Examples with AuthScheme org.apache.commons.httpclient.auth.AuthScheme used on opensource projects

Example 1 with AuthScheme

use of org.apache.commons.httpclient.auth.AuthScheme in project zaproxy by zaproxy.

the class HttpMethodDirector method authenticateProxy.

private void authenticateProxy(final HttpMethod method) throws AuthenticationException {
    // Clean up existing authentication headers
    boolean userDefinedAuthenticationHeaders = !cleanAuthHeaders(method, PROXY_AUTH_RESP);
    if (userDefinedAuthenticationHeaders) {
        if (LOG.isDebugEnabled()) {
            LOG.debug("User defined '" + PROXY_AUTH_RESP + "' headers present in the request.");
        }
    }
    AuthState authstate = method.getProxyAuthState();
    AuthScheme authscheme = authstate.getAuthScheme();
    if (authscheme == null) {
        return;
    }
    if (authstate.isAuthRequested() || !authscheme.isConnectionBased()) {
        AuthScope authscope = new AuthScope(conn.getProxyHost(), conn.getProxyPort(), authscheme.getRealm(), authscheme.getSchemeName());
        if (LOG.isDebugEnabled()) {
            LOG.debug("Authenticating with " + authscope);
        }
        Credentials credentials = this.state.getProxyCredentials(authscope);
        if (credentials != null) {
            if (userDefinedAuthenticationHeaders) {
                if (!method.getParams().getBooleanParameter(PARAM_REMOVE_USER_DEFINED_AUTH_HEADERS, false)) {
                    if (LOG.isDebugEnabled()) {
                        LOG.debug("Ignoring proxy authentication, user defined '" + PROXY_AUTH_RESP + "' headers present in the request.");
                    }
                    return;
                }
                method.removeRequestHeader(PROXY_AUTH_RESP);
                if (LOG.isDebugEnabled()) {
                    LOG.debug("Removed user defined '" + PROXY_AUTH_RESP + "' headers.");
                }
            }
            String authstring = authscheme.authenticate(credentials, method);
            if (authstring != null) {
                method.addRequestHeader(new Header(PROXY_AUTH_RESP, authstring, true));
            }
        } else {
            if (LOG.isWarnEnabled()) {
                LOG.warn("Required proxy credentials not available for " + authscope);
                if (method.getProxyAuthState().isPreemptive()) {
                    LOG.warn("Preemptive authentication requested but no default " + "proxy credentials available");
                }
            }
        }
    }
}

Example 2 with AuthScheme

use of org.apache.commons.httpclient.auth.AuthScheme in project zaproxy by zaproxy.

the class HttpMethodDirector method processProxyAuthChallenge.

private boolean processProxyAuthChallenge(final HttpMethod method) throws MalformedChallengeException, AuthenticationException {
    AuthState authstate = method.getProxyAuthState();
    Map<?, ?> proxyChallenges = AuthChallengeParser.parseChallenges(method.getResponseHeaders(PROXY_AUTH_CHALLENGE));
    if (proxyChallenges.isEmpty()) {
        LOG.debug("Proxy authentication challenge(s) not found");
        return false;
    }
    AuthScheme authscheme = null;
    try {
        authscheme = this.authProcessor.processChallenge(authstate, proxyChallenges);
    } catch (AuthChallengeException e) {
        if (LOG.isWarnEnabled()) {
            LOG.warn(e.getMessage());
        }
    }
    if (authscheme == null) {
        return false;
    }
    AuthScope authscope = new AuthScope(conn.getProxyHost(), conn.getProxyPort(), authscheme.getRealm(), authscheme.getSchemeName());
    if (LOG.isDebugEnabled()) {
        LOG.debug("Proxy authentication scope: " + authscope);
    }
    if (authstate.isAuthAttempted() && authscheme.isComplete()) {
        // Already tried and failed
        Credentials credentials = promptForProxyCredentials(authscheme, method.getParams(), authscope);
        if (credentials == null) {
            if (LOG.isInfoEnabled()) {
                LOG.info("Failure authenticating with " + authscope);
            }
            return false;
        } else {
            return true;
        }
    } else {
        authstate.setAuthAttempted(true);
        Credentials credentials = this.state.getProxyCredentials(authscope);
        if (credentials == null) {
            credentials = promptForProxyCredentials(authscheme, method.getParams(), authscope);
        }
        if (credentials == null) {
            if (LOG.isInfoEnabled()) {
                LOG.info("No credentials available for " + authscope);
            }
            return false;
        } else {
            return true;
        }
    }
}

