| /* |
| * Licensed to the Apache Software Foundation (ASF) under one or more |
| * contributor license agreements. The ASF licenses this file to You |
| * under the Apache License, Version 2.0 (the "License"); you may not |
| * use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. For additional information regarding |
| * copyright in this work, please see the NOTICE file in the top level |
| * directory of this distribution. |
| */ |
| package org.apache.abdera.ext.wsse; |
| |
| import java.security.MessageDigest; |
| import java.security.SecureRandom; |
| import java.util.Date; |
| |
| import org.apache.abdera.model.AtomDate; |
| import org.apache.abdera.protocol.client.AbderaClient; |
| import org.apache.commons.codec.binary.Base64; |
| import org.apache.commons.codec.binary.Hex; |
| import org.apache.commons.httpclient.Credentials; |
| import org.apache.commons.httpclient.HttpMethod; |
| import org.apache.commons.httpclient.UsernamePasswordCredentials; |
| import org.apache.commons.httpclient.auth.AuthScheme; |
| import org.apache.commons.httpclient.auth.AuthenticationException; |
| import org.apache.commons.httpclient.auth.RFC2617Scheme; |
| |
| /** |
| * WSSE Auth Scheme implementation for use with HTTP Commons AbderaClient |
| * Some APP implementations use WSSE for authentication |
| * |
| * @see http://www.xml.com/pub/a/2003/12/17/dive.html |
| */ |
| public class WSSEAuthScheme |
| extends RFC2617Scheme |
| implements AuthScheme { |
| |
| private final int NONCE_LENGTH = 16; |
| |
| public static void register(AbderaClient abderaClient, boolean exclusive) { |
| AbderaClient.registerScheme("WSSE", WSSEAuthScheme.class); |
| if (exclusive) |
| ((AbderaClient)abderaClient).setAuthenticationSchemePriority("WSSE"); |
| else |
| ((AbderaClient)abderaClient).setAuthenticationSchemeDefaults(); |
| } |
| |
| public String authenticate( |
| Credentials credentials, |
| HttpMethod method) |
| throws AuthenticationException { |
| if (credentials instanceof UsernamePasswordCredentials) { |
| UsernamePasswordCredentials creds = (UsernamePasswordCredentials) credentials; |
| AtomDate now = new AtomDate(new Date()); |
| String nonce = generateNonce(); |
| String digest = generatePasswordDigest(creds.getPassword(), nonce, now); |
| String username = creds.getUserName(); |
| |
| String wsse = "UsernameToken Username=\"" + username + "\", " + |
| "PasswordDigest=\"" + digest + "\", " + |
| "Nonce=\"" + nonce + "\", " + |
| "Created=\"" + now.getValue() + "\""; |
| if (method != null) method.addRequestHeader("X-WSSE", wsse); |
| return "WSSE profile=\"UsernameToken\""; |
| } else { |
| return null; |
| } |
| } |
| |
| private String generatePasswordDigest( |
| String password, |
| String nonce, |
| AtomDate date) |
| throws AuthenticationException { |
| String temp = nonce + date.getValue() + password; |
| try { |
| MessageDigest md = MessageDigest.getInstance("SHA1"); |
| return new String(Base64.encodeBase64(md.digest(temp.getBytes()))); |
| } catch (Exception e) { |
| throw new AuthenticationException(e.getMessage(), e); |
| } |
| } |
| |
| private String generateNonce() |
| throws AuthenticationException { |
| try { |
| SecureRandom sr = SecureRandom.getInstance("SHA1PRNG"); |
| byte[] temp = new byte[NONCE_LENGTH]; |
| sr.nextBytes(temp); |
| String n = new String(Hex.encodeHex(temp)); |
| return n; |
| } catch (Exception e) { |
| throw new AuthenticationException(e.getMessage(),e); |
| } |
| } |
| |
| public String authenticate( |
| Credentials credentials, |
| String method, |
| String uri) |
| throws AuthenticationException { |
| return authenticate(credentials, null); |
| } |
| |
| public String getSchemeName() { |
| return "WSSE"; |
| } |
| |
| public boolean isComplete() { |
| return true; |
| } |
| |
| public boolean isConnectionBased() { |
| return false; |
| } |
| |
| } |