View Javadoc

1   /*
2    * ====================================================================
3    * Licensed to the Apache Software Foundation (ASF) under one
4    * or more contributor license agreements.  See the NOTICE file
5    * distributed with this work for additional information
6    * regarding copyright ownership.  The ASF licenses this file
7    * to you under the Apache License, Version 2.0 (the
8    * "License"); you may not use this file except in compliance
9    * with the License.  You may obtain a copy of the License at
10   *
11   *   http://www.apache.org/licenses/LICENSE-2.0
12   *
13   * Unless required by applicable law or agreed to in writing,
14   * software distributed under the License is distributed on an
15   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16   * KIND, either express or implied.  See the License for the
17   * specific language governing permissions and limitations
18   * under the License.
19   * ====================================================================
20   *
21   * This software consists of voluntary contributions made by many
22   * individuals on behalf of the Apache Software Foundation.  For more
23   * information on the Apache Software Foundation, please see
24   * <http://www.apache.org/>.
25   *
26   */
27  package org.apache.http.impl.auth;
28  
29  import java.util.Locale;
30  
31  import org.apache.http.FormattedHeader;
32  import org.apache.http.Header;
33  import org.apache.http.HttpRequest;
34  import org.apache.http.annotation.NotThreadSafe;
35  import org.apache.http.auth.AUTH;
36  import org.apache.http.auth.AuthenticationException;
37  import org.apache.http.auth.ChallengeState;
38  import org.apache.http.auth.ContextAwareAuthScheme;
39  import org.apache.http.auth.Credentials;
40  import org.apache.http.auth.MalformedChallengeException;
41  import org.apache.http.protocol.HTTP;
42  import org.apache.http.protocol.HttpContext;
43  import org.apache.http.util.Args;
44  import org.apache.http.util.CharArrayBuffer;
45  
46  /**
47   * Abstract authentication scheme class that serves as a basis
48   * for all authentication schemes supported by HttpClient. This class
49   * defines the generic way of parsing an authentication challenge. It
50   * does not make any assumptions regarding the format of the challenge
51   * nor does it impose any specific way of responding to that challenge.
52   *
53   *
54   * @since 4.0
55   */
56  @NotThreadSafe
57  public abstract class AuthSchemeBase implements ContextAwareAuthScheme {
58  
59      private ChallengeState challengeState;
60  
61      /**
62       * Creates an instance of {@code AuthSchemeBase} with the given challenge
63       * state.
64       *
65       * @since 4.2
66       *
67       * @deprecated (4.3) do not use.
68       */
69      @Deprecated
70      public AuthSchemeBase(final ChallengeState challengeState) {
71          super();
72          this.challengeState = challengeState;
73      }
74  
75      public AuthSchemeBase() {
76          super();
77      }
78  
79      /**
80       * Processes the given challenge token. Some authentication schemes
81       * may involve multiple challenge-response exchanges. Such schemes must be able
82       * to maintain the state information when dealing with sequential challenges
83       *
84       * @param header the challenge header
85       *
86       * @throws MalformedChallengeException is thrown if the authentication challenge
87       * is malformed
88       */
89      @Override
90      public void processChallenge(final Header header) throws MalformedChallengeException {
91          Args.notNull(header, "Header");
92          final String authheader = header.getName();
93          if (authheader.equalsIgnoreCase(AUTH.WWW_AUTH)) {
94              this.challengeState = ChallengeState.TARGET;
95          } else if (authheader.equalsIgnoreCase(AUTH.PROXY_AUTH)) {
96              this.challengeState = ChallengeState.PROXY;
97          } else {
98              throw new MalformedChallengeException("Unexpected header name: " + authheader);
99          }
100 
101         final CharArrayBuffer buffer;
102         int pos;
103         if (header instanceof FormattedHeader) {
104             buffer = ((FormattedHeader) header).getBuffer();
105             pos = ((FormattedHeader) header).getValuePos();
106         } else {
107             final String s = header.getValue();
108             if (s == null) {
109                 throw new MalformedChallengeException("Header value is null");
110             }
111             buffer = new CharArrayBuffer(s.length());
112             buffer.append(s);
113             pos = 0;
114         }
115         while (pos < buffer.length() && HTTP.isWhitespace(buffer.charAt(pos))) {
116             pos++;
117         }
118         final int beginIndex = pos;
119         while (pos < buffer.length() && !HTTP.isWhitespace(buffer.charAt(pos))) {
120             pos++;
121         }
122         final int endIndex = pos;
123         final String s = buffer.substring(beginIndex, endIndex);
124         if (!s.equalsIgnoreCase(getSchemeName())) {
125             throw new MalformedChallengeException("Invalid scheme identifier: " + s);
126         }
127 
128         parseChallenge(buffer, pos, buffer.length());
129     }
130 
131 
132     @Override
133     @SuppressWarnings("deprecation")
134     public Header authenticate(
135             final Credentials credentials,
136             final HttpRequest request,
137             final HttpContext context) throws AuthenticationException {
138         return authenticate(credentials, request);
139     }
140 
141     protected abstract void parseChallenge(
142             CharArrayBuffer buffer, int beginIndex, int endIndex) throws MalformedChallengeException;
143 
144     /**
145      * Returns <code>true</code> if authenticating against a proxy, <code>false</code>
146      * otherwise.
147      */
148     public boolean isProxy() {
149         return this.challengeState != null && this.challengeState == ChallengeState.PROXY;
150     }
151 
152     /**
153      * Returns {@link ChallengeState} value or <code>null</code> if unchallenged.
154      *
155      * @since 4.2
156      */
157     public ChallengeState getChallengeState() {
158         return this.challengeState;
159     }
160 
161     @Override
162     public String toString() {
163         final String name = getSchemeName();
164         if (name != null) {
165             return name.toUpperCase(Locale.ROOT);
166         } else {
167             return super.toString();
168         }
169     }
170 
171 }