Example 3 with AuthScheme

use of org.apache.commons.httpclient.auth.AuthScheme in project zaproxy by zaproxy.

the class HttpMethodDirector method processWWWAuthChallenge.

private boolean processWWWAuthChallenge(final HttpMethod method) throws MalformedChallengeException, AuthenticationException {
    AuthState authstate = method.getHostAuthState();
    Map<?, ?> challenges = AuthChallengeParser.parseChallenges(method.getResponseHeaders(WWW_AUTH_CHALLENGE));
    if (challenges.isEmpty()) {
        LOG.debug("Authentication challenge(s) not found");
        return false;
    }
    AuthScheme authscheme = null;
    try {
        authscheme = this.authProcessor.processChallenge(authstate, challenges);
    } catch (AuthChallengeException e) {
        if (LOG.isWarnEnabled()) {
            LOG.warn(e.getMessage());
        }
    }
    if (authscheme == null) {
        return false;
    }
    String host = method.getParams().getVirtualHost();
    if (host == null) {
        host = conn.getHost();
    }
    int port = conn.getPort();
    AuthScope authscope = new AuthScope(host, port, authscheme.getRealm(), authscheme.getSchemeName());
    if (LOG.isDebugEnabled()) {
        LOG.debug("Authentication scope: " + authscope);
    }
    if (authstate.isAuthAttempted() && authscheme.isComplete()) {
        // Already tried and failed
        Credentials credentials = promptForCredentials(authscheme, method.getParams(), authscope);
        if (credentials == null) {
            if (LOG.isInfoEnabled()) {
                LOG.info("Failure authenticating with " + authscope);
            }
            return false;
        } else {
            return true;
        }
    } else {
        authstate.setAuthAttempted(true);
        Credentials credentials = this.state.getCredentials(authscope);
        if (credentials == null) {
            credentials = promptForCredentials(authscheme, method.getParams(), authscope);
        }
        if (credentials == null) {
            if (LOG.isInfoEnabled()) {
                LOG.info("No credentials available for " + authscope);
            }
            return false;
        } else {
            return true;
        }
    }
}

Example 4 with AuthScheme

use of org.apache.commons.httpclient.auth.AuthScheme in project zaproxy by zaproxy.

the class HttpMethodDirector method authenticateHost.

private void authenticateHost(final HttpMethod method) throws AuthenticationException {
    // Clean up existing authentication headers
    boolean userDefinedAuthenticationHeaders = !cleanAuthHeaders(method, WWW_AUTH_RESP);
    if (userDefinedAuthenticationHeaders) {
        if (LOG.isDebugEnabled()) {
            LOG.debug("User defined '" + WWW_AUTH_RESP + "' headers present in the request.");
        }
    }
    AuthState authstate = method.getHostAuthState();
    AuthScheme authscheme = authstate.getAuthScheme();
    if (authscheme == null) {
        return;
    }
    if (authstate.isAuthRequested() || !authscheme.isConnectionBased()) {
        String host = method.getParams().getVirtualHost();
        if (host == null) {
            host = conn.getHost();
        }
        int port = conn.getPort();
        AuthScope authscope = new AuthScope(host, port, authscheme.getRealm(), authscheme.getSchemeName());
        if (LOG.isDebugEnabled()) {
            LOG.debug("Authenticating with " + authscope);
        }
        Credentials credentials = this.state.getCredentials(authscope);
        if (credentials != null) {
            if (userDefinedAuthenticationHeaders) {
                if (!method.getParams().getBooleanParameter(PARAM_REMOVE_USER_DEFINED_AUTH_HEADERS, false)) {
                    if (LOG.isDebugEnabled()) {
                        LOG.debug("Ignoring authentication, user defined '" + WWW_AUTH_RESP + "' headers present in the request.");
                    }
                    return;
                }
                method.removeRequestHeader(WWW_AUTH_RESP);
                if (LOG.isDebugEnabled()) {
                    LOG.debug("Removed user defined '" + WWW_AUTH_RESP + "' headers.");
                }
            }
            String authstring = authscheme.authenticate(credentials, method);
            if (authstring != null) {
                method.addRequestHeader(new Header(WWW_AUTH_RESP, authstring, true));
            }
        } else {
            if (LOG.isWarnEnabled()) {
                LOG.warn("Required credentials not available for " + authscope);
                if (method.getHostAuthState().isPreemptive()) {
                    LOG.warn("Preemptive authentication requested but no default " + "credentials available");
                }
            }
        }
    }
}