Class DigestAuthExtractor
- java.lang.Object
-
- org.pac4j.http.credentials.extractor.DigestAuthExtractor
-
- All Implemented Interfaces:
org.pac4j.core.credentials.extractor.CredentialsExtractor
public class DigestAuthExtractor extends java.lang.Object implements org.pac4j.core.credentials.extractor.CredentialsExtractor
To extract digest auth header.- Since:
- 1.9.0
- Author:
- Mircea Carasel
-
-
Constructor Summary
Constructors Constructor Description DigestAuthExtractor()
DigestAuthExtractor(java.lang.String headerName, java.lang.String prefixHeader)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description java.util.Optional<org.pac4j.core.credentials.Credentials>
extract(org.pac4j.core.context.WebContext context, org.pac4j.core.context.session.SessionStore sessionStore)
Extracts digest Authorization header components.java.lang.String
toString()
-
-
-
Method Detail
-
extract
public java.util.Optional<org.pac4j.core.credentials.Credentials> extract(org.pac4j.core.context.WebContext context, org.pac4j.core.context.session.SessionStore sessionStore)
Extracts digest Authorization header components. As per RFC 2617 : username is the user's name in the specified realm qop is quality of protection uri is the request uri response is the client response nonce is a server-specified data string which should be uniquely generated each time a 401 response is made cnonce is the client nonce nc is the nonce count If in the Authorization header it is not specified a username and response, we throw CredentialsException because the client uses an username and a password to authenticate. response is just a MD5 encoded value based on user provided password and RFC 2617 digest authentication encoding rules- Specified by:
extract
in interfaceorg.pac4j.core.credentials.extractor.CredentialsExtractor
- Parameters:
context
- the current web context- Returns:
- the Digest credentials
-
toString
public java.lang.String toString()
- Overrides:
toString
in classjava.lang.Object
-
-