public void sendAuthenticationInfoHeader(final HttpServerExchange exchange) { DigestContext context = exchange.getAttachment(DigestContext.ATTACHMENT_KEY); DigestQop qop = context.getQop(); String currentNonce = context.getNonce(); String nextNonce = nonceManager.nextNonce(currentNonce, exchange); if (qop != null || !nextNonce.equals(currentNonce)) { StringBuilder sb = new StringBuilder(); sb.append(NEXT_NONCE).append("=\"").append(nextNonce).append("\""); if (qop != null) { Map<DigestAuthorizationToken, String> parsedHeader = context.getParsedHeader(); sb.append(",").append(Headers.QOP.toString()).append("=\"").append(qop.getToken()).append("\""); byte[] ha1 = context.getHa1(); byte[] ha2; if (qop == DigestQop.AUTH) { ha2 = createHA2Auth(context); } else { ha2 = createHA2AuthInt(); } String rspauth = new String(createRFC2617RequestDigest(ha1, ha2, context), StandardCharsets.UTF_8); sb.append(",").append(Headers.RESPONSE_AUTH.toString()).append("=\"").append(rspauth).append("\""); sb.append(",").append(Headers.CNONCE.toString()).append("=\"").append(parsedHeader.get(DigestAuthorizationToken.CNONCE)).append("\""); sb.append(",").append(Headers.NONCE_COUNT.toString()).append("=").append(parsedHeader.get(DigestAuthorizationToken.NONCE_COUNT)); } HeaderMap responseHeader = exchange.getResponseHeaders(); responseHeader.add(AUTHENTICATION_INFO, sb.toString()); } exchange.removeAttachment(DigestContext.ATTACHMENT_KEY); }
private boolean validateNonceUse(DigestContext context, Map<DigestAuthorizationToken, String> parsedHeader, final HttpServerExchange exchange) { String suppliedNonce = parsedHeader.get(DigestAuthorizationToken.NONCE); int nonceCount = -1; if (parsedHeader.containsKey(DigestAuthorizationToken.NONCE_COUNT)) { String nonceCountHex = parsedHeader.get(DigestAuthorizationToken.NONCE_COUNT); nonceCount = Integer.parseInt(nonceCountHex, 16); } context.setNonce(suppliedNonce); // TODO - A replay attempt will need an exception. return (nonceManager.validateNonce(suppliedNonce, nonceCount, exchange)); }
rb.append(Headers.DOMAIN.toString()).append("=\"").append(domain).append("\","); rb.append(Headers.NONCE.toString()).append("=\"").append(nonceManager.nextNonce(null, exchange)).append("\",");
private boolean validateNonceUse(DigestContext context, Map<DigestAuthorizationToken, String> parsedHeader, final HttpServerExchange exchange) { String suppliedNonce = parsedHeader.get(DigestAuthorizationToken.NONCE); int nonceCount = -1; if (parsedHeader.containsKey(DigestAuthorizationToken.NONCE_COUNT)) { String nonceCountHex = parsedHeader.get(DigestAuthorizationToken.NONCE_COUNT); nonceCount = Integer.parseInt(nonceCountHex, 16); } context.setNonce(suppliedNonce); // TODO - A replay attempt will need an exception. return (nonceManager.validateNonce(suppliedNonce, nonceCount, exchange)); }
rb.append(Headers.DOMAIN.toString()).append("=\"").append(domain).append("\","); rb.append(Headers.NONCE.toString()).append("=\"").append(nonceManager.nextNonce(null, exchange)).append("\",");
private boolean validateNonceUse(DigestContext context, Map<DigestAuthorizationToken, String> parsedHeader, final HttpServerExchange exchange) { String suppliedNonce = parsedHeader.get(DigestAuthorizationToken.NONCE); int nonceCount = -1; if (parsedHeader.containsKey(DigestAuthorizationToken.NONCE_COUNT)) { String nonceCountHex = parsedHeader.get(DigestAuthorizationToken.NONCE_COUNT); nonceCount = Integer.parseInt(nonceCountHex, 16); } context.setNonce(suppliedNonce); // TODO - A replay attempt will need an exception. return (nonceManager.validateNonce(suppliedNonce, nonceCount, exchange)); }
rb.append(Headers.DOMAIN.toString()).append("=\"").append(domain).append("\","); rb.append(Headers.NONCE.toString()).append("=\"").append(nonceManager.nextNonce(null, exchange)).append("\",");
private boolean validateNonceUse(DigestContext context, Map<DigestAuthorizationToken, String> parsedHeader, final HttpServerExchange exchange) { String suppliedNonce = parsedHeader.get(DigestAuthorizationToken.NONCE); int nonceCount = -1; if (parsedHeader.containsKey(DigestAuthorizationToken.NONCE_COUNT)) { String nonceCountHex = parsedHeader.get(DigestAuthorizationToken.NONCE_COUNT); nonceCount = Integer.parseInt(nonceCountHex, 16); } context.setNonce(suppliedNonce); // TODO - A replay attempt will need an exception. return (nonceManager.validateNonce(suppliedNonce, nonceCount, exchange)); }
