org.restlet.engine.security

Class AuthenticatorHelper

java.lang.Object

org.restlet.engine.Helper

org.restlet.engine.security.AuthenticatorHelper

Direct Known Subclasses:

HttpBasicHelper, SmtpPlainHelper

public abstract class AuthenticatorHelper
extends Helper

Base class for authentication helpers.

Author:

Jerome Louvel

Constructor Summary

Constructors

Constructor and Description
AuthenticatorHelper(ChallengeScheme challengeScheme, boolean clientSide, boolean serverSide) Constructor.

Method Summary

Methods

Modifier and Type	Method and Description
int	authenticate(ChallengeResponse cr, Request request, Guard guard) Deprecated. See new org.restlet.security package.
void	challenge(Response response, boolean stale, Guard guard) Deprecated. See new org.restlet.security package.
void	formatRawRequest(ChallengeWriter cw, ChallengeRequest challenge, Response response, Series<Parameter> httpHeaders) Formats a challenge request as raw credentials.
void	formatRawResponse(ChallengeWriter cw, ChallengeResponse challenge, Request request, Series<Parameter> httpHeaders) Formats a challenge response as raw credentials.
java.lang.String	formatRequest(ChallengeRequest challenge, Response response, Series<Parameter> httpHeaders) Formats a challenge request as a HTTP header value.
java.lang.String	formatResponse(ChallengeResponse challenge, Request request, Series<Parameter> httpHeaders) Formats a challenge response as a HTTP header value.
char[]	formatSecret(ChallengeResponse challengeResponse, Request request, Response response, java.lang.String identifier, char[] baseSecret, java.lang.String baseSecretAlgorithm) Formats the secret of a challenge response.
ChallengeScheme	getChallengeScheme() Returns the supported challenge scheme.
java.util.logging.Logger	getLogger() Returns the context's logger.
boolean	isClientSide() Indicates if client side authentication is supported.
boolean	isServerSide() Indicates if server side authentication is supported.
void	parseRequest(ChallengeRequest challenge, Response response, Series<Parameter> httpHeaders) Parses an authenticate header into a challenge request.
void	parseResponse(ChallengeResponse challenge, Request request, Series<Parameter> httpHeaders) Parses an authorization header into a challenge response.
void	setChallengeScheme(ChallengeScheme challengeScheme) Sets the supported challenge scheme.
void	setClientSide(boolean clientSide) Indicates if client side authentication is supported.
void	setServerSide(boolean serverSide) Indicates if server side authentication is supported.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AuthenticatorHelper

public AuthenticatorHelper(ChallengeScheme challengeScheme,
                   boolean clientSide,
                   boolean serverSide)

Constructor.

Parameters:

challengeScheme - The supported challenge scheme.

clientSide - Indicates if client side authentication is supported.

serverSide - Indicates if server side authentication is supported.

Method Detail

authenticate

@Deprecated
public int authenticate(ChallengeResponse cr,
                          Request request,
                          Guard guard)

Deprecated. See new org.restlet.security package.

Indicates if the call is properly authenticated. You are guaranteed that the request has a challenge response with a scheme matching the one supported by the plugin.

Parameters:

cr - The challenge response in the request.

request - The request to authenticate.

guard - The associated guard to callback.

Returns:

-1 if the given credentials were invalid, 0 if no credentials were found and 1 otherwise.

See Also:

Guard.checkSecret(Request, String, char[])

challenge

@Deprecated
public void challenge(Response response,
                        boolean stale,
                        Guard guard)

Deprecated. See new org.restlet.security package.

Challenges the client by adding a challenge request to the response and by setting the status to CLIENT_ERROR_UNAUTHORIZED.

Parameters:

response - The response to update.

stale - Indicates if the new challenge is due to a stale response.

guard - The associated guard to callback.

formatRawRequest

public void formatRawRequest(ChallengeWriter cw,
                    ChallengeRequest challenge,
                    Response response,
                    Series<Parameter> httpHeaders)
                      throws java.io.IOException

Formats a challenge request as raw credentials.

