chemistry-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From peberl...@apache.org
Subject svn commit: r1433490 - in /chemistry/objectivecmis/trunk/ObjectiveCMIS: Common/CMISAuthenticationProvider.h Common/CMISStandardAuthenticationProvider.h Common/CMISStandardAuthenticationProvider.m Utils/CMISHttpRequest.m
Date Tue, 15 Jan 2013 16:21:27 GMT
Author: peberlein
Date: Tue Jan 15 16:21:27 2013
New Revision: 1433490

URL: http://svn.apache.org/viewvc?rev=1433490&view=rev
Log:
added support for client certificate authentication

Modified:
    chemistry/objectivecmis/trunk/ObjectiveCMIS/Common/CMISAuthenticationProvider.h
    chemistry/objectivecmis/trunk/ObjectiveCMIS/Common/CMISStandardAuthenticationProvider.h
    chemistry/objectivecmis/trunk/ObjectiveCMIS/Common/CMISStandardAuthenticationProvider.m
    chemistry/objectivecmis/trunk/ObjectiveCMIS/Utils/CMISHttpRequest.m

Modified: chemistry/objectivecmis/trunk/ObjectiveCMIS/Common/CMISAuthenticationProvider.h
URL: http://svn.apache.org/viewvc/chemistry/objectivecmis/trunk/ObjectiveCMIS/Common/CMISAuthenticationProvider.h?rev=1433490&r1=1433489&r2=1433490&view=diff
==============================================================================
--- chemistry/objectivecmis/trunk/ObjectiveCMIS/Common/CMISAuthenticationProvider.h (original)
+++ chemistry/objectivecmis/trunk/ObjectiveCMIS/Common/CMISAuthenticationProvider.h Tue Jan
15 16:21:27 2013
@@ -33,4 +33,8 @@
 
 - (void)updateWithHttpURLResponse:(NSHTTPURLResponse*)httpUrlResponse;
 
+- (BOOL)canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace;
+- (void)didCancelAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge;
+- (void)didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge;
+
 @end

Modified: chemistry/objectivecmis/trunk/ObjectiveCMIS/Common/CMISStandardAuthenticationProvider.h
URL: http://svn.apache.org/viewvc/chemistry/objectivecmis/trunk/ObjectiveCMIS/Common/CMISStandardAuthenticationProvider.h?rev=1433490&r1=1433489&r2=1433490&view=diff
==============================================================================
--- chemistry/objectivecmis/trunk/ObjectiveCMIS/Common/CMISStandardAuthenticationProvider.h
(original)
+++ chemistry/objectivecmis/trunk/ObjectiveCMIS/Common/CMISStandardAuthenticationProvider.h
Tue Jan 15 16:21:27 2013
@@ -22,6 +22,17 @@
 
 @interface CMISStandardAuthenticationProvider : NSObject <CMISAuthenticationProvider>
 
+@property (nonatomic, strong) NSURLCredential *credential;
+
+/**
+ * Initialize with username and password that will be added as authorization header
+ */
 - (id)initWithUsername:(NSString *)username andPassword:(NSString *)password;
 
+/**
+ * Initialize with a credential object that will be provided when a corresponding challenge
is received from the server.
+ * Both client certificate and username / password credentials are supported
+ */
+- (id)initWithCredential:(NSURLCredential *)credential;
+
 @end
\ No newline at end of file

Modified: chemistry/objectivecmis/trunk/ObjectiveCMIS/Common/CMISStandardAuthenticationProvider.m
URL: http://svn.apache.org/viewvc/chemistry/objectivecmis/trunk/ObjectiveCMIS/Common/CMISStandardAuthenticationProvider.m?rev=1433490&r1=1433489&r2=1433490&view=diff
==============================================================================
--- chemistry/objectivecmis/trunk/ObjectiveCMIS/Common/CMISStandardAuthenticationProvider.m
(original)
+++ chemistry/objectivecmis/trunk/ObjectiveCMIS/Common/CMISStandardAuthenticationProvider.m
Tue Jan 15 16:21:27 2013
@@ -43,14 +43,76 @@
     return self;
 }
 
