📄 digestauthentication.java
字号:
package com.maverick.http;
import java.io.IOException;
import java.util.Hashtable;
import com.maverick.crypto.digests.*;
import java.util.StringTokenizer;
public class DigestAuthentication
extends HttpAuthenticator {
Hashtable params;
/**
* Hexa values used when creating 32 character long digest in HTTP DigestScheme
* in case of authentication.
*
* @see #encode(byte[])
*/
private static final char[] HEXADECIMAL = {
'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd',
'e', 'f'
};
/** Whether the digest authentication process is complete */
private boolean complete;
//TODO: supply a real nonce-count, currently a server will interprete a repeated request as a replay
private static final String NC = "00000001"; //nonce-count is always 1
private static final int QOP_MISSING = 0;
private static final int QOP_AUTH_INT = 1;
private static final int QOP_AUTH = 2;
private int qopVariant = QOP_MISSING;
private String cnonce;
boolean isAuthenticated = false;
public DigestAuthentication(String uri) {
super("Digest", uri);
}
public void setChallenge(String challenge) {
try {
params = ParameterParser.extractParams(challenge);
boolean unsupportedQop = false;
// qop parsing
String qop = (String)params.get("qop");
if (qop != null) {
StringTokenizer tok = new StringTokenizer(qop,",");
while (tok.hasMoreTokens()) {
String variant = tok.nextToken().trim();
if (variant.equals("auth")) {
qopVariant = QOP_AUTH;
break; //that's our favourite, because auth-int is unsupported
} else if (variant.equals("auth-int")) {
qopVariant = QOP_AUTH_INT;
} else {
unsupportedQop = true;
}
}
}
this.cnonce = createCnonce();
} catch(IOException ex) {
}
}
public boolean isStateless() {
return false;
}
/**
* authenticate
*
* @param request HttpRequest
* @throws IOException
* @todo Implement this com.maverick.proxy.http.HttpAuthenticator method
*/
public void authenticate(HttpRequest request, HttpMethod method) throws IOException {
params.put("methodname", method.getName());
params.put("uri", method.getURI());
String serverDigest = createDigest(credentials.getUsername(),
credentials.getPassword(),
"US-ASCII");
request.setHeaderField(authorizationHeader,
"Digest "
+ createDigestHeader(credentials.getUsername(),
serverDigest));
}
/**
* processResponse
*
* @param response HttpResponse
* @todo Implement this com.maverick.proxy.http.HttpAuthenticator method
*/
public int processResponse(HttpResponse response) {
return (hasCompleted = response.getStatus()>= 200 && response.getStatus() < 400) ? AUTHENTICATION_COMPLETED : AUTHENTICATION_FAILED;
}
private String createDigest(String uname, String pwd, String charset) throws IOException {
final String digAlg = "MD5";
// Collecting required tokens
String uri = (String)params.get("uri");
String realm = (String)params.get("realm");
String nonce = (String)params.get("nonce");
String qop = (String)params.get("qop");
String method = (String)params.get("methodname");
String algorithm = (String)params.get("algorithm");
// If an algorithm is not specified, default to MD5.
