View Javadoc

1   /*
2    * ====================================================================
3    * Licensed to the Apache Software Foundation (ASF) under one
4    * or more contributor license agreements.  See the NOTICE file
5    * distributed with this work for additional information
6    * regarding copyright ownership.  The ASF licenses this file
7    * to you under the Apache License, Version 2.0 (the
8    * "License"); you may not use this file except in compliance
9    * with the License.  You may obtain a copy of the License at
10   *
11   *   http://www.apache.org/licenses/LICENSE-2.0
12   *
13   * Unless required by applicable law or agreed to in writing,
14   * software distributed under the License is distributed on an
15   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16   * KIND, either express or implied.  See the License for the
17   * specific language governing permissions and limitations
18   * under the License.
19   * ====================================================================
20   *
21   * This software consists of voluntary contributions made by many
22   * individuals on behalf of the Apache Software Foundation.  For more
23   * information on the Apache Software Foundation, please see
24   * <http://www.apache.org/>.
25   *
26   */
27  package org.apache.http.impl.auth;
28  
29  import java.io.IOException;
30  import java.io.ObjectInputStream;
31  import java.io.ObjectOutputStream;
32  import java.io.ObjectStreamException;
33  import java.io.Serializable;
34  import java.nio.charset.Charset;
35  import java.util.HashMap;
36  import java.util.Locale;
37  import java.util.Map;
38  
39  import org.apache.http.Consts;
40  import org.apache.http.HeaderElement;
41  import org.apache.http.HttpRequest;
42  import org.apache.http.annotation.NotThreadSafe;
43  import org.apache.http.auth.ChallengeState;
44  import org.apache.http.auth.MalformedChallengeException;
45  import org.apache.http.auth.params.AuthPNames;
46  import org.apache.http.message.BasicHeaderValueParser;
47  import org.apache.http.message.HeaderValueParser;
48  import org.apache.http.message.ParserCursor;
49  import org.apache.http.util.CharArrayBuffer;
50  import org.apache.http.util.CharsetUtils;
51  
52  /**
53   * Abstract authentication scheme class that lays foundation for all
54   * RFC 2617 compliant authentication schemes and provides capabilities common
55   * to all authentication schemes defined in RFC 2617.
56   *
57   * @since 4.0
58   */
59  @SuppressWarnings("deprecation")
60  @NotThreadSafe // AuthSchemeBase, params
61  public abstract class RFC2617Scheme extends AuthSchemeBase implements Serializable {
62  
63      private static final long serialVersionUID = -2845454858205884623L;
64  
65      private final Map<String, String> params;
66      private transient Charset credentialsCharset;
67  
68      /**
69       * Creates an instance of {@code RFC2617Scheme} with the given challenge
70       * state.
71       *
72       * @since 4.2
73       *
74       * @deprecated (4.3) do not use.
75       */
76      @Deprecated
77      public RFC2617Scheme(final ChallengeState challengeState) {
78          super(challengeState);
79          this.params = new HashMap<String, String>();
80          this.credentialsCharset = Consts.ASCII;
81      }
82  
83      /**
84       * @since 4.3
85       */
86      public RFC2617Scheme(final Charset credentialsCharset) {
87          super();
88          this.params = new HashMap<String, String>();
89          this.credentialsCharset = credentialsCharset != null ? credentialsCharset : Consts.ASCII;
90      }
91  
92      public RFC2617Scheme() {
93          this(Consts.ASCII);
94      }
95  
96  
97      /**
98       * @since 4.3
99       */
100     public Charset getCredentialsCharset() {
101         return credentialsCharset != null ? credentialsCharset : Consts.ASCII;
102     }
103 
104     String getCredentialsCharset(final HttpRequest request) {
105         String charset = (String) request.getParams().getParameter(AuthPNames.CREDENTIAL_CHARSET);
106         if (charset == null) {
107             charset = getCredentialsCharset().name();
108         }
109         return charset;
110     }
111 
112     @Override
113     protected void parseChallenge(
114             final CharArrayBuffer buffer, final int pos, final int len) throws MalformedChallengeException {
115         final HeaderValueParser parser = BasicHeaderValueParser.INSTANCE;
116         final ParserCursor cursor = new ParserCursor(pos, buffer.length());
117         final HeaderElement[] elements = parser.parseElements(buffer, cursor);
118         if (elements.length == 0) {
119             throw new MalformedChallengeException("Authentication challenge is empty");
120         }
121         this.params.clear();
122         for (final HeaderElement element : elements) {
123             this.params.put(element.getName(), element.getValue());
124         }
125     }
126 
127     /**
128      * Returns authentication parameters map. Keys in the map are lower-cased.
129      *
130      * @return the map of authentication parameters
131      */
132     protected Map<String, String> getParameters() {
133         return this.params;
134     }
135 
136     /**
137      * Returns authentication parameter with the given name, if available.
138      *
139      * @param name The name of the parameter to be returned
140      *
141      * @return the parameter with the given name
142      */
143     @Override
144     public String getParameter(final String name) {
145         if (name == null) {
146             return null;
147         }
148         return this.params.get(name.toLowerCase(Locale.ROOT));
149     }
150 
151     /**
152      * Returns authentication realm. The realm may not be null.
153      *
154      * @return the authentication realm
155      */
156     @Override
157     public String getRealm() {
158         return getParameter("realm");
159     }
160 
161     private void writeObject(final ObjectOutputStream out) throws IOException {
162         out.defaultWriteObject();
163         out.writeUTF(this.credentialsCharset.name());
164     }
165 
166     @SuppressWarnings("unchecked")
167     private void readObject(final ObjectInputStream in) throws IOException, ClassNotFoundException {
168         in.defaultReadObject();
169         this.credentialsCharset = CharsetUtils.get(in.readUTF());
170         if (this.credentialsCharset == null) {
171             this.credentialsCharset = Consts.ASCII;
172         }
173     }
174 
175     private void readObjectNoData() throws ObjectStreamException {
176     }
177 
178 }