@@ -58,14 +58,14 @@ public class DigestAuthenticator extends LoginAuthenticator
5858 private final ConcurrentMap <String , Nonce > _nonceMap = new ConcurrentHashMap <>();
5959 private long _maxNonceAgeMs = 60 * 1000 ;
6060 private int _maxNC = 1024 ;
61- private Algorithm algorithm = Algorithm . MD5 ;
61+ private String algorithm = " MD5"
6262
63- public void setAlgorithm (Algorithm a )
63+ public void setAlgorithm (String a )
6464 {
6565 algorithm = a ;
6666 }
6767
68- public Algorithm getAlgorithm ()
68+ public String getAlgorithm ()
6969 {
7070 return algorithm ;
7171 }
@@ -188,7 +188,7 @@ else if (n == 0)
188188 res .getHeaders ().put (HttpHeader .WWW_AUTHENTICATE .asString (), "Digest realm=\" " + _loginService .getName () +
189189 "\" , domain=\" " + domain +
190190 "\" , nonce=\" " + newNonce (req ) +
191- "\" , algorithm=" + algorithm . getName () +
191+ "\" , algorithm=" + getAlgorithm () +
192192 ", qop=\" auth\" " +
193193 ", stale=" + stale );
194194
@@ -297,7 +297,7 @@ private static class Digest extends Credential
297297 {
298298 @ Serial
299299 private static final long serialVersionUID = -2484639019549527724L ;
300- private Algorithm algorithm ;
300+ private String algorithm ;
301301 final String method ;
302302 String username = "" ;
303303 String realm = "" ;
@@ -313,38 +313,28 @@ private static class Digest extends Credential
313313 method = m ;
314314 }
315315
316- Digest (String m , Algorithm a )
316+ Digest (String m , String a )
317317 {
318318 method = m ;
319319 algorithm = a ;
320320 }
321-
322- @ Override
323- public boolean check (Object credentials )
324- {
325- byte [] digest = new byte []{};
326- digest = calcDigest (credentials , algorithm .getName ());
327-
328- // check digest
329- return stringEquals (TypeUtil .toString (digest , 16 ).toLowerCase (), response == null ? null : response .toLowerCase ());
330- }
331-
332- @ Override
333- public String toString ()
321+
322+ private String getAlgorithm ()
334323 {
335- return username + "," + response ;
324+ return algorithm ;
336325 }
337326
338- private byte [] calcDigest (Object credentials , String algorithm )
339- {
327+ @ Override
328+ public boolean check (Object credentials )
329+ {
340330 if (credentials instanceof char [])
341331 credentials = new String ((char [])credentials );
342332 String password = (credentials instanceof String ) ? (String )credentials : credentials .toString ();
343333
344334 try
345335 {
346336 // MD5 required by the specification
347- MessageDigest md = MessageDigest .getInstance (algorithm );
337+ MessageDigest md = MessageDigest .getInstance (getAlgorithm () );
348338 byte [] ha1 ;
349339 if (credentials instanceof MD5 )
350340 {
@@ -389,32 +379,21 @@ private byte[] calcDigest(Object credentials, String algorithm)
389379 md .update ((byte )':' );
390380 md .update (TypeUtil .toString (ha2 , 16 ).getBytes (StandardCharsets .ISO_8859_1 ));
391381
392- return md .digest ();
382+ // check digest
383+ return stringEquals (TypeUtil .toString (md .digest (), 16 ).toLowerCase (), response == null ? null : response .toLowerCase ());
384+
393385 }
394386 catch (Exception e )
395387 {
396388 LOG .warn ("Unable to process digest" , e );
397389 }
398-
399- return new byte [] {};
390+ return false ;
391+ }
392+
393+ @ Override
394+ public String toString ()
395+ {
396+ return username + "," + response ;
400397 }
401398 }
402-
403- public static enum Algorithm
404- {
405- MD5 ("MD5" ),
406- SHA256 ("SHA-256" );
407-
408- private String name ;
409-
410- Algorithm (String name )
411- {
412- this .name = name ;
413- }
414-
415- public String getName ()
416- {
417- return this .name ;
418- }
419- }
420- }
399+ }
0 commit comments