src/share/classes/sun/net/www/protocol/http/DigestAuthentication.java

Print this page




 183         this.pw = pw;
 184         this.params = params;
 185     }
 186 
 187     public DigestAuthentication(boolean isProxy, String host, int port, String realm,
 188                                 String authMethod, PasswordAuthentication pw,
 189                                 Parameters params) {
 190         super(isProxy ? PROXY_AUTHENTICATION : SERVER_AUTHENTICATION,
 191               AuthScheme.DIGEST,
 192               host,
 193               port,
 194               realm);
 195         this.authMethod = authMethod;
 196         this.pw = pw;
 197         this.params = params;
 198     }
 199 
 200     /**
 201      * @return true if this authentication supports preemptive authorization
 202      */
 203     boolean supportsPreemptiveAuthorization() {

 204         return true;
 205     }
 206 
 207     /**
 208      * @return the name of the HTTP header this authentication wants set
 209      */
 210     String getHeaderName() {
 211         if (type == SERVER_AUTHENTICATION) {
 212             return "Authorization";
 213         } else {
 214             return "Proxy-Authorization";
 215         }
 216     }
 217 
 218     /**
 219      * Reclaculates the request-digest and returns it.
 220      *
 221      * <P> Used in the common case where the requestURI is simply the
 222      * abs_path.
 223      *
 224      * @param  url
 225      *         the URL
 226      *
 227      * @param  method
 228      *         the HTTP method
 229      *
 230      * @return the value of the HTTP header this authentication wants set
 231      */
 232     String getHeaderValue(URL url, String method) {

 233         return getHeaderValueImpl(url.getFile(), method);
 234     }
 235 
 236     /**
 237      * Reclaculates the request-digest and returns it.
 238      *
 239      * <P> Used when the requestURI is not the abs_path. The exact
 240      * requestURI can be passed as a String.
 241      *
 242      * @param  requestURI
 243      *         the Request-URI from the HTTP request line
 244      *
 245      * @param  method
 246      *         the HTTP method
 247      *
 248      * @return the value of the HTTP header this authentication wants set
 249      */
 250     String getHeaderValue(String requestURI, String method) {
 251         return getHeaderValueImpl(requestURI, method);
 252     }
 253 
 254     /**
 255      * Check if the header indicates that the current auth. parameters are stale.
 256      * If so, then replace the relevant field with the new value
 257      * and return true. Otherwise return false.
 258      * returning true means the request can be retried with the same userid/password
 259      * returning false means we have to go back to the user to ask for a new
 260      * username password.
 261      */
 262     boolean isAuthorizationStale (String header) {

 263         HeaderParser p = new HeaderParser (header);
 264         String s = p.findValue ("stale");
 265         if (s == null || !s.equals("true"))
 266             return false;
 267         String newNonce = p.findValue ("nonce");
 268         if (newNonce == null || "".equals(newNonce)) {
 269             return false;
 270         }
 271         params.setNonce (newNonce);
 272         return true;
 273     }
 274 
 275     /**
 276      * Set header(s) on the given connection.
 277      * @param conn The connection to apply the header(s) to
 278      * @param p A source of header values for this connection, if needed.
 279      * @param raw Raw header values for this connection, if needed.
 280      * @return true if all goes well, false if no headers were set.
 281      */
 282     boolean setHeaders(HttpURLConnection conn, HeaderParser p, String raw) {

 283         params.setNonce (p.findValue("nonce"));
 284         params.setOpaque (p.findValue("opaque"));
 285         params.setQop (p.findValue("qop"));
 286 
 287         String uri;
 288         String method;
 289         if (type == PROXY_AUTHENTICATION &&
 290                 conn.tunnelState() == HttpURLConnection.TunnelState.SETUP) {
 291             uri = HttpURLConnection.connectRequestURI(conn.getURL());
 292             method = HTTP_CONNECT;
 293         } else {
 294             uri = conn.getRequestURI();
 295             method = conn.getMethod();
 296         }
 297 
 298         if (params.nonce == null || authMethod == null || pw == null || realm == null) {
 299             return false;
 300         }
 301         if (authMethod.length() >= 1) {
 302             // Method seems to get converted to all lower case elsewhere.