if(algorithm == null) {
algorithm="MD5";
}
if (qopVariant == QOP_AUTH_INT) {
throw new IOException(
"Unsupported qop in HTTP Digest authentication");
}
Hash hash = new Hash(new MD5Digest());
// 3.2.2.2: Calculating digest
StringBuffer tmp = new StringBuffer(uname.length() + realm.length() + pwd.length() + 2);
tmp.append(uname);
tmp.append(':');
tmp.append(realm);
tmp.append(':');
tmp.append(pwd);
// unq(username-value) ":" unq(realm-value) ":" passwd
String a1 = tmp.toString();
//a1 is suitable for MD5 algorithm
if(algorithm.equals("MD5-sess")) {
// H( unq(username-value) ":" unq(realm-value) ":" passwd )
// ":" unq(nonce-value)
// ":" unq(cnonce-value)
hash.putBytes(a1.getBytes("US-ASCII"));
String tmp2=encode(hash.doFinal());
StringBuffer tmp3 = new StringBuffer(tmp2.length() + nonce.length() + cnonce.length() + 2);
tmp3.append(tmp2);
tmp3.append(':');
tmp3.append(nonce);
tmp3.append(':');
tmp3.append(cnonce);
a1 = tmp3.toString();
} else if(!algorithm.equals("MD5")) {
}
hash.reset();
hash.putBytes(a1.getBytes("US-ASCII"));
String md5a1 = encode(hash.doFinal());
String a2 = null;
if (qopVariant == QOP_AUTH_INT) {
//we do not have access to the entity-body or its hash
//TODO: add Method ":" digest-uri-value ":" H(entity-body)
} else {
a2 = method + ":" + uri;
}
hash.reset();
hash.putBytes(a2.getBytes("US-ASCII"));
String md5a2 = encode(hash.doFinal());
// 3.2.2.1
String serverDigestValue;
if (qopVariant == QOP_MISSING) {
StringBuffer tmp2 = new StringBuffer(md5a1.length() + nonce.length() + md5a2.length());
tmp2.append(md5a1);
tmp2.append(':');
tmp2.append(nonce);
tmp2.append(':');
tmp2.append(md5a2);
serverDigestValue = tmp2.toString();
} else {
String qopOption = getQopVariantString();
StringBuffer tmp2 = new StringBuffer(md5a1.length() + nonce.length()
+ NC.length() + cnonce.length() + qopOption.length() + md5a2.length() + 5);
tmp2.append(md5a1);
tmp2.append(':');
tmp2.append(nonce);
tmp2.append(':');
tmp2.append(NC);
tmp2.append(':');
tmp2.append(cnonce);
tmp2.append(':');
tmp2.append(qopOption);
tmp2.append(':');
tmp2.append(md5a2);
serverDigestValue = tmp2.toString();
}
hash.reset();
hash.putBytes(serverDigestValue.getBytes("US-ASCII"));
String serverDigest =
encode(hash.doFinal());
return serverDigest;
}
public static String createCnonce() {
String cnonce;
Hash hash = new Hash(new MD5Digest());
cnonce = Long.toString(System.currentTimeMillis());
hash.putBytes(cnonce.getBytes());
cnonce = encode(hash.doFinal());
return cnonce;
}
private static String encode(byte[] binaryData) {
if (binaryData.length != 16) {
return null;
}
char[] buffer = new char[32];
for (int i = 0; i < 16; i++) {
int low = (int) (binaryData[i] & 0x0f);
int high = (int) ((binaryData[i] & 0xf0) >> 4);
buffer[i * 2] = HEXADECIMAL[high];
buffer[(i * 2) + 1] = HEXADECIMAL[low];
}
return new String(buffer);
}
private String createDigestHeader(String uname, String digest) throws IOException {
StringBuffer sb = new StringBuffer();
String uri = (String)params.get("uri");
String realm = (String)params.get("realm");
String nonce = (String)params.get("nonce");
String nc = (String)params.get("nc");
String opaque = (String)params.get("opaque");
String response = digest;
String qop = (String)params.get("qop");
String algorithm = (String)params.get("algorithm");
sb.append("username=\"" + uname + "\"")
.append(", realm=\"" + realm + "\"")
.append(", nonce=\"" + nonce + "\"").append(", uri=\"" + uri + "\"")
.append(", response=\"" + response + "\"");
if (qopVariant != QOP_MISSING) {
sb.append(", qop=\"" + getQopVariantString() + "\"")
.append(", nc="+ NC)
.append(", cnonce=\"" + cnonce + "\"");
}
if (algorithm != null) {
sb.append(", algorithm=\"" + algorithm + "\"");
}
if (opaque != null) {
sb.append(", opaque=\"" + opaque + "\"");
}
return sb.toString();
}
private String getQopVariantString() {
String qopOption;
if (qopVariant == QOP_AUTH_INT) {
qopOption = "auth-int";
} else {
qopOption = "auth";
}
return qopOption;
}
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -