framework/src/com/squareup/okhttp/internal/http/HttpAuthenticator.java - cordova-amazon-fireos - Git at Google

 /*
  * Copyright (C) 2012 Square, Inc.
  * Copyright (C) 2011 The Android Open Source Project
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package com.squareup.okhttp.internal.http;

 import com.squareup.okhttp.internal.Base64;
 import java.io.IOException;
 import java.net.Authenticator;
 import java.net.InetAddress;
 import java.net.InetSocketAddress;
 import java.net.PasswordAuthentication;
 import java.net.Proxy;
 import java.net.URL;
 import java.util.ArrayList;
 import java.util.List;

 import static java.net.HttpURLConnection.HTTP_PROXY_AUTH;
 import static java.net.HttpURLConnection.HTTP_UNAUTHORIZED;

 /** Handles HTTP authentication headers from origin and proxy servers. */
 public final class HttpAuthenticator {
   private HttpAuthenticator() {
   }

   /**
    * React to a failed authorization response by looking up new credentials.
    *
    * @return true if credentials have been added to successorRequestHeaders
    *         and another request should be attempted.
    */
   public static boolean processAuthHeader(int responseCode, RawHeaders responseHeaders,
       RawHeaders successorRequestHeaders, Proxy proxy, URL url) throws IOException {
     if (responseCode != HTTP_PROXY_AUTH && responseCode != HTTP_UNAUTHORIZED) {
       throw new IllegalArgumentException();
     }

     // Keep asking for username/password until authorized.
     String challengeHeader =
         responseCode == HTTP_PROXY_AUTH ? "Proxy-Authenticate" : "WWW-Authenticate";
     String credentials = getCredentials(responseHeaders, challengeHeader, proxy, url);
     if (credentials == null) {
       return false; // Could not find credentials so end the request cycle.
     }

     // Add authorization credentials, bypassing the already-connected check.
     String fieldName = responseCode == HTTP_PROXY_AUTH ? "Proxy-Authorization" : "Authorization";
     successorRequestHeaders.set(fieldName, credentials);
     return true;
   }

   /**
    * Returns the authorization credentials that may satisfy the challenge.
    * Returns null if a challenge header was not provided or if credentials
    * were not available.
    */
   private static String getCredentials(RawHeaders responseHeaders, String challengeHeader,
       Proxy proxy, URL url) throws IOException {
     List<Challenge> challenges = parseChallenges(responseHeaders, challengeHeader);
     if (challenges.isEmpty()) {
       return null;
     }

     for (Challenge challenge : challenges) {
       // Use the global authenticator to get the password.
       PasswordAuthentication auth;
       if (responseHeaders.getResponseCode() == HTTP_PROXY_AUTH) {
         InetSocketAddress proxyAddress = (InetSocketAddress) proxy.address();
         auth = Authenticator.requestPasswordAuthentication(proxyAddress.getHostName(),
             getConnectToInetAddress(proxy, url), proxyAddress.getPort(), url.getProtocol(),
             challenge.realm, challenge.scheme, url, Authenticator.RequestorType.PROXY);
       } else {
         auth = Authenticator.requestPasswordAuthentication(url.getHost(),
             getConnectToInetAddress(proxy, url), url.getPort(), url.getProtocol(), challenge.realm,
             challenge.scheme, url, Authenticator.RequestorType.SERVER);
       }
       if (auth == null) {
         continue;
       }

       // Use base64 to encode the username and password.
       String usernameAndPassword = auth.getUserName() + ":" + new String(auth.getPassword());
       byte[] bytes = usernameAndPassword.getBytes("ISO-8859-1");
       String encoded = Base64.encode(bytes);
       return challenge.scheme + " " + encoded;
     }

     return null;
   }

   private static InetAddress getConnectToInetAddress(Proxy proxy, URL url) throws IOException {
     return (proxy != null && proxy.type() != Proxy.Type.DIRECT)
         ? ((InetSocketAddress) proxy.address()).getAddress() : InetAddress.getByName(url.getHost());
   }

