1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
|
/*
* Copyright (c) 2008-2009, Motorola, Inc.
*
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* - Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* - Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
*
* - Neither the name of the Motorola, Inc. nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
package javax.obex;
/**
* This interface provides a way to respond to authentication challenge and
* authentication response headers. When a client or server receives an
* authentication challenge or authentication response header, the
* <code>onAuthenticationChallenge()</code> or
* <code>onAuthenticationResponse()</code> will be called, respectively, by
* the implementation.
* <P>
* For more information on how the authentication procedure works in OBEX,
* please review the IrOBEX specification at
* <A HREF="http://www.irda.org">http://www.irda.org</A>.
* <P>
* <STRONG>Authentication Challenges</STRONG>
* <P>
* When a client or server receives an authentication challenge header, the
* <code>onAuthenticationChallenge()</code> method will be invoked by the
* OBEX API implementation. The application will then return the user name
* (if needed) and password via a <code>PasswordAuthentication</code> object.
* The password in this object is not sent in the authentication response.
* Instead, the 16-byte challenge received in the authentication challenge is
* combined with the password returned from the
* <code>onAuthenticationChallenge()</code> method and passed through the MD5
* hash algorithm. The resulting value is sent in the authentication response
* along with the user name if it was provided.
* <P>
* <STRONG>Authentication Responses</STRONG>
* <P>
* When a client or server receives an authentication response header, the
* <code>onAuthenticationResponse()</code> method is invoked by the API
* implementation with the user name received in the authentication response
* header. (The user name will be <code>null</code> if no user name was
* provided in the authentication response header.) The application must
* determine the correct password. This value should be returned from the
* <code>onAuthenticationResponse()</code> method. If the authentication
* request should fail without the implementation checking the password,
* <code>null</code> should
* be returned by the application. (This is needed for reasons like not
* recognizing the user name, etc.) If the returned value is not
* <code>null</code>, the OBEX API implementation will combine the password
* returned from the <code>onAuthenticationResponse()</code> method and
* challenge sent via the authentication challenge, apply the MD5 hash
* algorithm, and compare the result to the response hash received in the
* authentication response header. If the values are not equal, an
* <code>IOException</code> will be thrown if the client requested authentication.
* If the server requested authentication, the
* <code>onAuthenticationFailure()</code> method will be called on the
* <code>ServerRequestHandler</code> that failed authentication. The
* connection is <B>not</B> closed if authentication failed.
*
* @hide
*/
public interface Authenticator {
/**
* Called when a client or a server receives an authentication challenge
* header. It should respond to the challenge with a
* <code>PasswordAuthentication</code> that contains the correct user name
* and password for the challenge.
*
* @param description the description of which user name and password
* should be used; if no description is provided in the authentication
* challenge or the description is encoded in an encoding scheme that is
* not supported, an empty string will be provided
*
* @param isUserIdRequired <code>true</code> if the user ID is required;
* <code>false</code> if the user ID is not required
*
* @param isFullAccess <code>true</code> if full access to the server
* will be granted; <code>false</code> if read only access will be
* granted
*
* @return a <code>PasswordAuthentication</code> object containing the
* user name and password used for authentication
*/
PasswordAuthentication onAuthenticationChallenge(String description, boolean isUserIdRequired,
boolean isFullAccess);
/**
* Called when a client or server receives an authentication response
* header. This method will provide the user name and expect the correct
* password to be returned.
*
* @param userName the user name provided in the authentication response;
* may be <code>null</code>
*
* @return the correct password for the user name provided; if
* <code>null</code> is returned then the authentication request failed
*/
byte[] onAuthenticationResponse(byte[] userName);
}
|
