@Override protected void parseChallenge( final CharArrayBuffer buffer, int beginIndex, int endIndex ) throws MalformedChallengeException { String challenge = buffer.substringTrimmed(beginIndex, endIndex); if (log.isDebugEnabled()) { log.debug("Received challenge '" + challenge + "' from the auth server"); } if (state == State.UNINITIATED) { token = base64codec.decode(challenge.getBytes()); state = State.CHALLENGE_RECEIVED; } else { log.debug("Authentication already attempted"); state = State.FAILED; } }
@Override protected void parseChallenge( final CharArrayBuffer buffer, int beginIndex, int endIndex) throws MalformedChallengeException { String challenge = buffer.substringTrimmed(beginIndex, endIndex); if (challenge.length() == 0) { if (this.state == State.UNINITIATED) { this.state = State.CHALLENGE_RECEIVED; } else { this.state = State.FAILED; } this.challenge = null; } else { this.state = State.MSG_TYPE2_RECEVIED; this.challenge = challenge; } }
@Override protected void parseChallenge( final CharArrayBuffer buffer, int beginIndex, int endIndex) throws MalformedChallengeException { String challenge = buffer.substringTrimmed(beginIndex, endIndex); if (log.isDebugEnabled()) { log.debug("Received challenge '" + challenge + "' from the auth server"); } if (state == State.UNINITIATED) { token = base64codec.decode(challenge.getBytes()); state = State.CHALLENGE_RECEIVED; } else { log.debug("Authentication already attempted"); state = State.FAILED; } }
@Override protected void parseChallenge( final CharArrayBuffer buffer, final int beginIndex, final int endIndex) throws MalformedChallengeException { this.challenge = buffer.substringTrimmed(beginIndex, endIndex); if (this.challenge.length() == 0) { if (this.state == State.UNINITIATED) { this.state = State.CHALLENGE_RECEIVED; } else { this.state = State.FAILED; } } else { if (this.state.compareTo(State.MSG_TYPE1_GENERATED) < 0) { this.state = State.FAILED; throw new MalformedChallengeException("Out of sequence NTLM response message"); } else if (this.state == State.MSG_TYPE1_GENERATED) { this.state = State.MSG_TYPE2_RECEVIED; } } }
@Override protected void parseChallenge( final CharArrayBuffer buffer, final int beginIndex, final int endIndex) throws MalformedChallengeException { this.challenge = buffer.substringTrimmed(beginIndex, endIndex); if (this.challenge.isEmpty()) { if (this.state == State.UNINITIATED) { this.state = State.CHALLENGE_RECEIVED; } else { this.state = State.FAILED; } } else { if (this.state.compareTo(State.MSG_TYPE1_GENERATED) < 0) { this.state = State.FAILED; throw new MalformedChallengeException("Out of sequence NTLM response message"); } else if (this.state == State.MSG_TYPE1_GENERATED) { this.state = State.MSG_TYPE2_RECEVIED; } } }
@Override protected void parseChallenge( final CharArrayBuffer buffer, final int beginIndex, final int endIndex) throws MalformedChallengeException { final String challenge = buffer.substringTrimmed(beginIndex, endIndex); if (log.isDebugEnabled()) { log.debug("Received challenge '" + challenge + "' from the auth server"); } if (state == State.UNINITIATED) { token = Base64.decodeBase64(challenge.getBytes()); state = State.CHALLENGE_RECEIVED; } else { log.debug("Authentication already attempted"); state = State.FAILED; } }
@Test public void testAuthenticationException() throws Exception { final HttpHost host = new HttpHost("somehost", 80); final HttpResponse response = new BasicHttpResponse(HttpVersion.HTTP_1_1, HttpStatus.SC_UNAUTHORIZED, "UNAUTHORIZED"); this.authState.setState(AuthProtocolState.CHALLENGED); Mockito.doThrow(new MalformedChallengeException()).when(this.defltAuthStrategy).getChallenges( Mockito.any(HttpHost.class), Mockito.any(HttpResponse.class), Mockito.any(HttpContext.class)); Assert.assertFalse(this.httpAuthenticator.handleAuthChallenge(host, response, this.defltAuthStrategy, this.authState, this.context)); Assert.assertEquals(AuthProtocolState.UNCHALLENGED, this.authState.getState()); Assert.assertNull(this.authState.getAuthScheme()); Assert.assertNull(this.authState.getCredentials()); }
@Override protected void parseChallenge( final CharArrayBuffer buffer, final int beginIndex, final int endIndex) throws MalformedChallengeException { this.challenge = buffer.substringTrimmed(beginIndex, endIndex); if (this.challenge.isEmpty()) { if (clientCred != null) { dispose(); // run cleanup first before throwing an exception otherwise can leak OS resources if (continueNeeded) { throw new RuntimeException("Unexpected token"); } } } }
