Created
August 22, 2017 17:11
-
-
Save galihlasahido/fdd0beb53979e890e606684627c85a55 to your computer and use it in GitHub Desktop.
Example of HTTP Digest Access Authentication using MD5 and HttpClient
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import org.apache.http.Header; | |
import org.apache.http.HttpResponse; | |
import org.apache.http.HttpStatus; | |
import org.apache.http.auth.AuthenticationException; | |
import org.apache.http.auth.MalformedChallengeException; | |
import org.apache.http.auth.UsernamePasswordCredentials; | |
import org.apache.http.client.HttpClient; | |
import org.apache.http.client.methods.HttpGet; | |
import org.apache.http.client.protocol.HttpClientContext; | |
import org.apache.http.impl.auth.DigestScheme; | |
import org.apache.http.impl.client.HttpClientBuilder; | |
import org.apache.http.message.BasicHttpRequest; | |
import org.jpos.util.NameRegistrar; | |
import org.springframework.beans.factory.annotation.Autowired; | |
import org.springframework.stereotype.Component; | |
import javax.annotation.PostConstruct; | |
import java.io.IOException; | |
import java.net.URI; | |
import java.net.URISyntaxException; | |
import java.net.URL; | |
/** | |
* co.id.bankdki.integration.bniinterface.config | |
* Created by galih.lasahido@gmail.com on 8/22/17. | |
* bni-interface | |
*/ | |
@Component | |
public class DigestAuthInit { | |
@Autowired | |
ExpressiveConfig env; | |
@PostConstruct | |
void init() throws MalformedChallengeException, URISyntaxException, IOException, AuthenticationException { | |
final DigestScheme md5Auth = new DigestScheme(); | |
HttpClient client = HttpClientBuilder.create().build(); | |
HttpResponse authResponse = client.execute(new HttpGet(new URI(env.getProperty("bni.host.url")))); | |
if(authResponse.getStatusLine().getStatusCode() == HttpStatus.SC_UNAUTHORIZED) { | |
if(authResponse.containsHeader("WWW-Authenticate")) { | |
final Header challenge = authResponse.getHeaders("WWW-Authenticate")[0]; | |
NameRegistrar.register("www-authenticate", authResponse.getHeaders("WWW-Authenticate")[0]); | |
md5Auth.processChallenge(challenge); | |
final Header solution = md5Auth.authenticate( | |
new UsernamePasswordCredentials(env.getProperty("bni.host.username"), env.getProperty("bni.host.password")), | |
new BasicHttpRequest(HttpGet.METHOD_NAME, new URL(env.getProperty("bni.host.url")) | |
.getPath()), new HttpClientContext()); | |
HttpGet request = new HttpGet(new URI(env.getProperty("bni.host.url"))); | |
md5Auth.createCnonce(); | |
request.addHeader("Accept", "application/json"); | |
request.addHeader(solution.getName(), solution.getValue()); | |
client.execute(request); | |
} else { | |
throw new Error("Web-service responded with Http 401, " + | |
"but didn't send us a usable WWW-Authenticate header."); | |
} | |
} else { | |
throw new Error("Didn't get an Http 401 " + | |
"like we were expecting."); | |
} | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import com.google.gson.Gson; | |
import org.apache.http.Header; | |
import org.apache.http.HttpResponse; | |
import org.apache.http.auth.AuthenticationException; | |
import org.apache.http.auth.MalformedChallengeException; | |
import org.apache.http.auth.UsernamePasswordCredentials; | |
import org.apache.http.client.HttpClient; | |
import org.apache.http.client.methods.HttpPost; | |
import org.apache.http.client.protocol.HttpClientContext; | |
import org.apache.http.entity.StringEntity; | |
import org.apache.http.impl.auth.DigestScheme; | |
import org.apache.http.impl.client.HttpClientBuilder; | |
import org.apache.http.message.BasicHttpRequest; | |
import org.jpos.util.NameRegistrar; | |
import org.springframework.beans.factory.annotation.Autowired; | |
import org.springframework.core.env.Environment; | |
import org.springframework.web.bind.annotation.GetMapping; | |
import org.springframework.web.bind.annotation.ResponseBody; | |
import org.springframework.web.bind.annotation.RestController; | |
import java.io.BufferedReader; | |
import java.io.IOException; | |
import java.io.InputStreamReader; | |
import java.net.URI; | |
import java.net.URISyntaxException; | |
import java.net.URL; | |
import java.util.HashMap; | |
import java.util.Map; | |
/** | |
* co.id.bankdki.integration.bniinterface.web | |
* Created by galih.lasahido@gmail.com on 8/21/17. | |
* bni-interface | |
*/ | |
@RestController | |
public class Pinging { | |
@Autowired | |
Environment env; | |
@GetMapping("/inquiry/ping") | |
@ResponseBody | |
public String inquiryPing() throws IOException, URISyntaxException, MalformedChallengeException, AuthenticationException { | |
final DigestScheme md5Auth = new DigestScheme(); | |
HttpClient client = HttpClientBuilder.create().build(); | |
Header challenge = (Header) NameRegistrar.getIfExists("www-authenticate"); | |
md5Auth.processChallenge(challenge); | |
final Header solution = md5Auth.authenticate( | |
new UsernamePasswordCredentials(env.getProperty("bni.host.username"), env.getProperty("bni.host.password")), | |
new BasicHttpRequest(HttpPost.METHOD_NAME, new URL(env.getProperty("bni.host.url")) | |
.getPath()), new HttpClientContext()); | |
HttpPost request = new HttpPost(new URI(env.getProperty("bni.host.url"))); | |
request.addHeader("Accept", "application/json"); | |
request.addHeader(solution.getName(), solution.getValue()); | |
Gson gson = new Gson(); | |
Map<String, String> map = new HashMap<>(); | |
map.put("typereq", "ping"); | |
StringEntity se = new StringEntity(gson.toJson(map)); | |
request.setEntity(se); | |
HttpResponse response = client.execute(request); | |
BufferedReader rd = new BufferedReader(new InputStreamReader(response.getEntity().getContent())); | |
StringBuffer result = new StringBuffer(); | |
String line = ""; | |
while ((line = rd.readLine()) != null) { | |
result.append(line); | |
} | |
return result.toString(); | |
} | |
} |
NameRegistrar is from jpos, you can use it or maybe create another implementation
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
wich dependency for import org.jpos.util.NameRegistrar;?