Package org.attribyte.api.http

Class AuthScheme

java.lang.Object
org.attribyte.api.http.AuthScheme
Direct Known Subclasses:
BasicAuthScheme
public abstract class AuthScheme extends Object
Defines a HTTP authentication scheme.

  • Field Details

    • DEFAULT_UNAUTHORIZED_MESSAGE

      public static final String DEFAULT_UNAUTHORIZED_MESSAGE
      The default message sent when unauthorized ('Authorization Required').
      See Also:

    • AUTHENTICATE_RESPONSE_HEADER

      public static final String AUTHENTICATE_RESPONSE_HEADER
      The authenticate response header name ('WWW-Authenticate').
      See Also:

    • scheme

      public final String scheme

    • realm

      public final String realm

    • authenticateResponseHeader

      public final String authenticateResponseHeader

  • Constructor Details

    • AuthScheme

      protected AuthScheme(String scheme, String realm)
      Creates an authentication scheme.

      Must not contain the quote character.

      Parameters:
      scheme - The scheme name.
      realm - The realm.
      Throws:
      UnsupportedOperationException - if the realm contains the quote character.

  • Method Details

    • hasCredentials

      public abstract boolean hasCredentials(Request request)
      Determines if the request has any (invalid or valid) credentials for this scheme.
      Parameters:
      request - The request.
      Returns:
      Does the request appear to have appropriate credentials?

    • addAuth

      public abstract Request addAuth(Request request, String userId, String secret) throws GeneralSecurityException
      Adds authentication credentials to a request.
      Parameters:
      request - The request to which credentials are added.
      userId - An id that uniquely identifies the user (e.g. 'username').
      secret - The authentication secret for the username.
      Returns:
      The request with authentication credentials added.
      Throws:
      GeneralSecurityException - on security-related error adding auth.

    • getUserId

      public abstract String getUserId(Request request) throws GeneralSecurityException
      Gets the user id from the request, if possible.
      Parameters:
      request - The request.
      Returns:
      The user id, or null if none.
      Throws:
      GeneralSecurityException - on security-related error getting user id.

    • authenticate

      public abstract Response authenticate(Request request, String userId, String secret) throws GeneralSecurityException
      Authenticates the request.
      Parameters:
      request - The request.
      userId - The user id for the secret.
      secret - The secret data.
      Returns:
      The HTTP "Unauthorized" response if request is not authorized, otherwise null.
      Throws:
      GeneralSecurityException - on security-related error during authentication.

    • getUnauthorizedResponse

      public Response getUnauthorizedResponse(String message)
      Creates a challenge response.

      By default, returns the standard HTTP challenge response.

      Parameters:
      message - A message returned with the response. If null, a standard message is returned.
      Returns:
      The response.

    • getScheme

      public String getScheme()
      Gets the scheme.
      Returns:
      The scheme.

    • getRealm

      public String getRealm()
      Gets the realm.
      Returns:
      The realm.

    • getAuthenticateResponseHeader

      public String getAuthenticateResponseHeader()
      Gets the value for the WWW-Authenticate header.
      Returns:
      The header value.

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Object

    • equals

      public boolean equals(Object o)
      Overrides:
      equals in class Object