1 /*
2  * $Header: /home/jerenkrantz/tmp/commons/commons-convert/cvs/home/cvs/jakarta-commons//httpclient/src/java/org/apache/commons/httpclient/auth/BasicScheme.java,v 1.17 2004/05/13 04:02:00 mbecke Exp $
3  * $Revision: 480424 $
4  * $Date: 2006-11-29 06:56:49 +0100 (Wed, 29 Nov 2006) $
5  *
6  * ====================================================================
7  *
8  *  Licensed to the Apache Software Foundation (ASF) under one or more
9  *  contributor license agreements.  See the NOTICE file distributed with
10  *  this work for additional information regarding copyright ownership.
11  *  The ASF licenses this file to You under the Apache License, Version 2.0
12  *  (the "License"); you may not use this file except in compliance with
13  *  the License.  You may obtain a copy of the License at
14  *
15  *      http://www.apache.org/licenses/LICENSE-2.0
16  *
17  *  Unless required by applicable law or agreed to in writing, software
18  *  distributed under the License is distributed on an "AS IS" BASIS,
19  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
20  *  See the License for the specific language governing permissions and
21  *  limitations under the License.
22  * ====================================================================
23  *
24  * This software consists of voluntary contributions made by many
25  * individuals on behalf of the Apache Software Foundation.  For more
26  * information on the Apache Software Foundation, please see
27  * <http://www.apache.org/>.
28  *
29  */
30 
31 package org.apache.commons.httpclient.auth;
32 
33 import org.apache.commons.codec.binary.Base64;
34 import org.apache.commons.httpclient.Credentials;
35 import org.apache.commons.httpclient.HttpMethod;
36 import org.apache.commons.httpclient.UsernamePasswordCredentials;
37 import org.apache.commons.httpclient.util.EncodingUtil;
38 import org.apache.commons.logging.Log;
39 import org.apache.commons.logging.LogFactory;
40 
41 /**
42  * <p>
43  * Basic authentication scheme as defined in RFC 2617.
44  * </p>
45  *
46  * @author <a href="mailto:remm@apache.org">Remy Maucherat</a>
47  * @author Rodney Waldhoff
48  * @author <a href="mailto:jsdever@apache.org">Jeff Dever</a>
49  * @author Ortwin Glueck
50  * @author Sean C. Sullivan
51  * @author <a href="mailto:adrian@ephox.com">Adrian Sutton</a>
52  * @author <a href="mailto:mbowler@GargoyleSoftware.com">Mike Bowler</a>
53  * @author <a href="mailto:oleg@ural.ru">Oleg Kalnichevski</a>
54  */
55 
56 public class BasicScheme extends RFC2617Scheme {
57 
58     /** Log object for this class. */
59     private static final Log LOG = LogFactory.getLog(BasicScheme.class);
60 
61     /** Whether the basic authentication process is complete */
62     private boolean complete;
63 
64     /**
65      * Default constructor for the basic authetication scheme.
66      *
67      * @since 3.0
68      */
BasicScheme()69     public BasicScheme() {
70         super();
71         this.complete = false;
72     }
73 
74     /**
75      * Constructor for the basic authetication scheme.
76      *
77      * @param challenge authentication challenge
78      *
79      * @throws MalformedChallengeException is thrown if the authentication challenge
80      * is malformed
81      *
82      * @deprecated Use parameterless constructor and {@link AuthScheme#processChallenge(String)}
83      *             method
84      */
BasicScheme(final String challenge)85     public BasicScheme(final String challenge) throws MalformedChallengeException {
86         super(challenge);
87         this.complete = true;
88     }
89 
90     /**
91      * Returns textual designation of the basic authentication scheme.
92      *
93      * @return <code>basic</code>
94      */
getSchemeName()95     public String getSchemeName() {
96         return "basic";
97     }
98 
99     /**
100      * Processes the Basic challenge.
101      *
102      * @param challenge the challenge string
103      *
104      * @throws MalformedChallengeException is thrown if the authentication challenge
105      * is malformed
106      *
107      * @since 3.0
108      */
processChallenge(String challenge)109     public void processChallenge(String challenge)
110         throws MalformedChallengeException
111     {
112         super.processChallenge(challenge);
113         this.complete = true;
114     }
115 
116     /**
117      * Tests if the Basic authentication process has been completed.
118      *
119      * @return <tt>true</tt> if Basic authorization has been processed,
120      *   <tt>false</tt> otherwise.
121      *
122      * @since 3.0
123      */
isComplete()124     public boolean isComplete() {
125         return this.complete;
126     }
127 
128     /**
129      * Produces basic authorization string for the given set of
130      * {@link Credentials}.