 183         this.pw = pw;
 184         this.params = params;
 185     }
 186 
 187     public DigestAuthentication(boolean isProxy, String host, int port, String realm,
 188                                 String authMethod, PasswordAuthentication pw,
 189                                 Parameters params) {
 190         super(isProxy ? PROXY_AUTHENTICATION : SERVER_AUTHENTICATION,
 191               AuthScheme.DIGEST,
 192               host,
 193               port,
 194               realm);
 195         this.authMethod = authMethod;
 196         this.pw = pw;
 197         this.params = params;
 198     }
 199 
 200     /**
 201      * @return true if this authentication supports preemptive authorization
 202      */
 203     @Override
 204     public boolean supportsPreemptiveAuthorization() {
 205         return true;
 206     }
 207 
 208     /**











 209      * Reclaculates the request-digest and returns it.
 210      *
 211      * <P> Used in the common case where the requestURI is simply the
 212      * abs_path.
 213      *
 214      * @param  url
 215      *         the URL
 216      *
 217      * @param  method
 218      *         the HTTP method
 219      *
 220      * @return the value of the HTTP header this authentication wants set
 221      */
 222     @Override
 223     public String getHeaderValue(URL url, String method) {
 224         return getHeaderValueImpl(url.getFile(), method);
 225     }
 226 
 227     /**
 228      * Reclaculates the request-digest and returns it.
 229      *
 230      * <P> Used when the requestURI is not the abs_path. The exact
 231      * requestURI can be passed as a String.
 232      *
 233      * @param  requestURI
 234      *         the Request-URI from the HTTP request line
 235      *
 236      * @param  method
 237      *         the HTTP method
 238      *
 239      * @return the value of the HTTP header this authentication wants set
 240      */
 241     String getHeaderValue(String requestURI, String method) {
 242         return getHeaderValueImpl(requestURI, method);
 243     }
 244 
 245     /**
 246      * Check if the header indicates that the current auth. parameters are stale.
 247      * If so, then replace the relevant field with the new value
 248      * and return true. Otherwise return false.
 249      * returning true means the request can be retried with the same userid/password
 250      * returning false means we have to go back to the user to ask for a new
 251      * username password.
 252      */
 253     @Override
 254     public boolean isAuthorizationStale (String header) {
 255         HeaderParser p = new HeaderParser (header);
 256         String s = p.findValue ("stale");
 257         if (s == null || !s.equals("true"))
 258             return false;
 259         String newNonce = p.findValue ("nonce");
 260         if (newNonce == null || "".equals(newNonce)) {
 261             return false;
 262         }
 263         params.setNonce (newNonce);
 264         return true;
 265     }
 266 
 267     /**
 268      * Set header(s) on the given connection.
 269      * @param conn The connection to apply the header(s) to
 270      * @param p A source of header values for this connection, if needed.
 271      * @param raw Raw header values for this connection, if needed.
 272      * @return true if all goes well, false if no headers were set.
 273      */
 274     @Override
 275     public boolean setHeaders(HttpURLConnection conn, HeaderParser p, String raw) {
 276         params.setNonce (p.findValue("nonce"));
 277         params.setOpaque (p.findValue("opaque"));
 278         params.setQop (p.findValue("qop"));
 279 
 280         String uri;
 281         String method;
 282         if (type == PROXY_AUTHENTICATION &&
 283                 conn.tunnelState() == HttpURLConnection.TunnelState.SETUP) {
 284             uri = HttpURLConnection.connectRequestURI(conn.getURL());
 285             method = HTTP_CONNECT;
 286         } else {
 287             uri = conn.getRequestURI();
 288             method = conn.getMethod();
 289         }
 290 
 291         if (params.nonce == null || authMethod == null || pw == null || realm == null) {
 292             return false;
 293         }
 294         if (authMethod.length() >= 1) {
 295             // Method seems to get converted to all lower case elsewhere.