/// <exception cref="Apache.Http.Auth.MalformedChallengeException"></exception>
protected internal override void ParseChallenge(CharArrayBuffer buffer, int beginIndex
, int endIndex)
{
string challenge = buffer.SubstringTrimmed(beginIndex, endIndex);
if (log.IsDebugEnabled())
{
log.Debug("Received challenge '" + challenge + "' from the auth server");
}
if (state == GGSSchemeBase.State.Uninitiated)
{
token = Base64.DecodeBase64(Sharpen.Runtime.GetBytesForString(challenge));
state = GGSSchemeBase.State.ChallengeReceived;
}
else
{
log.Debug("Authentication already attempted");
state = GGSSchemeBase.State.Failed;
}
}
internal GGSSchemeBase(bool stripPort) : base()
{
this.base64codec = new Base64(0);
this.stripPort = stripPort;
this.state = GGSSchemeBase.State.Uninitiated;
}
/// <exception cref="Apache.Http.Auth.AuthenticationException"></exception>
public override Header Authenticate(Credentials credentials, IHttpRequest request
, HttpContext context)
{
Args.NotNull(request, "HTTP request");
switch (state)
{
case GGSSchemeBase.State.Uninitiated:
{
throw new AuthenticationException(GetSchemeName() + " authentication has not been initiated"
);
}
case GGSSchemeBase.State.Failed:
{
throw new AuthenticationException(GetSchemeName() + " authentication has failed");
}
case GGSSchemeBase.State.ChallengeReceived:
{
try
{
HttpRoute route = (HttpRoute)context.GetAttribute(HttpClientContext.HttpRoute);
if (route == null)
{
throw new AuthenticationException("Connection route is not available");
}
HttpHost host;
if (IsProxy())
{
host = route.GetProxyHost();
if (host == null)
{
host = route.GetTargetHost();
}
}
else
{
host = route.GetTargetHost();
}
string authServer;
if (!this.stripPort && host.GetPort() > 0)
{
authServer = host.ToHostString();
}
else
{
authServer = host.GetHostName();
}
if (log.IsDebugEnabled())
{
log.Debug("init " + authServer);
}
token = GenerateToken(token, authServer);
state = GGSSchemeBase.State.TokenGenerated;
}
catch (GSSException gsse)
{
state = GGSSchemeBase.State.Failed;
if (gsse.GetMajor() == GSSException.DefectiveCredential || gsse.GetMajor() == GSSException
.CredentialsExpired)
{
throw new InvalidCredentialsException(gsse.Message, gsse);
}
if (gsse.GetMajor() == GSSException.NoCred)
{
throw new InvalidCredentialsException(gsse.Message, gsse);
}
if (gsse.GetMajor() == GSSException.DefectiveToken || gsse.GetMajor() == GSSException
.DuplicateToken || gsse.GetMajor() == GSSException.OldToken)
{
throw new AuthenticationException(gsse.Message, gsse);
}
// other error
throw new AuthenticationException(gsse.Message);
}
goto case GGSSchemeBase.State.TokenGenerated;
}
case GGSSchemeBase.State.TokenGenerated:
{
string tokenstr = Sharpen.Runtime.GetStringForBytes(base64codec.Encode(token));
if (log.IsDebugEnabled())
{
log.Debug("Sending response '" + tokenstr + "' back to the auth server");
}
CharArrayBuffer buffer = new CharArrayBuffer(32);
if (IsProxy())
{
buffer.Append(AUTH.ProxyAuthResp);
}
else
{
buffer.Append(AUTH.WwwAuthResp);
}
buffer.Append(": Negotiate ");
buffer.Append(tokenstr);
return(new BufferedHeader(buffer));
}
default:
{
throw new InvalidOperationException("Illegal state: " + state);
}
}
}
