1 /* 2 * ==================================================================== 3 * Licensed to the Apache Software Foundation (ASF) under one 4 * or more contributor license agreements. See the NOTICE file 5 * distributed with this work for additional information 6 * regarding copyright ownership. The ASF licenses this file 7 * to you under the Apache License, Version 2.0 (the 8 * "License"); you may not use this file except in compliance 9 * with the License. You may obtain a copy of the License at 10 * 11 * http://www.apache.org/licenses/LICENSE-2.0 12 * 13 * Unless required by applicable law or agreed to in writing, 14 * software distributed under the License is distributed on an 15 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 16 * KIND, either express or implied. See the License for the 17 * specific language governing permissions and limitations 18 * under the License. 19 * ==================================================================== 20 * 21 * This software consists of voluntary contributions made by many 22 * individuals on behalf of the Apache Software Foundation. For more 23 * information on the Apache Software Foundation, please see 24 * <http://www.apache.org/>. 25 * 26 */ 27 package ch.boye.httpclientandroidlib.impl.client; 28 29 import java.security.Principal; 30 31 import javax.net.ssl.SSLSession; 32 33 import ch.boye.httpclientandroidlib.HttpConnection; 34 import ch.boye.httpclientandroidlib.annotation.Immutable; 35 import ch.boye.httpclientandroidlib.auth.AuthScheme; 36 import ch.boye.httpclientandroidlib.auth.AuthState; 37 import ch.boye.httpclientandroidlib.auth.Credentials; 38 import ch.boye.httpclientandroidlib.client.UserTokenHandler; 39 import ch.boye.httpclientandroidlib.client.protocol.HttpClientContext; 40 import ch.boye.httpclientandroidlib.conn.ManagedHttpClientConnection; 41 import ch.boye.httpclientandroidlib.protocol.HttpContext; 42 43 /** 44 * Default implementation of {@link UserTokenHandler}. This class will use 45 * an instance of {@link Principal} as a state object for HTTP connections, 46 * if it can be obtained from the given execution context. This helps ensure 47 * persistent connections created with a particular user identity within 48 * a particular security context can be reused by the same user only. 49 * <p> 50 * DefaultUserTokenHandler will use the user principle of connection 51 * based authentication schemes such as NTLM or that of the SSL session 52 * with the client authentication turned on. If both are unavailable, 53 * <code>null</code> token will be returned. 54 * 55 * @since 4.0 56 */ 57 @Immutable 58 public class DefaultUserTokenHandler implements UserTokenHandler { 59 60 public static final DefaultUserTokenHandler INSTANCE = new DefaultUserTokenHandler(); 61 getUserToken(final HttpContext context)62 public Object getUserToken(final HttpContext context) { 63 64 final HttpClientContext clientContext = HttpClientContext.adapt(context); 65 66 Principal userPrincipal = null; 67 68 final AuthState targetAuthState = clientContext.getTargetAuthState(); 69 if (targetAuthState != null) { 70 userPrincipal = getAuthPrincipal(targetAuthState); 71 if (userPrincipal == null) { 72 final AuthState proxyAuthState = clientContext.getProxyAuthState(); 73 userPrincipal = getAuthPrincipal(proxyAuthState); 74 } 75 } 76 77 if (userPrincipal == null) { 78 final HttpConnection conn = clientContext.getConnection(); 79 if (conn.isOpen() && conn instanceof ManagedHttpClientConnection) { 80 final SSLSession sslsession = ((ManagedHttpClientConnection) conn).getSSLSession(); 81 if (sslsession != null) { 82 userPrincipal = sslsession.getLocalPrincipal(); 83 } 84 } 85 } 86 87 return userPrincipal; 88 } 89 getAuthPrincipal(final AuthState authState)90 private static Principal getAuthPrincipal(final AuthState authState) { 91 final AuthScheme scheme = authState.getAuthScheme(); 92 if (scheme != null && scheme.isComplete() && scheme.isConnectionBased()) { 93 final Credentials creds = authState.getCredentials(); 94 if (creds != null) { 95 return creds.getUserPrincipal(); 96 } 97 } 98 return null; 99 } 100 101 } 102