@Override public Queue<AuthOption> select(final Map<String, Header> challengeHeaders, final HttpHost authhost, final HttpResponse response, final HttpContext context) throws MalformedChallengeException { final HttpClientContext httpClientContext = HttpClientContext.adapt(context); final AuthState state = httpClientContext.getTargetAuthState(); final Queue<AuthOption> queue = new LinkedList<>(); if (state == null || !state.getState().equals(AuthProtocolState.CHALLENGED)) { queue.add(authOption); } else { System.out.println("does this happen?"); } return queue; }
private void processChallenges( final Map<String, Header> challenges, final AuthState authState, final AuthenticationHandler authHandler, final HttpResponse response, final HttpContext context) throws MalformedChallengeException, AuthenticationException { AuthScheme authScheme = authState.getAuthScheme(); if (authScheme == null) { // Authentication not attempted before authScheme = authHandler.selectScheme(challenges, response, context); authState.setAuthScheme(authScheme); } String id = authScheme.getSchemeName(); Header challenge = challenges.get(id.toLowerCase(Locale.ENGLISH)); if (challenge == null) { throw new AuthenticationException(id + " authorization challenge expected, but not found"); } authScheme.processChallenge(challenge); this.log.debug("Authorization challenge processed"); }
@Override protected void parseChallenge( final CharArrayBuffer buffer, int pos, int len) throws MalformedChallengeException { String challenge = buffer.substringTrimmed(pos, len); if (challenge.length() == 0) { if (this.state == State.UNINITIATED) { this.state = State.CHALLENGE_RECEIVED; } else { this.state = State.FAILED; } this.challenge = null; } else { this.state = State.MSG_TYPE2_RECEVIED; this.challenge = challenge; } }
private void processChallenges( final Map<String, Header> challenges, final AuthState authState, final AuthenticationHandler authHandler, final HttpResponse response, final HttpContext context) throws MalformedChallengeException, AuthenticationException { AuthScheme authScheme = authState.getAuthScheme(); if (authScheme == null) { // Authentication not attempted before authScheme = authHandler.selectScheme(challenges, response, context); authState.setAuthScheme(authScheme); } String id = authScheme.getSchemeName(); Header challenge = challenges.get(id.toLowerCase(Locale.ENGLISH)); if (challenge == null) { throw new AuthenticationException(id + " authorization challenge expected, but not found"); } authScheme.processChallenge(challenge); if (DEBUG) { Logger.debug("Authorization challenge processed"); } }
private void processChallenges( final Map<String, Header> challenges, final AuthState authState, final AuthenticationHandler authHandler, final HttpResponse response, final HttpContext context) throws MalformedChallengeException, AuthenticationException { AuthScheme authScheme = authState.getAuthScheme(); if (authScheme == null) { // Authentication not attempted before authScheme = authHandler.selectScheme(challenges, response, context); authState.setAuthScheme(authScheme); } String id = authScheme.getSchemeName(); Header challenge = challenges.get(id.toLowerCase(Locale.ENGLISH)); if (challenge == null) { throw new AuthenticationException(id + " authorization challenge expected, but not found"); } authScheme.processChallenge(challenge); if (Constants.DEBUG) { logger.debug("Authorization challenge processed"); } }
@Override protected void parseChallenge( final CharArrayBuffer buffer, int pos, int len) throws MalformedChallengeException { HeaderValueParser parser = BasicHeaderValueParser.DEFAULT; ParserCursor cursor = new ParserCursor(pos, buffer.length()); HeaderElement[] elements = parser.parseElements(buffer, cursor); if (elements.length == 0) { throw new MalformedChallengeException("Authentication challenge is empty"); } this.params.clear(); for (HeaderElement element : elements) { this.params.put(element.getName(), element.getValue()); } }
public Map<String, Header> getChallenges( final HttpResponse response, final HttpContext context) throws MalformedChallengeException { if (response == null) { throw new IllegalArgumentException("HTTP response may not be null"); } Header[] headers = response.getHeaders(AUTH.WWW_AUTH); return parseChallenges(headers); }
