-
authenticate
public org.apache.http.Header authenticate(Credentials credentials, org.apache.http.HttpRequest request, org.apache.http.protocol.HttpContext context) throws AuthenticationException
Produces a digest authorization string for the given set ofCredentials, method name and URI.- Specified by:
authenticatein interfaceContextAwareAuthScheme- Overrides:
authenticatein classAuthSchemeBase- Parameters:
credentials- A set of credentials to be used for athenticationrequest- The request being authenticatedcontext- HTTP context- Returns:
- a digest authorization string
- Throws:
InvalidCredentialsException- if authentication credentials are not valid or not applicable for this authentication schemeAuthenticationException- if authorization string cannot be generated due to an authentication failure
-
createMessageDigest
private static java.security.MessageDigest createMessageDigest(java.lang.String digAlg) throws UnsupportedDigestAlgorithmException
-
createDigestHeader
private org.apache.http.Header createDigestHeader(Credentials credentials, org.apache.http.HttpRequest request) throws AuthenticationException
Creates digest-response header as defined in RFC2617.- Parameters:
credentials- User credentials- Returns:
- The digest-response as String.
- Throws:
AuthenticationException
-
getCnonce
java.lang.String getCnonce()
-
getA1
java.lang.String getA1()
-
getA2
java.lang.String getA2()
-
encode
static java.lang.String encode(byte[] binaryData)
Encodes the 128 bit (16 bytes) MD5 digest into a 32 characters longStringaccording to RFC 2617.- Parameters:
binaryData- array containing the digest- Returns:
- encoded MD5, or
nullif encoding failed
-
createCnonce
public static java.lang.String createCnonce()
Creates a random cnonce value based on the current time.- Returns:
- The cnonce value as String.
-
toString
public java.lang.String toString()
- Overrides:
toStringin classAuthSchemeBase
-
-