Example 6 with DigestCredentials
use of org.pac4j.http.credentials.DigestCredentials in project pac4j by pac4j.
the class DirectDigestAuthClientTests method testAuthentication.
@Test
public void testAuthentication() {
final DirectDigestAuthClient client = new DirectDigestAuthClient(new SimpleTestDigestAuthenticator());
client.setRealm(REALM);
final MockWebContext context = MockWebContext.create();
context.addRequestHeader(AUTHORIZATION_HEADER, DIGEST_AUTHORIZATION_HEADER_VALUE);
context.setRequestMethod(HTTP_METHOD.GET.name());
final DigestCredentials credentials = client.getCredentials(context);
final CommonProfile profile = client.getUserProfile(credentials, context);
String ha1 = CredentialUtil.encryptMD5(USERNAME + ":" + REALM + ":" + PASSWORD);
String serverDigest1 = credentials.calculateServerDigest(true, ha1);
String serverDigest2 = credentials.calculateServerDigest(false, PASSWORD);
assertEquals(DIGEST_RESPONSE, serverDigest1);
assertEquals(DIGEST_RESPONSE, serverDigest2);
assertEquals(USERNAME, profile.getId());
}
Also used :
DigestCredentials(org.pac4j.http.credentials.DigestCredentials)
MockWebContext(org.pac4j.core.context.MockWebContext)
SimpleTestDigestAuthenticator(org.pac4j.http.credentials.authenticator.test.SimpleTestDigestAuthenticator)
CommonProfile(org.pac4j.core.profile.CommonProfile)
Test(org.junit.Test)
Example 7 with DigestCredentials
use of org.pac4j.http.credentials.DigestCredentials in project pac4j by pac4j.
the class DirectDigestAuthClient method retrieveCredentials.
/**
* Per RFC 2617
* If a server receives a request for an access-protected object, and an
* acceptable Authorization header is not sent, the server responds with
* a "401 Unauthorized" status code, and a WWW-Authenticate header
*/
@Override
protected DigestCredentials retrieveCredentials(final WebContext context) {
DigestCredentials credentials = super.retrieveCredentials(context);
if (credentials == null) {
String nonce = calculateNonce();
context.setResponseHeader(HttpConstants.AUTHENTICATE_HEADER, "Digest realm=\"" + realm + "\", qop=\"auth\", nonce=\"" + nonce + "\"");
throw HttpAction.unauthorized(context);
}
return credentials;
}
Also used :
DigestCredentials(org.pac4j.http.credentials.DigestCredentials)
Example 8 with DigestCredentials
use of org.pac4j.http.credentials.DigestCredentials in project cas by apereo.
the class DigestAuthenticationAction method constructCredentialsFromRequest.
@Override
protected Credential constructCredentialsFromRequest(final RequestContext requestContext) {
try {
val request = WebUtils.getHttpServletRequestFromExternalWebflowContext(requestContext);
val response = WebUtils.getHttpServletResponseFromExternalWebflowContext(requestContext);
val extractor = new DigestAuthExtractor();
val webContext = new JEEContext(request, response);
val credentialsResult = extractor.extract(webContext, JEESessionStore.INSTANCE);
if (credentialsResult.isEmpty()) {
response.addHeader(HttpConstants.AUTHENTICATE_HEADER, DigestAuthenticationUtils.createAuthenticateHeader(this.realm, this.authenticationMethod, this.nonce));
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
return null;
}
val credentials = (DigestCredentials) credentialsResult.get();
LOGGER.debug("Received digest authentication request from credentials [{}] ", credentials);
val credential = this.credentialRetriever.findCredential(credentials.getUsername(), this.realm);
LOGGER.trace("Digest credential password on record for [{}] is [{}]", credentials.getUsername(), credential);
val serverResponse = credentials.calculateServerDigest(true, credential);
LOGGER.trace("Server digest calculated for [{}] is [{}]", credentials.getUsername(), serverResponse);
val clientResponse = credentials.getToken();
if (!serverResponse.equals(clientResponse)) {
LOGGER.trace("Server digest [{}] does not mach [{}]", serverResponse, clientResponse);
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
return null;
}
return new DigestCredential(credentials.getUsername(), this.realm, credentials.getToken());
} catch (final Exception e) {
LoggingUtils.error(LOGGER, e);
}
return null;
}
Also used :
lombok.val(lombok.val)
DigestAuthExtractor(org.pac4j.http.credentials.extractor.DigestAuthExtractor)
DigestCredentials(org.pac4j.http.credentials.DigestCredentials)
DigestCredential(org.apereo.cas.digest.DigestCredential)
JEEContext(org.pac4j.core.context.JEEContext)
Aggregations
DigestCredentials (org.pac4j.http.credentials.DigestCredentials)8
Test (org.junit.Test)4
MockWebContext (org.pac4j.core.context.MockWebContext)3
CredentialsException (org.pac4j.core.exception.CredentialsException)2
CommonProfile (org.pac4j.core.profile.CommonProfile)2
lombok.val (lombok.val)1
DigestCredential (org.apereo.cas.digest.DigestCredential)1
JEEContext (org.pac4j.core.context.JEEContext)1
TokenCredentials (org.pac4j.core.credentials.TokenCredentials)1
SimpleTestDigestAuthenticator (org.pac4j.http.credentials.authenticator.test.SimpleTestDigestAuthenticator)1
SimpleTestTokenAuthenticator (org.pac4j.http.credentials.authenticator.test.SimpleTestTokenAuthenticator)1
DigestAuthExtractor (org.pac4j.http.credentials.extractor.DigestAuthExtractor)1