public void sendAuthenticationInfoHeader(final HttpServerExchange exchange) { DigestContext context = exchange.getAttachment(DigestContext.ATTACHMENT_KEY); DigestQop qop = context.getQop(); String currentNonce = context.getNonce(); String nextNonce = nonceManager.nextNonce(currentNonce, exchange); if (qop != null || !nextNonce.equals(currentNonce)) { StringBuilder sb = new StringBuilder(); sb.append(NEXT_NONCE).append("=\"").append(nextNonce).append("\""); if (qop != null) { Map<DigestAuthorizationToken, String> parsedHeader = context.getParsedHeader(); sb.append(",").append(Headers.QOP.toString()).append("=\"").append(qop.getToken()).append("\""); byte[] ha1 = context.getHa1(); byte[] ha2; if (qop == DigestQop.AUTH) { ha2 = createHA2Auth(context); } else { ha2 = createHA2AuthInt(); } String rspauth = new String(createRFC2617RequestDigest(ha1, ha2, context), StandardCharsets.UTF_8); sb.append(",").append(Headers.RESPONSE_AUTH.toString()).append("=\"").append(rspauth).append("\""); sb.append(",").append(Headers.CNONCE.toString()).append("=\"").append(parsedHeader.get(DigestAuthorizationToken.CNONCE)).append("\""); sb.append(",").append(Headers.NONCE_COUNT.toString()).append("=").append(parsedHeader.get(DigestAuthorizationToken.NONCE_COUNT)); } HeaderMap responseHeader = exchange.getResponseHeaders(); responseHeader.add(AUTHENTICATION_INFO, sb.toString()); } exchange.removeAttachment(DigestContext.ATTACHMENT_KEY); }
private boolean validateNonceUse(DigestContext context, Map<DigestAuthorizationToken, String> parsedHeader, final HttpServerExchange exchange) { String suppliedNonce = parsedHeader.get(DigestAuthorizationToken.NONCE); int nonceCount = -1; if (parsedHeader.containsKey(DigestAuthorizationToken.NONCE_COUNT)) { String nonceCountHex = parsedHeader.get(DigestAuthorizationToken.NONCE_COUNT); nonceCount = Integer.parseInt(nonceCountHex, 16); } context.setNonce(suppliedNonce); // TODO - A replay attempt will need an exception. return (nonceManager.validateNonce(suppliedNonce, nonceCount, exchange)); }
rb.append(Headers.DOMAIN.toString()).append("=\"").append(domain).append("\","); rb.append(Headers.NONCE.toString()).append("=\"").append(nonceManager.nextNonce(null, exchange)).append("\",");
private boolean validateNonceUse(DigestContext context, Map<DigestAuthorizationToken, String> parsedHeader, final HttpServerExchange exchange) { String suppliedNonce = parsedHeader.get(DigestAuthorizationToken.NONCE); int nonceCount = -1; if (parsedHeader.containsKey(DigestAuthorizationToken.NONCE_COUNT)) { String nonceCountHex = parsedHeader.get(DigestAuthorizationToken.NONCE_COUNT); nonceCount = Integer.parseInt(nonceCountHex, 16); } context.setNonce(suppliedNonce); // TODO - A replay attempt will need an exception. return (nonceManager.validateNonce(suppliedNonce, nonceCount, exchange)); }
rb.append(Headers.DOMAIN.toString()).append("=\"").append(domain).append("\","); rb.append(Headers.NONCE.toString()).append("=\"").append(nonceManager.nextNonce(null, exchange)).append("\",");
rb.append(Headers.DOMAIN.toString()).append("=\"").append(domain).append("\","); rb.append(Headers.NONCE.toString()).append("=\"").append(nonceManager.nextNonce(null, exchange)).append("\",");
public void sendAuthenticationInfoHeader(final HttpServerExchange exchange) { DigestContext context = exchange.getAttachment(DigestContext.ATTACHMENT_KEY); DigestQop qop = context.getQop(); String currentNonce = context.getNonce(); String nextNonce = nonceManager.nextNonce(currentNonce, exchange); if (qop != null || !nextNonce.equals(currentNonce)) { StringBuilder sb = new StringBuilder(); sb.append(NEXT_NONCE).append("=\"").append(nextNonce).append("\""); if (qop != null) { Map<DigestAuthorizationToken, String> parsedHeader = context.getParsedHeader(); sb.append(",").append(Headers.QOP.toString()).append("=\"").append(qop.getToken()).append("\""); byte[] ha1 = context.getHa1(); byte[] ha2; if (qop == DigestQop.AUTH) { ha2 = createHA2Auth(context); } else { ha2 = createHA2AuthInt(); } String rspauth = new String(createRFC2617RequestDigest(ha1, ha2, context), StandardCharsets.UTF_8); sb.append(",").append(Headers.RESPONSE_AUTH.toString()).append("=\"").append(rspauth).append("\""); sb.append(",").append(Headers.CNONCE.toString()).append("=\"").append(parsedHeader.get(DigestAuthorizationToken.CNONCE)).append("\""); sb.append(",").append(Headers.NONCE_COUNT.toString()).append("=").append(parsedHeader.get(DigestAuthorizationToken.NONCE_COUNT)); } HeaderMap responseHeader = exchange.getResponseHeaders(); responseHeader.add(AUTHENTICATION_INFO, sb.toString()); } exchange.removeAttachment(DigestContext.ATTACHMENT_KEY); }