public Map<String, Header> getChallenges( final HttpResponse response, final HttpContext context) throws MalformedChallengeException { if (response == null) { throw new IllegalArgumentException("HTTP response may not be null"); } Header[] headers = response.getHeaders(AUTH.PROXY_AUTH); return parseChallenges(headers); }
@Override public Queue<AuthOption> select(final Map<String, Header> challenges, final HttpHost authhost, final HttpResponse response, final HttpContext context) throws MalformedChallengeException { final HttpClientContext clientContext = HttpClientContext.adapt(context); final Queue<AuthOption> options = new LinkedList<AuthOption>(); final Lookup<AuthSchemeProvider> registry = clientContext.getAuthSchemeRegistry(); if(registry == null) { return options; } final RequestConfig config = clientContext.getRequestConfig(); Collection<String> authPrefs = config.getProxyPreferredAuthSchemes(); if(authPrefs == null) { authPrefs = DEFAULT_SCHEME_PRIORITY; } if(log.isDebugEnabled()) { log.debug("Authentication schemes in the order of preference: " + authPrefs); } for(final String id : authPrefs) { final Header challenge = challenges.get(id.toLowerCase(Locale.ROOT)); if(challenge != null) { final AuthSchemeProvider authSchemeProvider = registry.lookup(id); if(authSchemeProvider == null) { continue; } final AuthScheme authScheme = authSchemeProvider.create(context); authScheme.processChallenge(challenge); final Credentials saved = keychain.getCredentials(authhost.getHostName()); if(StringUtils.isEmpty(saved.getPassword())) { try { final Credentials input = prompt.prompt(bookmark, StringUtils.EMPTY, String.format("%s %s", LocaleFactory.localizedString("Login", "Login"), authhost.getHostName()), authScheme.getRealm(), new LoginOptions() .icon(bookmark.getProtocol().disk()) .usernamePlaceholder(LocaleFactory.localizedString("Username", "Credentials")) .passwordPlaceholder(LocaleFactory.localizedString("Password", "Credentials")) .user(true).password(true) ); if(input.isSaved()) { context.setAttribute(PROXY_CREDENTIALS_INPUT_ID, input); } options.add(new AuthOption(authScheme, new NTCredentials(input.getUsername(), input.getPassword(), preferences.getProperty("webdav.ntlm.workstation"), preferences.getProperty("webdav.ntlm.domain")))); } catch(LoginCanceledException ignored) { // Ignore dismiss of prompt throw new MalformedChallengeException(ignored.getMessage(), ignored); } } else { options.add(new AuthOption(authScheme, new NTCredentials(saved.getUsername(), saved.getPassword(), preferences.getProperty("webdav.ntlm.workstation"), preferences.getProperty("webdav.ntlm.domain")))); } } else { if(log.isDebugEnabled()) { log.debug("Challenge for " + id + " authentication scheme not available"); // Try again } } } return options; }
@Override protected void parseChallenge( final CharArrayBuffer buffer, final int pos, final int len) throws MalformedChallengeException { final HeaderValueParser parser = BasicHeaderValueParserHC4.INSTANCE; final ParserCursor cursor = new ParserCursor(pos, buffer.length()); final HeaderElement[] elements = parser.parseElements(buffer, cursor); if (elements.length == 0) { throw new MalformedChallengeException("Authentication challenge is empty"); } this.params.clear(); for (final HeaderElement element : elements) { this.params.put(element.getName().toLowerCase(Locale.ENGLISH), element.getValue()); } }
public Queue<AuthOption> select( final Map<String, Header> challenges, final HttpHost authhost, final HttpResponse response, final HttpContext context) throws MalformedChallengeException { Args.notNull(challenges, "Map of auth challenges"); Args.notNull(authhost, "Host"); Args.notNull(response, "HTTP response"); Args.notNull(context, "HTTP context"); final HttpClientContext clientContext = HttpClientContext.adapt(context); final Queue<AuthOption> options = new LinkedList<AuthOption>(); final Lookup<AuthSchemeProvider> registry = clientContext.getAuthSchemeRegistry(); if (registry == null) { if (Log.isLoggable(TAG, Log.DEBUG)) { Log.d(TAG, "Auth scheme registry not set in the context"); } return options; } final CredentialsProvider credsProvider = clientContext.getCredentialsProvider(); if (credsProvider == null) { if (Log.isLoggable(TAG, Log.DEBUG)) { Log.d(TAG, "Credentials provider not set in the context"); } return