#8: Default Digest Algorithm

Author: vzhn

src/main/java/me/vzhilin/auth/DigestAuthenticator.java

@@ -1,10 +1,7 @@
 package me.vzhilin.auth;
 
-import me.vzhilin.auth.digester.Digester;
-import me.vzhilin.auth.digester.Ha1;
-import me.vzhilin.auth.digester.Ha1Supplier;
-import me.vzhilin.auth.parser.ChallengeResponse;
-import me.vzhilin.auth.parser.QopOptions;
+import me.vzhilin.auth.digester.*;
+import me.vzhilin.auth.parser.*;
 
 import java.util.Set;
 
@@ -25,7 +22,11 @@ public DigestAuthenticator(Ha1Supplier ha1Supplier, Digester digester) {
     }
 
     public DigestAuthenticator(String user, String pass) {
-        this((algorithm, realm) -> Ha1.hash(algorithm, user, realm, pass));
+        this(user, pass, DigestAlgorithm.MD5);
+    }
+
+    public DigestAuthenticator(String user, String pass, DigestAlgorithm defaultAlgorithm) {
+        this(new FallbackHa1Supplier((algorithm, realm) -> Ha1.hash(algorithm, user, realm, pass), defaultAlgorithm));
     }
 
     public synchronized void onResponseReceived(ChallengeResponse response, int httpStatus) {
@@ -55,11 +56,11 @@ private QopOptions chooseQop(ChallengeResponse challenge) {
         return null;
     }
 
-    public String autorizationHeader(String method, String uri) {
-        return autorizationHeader(method, uri, "");
+    public String authorizationHeader(String method, String uri) {
+        return authorizationHeader(method, uri, "");
     }
 
-    public synchronized String autorizationHeader(String method, String uri, String entityBody) {
+    public synchronized String authorizationHeader(String method, String uri, String entityBody) {
         if (digester.getNonce() == null) {
             return null;
         }
@@ -72,4 +73,23 @@ public synchronized String autorizationHeader(String method, String uri, String
         digester.incNonceCount();
         return headerValue;
     }
+
+    private static final class FallbackHa1Supplier implements Ha1Supplier {
+        private final Ha1Supplier delegate;
+        private final DigestAlgorithm defaultAlgorithm;
+
+        public FallbackHa1Supplier(Ha1Supplier delegate, DigestAlgorithm defaultAlgorithm) {
+            this.delegate = delegate;
+            this.defaultAlgorithm = defaultAlgorithm;
+        }
+
+        @Override
+        public Ha1 hash(DigestAlgorithm algorithm, String realm) {
+            if (algorithm == null) {
+                return delegate.hash(defaultAlgorithm, realm);
+            } else {
+                return delegate.hash(algorithm, realm);
+            }
+        }
+    }
 }

src/main/java/me/vzhilin/auth/netty/DigestNettyHttpAuthenticator.java

@@ -60,7 +60,7 @@ public void write(ChannelHandlerContext ctx, Object msg, ChannelPromise promise)
 
             String method = req.method().name();
             String uri = req.uri();
-            final String header = authenticator.autorizationHeader(method, uri);
+            final String header = authenticator.authorizationHeader(method, uri);
             if (header != null) {
                 req.headers().set(HttpHeaderNames.AUTHORIZATION, header);
             }

src/main/java/me/vzhilin/auth/netty/TransparentDigestNettyHttpAuthenticator.java

@@ -79,7 +79,7 @@ public void channelRead(ChannelHandlerContext ctx, Object msg) throws Exception
                         if (authenticateHeader != null) {
                             authenticator.onResponseReceived(ChallengeResponse.of(authenticateHeader), status.code());
                         }
-                        final String auth = authenticator.autorizationHeader(request.method().name(), request.uri());
+                        final String auth = authenticator.authorizationHeader(request.method().name(), request.uri());
                         if (auth != null) {
                             request.headers().set(HttpHeaderNames.AUTHORIZATION, auth);
                         }
@@ -115,7 +115,7 @@ public void write(ChannelHandlerContext ctx, Object msg, ChannelPromise promise)
                 String method = req.method().name();
                 String uri = req.uri();
 
-                req.headers().set(HttpHeaderNames.AUTHORIZATION, authenticator.autorizationHeader(method, uri));
+                req.headers().set(HttpHeaderNames.AUTHORIZATION, authenticator.authorizationHeader(method, uri));
             }
             // keep the client request
             // When server responds 401 Unauthorized, resend the request with authentication header

src/main/java/me/vzhilin/auth/parser/ChallengeResponseParser.java

@@ -138,10 +138,6 @@ private ChallengeResponse readDigestChallenge(ChallengeResponse challenge) throw
             }
         } while (hasNext());
 
-        if (challenge.getAlgorithm() == null) {
-            challenge.addAlgorithm(DigestAlgorithm.MD5);
-        }
-
         return challenge;
     }
 }

src/test/java/me/vzhilin/demo/webflux/WebFluxDemo.java

@@ -44,7 +44,7 @@ public void write(ChannelHandlerContext ctx, Object msg, ChannelPromise promise)
                             HttpRequest request = (HttpRequest) msg;
                             String authorization = request.headers().get(HttpHeaderNames.AUTHORIZATION);
                             if (authorization == null) {
-                                final String authorizationHeader = auth.autorizationHeader(request.method().name(), request.uri());
+                                final String authorizationHeader = auth.authorizationHeader(request.method().name(), request.uri());
                                 if (authorizationHeader != null) {
                                     request.headers().set(HttpHeaderNames.AUTHORIZATION, authorizationHeader);
                                 }

src/test/java/me/vzhilin/test/DigestAuthenticatorTest.java

@@ -36,12 +36,12 @@ public void digestAuth() throws Exception {
         authenticator.onResponseReceived(ChallengeResponse.of(firstResponse.getFirstHeader("WWW-Authenticate").getValue()),
             firstResponse.getStatusLine().getStatusCode());
 
-        request.setHeader("Authorization", authenticator.autorizationHeader("GET", uri.getPath()));
+        request.setHeader("Authorization", authenticator.authorizationHeader("GET", uri.getPath()));
         CloseableHttpResponse secondResponse = httpClient.execute(request);
         EntityUtils.consume(secondResponse.getEntity());
         assertEquals("expected authorized", 200, secondResponse.getStatusLine().getStatusCode());
 
-        request.setHeader("Authorization", authenticator.autorizationHeader("GET", uri.getPath()));
+        request.setHeader("Authorization", authenticator.authorizationHeader("GET", uri.getPath()));
         CloseableHttpResponse thirdResponse = httpClient.execute(request);
         EntityUtils.consume(thirdResponse.getEntity());
         assertEquals("ensure that digester is working", 200, thirdResponse.getStatusLine().getStatusCode());