View Javadoc

1   /*
2    * ====================================================================
3    * Licensed to the Apache Software Foundation (ASF) under one
4    * or more contributor license agreements.  See the NOTICE file
5    * distributed with this work for additional information
6    * regarding copyright ownership.  The ASF licenses this file
7    * to you under the Apache License, Version 2.0 (the
8    * "License"); you may not use this file except in compliance
9    * with the License.  You may obtain a copy of the License at
10   *
11   *   http://www.apache.org/licenses/LICENSE-2.0
12   *
13   * Unless required by applicable law or agreed to in writing,
14   * software distributed under the License is distributed on an
15   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16   * KIND, either express or implied.  See the License for the
17   * specific language governing permissions and limitations
18   * under the License.
19   * ====================================================================
20   *
21   * This software consists of voluntary contributions made by many
22   * individuals on behalf of the Apache Software Foundation.  For more
23   * information on the Apache Software Foundation, please see
24   * <http://www.apache.org/>.
25   *
26   */
27  
28  package org.apache.http.client.protocol;
29  
30  import java.util.Queue;
31  
32  import org.apache.commons.logging.Log;
33  import org.apache.commons.logging.LogFactory;
34  import org.apache.http.Header;
35  import org.apache.http.HttpRequest;
36  import org.apache.http.HttpRequestInterceptor;
37  import org.apache.http.auth.AuthOption;
38  import org.apache.http.auth.AuthScheme;
39  import org.apache.http.auth.AuthState;
40  import org.apache.http.auth.AuthenticationException;
41  import org.apache.http.auth.ContextAwareAuthScheme;
42  import org.apache.http.auth.Credentials;
43  import org.apache.http.protocol.HttpContext;
44  import org.apache.http.util.Asserts;
45  
46  @Deprecated
47  abstract class RequestAuthenticationBase implements HttpRequestInterceptor {
48  
49      final Log log = LogFactory.getLog(getClass());
50  
51      public RequestAuthenticationBase() {
52          super();
53      }
54  
55      void process(
56              final AuthState authState,
57              final HttpRequest request,
58              final HttpContext context) {
59          AuthScheme authScheme = authState.getAuthScheme();
60          Credentials creds = authState.getCredentials();
61          switch (authState.getState()) { // TODO add UNCHALLENGED and HANDSHAKE cases
62          case FAILURE:
63              return;
64          case SUCCESS:
65              ensureAuthScheme(authScheme);
66              if (authScheme.isConnectionBased()) {
67                  return;
68              }
69              break;
70          case CHALLENGED:
71              final Queue<AuthOption> authOptions = authState.getAuthOptions();
72              if (authOptions != null) {
73                  while (!authOptions.isEmpty()) {
74                      final AuthOption authOption = authOptions.remove();
75                      authScheme = authOption.getAuthScheme();
76                      creds = authOption.getCredentials();
77                      authState.update(authScheme, creds);
78                      if (this.log.isDebugEnabled()) {
79                          this.log.debug("Generating response to an authentication challenge using "
80                                  + authScheme.getSchemeName() + " scheme");
81                      }
82                      try {
83                          final Header header = authenticate(authScheme, creds, request, context);
84                          request.addHeader(header);
85                          break;
86                      } catch (final AuthenticationException ex) {
87                          if (this.log.isWarnEnabled()) {
88                              this.log.warn(authScheme + " authentication error: " + ex.getMessage());
89                          }
90                      }
91                  }
92                  return;
93              } else {
94                  ensureAuthScheme(authScheme);
95              }
96          }
97          if (authScheme != null) {
98              try {
99                  final Header header = authenticate(authScheme, creds, request, context);
100                 request.addHeader(header);
101             } catch (final AuthenticationException ex) {
102                 if (this.log.isErrorEnabled()) {
103                     this.log.error(authScheme + " authentication error: " + ex.getMessage());
104                 }
105             }
106         }
107     }
108 
109     private void ensureAuthScheme(final AuthScheme authScheme) {
110         Asserts.notNull(authScheme, "Auth scheme");
111     }
112 
113     private Header authenticate(
114             final AuthScheme authScheme,
115             final Credentials creds,
116             final HttpRequest request,
117             final HttpContext context) throws AuthenticationException {
118         Asserts.notNull(authScheme, "Auth scheme");
119         if (authScheme instanceof ContextAwareAuthScheme) {
120             return ((ContextAwareAuthScheme) authScheme).authenticate(creds, request, context);
121         } else {
122             return authScheme.authenticate(creds, request);
123         }
124     }
125 
126 }