Examples of org.apache.http.auth.AuthScheme

• org.apache.http.auth.AuthScheme

  This interface represents an abstract challenge-response oriented authentication scheme.

  An authentication scheme should be able to support the following functions:

  • Parse and process the challenge sent by the targer server in response to request for a protected resource
  • Provide its textual designation
  • Provide its parameters, if available
  • Provide the realm this authentication scheme is applicable to, if available
  • Generate authorization string for the given set of credentials, request method and URI as specificed in the HTTP request line in response to the actual authorization challenge

  Authentication schemes may ignore method name and URI parameters if they are not relevant for the given authentication mechanism

  Authentication schemes may be stateful involving a series of challenge-response exchanges

  @author Oleg Kalnichevski @author Adrian Sutton @since 4.0

public class TestDigestScheme {

    @Test(expected=MalformedChallengeException.class)
    public void testDigestAuthenticationWithNoRealm() throws Exception {
        Header authChallenge = new BasicHeader(AUTH.WWW_AUTH, "Digest");
        AuthScheme authscheme = new DigestScheme();
        authscheme.processChallenge(authChallenge);
    }

    }

    @Test(expected=MalformedChallengeException.class)
    public void testDigestAuthenticationWithNoRealm2() throws Exception {
        Header authChallenge = new BasicHeader(AUTH.WWW_AUTH, "Digest ");
        AuthScheme authscheme = new DigestScheme();
        authscheme.processChallenge(authChallenge);
    }

    @Test
    public void testDigestAuthenticationWithStaleNonce() throws Exception {
        String challenge = "Digest realm=\"realm1\", " +
                "nonce=\"f2a3f18799759d4f1a1c068b92b573cb\", stale=\"true\"";
        Header authChallenge = new BasicHeader(AUTH.WWW_AUTH, challenge);
        AuthScheme authscheme = new DigestScheme();
        authscheme.processChallenge(authChallenge);

        Assert.assertFalse(authscheme.isComplete());
    }

      {
         AuthState authState = (AuthState) context.getAttribute(ClientContext.TARGET_AUTH_STATE);

         // If no auth scheme available yet, try to initialize it preemptively
         if (authState.getAuthScheme() == null) {
            AuthScheme authScheme = (AuthScheme) context.getAttribute("preemptive-auth");
            CredentialsProvider credsProvider = (CredentialsProvider) context.getAttribute(ClientContext.CREDS_PROVIDER);
            HttpHost targetHost = (HttpHost) context.getAttribute(ExecutionContext.HTTP_TARGET_HOST);
            if (authScheme != null) {
               Credentials creds = credsProvider.getCredentials(new AuthScope(targetHost.getHostName(), targetHost.getPort()));
               if (creds == null) {

                    if (this.log.isDebugEnabled()) {
                        this.log.debug("[exchange: " + state.getId() + "] Resetting target auth state");
                    }
                    targetAuthState.reset();
                    final AuthState proxyAuthState = localContext.getProxyAuthState();
                    final AuthScheme authScheme = proxyAuthState.getAuthScheme();
                    if (authScheme != null && authScheme.isConnectionBased()) {
                        if (this.log.isDebugEnabled()) {
                            this.log.debug("[exchange: " + state.getId() + "] Resetting proxy auth state");
                        }
                        proxyAuthState.reset();
                    }

        if (this.log.isDebugEnabled()) {
            this.log.debug("Authentication schemes in the order of preference: "
                + authPrefs);
        }

        AuthScheme authScheme = null;
        for (int i = 0; i < authPrefs.size(); i++) {
            String id = (String) authPrefs.get(i);
            Header challenge = challenges.get(id.toLowerCase(Locale.ENGLISH));

            if (challenge != null) {

            final AuthenticationHandler authHandler,
            final HttpResponse response,
            final HttpContext context)
                throws MalformedChallengeException, AuthenticationException {

        AuthScheme authScheme = authState.getAuthScheme();
        if (authScheme == null) {
            // Authentication not attempted before
            authScheme = authHandler.selectScheme(challenges, response, context);
            authState.setAuthScheme(authScheme);
        }
        String id = authScheme.getSchemeName();

        Header challenge = challenges.get(id.toLowerCase(Locale.ENGLISH));
        if (challenge == null) {
            throw new AuthenticationException(id +
                " authorization challenge expected, but not found");
        }
        authScheme.processChallenge(challenge);
        this.log.debug("Authorization challenge processed");
    }

        if (port < 0) {
            Scheme scheme = connManager.getSchemeRegistry().getScheme(host);
            port = scheme.getDefaultPort();
        }

        AuthScheme authScheme = authState.getAuthScheme();
        AuthScope authScope = new AuthScope(
                hostname,
                port,
                authScheme.getRealm(),
                authScheme.getSchemeName());

        if (this.log.isDebugEnabled()) {
            this.log.debug("Authentication scope: " + authScope);
        }
        Credentials creds = authState.getCredentials();
        if (creds == null) {
            creds = credsProvider.getCredentials(authScope);
            if (this.log.isDebugEnabled()) {
                if (creds != null) {
                    this.log.debug("Found credentials");
                } else {
                    this.log.debug("Credentials not found");
                }
            }
        } else {
            if (authScheme.isComplete()) {
                this.log.debug("Authentication failed");
                creds = null;
            }
        }
        authState.setAuthScope(authScope);

        return userPrincipal;
    }

    private static Principal getAuthPrincipal(final AuthState authState) {
        AuthScheme scheme = authState.getAuthScheme();
        if (scheme != null && scheme.isComplete() && scheme.isConnectionBased()) {
            Credentials creds = authState.getCredentials();
            if (creds != null) {
                return creds.getUserPrincipal();
            }
        }

                ClientContext.TARGET_AUTH_STATE);
        if (authState == null) {
            return;
        }

        AuthScheme authScheme = authState.getAuthScheme();
        if (authScheme == null) {
            return;
        }

        Credentials creds = authState.getCredentials();
        if (creds == null) {
            this.log.debug("User credentials not available");
            return;
        }

        if (authState.getAuthScope() != null || !authScheme.isConnectionBased()) {
            try {
                request.addHeader(authScheme.authenticate(creds, request));
            } catch (AuthenticationException ex) {
                if (this.log.isErrorEnabled()) {
                    this.log.error("Authentication error: " + ex.getMessage());
                }
            }