Parameters:

cw - The header writer to update.

challenge - The challenge request to format.

response - The parent response.

httpHeaders - The current request HTTP headers.

Throws:

java.io.IOException

formatRawResponse

public void formatRawResponse(ChallengeWriter cw,
                     ChallengeResponse challenge,
                     Request request,
                     Series<Parameter> httpHeaders)

Formats a challenge response as raw credentials.

Parameters:

cw - The header writer to update.

challenge - The challenge response to format.

request - The parent request.

httpHeaders - The current request HTTP headers.

formatRequest

public java.lang.String formatRequest(ChallengeRequest challenge,
                             Response response,
                             Series<Parameter> httpHeaders)
                               throws java.io.IOException

Formats a challenge request as a HTTP header value. The header is HeaderConstants.HEADER_WWW_AUTHENTICATE. The default implementation relies on formatRawRequest(ChallengeWriter, ChallengeRequest, Response, Series) to append all parameters from ChallengeMessage.getParameters().

Parameters:

challenge - The challenge request to format.

response - The parent response.

httpHeaders - The current response HTTP headers.

Returns:

The HeaderConstants.HEADER_WWW_AUTHENTICATE header value.

Throws:

java.io.IOException

formatResponse

public java.lang.String formatResponse(ChallengeResponse challenge,
                              Request request,
                              Series<Parameter> httpHeaders)

Formats a challenge response as a HTTP header value. The header is HeaderConstants.HEADER_AUTHORIZATION. The default implementation relies on formatRawResponse(ChallengeWriter, ChallengeResponse, Request, Series) unless some custom credentials are provided via

Parameters:

challenge - The challenge response to format.

request - The parent request.

httpHeaders - The current request HTTP headers.

Returns:

The HeaderConstants.HEADER_AUTHORIZATION header value.

formatSecret

public char[] formatSecret(ChallengeResponse challengeResponse,
                  Request request,
                  Response response,
                  java.lang.String identifier,
                  char[] baseSecret,
                  java.lang.String baseSecretAlgorithm)

Formats the secret of a challenge response. By default, it returns the given password.

Parameters:

challengeResponse - The challenge response.

request - The request if available.

response - The response if available.

identifier - The identifier.

baseSecret - The base secret used to compute the secret.

baseSecretAlgorithm - The digest algorithm of the base secret (@see Digest class).

Returns:

The formatted secret of a challenge response.

getChallengeScheme

public ChallengeScheme getChallengeScheme()

Returns the supported challenge scheme.

Returns:

The supported challenge scheme.

getLogger

public java.util.logging.Logger getLogger()

Returns the context's logger.

Returns:

The context's logger.

isClientSide

public boolean isClientSide()

Indicates if client side authentication is supported.

Returns:

True if client side authentication is supported.

isServerSide

public boolean isServerSide()

Indicates if server side authentication is supported.

Returns:

True if server side authentication is supported.

parseRequest

public void parseRequest(ChallengeRequest challenge,
                Response response,
                Series<Parameter> httpHeaders)

Parses an authenticate header into a challenge request. The header is HeaderConstants.HEADER_WWW_AUTHENTICATE.

Parameters:

challenge - The challenge request to update.

response - The parent response.

httpHeaders - The current response HTTP headers.

parseResponse

public void parseResponse(ChallengeResponse challenge,
                 Request request,
                 Series<Parameter> httpHeaders)

Parses an authorization header into a challenge response. The header is HeaderConstants.HEADER_AUTHORIZATION.

Parameters:

challenge - The challenge response to update.

request - The parent request.

httpHeaders - The current request HTTP headers.

setChallengeScheme

public void setChallengeScheme(ChallengeScheme challengeScheme)

Sets the supported challenge scheme.

Parameters:

challengeScheme - The supported challenge scheme.

setClientSide

public void setClientSide(boolean clientSide)

Indicates if client side authentication is supported.

Parameters:

clientSide - True if client side authentication is supported.

setServerSide

public void setServerSide(boolean serverSide)

Indicates if server side authentication is supported.

Parameters:

serverSide - True if server side authentication is supported.