Example 6 with BufferedHeader
use of org.apache.http.message.BufferedHeader in project wildfly by wildfly.
the class JBossNegotiateScheme method authenticate.
/**
* Produces Negotiate authorization Header based on token created by processChallenge.
*
* @param credentials Never used be the Negotiate scheme but must be provided to satisfy common-httpclient API. Credentials
* from JAAS will be used instead.
* @param request The request being authenticated
*
* @throws AuthenticationException if authorization string cannot be generated due to an authentication failure
*
* @return an Negotiate authorization Header
*/
@Override
public Header authenticate(final Credentials credentials, final HttpRequest request, final HttpContext context) throws AuthenticationException {
if (request == null) {
throw new IllegalArgumentException("HTTP request may not be null");
}
if (state == State.TOKEN_GENERATED) {
// hack for auto redirects
return new BasicHeader("X-dummy", "Token already generated");
}
if (state != State.CHALLENGE_RECEIVED) {
throw new IllegalStateException("Negotiation authentication process has not been initiated");
}
try {
String key = null;
if (isProxy()) {
key = ExecutionContext.HTTP_PROXY_HOST;
} else {
key = HttpCoreContext.HTTP_TARGET_HOST;
}
HttpHost host = (HttpHost) context.getAttribute(key);
if (host == null) {
throw new AuthenticationException("Authentication host is not set " + "in the execution context");
}
String authServer;
if (!this.stripPort && host.getPort() > 0) {
authServer = host.toHostString();
} else {
authServer = host.getHostName();
}
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("init " + authServer);
}
final Oid negotiationOid = new Oid(SPNEGO_OID);
final GSSManager manager = GSSManager.getInstance();
final GSSName serverName = manager.createName("HTTP@" + authServer, GSSName.NT_HOSTBASED_SERVICE);
final GSSContext gssContext = manager.createContext(serverName.canonicalize(negotiationOid), negotiationOid, null, DEFAULT_LIFETIME);
gssContext.requestMutualAuth(true);
gssContext.requestCredDeleg(true);
if (token == null) {
token = new byte[0];
}
token = gssContext.initSecContext(token, 0, token.length);
if (token == null) {
state = State.FAILED;
throw new AuthenticationException("GSS security context initialization failed");
}
state = State.TOKEN_GENERATED;
String tokenstr = new String(base64codec.encode(token));
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("Sending response '" + tokenstr + "' back to the auth server");
}
CharArrayBuffer buffer = new CharArrayBuffer(32);
if (isProxy()) {
buffer.append(AUTH.PROXY_AUTH_RESP);
} else {
buffer.append(AUTH.WWW_AUTH_RESP);
}
buffer.append(": Negotiate ");
buffer.append(tokenstr);
return new BufferedHeader(buffer);
} catch (GSSException gsse) {
state = State.FAILED;
if (gsse.getMajor() == GSSException.DEFECTIVE_CREDENTIAL || gsse.getMajor() == GSSException.CREDENTIALS_EXPIRED)
throw new InvalidCredentialsException(gsse.getMessage(), gsse);
if (gsse.getMajor() == GSSException.NO_CRED)
throw new InvalidCredentialsException(gsse.getMessage(), gsse);
if (gsse.getMajor() == GSSException.DEFECTIVE_TOKEN || gsse.getMajor() == GSSException.DUPLICATE_TOKEN || gsse.getMajor() == GSSException.OLD_TOKEN)
throw new AuthenticationException(gsse.getMessage(), gsse);
// other error
throw new AuthenticationException(gsse.getMessage());
}
}
Also used :
GSSName(org.ietf.jgss.GSSName)
AuthenticationException(org.apache.http.auth.AuthenticationException)
BufferedHeader(org.apache.http.message.BufferedHeader)
CharArrayBuffer(org.apache.http.util.CharArrayBuffer)
Oid(org.ietf.jgss.Oid)
GSSException(org.ietf.jgss.GSSException)
InvalidCredentialsException(org.apache.http.auth.InvalidCredentialsException)
HttpHost(org.apache.http.HttpHost)
GSSManager(org.ietf.jgss.GSSManager)
GSSContext(org.ietf.jgss.GSSContext)
BasicHeader(org.apache.http.message.BasicHeader)
Example 7 with BufferedHeader
use of org.apache.http.message.BufferedHeader in project platform_external_apache-http by android.
the class DigestScheme method createDigestHeader.
