org.apache.hc.client5.http.protocol

Class NextNonceInterceptor

java.lang.Object

org.apache.hc.client5.http.protocol.NextNonceInterceptor

All Implemented Interfaces:

org.apache.hc.core5.http.HttpResponseInterceptor

@Contract(threading=STATELESS)
public class NextNonceInterceptor
extends Object
implements org.apache.hc.core5.http.HttpResponseInterceptor

NextNonceInterceptor is an HTTP response interceptor that extracts the nextnonce parameter from the Authentication-Info header of an HTTP response. This parameter is used in HTTP Digest Access Authentication to provide an additional nonce value that the client is expected to use in subsequent authentication requests. By retrieving and storing this nextnonce value, the interceptor facilitates one-time nonce implementations and prevents replay attacks by ensuring that each request/response interaction includes a fresh nonce.

If present, the extracted nextnonce value is stored in the HttpContext under the attribute auth-nextnonce, allowing it to be accessed in subsequent requests. If the header does not contain the nextnonce parameter, no context attribute is set.

This implementation adheres to the HTTP/1.1 specification, particularly focusing on the Digest scheme as defined in HTTP Digest Authentication, and parses header tokens using the Tokenizer utility class for robust token parsing.

In the context of HTTP Digest Access Authentication, the nextnonce parameter is a critical part of the security mechanism, designed to mitigate replay attacks and enhance mutual authentication security. It provides the server with the ability to set and enforce single-use or session-bound nonces, prompting the client to use the provided nextnonce in its next request. This setup helps secure communication by forcing new cryptographic material in each transaction.

This interceptor is stateless and thread-safe, making it suitable for use across multiple threads and HTTP requests. It should be registered with the HTTP client to enable support for advanced authentication mechanisms that require tracking of nonce values.

Since:

5.5

Field Summary

Fields

Modifier and Type	Field and Description
static org.apache.hc.core5.http.HttpResponseInterceptor	INSTANCE

Constructor Summary

Constructors

Constructor and Description
NextNonceInterceptor()

Method Summary

Modifier and Type	Method and Description
void	process(org.apache.hc.core5.http.HttpResponse response, org.apache.hc.core5.http.EntityDetails entity, org.apache.hc.core5.http.protocol.HttpContext context) Processes the HTTP response and extracts the nextnonce parameter from the Authentication-Info header if available, storing it in the provided context.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

INSTANCE

public static final org.apache.hc.core5.http.HttpResponseInterceptor INSTANCE

Constructor Detail

NextNonceInterceptor

public NextNonceInterceptor()

Method Detail

process

public void process(org.apache.hc.core5.http.HttpResponse response,
                    org.apache.hc.core5.http.EntityDetails entity,
                    org.apache.hc.core5.http.protocol.HttpContext context)

Processes the HTTP response and extracts the nextnonce parameter from the Authentication-Info header if available, storing it in the provided context.

Specified by:

process in interface org.apache.hc.core5.http.HttpResponseInterceptor

Parameters:

response - the HTTP response containing the Authentication-Info header

entity - the response entity, ignored by this interceptor

context - the HTTP context in which to store the nextnonce parameter

Throws:

NullPointerException - if either response or context is null