/** {@inheritDoc} */ @Override public int hashCode() { // Note that the secret is simply discarded from hash code calculation // because we don't want it to be materialized as a string return SystemUtils .hashCode(getScheme(), getIdentifier(), getRawValue()); }
/** * Optionally updates the request with a challenge response before sending * it. This is sometimes useful for authentication schemes that aren't based * on the Authorization header but instead on URI query parameters or other * headers. By default it returns the resource URI reference unchanged. * * @param resourceRef * The resource URI reference to update. * @param challengeResponse * The challenge response provided. * @param request * The request to update. * @return The original URI reference if unchanged or a new one if updated. */ public static Reference updateReference(Reference resourceRef, ChallengeResponse challengeResponse, Request request) { if (challengeResponse != null && challengeResponse.getRawValue() == null) { AuthenticatorHelper helper = Engine.getInstance().findHelper( challengeResponse.getScheme(), true, false); if (helper != null) { resourceRef = helper.updateReference(resourceRef, challengeResponse, request); } else { Context.getCurrentLogger().warning( "Challenge scheme " + challengeResponse.getScheme() + " not supported by the Restlet engine."); } } return resourceRef; }
/** {@inheritDoc} */ @Override public int hashCode() { return Engine.hashCode(getScheme(), getIdentifier(), (getSecret() == null) ? null : new String(getSecret()), getCredentials()); }
Context.getCurrentLogger().warning( "No challenge response to format."); } else if (challenge.getScheme() == null) { Context.getCurrentLogger().warning( "A challenge response must have a scheme defined."); } else if (challenge.getScheme().getTechnicalName() == null) { Context.getCurrentLogger().warning( "A challenge scheme must have a technical name defined."); } else { ChallengeWriter cw = new ChallengeWriter(); cw.append(challenge.getScheme().getTechnicalName()).appendSpace(); int cwInitialLength = cw.getBuffer().length(); } else { AuthenticatorHelper helper = Engine.getInstance().findHelper( challenge.getScheme(), true, false); "Challenge scheme " + challenge.getScheme() + " not supported by the Restlet engine.");
} else if (ChallengeScheme.HTTP_OAUTH_BEARER.equals(cr.getScheme())) { logger.config("Verify: Bearer"); final String bearer = cr.getRawValue();
/** * Invoked upon failed authentication. By default, it updates the request's * clientInfo and challengeResponse "authenticated" properties, and returns * {@link Filter#STOP}. * * @param request * The request sent. * @param response * The response to update. * @return The filter continuation code. */ protected int unauthenticated(Request request, Response response) { boolean loggable = request.isLoggable() && getLogger().isLoggable(Level.FINE); if (request.getChallengeResponse() != null && loggable) { getLogger().log( Level.FINE, "The authentication failed for the identifer \"" + request.getChallengeResponse().getIdentifier() + "\" using the " + request.getChallengeResponse().getScheme() + " scheme."); } // Update the client info accordingly if (request.getClientInfo() != null) { request.getClientInfo().setAuthenticated(false); } // Stop the filtering chain return STOP; }
@Override public int verify(Request request, Response response) { final String token; try { ChallengeResponse cr = request.getChallengeResponse(); if (cr == null) { return RESULT_MISSING; } else if (ChallengeScheme.HTTP_OAUTH_BEARER.equals(cr.getScheme())) { final String bearer = cr.getRawValue(); if (bearer == null || bearer.isEmpty()) { return RESULT_MISSING; } token = bearer; } else { return RESULT_UNSUPPORTED; } } catch (Exception ex) { return RESULT_INVALID; } Try<User> user = accessTokenVerificationCommandFactory.createVerificationCommand(token).executeCommand(); return user.map(u -> { org.restlet.security.User restletUser = createRestletUser(u); request.getClientInfo().setUser(restletUser); request.getAttributes().put("token", token); return RESULT_VALID; }).orElse(RESULT_INVALID); }
+ request.getChallengeResponse().getIdentifier() + "\" using the " + request.getChallengeResponse().getScheme() + " scheme.");
.getChallengeResponse().getIdentifier(), request.getChallengeResponse().getScheme());
return null; final ChallengeScheme authScheme = challengeResponse.getScheme(); if (authScheme == null) { return null;
.getChallengeResponse().getScheme()) && (request.getChallengeResponse().getIdentifier() != null)) { userInfo = request.getChallengeResponse()
.getChallengeResponse().getScheme()) && (request.getChallengeResponse().getIdentifier() != null)) { userInfo = request.getChallengeResponse()
.getChallengeResponse().getScheme()) && (request.getChallengeResponse().getIdentifier() != null)) { userInfo = request.getChallengeResponse()
if (!cr.getScheme().equals(ChallengeScheme.HTTP_BASIC)) {
if (challengeResponse.getScheme().equals(c.getScheme())) { challengeRequest = c; break;