View Javadoc

1   /*
2    * ====================================================================
3    * Licensed to the Apache Software Foundation (ASF) under one
4    * or more contributor license agreements.  See the NOTICE file
5    * distributed with this work for additional information
6    * regarding copyright ownership.  The ASF licenses this file
7    * to you under the Apache License, Version 2.0 (the
8    * "License"); you may not use this file except in compliance
9    * with the License.  You may obtain a copy of the License at
10   *
11   *   http://www.apache.org/licenses/LICENSE-2.0
12   *
13   * Unless required by applicable law or agreed to in writing,
14   * software distributed under the License is distributed on an
15   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16   * KIND, either express or implied.  See the License for the
17   * specific language governing permissions and limitations
18   * under the License.
19   * ====================================================================
20   *
21   * This software consists of voluntary contributions made by many
22   * individuals on behalf of the Apache Software Foundation.  For more
23   * information on the Apache Software Foundation, please see
24   * <http://www.apache.org/>.
25   *
26   */
27  
28  package org.apache.http.client.protocol;
29  
30  import java.io.IOException;
31  import java.util.Queue;
32  
33  import org.apache.commons.logging.Log;
34  import org.apache.commons.logging.LogFactory;
35  import org.apache.http.Header;
36  import org.apache.http.HttpException;
37  import org.apache.http.HttpRequest;
38  import org.apache.http.HttpRequestInterceptor;
39  import org.apache.http.auth.AuthOption;
40  import org.apache.http.auth.AuthScheme;
41  import org.apache.http.auth.AuthState;
42  import org.apache.http.auth.AuthenticationException;
43  import org.apache.http.auth.ContextAwareAuthScheme;
44  import org.apache.http.auth.Credentials;
45  import org.apache.http.protocol.HttpContext;
46  
47  abstract class RequestAuthenticationBase implements HttpRequestInterceptor {
48  
49      final Log log = LogFactory.getLog(getClass());
50  
51      public RequestAuthenticationBase() {
52          super();
53      }
54  
55      void process(
56              final AuthState authState,
57              final HttpRequest request,
58              final HttpContext context) throws HttpException, IOException {
59          AuthScheme authScheme = authState.getAuthScheme();
60          Credentials creds = authState.getCredentials();
61          switch (authState.getState()) {
62          case FAILURE:
63              return;
64          case SUCCESS:
65              ensureAuthScheme(authScheme);
66              if (authScheme.isConnectionBased()) {
67                  return;
68              }
69              break;
70          case CHALLENGED:
71              Queue<AuthOption> authOptions = authState.getAuthOptions();
72              if (authOptions != null) {
73                  while (!authOptions.isEmpty()) {
74                      AuthOption authOption = authOptions.remove();
75                      authScheme = authOption.getAuthScheme();
76                      creds = authOption.getCredentials();
77                      authState.update(authScheme, creds);
78                      if (this.log.isDebugEnabled()) {
79                          this.log.debug("Generating response to an authentication challenge using "
80                                  + authScheme.getSchemeName() + " scheme");
81                      }
82                      try {
83                          Header header = authenticate(authScheme, creds, request, context);
84                          request.addHeader(header);
85                          break;
86                      } catch (AuthenticationException ex) {
87                          if (this.log.isWarnEnabled()) {
88                              this.log.warn(authScheme + " authentication error: " + ex.getMessage());
89                          }
90                      }
91                  }
92                  return;
93              } else {
94                  ensureAuthScheme(authScheme);
95              }
96          }
97          if (authScheme != null) {
98              try {
99                  Header header = authenticate(authScheme, creds, request, context);
100                 request.addHeader(header);
101             } catch (AuthenticationException ex) {
102                 if (this.log.isErrorEnabled()) {
103                     this.log.error(authScheme + " authentication error: " + ex.getMessage());
104                 }
105             }
106         }
107     }
108 
109     private void ensureAuthScheme(final AuthScheme authScheme) {
110         if (authScheme == null) {
111             throw new IllegalStateException("Auth scheme is not set");
112         }
113     }
114 
115     @SuppressWarnings("deprecation")
116     private Header authenticate(
117             final AuthScheme authScheme,
118             final Credentials creds,
119             final HttpRequest request,
120             final HttpContext context) throws AuthenticationException {
121         if (authScheme == null) {
122             throw new IllegalStateException("Auth state object is null");
123         }
124         if (authScheme instanceof ContextAwareAuthScheme) {
125             return ((ContextAwareAuthScheme) authScheme).authenticate(creds, request, context);
126         } else {
127             return authScheme.authenticate(creds, request);
128         }
129     }
130 
131 }