+
+- (id)initWithCredential:(NSURLCredential *)credential
+{
+    self = [super init];
+    if (self) {
+        self.credential = credential;
+    }
+    return self;
+}
+
+
 - (NSDictionary *)httpHeadersToApply
 {
-    NSMutableString *loginString = [NSMutableString stringWithFormat:@"%@:%@", self.username,
self.password];
-    NSString *encodedLoginData = [CMISBase64Encoder stringByEncodingText:[loginString dataUsingEncoding:NSUTF8StringEncoding]];
-    NSString *authHeader = [NSString stringWithFormat:@"Basic %@", encodedLoginData];
-    return [NSDictionary dictionaryWithObject:authHeader forKey:@"Authorization"];
+    if (self.username.length > 0 && self.password.length > 0) {
+        NSMutableString *loginString = [NSMutableString stringWithFormat:@"%@:%@", self.username,
self.password];
+        NSString *encodedLoginData = [CMISBase64Encoder stringByEncodingText:[loginString
dataUsingEncoding:NSUTF8StringEncoding]];
+        NSString *authHeader = [NSString stringWithFormat:@"Basic %@", encodedLoginData];
+        return [NSDictionary dictionaryWithObject:authHeader forKey:@"Authorization"];
+    } else {
+        return [NSDictionary dictionary];
+    }
+}
+
+
+- (BOOL)canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace
+{
+    // default implementation mimics default NSURLConnectionDelegate behavior
+    NSString *authenticationMethod = protectionSpace.authenticationMethod;
+    if ([authenticationMethod isEqualToString:NSURLAuthenticationMethodClientCertificate]
&& self.credential.identity) {
+        return YES; // client certificat requested and certificate identity available
+    }
+    if ([authenticationMethod isEqualToString:NSURLAuthenticationMethodHTTPBasic] &&
self.credential.user && self.credential.hasPassword) {
+        return YES; // basic authentication requested and username & password available
+    }
+    
+    return NO;
 }
 
+
+- (void)didCancelAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
+{
+    // nothing to do in the default implementation
+}
+
+
+- (void)didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
+{
+    if (challenge.previousFailureCount == 0) {
+        if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodClientCertificate]
&&
+            self.credential.identity) {
+            log(@"Authenticating with client certificate");
+            [challenge.sender useCredential:self.credential forAuthenticationChallenge:challenge];
+        } else if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodHTTPBasic]
&&
+                   self.credential.user && self.credential.hasPassword) {
+            log(@"Authenticating with username and password");
+            [challenge.sender useCredential:self.credential forAuthenticationChallenge:challenge];
+        } else if (challenge.proposedCredential) {
+            log(@"Authenticating with proposed credential");
+            [challenge.sender useCredential:challenge.proposedCredential forAuthenticationChallenge:challenge];
+        } else {
+            log(@"Authenticating without credential");
+            [challenge.sender continueWithoutCredentialForAuthenticationChallenge:challenge];
+        }
+    } else {
+        log(@"Authentication failed, cancelling logon");
+        [challenge.sender cancelAuthenticationChallenge:challenge];
+    }
+}
+
+
 - (void)updateWithHttpURLResponse:(NSHTTPURLResponse*)httpUrlResponse
 {
     // nothing to do in the default implementation

Modified: chemistry/objectivecmis/trunk/ObjectiveCMIS/Utils/CMISHttpRequest.m
URL: http://svn.apache.org/viewvc/chemistry/objectivecmis/trunk/ObjectiveCMIS/Utils/CMISHttpRequest.m?rev=1433490&r1=1433489&r2=1433490&view=diff
==============================================================================
--- chemistry/objectivecmis/trunk/ObjectiveCMIS/Utils/CMISHttpRequest.m (original)
+++ chemistry/objectivecmis/trunk/ObjectiveCMIS/Utils/CMISHttpRequest.m Tue Jan 15 16:21:27
2013
@@ -128,6 +128,24 @@ NSString * const kCMISExceptionVersionin
 }
 
 
+- (BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace
*)protectionSpace
+{
+    return [self.authenticationProvider canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace
*)protectionSpace];
+}
+
+
+- (void)connection:(NSURLConnection *)connection didCancelAuthenticationChallenge:(NSURLAuthenticationChallenge
*)challenge
+{
+    [self.authenticationProvider didCancelAuthenticationChallenge:challenge];
+}
+
+
+- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge
*)challenge
+{
+    [self.authenticationProvider didReceiveAuthenticationChallenge:challenge];
+}
+
+
 - (void)connection:(NSURLConnection *)connection didReceiveResponse:(NSURLResponse *)response
 {
     self.responseBody = [[NSMutableData alloc] init];



Mime
View raw message