   /**
    * Parse RFC 2617 challenges. This API is only interested in the scheme
    * name and realm.
    */
   private static List<Challenge> parseChallenges(RawHeaders responseHeaders,
       String challengeHeader) {
     // auth-scheme = token
     // auth-param  = token "=" ( token | quoted-string )
     // challenge   = auth-scheme 1*SP 1#auth-param
     // realm       = "realm" "=" realm-value
     // realm-value = quoted-string
     List<Challenge> result = new ArrayList<Challenge>();
     for (int h = 0; h < responseHeaders.length(); h++) {
       if (!challengeHeader.equalsIgnoreCase(responseHeaders.getFieldName(h))) {
         continue;
       }
       String value = responseHeaders.getValue(h);
       int pos = 0;
       while (pos < value.length()) {
         int tokenStart = pos;
         pos = HeaderParser.skipUntil(value, pos, " ");

         String scheme = value.substring(tokenStart, pos).trim();
         pos = HeaderParser.skipWhitespace(value, pos);

         // TODO: This currently only handles schemes with a 'realm' parameter;
         //       It needs to be fixed to handle any scheme and any parameters
         //       http://code.google.com/p/android/issues/detail?id=11140

         if (!value.regionMatches(pos, "realm=\"", 0, "realm=\"".length())) {
           break; // Unexpected challenge parameter; give up!
         }

         pos += "realm=\"".length();
         int realmStart = pos;
         pos = HeaderParser.skipUntil(value, pos, "\"");
         String realm = value.substring(realmStart, pos);
         pos++; // Consume '"' close quote.
         pos = HeaderParser.skipUntil(value, pos, ",");
         pos++; // Consume ',' comma.
         pos = HeaderParser.skipWhitespace(value, pos);
         result.add(new Challenge(scheme, realm));
       }
     }
     return result;
   }

   /** An RFC 2617 challenge. */
   private static final class Challenge {
     final String scheme;
     final String realm;

     Challenge(String scheme, String realm) {
       this.scheme = scheme;
       this.realm = realm;
     }

     @Override public boolean equals(Object o) {
       return o instanceof Challenge
           && ((Challenge) o).scheme.equals(scheme)
           && ((Challenge) o).realm.equals(realm);
     }

     @Override public int hashCode() {
       return scheme.hashCode() + 31 * realm.hashCode();
     }
   }
 }
	/*
	* Copyright (C) 2012 Square, Inc.
	* Copyright (C) 2011 The Android Open Source Project
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	package com.squareup.okhttp.internal.http;

	import com.squareup.okhttp.internal.Base64;
	import java.io.IOException;
	import java.net.Authenticator;
	import java.net.InetAddress;
	import java.net.InetSocketAddress;
	import java.net.PasswordAuthentication;
	import java.net.Proxy;
	import java.net.URL;
	import java.util.ArrayList;
	import java.util.List;

	import static java.net.HttpURLConnection.HTTP_PROXY_AUTH;
	import static java.net.HttpURLConnection.HTTP_UNAUTHORIZED;

	/** Handles HTTP authentication headers from origin and proxy servers. */
	public final class HttpAuthenticator {
	private HttpAuthenticator() {
	}

	/**
	* React to a failed authorization response by looking up new credentials.
	*
	* @return true if credentials have been added to successorRequestHeaders
	* and another request should be attempted.
	*/
	public static boolean processAuthHeader(int responseCode, RawHeaders responseHeaders,
	RawHeaders successorRequestHeaders, Proxy proxy, URL url) throws IOException {
	if (responseCode != HTTP_PROXY_AUTH && responseCode != HTTP_UNAUTHORIZED) {
	throw new IllegalArgumentException();
	}

	// Keep asking for username/password until authorized.
	String challengeHeader =
	responseCode == HTTP_PROXY_AUTH ? "Proxy-Authenticate" : "WWW-Authenticate";
	String credentials = getCredentials(responseHeaders, challengeHeader, proxy, url);
	if (credentials == null) {
	return false; // Could not find credentials so end the request cycle.
	}

	// Add authorization credentials, bypassing the already-connected check.
	String fieldName = responseCode == HTTP_PROXY_AUTH ? "Proxy-Authorization" : "Authorization";
	successorRequestHeaders.set(fieldName, credentials);
	return true;
	}

