juneau-core/juneau-marshall/src/main/java/org/apache/juneau/http/Authorization.java - juneau - Git at Google

 // ***************************************************************************************************************************
 // * Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements.  See the NOTICE file *
 // * distributed with this work for additional information regarding copyright ownership.  The ASF licenses this file        *
 // * to you under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance            *
 // * with the License.  You may obtain a copy of the License at                                                              *
 // *                                                                                                                         *
 // *  http://www.apache.org/licenses/LICENSE-2.0                                                                             *
 // *                                                                                                                         *
 // * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an  *
 // * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the License for the        *
 // * specific language governing permissions and limitations under the License.                                              *
 // ***************************************************************************************************************************
 package org.apache.juneau.http;

 import org.apache.juneau.http.annotation.*;

 /**
  * Represents a parsed <l>Authorization</l> HTTP request header.
  *
  * <p>
  * Authentication credentials for HTTP authentication.
  *
  * <h5 class='figure'>Example</h5>
  * <p class='bcode w800'>
  * 	Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
  * </p>
  *
  * <h5 class='topic'>RFC2616 Specification</h5>
  *
  * A user agent that wishes to authenticate itself with a server--usually, but not necessarily, after receiving a 401
  * response--does so by including an Authorization request-header field with the request.
  *
  * <p>
  * The Authorization field value consists of credentials containing the authentication information of the user agent for
  * the realm of the resource being requested.
  *
  * <p class='bcode w800'>
  * 	Authorization  = "Authorization" ":" credentials
  * </p>
  *
  * <p>
  * HTTP access authentication is described in "HTTP Authentication: Basic and Digest Access Authentication".
  *
  * <p>
  * If a request is authenticated and a realm specified, the same credentials SHOULD be valid for all other requests
  * within this realm (assuming that the authentication scheme itself does not require otherwise, such as credentials
  * that vary according to a challenge value or using synchronized clocks).
  *
  * <p>
  * When a shared cache (see section 13.7) receives a request containing an Authorization field, it MUST NOT return the
  * corresponding response as a reply to any other request, unless one of the following specific exceptions holds:
  * <ol>
  * 	<li>If the response includes the "s-maxage" cache-control directive, the cache MAY use that response in replying
  * 		to a subsequent request.
  * 		But (if the specified maximum age has passed) a proxy cache MUST first revalidate it with the origin
  * 		server, using the request-headers from the new request to allow the origin server to authenticate the new
  * 		request.
  * 		(This is the defined behavior for s-maxage.)
  * 		If the response includes "s-maxage=0", the proxy MUST always revalidate it before re-using it.
  * 	<li>If the response includes the "must-revalidate" cache-control directive, the cache MAY use that response in
  * 		replying to a subsequent request.
  * 		But if the response is stale, all caches MUST first revalidate it with the origin server, using the
  * 		request-headers from the new request to allow the origin server to authenticate the new request.
  * 	<li>If the response includes the "public" cache-control directive, it MAY be returned in reply to any subsequent
  * 		request.
  * </ol>
  *
  * <ul class='seealso'>
  * 	<li class='extlink'>{@doc RFC2616}
  * </ul>
  */
 @Header("Authorization")
 public final class Authorization extends HeaderString {

 	/**
 	 * Returns a parsed <c>Authorization</c> header.
 	 *
 	 * @param value The <c>Authorization</c> header string.
 	 * @return The parsed <c>Authorization</c> header, or <jk>null</jk> if the string was null.
 	 */
 	public static Authorization forString(String value) {
 		if (value == null)
 			return null;
 		return new Authorization(value);
 	}

 	private Authorization(String value) {
 		super(value);
 	}
 }
	// ***************************************************************************************************************************
	// * Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file *
	// * distributed with this work for additional information regarding copyright ownership. The ASF licenses this file *
	// * to you under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance *
	// * with the License. You may obtain a copy of the License at *
	// * *
	// * http://www.apache.org/licenses/LICENSE-2.0 *
	// * *
	// * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an *
	// * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the *
	// * specific language governing permissions and limitations under the License. *
	// ***************************************************************************************************************************
	package org.apache.juneau.http;

	import org.apache.juneau.http.annotation.*;

	/**
	* Represents a parsed <l>Authorization</l> HTTP request header.
	*
	* <p>
	* Authentication credentials for HTTP authentication.
	*
	* <h5 class='figure'>Example</h5>
	* <p class='bcode w800'>
	* Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
	* </p>
	*
	* <h5 class='topic'>RFC2616 Specification</h5>
	*
	* A user agent that wishes to authenticate itself with a server--usually, but not necessarily, after receiving a 401
	* response--does so by including an Authorization request-header field with the request.
	*
	* <p>
	* The Authorization field value consists of credentials containing the authentication information of the user agent for
	* the realm of the resource being requested.
	*
	* <p class='bcode w800'>
	* Authorization = "Authorization" ":" credentials
	* </p>
	*
	* <p>
	* HTTP access authentication is described in "HTTP Authentication: Basic and Digest Access Authentication".
	*
	* <p>
	* If a request is authenticated and a realm specified, the same credentials SHOULD be valid for all other requests
	* within this realm (assuming that the authentication scheme itself does not require otherwise, such as credentials
	* that vary according to a challenge value or using synchronized clocks).
	*
	* <p>
	* When a shared cache (see section 13.7) receives a request containing an Authorization field, it MUST NOT return the
	* corresponding response as a reply to any other request, unless one of the following specific exceptions holds:
	* <ol>
	* <li>If the response includes the "s-maxage" cache-control directive, the cache MAY use that response in replying
	* to a subsequent request.
	* But (if the specified maximum age has passed) a proxy cache MUST first revalidate it with the origin
	* server, using the request-headers from the new request to allow the origin server to authenticate the new
	* request.
	* (This is the defined behavior for s-maxage.)
	* If the response includes "s-maxage=0", the proxy MUST always revalidate it before re-using it.
	* <li>If the response includes the "must-revalidate" cache-control directive, the cache MAY use that response in
	* replying to a subsequent request.
	* But if the response is stale, all caches MUST first revalidate it with the origin server, using the
	* request-headers from the new request to allow the origin server to authenticate the new request.
	* <li>If the response includes the "public" cache-control directive, it MAY be returned in reply to any subsequent
	* request.
	* </ol>
	*
	* <ul class='seealso'>
	* <li class='extlink'>{@doc RFC2616}
	* </ul>
	*/
	@Header("Authorization")
	public final class Authorization extends HeaderString {

	/**
	* Returns a parsed <c>Authorization</c> header.
	*
	* @param value The <c>Authorization</c> header string.
	* @return The parsed <c>Authorization</c> header, or <jk>null</jk> if the string was null.
	*/
	public static Authorization forString(String value) {
	if (value == null)
	return null;
	return new Authorization(value);
	}

	private Authorization(String value) {
	super(value);
	}
	}