Package org.apache.http.impl.auth

Class DigestScheme

java.lang.Object
org.apache.http.impl.auth.AuthSchemeBase
org.apache.http.impl.auth.RFC2617Scheme
org.apache.http.impl.auth.DigestScheme
All Implemented Interfaces:
Serializable, AuthScheme, ContextAwareAuthScheme
public class DigestScheme extends RFC2617Scheme
Digest authentication scheme as defined in RFC 2617. Both MD5 (default) and MD5-sess are supported. Currently only qop=auth or no qop is supported. qop=auth-int is unsupported. If auth and auth-int are provided, auth is used.

Since the digest username is included as clear text in the generated Authentication header, the charset of the username must be compatible with the HTTP element charset used by the connection.

Since:
4.0
See Also:

  • Field Details

    • serialVersionUID

      private static final long serialVersionUID
      See Also:

    • HEXADECIMAL

      private static final char[] HEXADECIMAL
      Hexa values used when creating 32 character long digest in HTTP DigestScheme in case of authentication.
      See Also:

    • complete

      private boolean complete
      Whether the digest authentication process is complete

    • QOP_UNKNOWN

      private static final int QOP_UNKNOWN
      See Also:

    • QOP_MISSING

      private static final int QOP_MISSING
      See Also:

    • QOP_AUTH_INT

      private static final int QOP_AUTH_INT
      See Also:

    • QOP_AUTH

      private static final int QOP_AUTH
      See Also:

    • lastNonce

      private String lastNonce

    • nounceCount

      private long nounceCount

    • cnonce

      private String cnonce

    • a1

      private String a1

    • a2

      private String a2

  • Constructor Details

    • DigestScheme

      public DigestScheme(Charset credentialsCharset)
      Since:
      4.3

    • DigestScheme

      @Deprecated public DigestScheme(ChallengeState challengeState)
      Deprecated.
      (4.3) do not use.
      Creates an instance of DigestScheme with the given challenge state.
      Since:
      4.2

    • DigestScheme

      public DigestScheme()

  • Method Details

    • processChallenge

      public void processChallenge(org.apache.http.Header header) throws MalformedChallengeException
      Processes the Digest challenge.
      Specified by:
      processChallenge in interface AuthScheme
      Overrides:
      processChallenge in class AuthSchemeBase
      Parameters:
      header - the challenge header
      Throws:
      MalformedChallengeException - is thrown if the authentication challenge is malformed

    • isComplete

      public boolean isComplete()
      Tests if the Digest authentication process has been completed.
      Returns:
      true if Digest authorization has been processed, false otherwise.

    • getSchemeName

      public String getSchemeName()
      Returns textual designation of the digest authentication scheme.
      Returns:
      digest

    • isConnectionBased

      public boolean isConnectionBased()
      Returns false. Digest authentication scheme is request based.
      Returns:
      false.

    • overrideParamter

      public void overrideParamter(String name, String value)

    • authenticate

      @Deprecated public org.apache.http.Header authenticate(Credentials credentials, org.apache.http.HttpRequest request) throws AuthenticationException
      Deprecated.
      (4.2) Use ContextAwareAuthScheme.authenticate(Credentials, HttpRequest, org.apache.http.protocol.HttpContext)
      Description copied from interface: AuthScheme
      Produces an authorization string for the given set of Credentials.
      Parameters:
      credentials - The set of credentials to be used for athentication
      request - The request being authenticated
      Returns:
      the authorization string
      Throws:
      AuthenticationException - if authorization string cannot be generated due to an authentication failure

    • authenticate

      public org.apache.http.Header authenticate(Credentials credentials, org.apache.http.HttpRequest request, org.apache.http.protocol.HttpContext context) throws AuthenticationException
      Produces a digest authorization string for the given set of Credentials, method name and URI.
      Specified by:
      authenticate in interface ContextAwareAuthScheme
      Overrides:
      authenticate in class AuthSchemeBase
      Parameters:
      credentials - A set of credentials to be used for athentication
      request - The request being authenticated
      context - HTTP context
      Returns:
      a digest authorization string
      Throws:
      InvalidCredentialsException - if authentication credentials are not valid or not applicable for this authentication scheme
      AuthenticationException - if authorization string cannot be generated due to an authentication failure

    • createMessageDigest

      private static MessageDigest createMessageDigest(String digAlg) throws UnsupportedDigestAlgorithmException
      Throws:
      UnsupportedDigestAlgorithmException

    • createDigestHeader

      private org.apache.http.Header createDigestHeader(Credentials credentials, org.apache.http.HttpRequest request) throws AuthenticationException
      Creates digest-response header as defined in RFC2617.
      Parameters:
      credentials - User credentials
      Returns:
      The digest-response as String.
      Throws:
      AuthenticationException

    • getCnonce

      String getCnonce()

    • getA1

      String getA1()

    • getA2

      String getA2()

    • encode

      static String encode(byte[] binaryData)
      Encodes the 128 bit (16 bytes) MD5 digest into a 32 characters long String according to RFC 2617.
      Parameters:
      binaryData - array containing the digest
      Returns:
      encoded MD5, or null if encoding failed

    • createCnonce

      public static String createCnonce()
      Creates a random cnonce value based on the current time.
      Returns:
      The cnonce value as String.

    • toString

      public String toString()
      Overrides:
      toString in class AuthSchemeBase