/**
* Creates digest-response header as defined in RFC2617.
*
* @param credentials User credentials
* @param digest The response tag's value as String.
*
* @return The digest-response as String.
*/
private Header createDigestHeader(final Credentials credentials, final String digest) throws AuthenticationException {
CharArrayBuffer buffer = new CharArrayBuffer(128);
if (isProxy()) {
buffer.append(AUTH.PROXY_AUTH_RESP);
} else {
buffer.append(AUTH.WWW_AUTH_RESP);
}
buffer.append(": Digest ");
String uri = getParameter("uri");
String realm = getParameter("realm");
String nonce = getParameter("nonce");
String opaque = getParameter("opaque");
String response = digest;
String algorithm = getParameter("algorithm");
String uname = credentials.getUserPrincipal().getName();
List<BasicNameValuePair> params = new ArrayList<BasicNameValuePair>(20);
params.add(new BasicNameValuePair("username", uname));
params.add(new BasicNameValuePair("realm", realm));
params.add(new BasicNameValuePair("nonce", nonce));
params.add(new BasicNameValuePair("uri", uri));
params.add(new BasicNameValuePair("response", response));
if (qopVariant != QOP_MISSING) {
params.add(new BasicNameValuePair("qop", getQopVariantString()));
params.add(new BasicNameValuePair("nc", NC));
params.add(new BasicNameValuePair("cnonce", getCnonce()));
}
if (algorithm != null) {
params.add(new BasicNameValuePair("algorithm", algorithm));
}
if (opaque != null) {
params.add(new BasicNameValuePair("opaque", opaque));
}
for (int i = 0; i < params.size(); i++) {
BasicNameValuePair param = params.get(i);
if (i > 0) {
buffer.append(", ");
}
boolean noQuotes = "nc".equals(param.getName()) || "qop".equals(param.getName());
BasicHeaderValueFormatter.DEFAULT.formatNameValuePair(buffer, param, !noQuotes);
}
return new BufferedHeader(buffer);
}
Also used :
BufferedHeader(org.apache.http.message.BufferedHeader)
BasicNameValuePair(org.apache.http.message.BasicNameValuePair)
CharArrayBuffer(org.apache.http.util.CharArrayBuffer)
ArrayList(java.util.ArrayList)
Example 8 with BufferedHeader
use of org.apache.http.message.BufferedHeader in project platform_external_apache-http by android.
the class NTLMScheme method authenticate.
public Header authenticate(final Credentials credentials, final HttpRequest request) throws AuthenticationException {
NTCredentials ntcredentials = null;
try {
ntcredentials = (NTCredentials) credentials;
} catch (ClassCastException e) {
throw new InvalidCredentialsException("Credentials cannot be used for NTLM authentication: " + credentials.getClass().getName());
}
String response = null;
if (this.state == State.CHALLENGE_RECEIVED || this.state == State.FAILED) {
response = this.engine.generateType1Msg(ntcredentials.getDomain(), ntcredentials.getWorkstation());
this.state = State.MSG_TYPE1_GENERATED;
} else if (this.state == State.MSG_TYPE2_RECEVIED) {
response = this.engine.generateType3Msg(ntcredentials.getUserName(), ntcredentials.getPassword(), ntcredentials.getDomain(), ntcredentials.getWorkstation(), this.challenge);
this.state = State.MSG_TYPE3_GENERATED;
} else {
throw new AuthenticationException("Unexpected state: " + this.state);
}
CharArrayBuffer buffer = new CharArrayBuffer(32);
if (isProxy()) {
buffer.append(AUTH.PROXY_AUTH_RESP);
} else {
buffer.append(AUTH.WWW_AUTH_RESP);
}
buffer.append(": NTLM ");
buffer.append(response);
return new BufferedHeader(buffer);
}
Also used :
InvalidCredentialsException(org.apache.http.auth.InvalidCredentialsException)
AuthenticationException(org.apache.http.auth.AuthenticationException)
BufferedHeader(org.apache.http.message.BufferedHeader)
CharArrayBuffer(org.apache.http.util.CharArrayBuffer)
NTCredentials(org.apache.http.auth.NTCredentials)
Example 9 with BufferedHeader
use of org.apache.http.message.BufferedHeader in project platform_external_apache-http by android.
the class BasicScheme method authenticate.