options; } final RequestConfig config = clientContext.getRequestConfig(); Collection<String> authPrefs = getPreferredAuthSchemes(config); if (authPrefs == null) { authPrefs = DEFAULT_SCHEME_PRIORITY; } if (Log.isLoggable(TAG, Log.DEBUG)) { Log.d(TAG, "Authentication schemes in the order of preference: " + authPrefs); } for (final String id: authPrefs) { final Header challenge = challenges.get(id.toLowerCase(Locale.ENGLISH)); if (challenge != null) { final AuthSchemeProvider authSchemeProvider = registry.lookup(id); if (authSchemeProvider == null) { if (Log.isLoggable(TAG, Log.WARN)) { Log.w(TAG, "Authentication scheme " + id + " not supported"); // Try again } continue; } final AuthScheme authScheme = authSchemeProvider.create(context); authScheme.processChallenge(challenge); final AuthScope authScope = new AuthScope( authhost.getHostName(), authhost.getPort(), authScheme.getRealm(), authScheme.getSchemeName()); final Credentials credentials = credsProvider.getCredentials(authScope); if (credentials != null) { options.add(new AuthOption(authScheme, credentials)); } } else { if (Log.isLoggable(TAG, Log.DEBUG)) { Log.d(TAG, "Challenge for " + id + " authentication scheme not available"); // Try again } } } return options; }
@Override public Map<String, Header> getChallenges( final HttpHost authhost, final HttpResponse response, final HttpContext context) throws MalformedChallengeException { return this.handler.getChallenges(response, context); }
@Override public Map<String, Header> getChallenges( final HttpResponse response, final HttpContext context) throws MalformedChallengeException { Args.notNull(response, "HTTP response"); final Header[] headers = response.getHeaders(AUTH.WWW_AUTH); return parseChallenges(headers); }
@Override public Map<String, Header> getChallenges( final HttpResponse response, final HttpContext context) throws MalformedChallengeException { Args.notNull(response, "HTTP response"); final Header[] headers = response.getHeaders(AUTH.PROXY_AUTH); return parseChallenges(headers); }
@Override protected void parseChallenge( final CharArrayBuffer buffer, final int pos, final int len) throws MalformedChallengeException { final HeaderValueParser parser = BasicHeaderValueParser.INSTANCE; final ParserCursor cursor = new ParserCursor(pos, buffer.length()); final HeaderElement[] elements = parser.parseElements(buffer, cursor); this.params.clear(); for (final HeaderElement element : elements) { this.params.put(element.getName().toLowerCase(Locale.ROOT), element.getValue()); } }
/** * Processes the Digest challenge. * * @param header the challenge header * * @throws MalformedChallengeException is thrown if the authentication challenge * is malformed */ @Override public void processChallenge( final Header header) throws MalformedChallengeException { super.processChallenge(header); this.complete = true; if (getParameters().isEmpty()) { throw new MalformedChallengeException("Authentication challenge is empty"); } }
@Override public Queue<AuthOption> select( final Map<String, Header> challenges, final HttpHost authhost, final HttpResponse response, final HttpContext context) throws MalformedChallengeException { Args.notNull(challenges, "Map of auth challenges"); Args.notNull(authhost, "Host"); Args.notNull(response, "HTTP response"); Args.notNull(context, "HTTP context"); final HttpClientContext clientContext = HttpClientContext.adapt(context); final Queue<AuthOption> options = new LinkedList<AuthOption>(); final Lookup<AuthSchemeProvider> registry = clientContext.getAuthSchemeRegistry(); if (registry == null) { this.log.debug("Auth scheme registry not set in the context"); return options; } final CredentialsProvider credsProvider = clientContext.getCredentialsProvider(); if (credsProvider == null) { this.log.debug("Credentials provider not set in the context"); return options; } final RequestConfig config = clientContext.getRequestConfig(); Collection<String> authPrefs = getPreferredAuthSchemes(config); if (authPrefs == null) { authPrefs = DEFAULT_SCHEME_PRIORITY; } if (this.log.isDebugEnabled()) { this.log.debug("Authentication schemes in the order of preference: " + authPrefs); } for (final String id: authPrefs) { final Header challenge = challenges.get(id.toLowerCase(Locale.ROOT)); if (challenge != null) { final AuthSchemeProvider authSchemeProvider = registry.lookup(id); if (authSchemeProvider == null) { if (this.log.isWarnEnabled()) { this.log.warn("Authentication scheme " + id + " not supported"); // Try again } continue; } final AuthScheme authScheme = authSchemeProvider.create(context); authScheme.processChallenge(challenge); final AuthScope authScope = new AuthScope( authhost.getHostName(), authhost.getPort(), authScheme.getRealm(), authScheme.getSchemeName()); final Credentials credentials = credsProvider.getCredentials(authScope); if (credentials != null) { options.add(new AuthOption(authScheme, credentials)); } } else { if (this.log.isDebugEnabled()) { this.log.debug("Challenge for " + id + " authentication scheme not available"); // Try again } } } return options; }
public Executor authPreemptive(final HttpHost host) { final BasicScheme basicScheme = new BasicScheme(); try { basicScheme.processChallenge(new BasicHeader(AUTH.WWW_AUTH, "BASIC ")); } catch (final MalformedChallengeException ignore) { } this.authCache.put(host, basicScheme); return this; }
public Executor authPreemptiveProxy(final HttpHost proxy) { final BasicScheme basicScheme = new BasicScheme(); try { basicScheme.processChallenge(new BasicHeader(AUTH.PROXY_AUTH, "BASIC ")); } catch (final MalformedChallengeException ignore) { } this.authCache.put(proxy, basicScheme); return this; }
@Override public void processChallenge(final Header header) throws MalformedChallengeException { /* We error here because HTTP signature based authentication doesn't * work on a challenge response model. Even if we get passed a header there * is no response header available for us to process. */ throw new IllegalStateException("No challenge should ever occur"); }
@Override public Map<String, Header> getChallenges(final HttpHost authhost, final HttpResponse response, final HttpContext context) throws MalformedChallengeException { /* Unfortunately, we have to abuse the challenge functionality in * because it won't enabled authentication unless at least a single * challenge is available. The HTTP response for a HTTP Signatures * API will never contain a challenge header, so effectively any * headers that are added will never match. */ return this.challenges; }
private void processChallenge(String headerName, String headerValue) { try { mDigestScheme.processChallenge(new BasicHeader(headerName, headerValue)); } catch (MalformedChallengeException e) { Timber.e(e, "Error processing header " + headerName + " for DIGEST authentication."); } }
@Override protected void parseChallenge( final CharArrayBuffer buffer, int pos, int len) throws MalformedChallengeException { HeaderValueParser parser = BasicHeaderValueParser.DEFAULT; ParserCursor cursor = new ParserCursor(pos, buffer.length()); HeaderElement[] elements = parser.parseElements(buffer, cursor); if (elements.length == 0) { throw new MalformedChallengeException("Authentication challenge is empty"); } this.params = new HashMap<String, String>(elements.length); for (HeaderElement element : elements) { this.params.put(element.getName(), element.getValue()); } }
/** * Processes the Digest challenge. * * @param header the challenge header * * @throws MalformedChallengeException is thrown if the authentication challenge * is malformed */ @Override public void processChallenge( final Header header) throws MalformedChallengeException { super.processChallenge(header); if (getParameter("realm") == null) { throw new MalformedChallengeException("missing realm in challange"); } if (getParameter("nonce") == null) { throw new MalformedChallengeException("missing nonce in challange"); } boolean unsupportedQop = false; // qop parsing String qop = getParameter("qop"); if (qop != null) { StringTokenizer tok = new StringTokenizer(qop,","); while (tok.hasMoreTokens()) { String variant = tok.nextToken().trim(); if (variant.equals("auth")) { qopVariant = QOP_AUTH; break; //that's our favourite, because auth-int is unsupported } else if (variant.equals("auth-int")) { qopVariant = QOP_AUTH_INT; } else { unsupportedQop = true; } } } if (unsupportedQop && (qopVariant == QOP_MISSING)) { throw new MalformedChallengeException("None of the qop methods is supported"); } // Reset cnonce this.cnonce = null; this.complete = true; }
/** * Handle a challenge from an OAuth server. */ @Override public void processChallenge(Header challenge) throws MalformedChallengeException { super.processChallenge(challenge); complete = true; }
