Examples of com.bradmcevoy.http.DigestResource

• com.bradmcevoy.http.DigestResource
  Interface to support digest HTTP authentication.

  This provides an authentication method compatible with digest. The key difference between this and Basic authentication is that the password is not available in the request. What is sent is a one way hash of several factors. To check the validity of a message, you must calculate the same one way hash on the server

  Milton never requires a plain text password so the complete digest is passed on to the resource implementation. You may choose to store the plain text password , or you might choose to store a one hash of a subset of the digest auth factors for greater security.

  Either way you SHOULD use the DigestGenerator class to calculate the hash @author brad

        if( auth == null ) {
            return false;
        }
        boolean b;
        if( r instanceof DigestResource ) {
            DigestResource dr = (DigestResource) r;
            if( dr.isDigestAllowed()) {
                b = Auth.Scheme.DIGEST.equals( auth.getScheme() );
            } else {
                log.trace("digest auth is not allowed");
                b = false;
            }

        }
        return b;
    }

    public Object authenticate( Resource r, Request request ) {
        DigestResource digestResource = (DigestResource) r;
        Auth auth = request.getAuthorization();
        DigestResponse resp = digestHelper.calculateResponse(auth, r.getRealm(), request.getMethod());
        if( resp == null ) {
            log.debug("requested digest authentication is invalid or incorrectly formatted");
            return null;
        } else {
            Object o = digestResource.authenticate( resp );
            return o;
        }
    }

        return digestHelper.getChallenge(nonceValue, request.getAuthorization(), resource.getRealm());
    }

    public boolean isCompatible( Resource resource ) {
        if ( resource instanceof DigestResource ) {
      DigestResource dr = (DigestResource) resource;
      return dr.isDigestAllowed();
    } else {
      return false;
    }
    }