/**
* Returns a basic <tt>Authorization</tt> header value for the given
* {@link Credentials} and charset.
*
* @param credentials The credentials to encode.
* @param charset The charset to use for encoding the credentials
*
* @return a basic authorization header
*/
public static Header authenticate(final Credentials credentials, final String charset, boolean proxy) {
if (credentials == null) {
throw new IllegalArgumentException("Credentials may not be null");
}
if (charset == null) {
throw new IllegalArgumentException("charset may not be null");
}
StringBuilder tmp = new StringBuilder();
tmp.append(credentials.getUserPrincipal().getName());
tmp.append(":");
tmp.append((credentials.getPassword() == null) ? "null" : credentials.getPassword());
byte[] base64password = Base64.encodeBase64(EncodingUtils.getBytes(tmp.toString(), charset));
CharArrayBuffer buffer = new CharArrayBuffer(32);
if (proxy) {
buffer.append(AUTH.PROXY_AUTH_RESP);
} else {
buffer.append(AUTH.WWW_AUTH_RESP);
}
buffer.append(": Basic ");
buffer.append(base64password, 0, base64password.length);
return new BufferedHeader(buffer);
}
Also used :
BufferedHeader(org.apache.http.message.BufferedHeader)
CharArrayBuffer(org.apache.http.util.CharArrayBuffer)
Example 10 with BufferedHeader
use of org.apache.http.message.BufferedHeader in project platform_external_apache-http by android.
the class NetscapeDraftSpec method formatCookies.
public List<Header> formatCookies(final List<Cookie> cookies) {
if (cookies == null) {
throw new IllegalArgumentException("List of cookies may not be null");
}
if (cookies.isEmpty()) {
throw new IllegalArgumentException("List of cookies may not be empty");
}
CharArrayBuffer buffer = new CharArrayBuffer(20 * cookies.size());
buffer.append(SM.COOKIE);
buffer.append(": ");
for (int i = 0; i < cookies.size(); i++) {
Cookie cookie = cookies.get(i);
if (i > 0) {
buffer.append("; ");
}
buffer.append(cookie.getName());
String s = cookie.getValue();
if (s != null) {
buffer.append("=");
buffer.append(s);
}
}
List<Header> headers = new ArrayList<Header>(1);
headers.add(new BufferedHeader(buffer));
return headers;
}
Also used :
ClientCookie(org.apache.http.cookie.ClientCookie)
Cookie(org.apache.http.cookie.Cookie)
BufferedHeader(org.apache.http.message.BufferedHeader)
Header(org.apache.http.Header)
FormattedHeader(org.apache.http.FormattedHeader)
BufferedHeader(org.apache.http.message.BufferedHeader)
CharArrayBuffer(org.apache.http.util.CharArrayBuffer)
ArrayList(java.util.ArrayList)
Aggregations
BufferedHeader (org.apache.http.message.BufferedHeader)27
CharArrayBuffer (org.apache.http.util.CharArrayBuffer)27
ArrayList (java.util.ArrayList)15
Header (org.apache.http.Header)12
ClientCookie (org.apache.http.cookie.ClientCookie)12
Cookie (org.apache.http.cookie.Cookie)12
FormattedHeader (org.apache.http.FormattedHeader)6
AuthenticationException (org.apache.http.auth.AuthenticationException)5
InvalidCredentialsException (org.apache.http.auth.InvalidCredentialsException)5
NTCredentials (org.apache.http.auth.NTCredentials)4
BasicNameValuePair (org.apache.http.message.BasicNameValuePair)3
HttpHost (org.apache.http.HttpHost)1
BasicHeader (org.apache.http.message.BasicHeader)1
GSSContext (org.ietf.jgss.GSSContext)1
GSSException (org.ietf.jgss.GSSException)1
GSSManager (org.ietf.jgss.GSSManager)1
GSSName (org.ietf.jgss.GSSName)1
Oid (org.ietf.jgss.Oid)1
