/** {@inheritDoc} */ @Override public int hashCode() { // Note that the secret is simply discarded from hash code calculation // because we don't want it to be materialized as a string return SystemUtils .hashCode(getScheme(), getIdentifier(), getRawValue()); }
@Override public void parseResponse(ChallengeResponse challenge, Request request, Series<Header> httpHeaders) { try { byte[] credentialsEncoded = Base64.decode(challenge.getRawValue()); if (credentialsEncoded == null) { getLogger() .info("Cannot decode credentials: " + challenge.getRawValue()); } String credentials = new String(credentialsEncoded, "ISO-8859-1"); int separator = credentials.indexOf(':'); if (separator == -1) { // Log the blocking getLogger().info( "Invalid credentials given by client with IP: " + ((request != null) ? request.getClientInfo() .getAddress() : "?")); } else { challenge.setIdentifier(credentials.substring(0, separator)); challenge.setSecret(credentials.substring(separator + 1)); } } catch (UnsupportedEncodingException e) { getLogger().log(Level.INFO, "Unsupported HTTP Basic encoding error", e); } catch (IllegalArgumentException e) { getLogger().log(Level.INFO, "Unable to decode the HTTP Basic credential", e); } }
if (!Objects.equals(getRawValue(), that.getRawValue()) || !Objects.equals(getIdentifier(), that.getIdentifier()) || !Objects.equals(getScheme(), that.getScheme())) {
/** * Optionally updates the request with a challenge response before sending * it. This is sometimes useful for authentication schemes that aren't based * on the Authorization header but instead on URI query parameters or other * headers. By default it returns the resource URI reference unchanged. * * @param resourceRef * The resource URI reference to update. * @param challengeResponse * The challenge response provided. * @param request * The request to update. * @return The original URI reference if unchanged or a new one if updated. */ public static Reference updateReference(Reference resourceRef, ChallengeResponse challengeResponse, Request request) { if (challengeResponse != null && challengeResponse.getRawValue() == null) { AuthenticatorHelper helper = Engine.getInstance().findHelper( challengeResponse.getScheme(), true, false); if (helper != null) { resourceRef = helper.updateReference(resourceRef, challengeResponse, request); } else { Context.getCurrentLogger().warning( "Challenge scheme " + challengeResponse.getScheme() + " not supported by the Restlet engine."); } } return resourceRef; }
} else if (ChallengeScheme.HTTP_OAUTH_BEARER.equals(cr.getScheme())) { logger.config("Verify: Bearer"); final String bearer = cr.getRawValue(); if (bearer == null || bearer.isEmpty()) { return RESULT_MISSING;
int cwInitialLength = cw.getBuffer().length(); if (challenge.getRawValue() != null) { cw.append(challenge.getRawValue()); } else { AuthenticatorHelper helper = Engine.getInstance().findHelper(
@Override public int verify(Request request, Response response) { final String token; try { ChallengeResponse cr = request.getChallengeResponse(); if (cr == null) { return RESULT_MISSING; } else if (ChallengeScheme.HTTP_OAUTH_BEARER.equals(cr.getScheme())) { final String bearer = cr.getRawValue(); if (bearer == null || bearer.isEmpty()) { return RESULT_MISSING; } token = bearer; } else { return RESULT_UNSUPPORTED; } } catch (Exception ex) { return RESULT_INVALID; } Try<User> user = accessTokenVerificationCommandFactory.createVerificationCommand(token).executeCommand(); return user.map(u -> { org.restlet.security.User restletUser = createRestletUser(u); request.getClientInfo().setUser(restletUser); request.getAttributes().put("token", token); return RESULT_VALID; }).orElse(RESULT_INVALID); }