	/**
	* Returns the authorization credentials that may satisfy the challenge.
	* Returns null if a challenge header was not provided or if credentials
	* were not available.
	*/
	private static String getCredentials(RawHeaders responseHeaders, String challengeHeader,
	Proxy proxy, URL url) throws IOException {
	List<Challenge> challenges = parseChallenges(responseHeaders, challengeHeader);
	if (challenges.isEmpty()) {
	return null;
	}

	for (Challenge challenge : challenges) {
	// Use the global authenticator to get the password.
	PasswordAuthentication auth;
	if (responseHeaders.getResponseCode() == HTTP_PROXY_AUTH) {
	InetSocketAddress proxyAddress = (InetSocketAddress) proxy.address();
	auth = Authenticator.requestPasswordAuthentication(proxyAddress.getHostName(),
	getConnectToInetAddress(proxy, url), proxyAddress.getPort(), url.getProtocol(),
	challenge.realm, challenge.scheme, url, Authenticator.RequestorType.PROXY);
	} else {
	auth = Authenticator.requestPasswordAuthentication(url.getHost(),
	getConnectToInetAddress(proxy, url), url.getPort(), url.getProtocol(), challenge.realm,
	challenge.scheme, url, Authenticator.RequestorType.SERVER);
	}
	if (auth == null) {
	continue;
	}

	// Use base64 to encode the username and password.
	String usernameAndPassword = auth.getUserName() + ":" + new String(auth.getPassword());
	byte[] bytes = usernameAndPassword.getBytes("ISO-8859-1");
	String encoded = Base64.encode(bytes);
	return challenge.scheme + " " + encoded;
	}

	return null;
	}

	private static InetAddress getConnectToInetAddress(Proxy proxy, URL url) throws IOException {
	return (proxy != null && proxy.type() != Proxy.Type.DIRECT)
	? ((InetSocketAddress) proxy.address()).getAddress() : InetAddress.getByName(url.getHost());
	}

	/**
	* Parse RFC 2617 challenges. This API is only interested in the scheme
	* name and realm.
	*/
	private static List<Challenge> parseChallenges(RawHeaders responseHeaders,
	String challengeHeader) {
	// auth-scheme = token
	// auth-param = token "=" ( token \| quoted-string )
	// challenge = auth-scheme 1*SP 1#auth-param
	// realm = "realm" "=" realm-value
	// realm-value = quoted-string
	List<Challenge> result = new ArrayList<Challenge>();
	for (int h = 0; h < responseHeaders.length(); h++) {
	if (!challengeHeader.equalsIgnoreCase(responseHeaders.getFieldName(h))) {
	continue;
	}
	String value = responseHeaders.getValue(h);
	int pos = 0;
	while (pos < value.length()) {
	int tokenStart = pos;
	pos = HeaderParser.skipUntil(value, pos, " ");

	String scheme = value.substring(tokenStart, pos).trim();
	pos = HeaderParser.skipWhitespace(value, pos);

	// TODO: This currently only handles schemes with a 'realm' parameter;
	// It needs to be fixed to handle any scheme and any parameters
	// http://code.google.com/p/android/issues/detail?id=11140

	if (!value.regionMatches(pos, "realm=\"", 0, "realm=\"".length())) {
	break; // Unexpected challenge parameter; give up!
	}

	pos += "realm=\"".length();
	int realmStart = pos;
	pos = HeaderParser.skipUntil(value, pos, "\"");
	String realm = value.substring(realmStart, pos);
	pos++; // Consume '"' close quote.
	pos = HeaderParser.skipUntil(value, pos, ",");
	pos++; // Consume ',' comma.
	pos = HeaderParser.skipWhitespace(value, pos);
	result.add(new Challenge(scheme, realm));
	}
	}
	return result;
	}

	/** An RFC 2617 challenge. */
	private static final class Challenge {
	final String scheme;
	final String realm;

	Challenge(String scheme, String realm) {
	this.scheme = scheme;
	this.realm = realm;
	}

	@Override public boolean equals(Object o) {
	return o instanceof Challenge
	&& ((Challenge) o).scheme.equals(scheme)
	&& ((Challenge) o).realm.equals(realm);
	}

	@Override public int hashCode() {
	return scheme.hashCode() + 31 * realm.hashCode();
	}
	}
	}