Example of HTTP Digest Access Authentication using MD5 and HttpClient

DigestAuthInit.java

import org.apache.http.Header;
import org.apache.http.HttpResponse;
import org.apache.http.HttpStatus;
import org.apache.http.auth.AuthenticationException;
import org.apache.http.auth.MalformedChallengeException;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.protocol.HttpClientContext;
import org.apache.http.impl.auth.DigestScheme;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.message.BasicHttpRequest;
import org.jpos.util.NameRegistrar;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

import javax.annotation.PostConstruct;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;

/**
 * co.id.bankdki.integration.bniinterface.config
 * Created by galih.lasahido@gmail.com on 8/22/17.
 * bni-interface
 */
@Component
public class DigestAuthInit {
    @Autowired
    ExpressiveConfig env;

    @PostConstruct
    void init() throws MalformedChallengeException, URISyntaxException, IOException, AuthenticationException {
        final DigestScheme md5Auth = new DigestScheme();
        HttpClient client = HttpClientBuilder.create().build();
        HttpResponse authResponse = client.execute(new HttpGet(new URI(env.getProperty("bni.host.url"))));

        if(authResponse.getStatusLine().getStatusCode() == HttpStatus.SC_UNAUTHORIZED) {
            if(authResponse.containsHeader("WWW-Authenticate")) {
                final Header challenge = authResponse.getHeaders("WWW-Authenticate")[0];
                NameRegistrar.register("www-authenticate", authResponse.getHeaders("WWW-Authenticate")[0]);
                md5Auth.processChallenge(challenge);

                final Header solution = md5Auth.authenticate(
                        new UsernamePasswordCredentials(env.getProperty("bni.host.username"), env.getProperty("bni.host.password")),
                        new BasicHttpRequest(HttpGet.METHOD_NAME, new URL(env.getProperty("bni.host.url"))
                                .getPath()), new HttpClientContext());

                HttpGet request = new HttpGet(new URI(env.getProperty("bni.host.url")));
                md5Auth.createCnonce();
                request.addHeader("Accept", "application/json");
                request.addHeader(solution.getName(), solution.getValue());
                client.execute(request);

            } else {
                throw new Error("Web-service responded with Http 401, " +
                        "but didn't send us a usable WWW-Authenticate header.");
            }
        } else {
            throw new Error("Didn't get an Http 401 " +
                    "like we were expecting.");
        }
    }
}

Pinging.java

import com.google.gson.Gson;
import org.apache.http.Header;
import org.apache.http.HttpResponse;
import org.apache.http.auth.AuthenticationException;
import org.apache.http.auth.MalformedChallengeException;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.protocol.HttpClientContext;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.auth.DigestScheme;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.message.BasicHttpRequest;
import org.jpos.util.NameRegistrar;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.env.Environment;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.util.HashMap;
import java.util.Map;

/**
 * co.id.bankdki.integration.bniinterface.web
 * Created by galih.lasahido@gmail.com on 8/21/17.
 * bni-interface
 */
@RestController
public class Pinging {
    @Autowired
    Environment env;

    @GetMapping("/inquiry/ping")
    @ResponseBody
    public String inquiryPing() throws IOException, URISyntaxException, MalformedChallengeException, AuthenticationException {
        final DigestScheme md5Auth = new DigestScheme();
        HttpClient client = HttpClientBuilder.create().build();

        Header challenge = (Header) NameRegistrar.getIfExists("www-authenticate");
        md5Auth.processChallenge(challenge);
        final Header solution = md5Auth.authenticate(
                new UsernamePasswordCredentials(env.getProperty("bni.host.username"), env.getProperty("bni.host.password")),
                new BasicHttpRequest(HttpPost.METHOD_NAME, new URL(env.getProperty("bni.host.url"))
                        .getPath()), new HttpClientContext());

        HttpPost request = new HttpPost(new URI(env.getProperty("bni.host.url")));
        request.addHeader("Accept", "application/json");
        request.addHeader(solution.getName(), solution.getValue());

        Gson gson = new Gson();
        Map<String, String> map = new HashMap<>();
        map.put("typereq", "ping");
        StringEntity se = new StringEntity(gson.toJson(map));
        request.setEntity(se);

        HttpResponse response = client.execute(request);

        BufferedReader rd = new BufferedReader(new InputStreamReader(response.getEntity().getContent()));
        StringBuffer result = new StringBuffer();

        String line = "";
        while ((line = rd.readLine()) != null) {
            result.append(line);
        }

        return result.toString();
    }
}

wich dependency for import org.jpos.util.NameRegistrar;?

NameRegistrar is from jpos, you can use it or maybe create another implementation