131      *
132      * @param credentials The set of credentials to be used for athentication
133      * @param method Method name is ignored by the basic authentication scheme
134      * @param uri URI is ignored by the basic authentication scheme
135      * @throws InvalidCredentialsException if authentication credentials
136      *         are not valid or not applicable for this authentication scheme
137      * @throws AuthenticationException if authorization string cannot
138      *   be generated due to an authentication failure
139      *
140      * @return a basic authorization string
141      *
142      * @deprecated Use {@link #authenticate(Credentials, HttpMethod)}
143      */
authenticate(Credentials credentials, String method, String uri)144     public String authenticate(Credentials credentials, String method, String uri)
145       throws AuthenticationException {
146 
147         LOG.trace("enter BasicScheme.authenticate(Credentials, String, String)");
148 
149         UsernamePasswordCredentials usernamepassword = null;
150         try {
151             usernamepassword = (UsernamePasswordCredentials) credentials;
152         } catch (ClassCastException e) {
153             throw new InvalidCredentialsException(
154              "Credentials cannot be used for basic authentication: "
155               + credentials.getClass().getName());
156         }
157         return BasicScheme.authenticate(usernamepassword);
158     }
159 
160     /**
161      * Returns <tt>false</tt>. Basic authentication scheme is request based.
162      *
163      * @return <tt>false</tt>.
164      *
165      * @since 3.0
166      */
isConnectionBased()167     public boolean isConnectionBased() {
168         return false;
169     }
170 
171     /**
172      * Produces basic authorization string for the given set of {@link Credentials}.
173      *
174      * @param credentials The set of credentials to be used for athentication
175      * @param method The method being authenticated
176      * @throws InvalidCredentialsException if authentication credentials
177      *         are not valid or not applicable for this authentication scheme
178      * @throws AuthenticationException if authorization string cannot
179      *   be generated due to an authentication failure
180      *
181      * @return a basic authorization string
182      *
183      * @since 3.0
184      */
authenticate(Credentials credentials, HttpMethod method)185     public String authenticate(Credentials credentials, HttpMethod method) throws AuthenticationException {
186 
187         LOG.trace("enter BasicScheme.authenticate(Credentials, HttpMethod)");
188 
189         if (method == null) {
190             throw new IllegalArgumentException("Method may not be null");
191         }
192         UsernamePasswordCredentials usernamepassword = null;
193         try {
194             usernamepassword = (UsernamePasswordCredentials) credentials;
195         } catch (ClassCastException e) {
196             throw new InvalidCredentialsException(
197                     "Credentials cannot be used for basic authentication: "
198                     + credentials.getClass().getName());
199         }
200         return BasicScheme.authenticate(
201             usernamepassword,
202             method.getParams().getCredentialCharset());
203     }
204 
205     /**
206      * @deprecated Use {@link #authenticate(UsernamePasswordCredentials, String)}
207      *
208      * Returns a basic <tt>Authorization</tt> header value for the given
209      * {@link UsernamePasswordCredentials}.
210      *
211      * @param credentials The credentials to encode.
212      *
213      * @return a basic authorization string
214      */
authenticate(UsernamePasswordCredentials credentials)215     public static String authenticate(UsernamePasswordCredentials credentials) {
216         return authenticate(credentials, "ISO-8859-1");
217     }
218 
219     /**
220      * Returns a basic <tt>Authorization</tt> header value for the given
221      * {@link UsernamePasswordCredentials} and charset.
222      *
223      * @param credentials The credentials to encode.
224      * @param charset The charset to use for encoding the credentials
225      *
226      * @return a basic authorization string
227      *
228      * @since 3.0
229      */
authenticate(UsernamePasswordCredentials credentials, String charset)230     public static String authenticate(UsernamePasswordCredentials credentials, String charset) {
231 
232         LOG.trace("enter BasicScheme.authenticate(UsernamePasswordCredentials, String)");
233 
234         if (credentials == null) {
235             throw new IllegalArgumentException("Credentials may not be null");
236         }
237         if (charset == null || charset.length() == 0) {
238             throw new IllegalArgumentException("charset may not be null or empty");
239         }
240         StringBuffer buffer = new StringBuffer();
241         buffer.append(credentials.getUserName());
242         buffer.append(":");
243         buffer.append(credentials.getPassword());
244 
245         return "Basic " + EncodingUtil.getAsciiString(
246                 Base64.encodeBase64(EncodingUtil.getBytes(buffer.toString(), charset)));
247     }
248 
249 }
250