Alan Viverette | 3da604b | 2020-06-10 18:34:39 +0000 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (c) 2008-2009, Motorola, Inc. |
| 3 | * |
| 4 | * All rights reserved. |
| 5 | * |
| 6 | * Redistribution and use in source and binary forms, with or without |
| 7 | * modification, are permitted provided that the following conditions are met: |
| 8 | * |
| 9 | * - Redistributions of source code must retain the above copyright notice, |
| 10 | * this list of conditions and the following disclaimer. |
| 11 | * |
| 12 | * - Redistributions in binary form must reproduce the above copyright notice, |
| 13 | * this list of conditions and the following disclaimer in the documentation |
| 14 | * and/or other materials provided with the distribution. |
| 15 | * |
| 16 | * - Neither the name of the Motorola, Inc. nor the names of its contributors |
| 17 | * may be used to endorse or promote products derived from this software |
| 18 | * without specific prior written permission. |
| 19 | * |
| 20 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" |
| 21 | * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
| 22 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
| 23 | * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE |
| 24 | * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR |
| 25 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
| 26 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS |
| 27 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN |
| 28 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
| 29 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
| 30 | * POSSIBILITY OF SUCH DAMAGE. |
| 31 | */ |
| 32 | |
| 33 | package javax.obex; |
| 34 | |
| 35 | /** |
| 36 | * This interface provides a way to respond to authentication challenge and |
| 37 | * authentication response headers. When a client or server receives an |
| 38 | * authentication challenge or authentication response header, the |
| 39 | * <code>onAuthenticationChallenge()</code> or |
| 40 | * <code>onAuthenticationResponse()</code> will be called, respectively, by the |
| 41 | * implementation. |
| 42 | * <P> |
| 43 | * For more information on how the authentication procedure works in OBEX, |
| 44 | * please review the IrOBEX specification at <A |
| 45 | * HREF="http://www.irda.org">http://www.irda.org</A>. |
| 46 | * <P> |
| 47 | * <STRONG>Authentication Challenges</STRONG> |
| 48 | * <P> |
| 49 | * When a client or server receives an authentication challenge header, the |
| 50 | * <code>onAuthenticationChallenge()</code> method will be invoked by the OBEX |
| 51 | * API implementation. The application will then return the user name (if |
| 52 | * needed) and password via a <code>PasswordAuthentication</code> object. The |
| 53 | * password in this object is not sent in the authentication response. Instead, |
| 54 | * the 16-byte challenge received in the authentication challenge is combined |
| 55 | * with the password returned from the <code>onAuthenticationChallenge()</code> |
| 56 | * method and passed through the MD5 hash algorithm. The resulting value is sent |
| 57 | * in the authentication response along with the user name if it was provided. |
| 58 | * <P> |
| 59 | * <STRONG>Authentication Responses</STRONG> |
| 60 | * <P> |
| 61 | * When a client or server receives an authentication response header, the |
| 62 | * <code>onAuthenticationResponse()</code> method is invoked by the API |
| 63 | * implementation with the user name received in the authentication response |
| 64 | * header. (The user name will be <code>null</code> if no user name was provided |
| 65 | * in the authentication response header.) The application must determine the |
| 66 | * correct password. This value should be returned from the |
| 67 | * <code>onAuthenticationResponse()</code> method. If the authentication request |
| 68 | * should fail without the implementation checking the password, |
| 69 | * <code>null</code> should be returned by the application. (This is needed for |
| 70 | * reasons like not recognizing the user name, etc.) If the returned value is |
| 71 | * not <code>null</code>, the OBEX API implementation will combine the password |
| 72 | * returned from the <code>onAuthenticationResponse()</code> method and |
| 73 | * challenge sent via the authentication challenge, apply the MD5 hash |
| 74 | * algorithm, and compare the result to the response hash received in the |
| 75 | * authentication response header. If the values are not equal, an |
| 76 | * <code>IOException</code> will be thrown if the client requested |
| 77 | * authentication. If the server requested authentication, the |
| 78 | * <code>onAuthenticationFailure()</code> method will be called on the |
| 79 | * <code>ServerRequestHandler</code> that failed authentication. The connection |
| 80 | * is <B>not</B> closed if authentication failed. |
| 81 | * @hide |
| 82 | */ |
| 83 | public interface Authenticator { |
| 84 | |
| 85 | /** |
| 86 | * Called when a client or a server receives an authentication challenge |
| 87 | * header. It should respond to the challenge with a |
| 88 | * <code>PasswordAuthentication</code> that contains the correct user name |
| 89 | * and password for the challenge. |
| 90 | * @param description the description of which user name and password should |
| 91 | * be used; if no description is provided in the authentication |
| 92 | * challenge or the description is encoded in an encoding scheme that |
| 93 | * is not supported, an empty string will be provided |
| 94 | * @param isUserIdRequired <code>true</code> if the user ID is required; |
| 95 | * <code>false</code> if the user ID is not required |
| 96 | * @param isFullAccess <code>true</code> if full access to the server will |
| 97 | * be granted; <code>false</code> if read only access will be granted |
| 98 | * @return a <code>PasswordAuthentication</code> object containing the user |
| 99 | * name and password used for authentication |
| 100 | */ |
| 101 | PasswordAuthentication onAuthenticationChallenge(String description, boolean isUserIdRequired, |
| 102 | boolean isFullAccess); |
| 103 | |
| 104 | /** |
| 105 | * Called when a client or server receives an authentication response |
| 106 | * header. This method will provide the user name and expect the correct |
| 107 | * password to be returned. |
| 108 | * @param userName the user name provided in the authentication response; may |
| 109 | * be <code>null</code> |
| 110 | * @return the correct password for the user name provided; if |
| 111 | * <code>null</code> is returned then the authentication request |
| 112 | * failed |
| 113 | */ |
| 114 | byte[] onAuthenticationResponse(byte[] userName); |
| 115 | } |