Return-Path: X-Original-To: apmail-chemistry-commits-archive@www.apache.org Delivered-To: apmail-chemistry-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 04523E33D for ; Tue, 15 Jan 2013 16:23:45 +0000 (UTC) Received: (qmail 85516 invoked by uid 500); 15 Jan 2013 16:22:23 -0000 Delivered-To: apmail-chemistry-commits-archive@chemistry.apache.org Received: (qmail 81048 invoked by uid 500); 15 Jan 2013 16:22:17 -0000 Mailing-List: contact commits-help@chemistry.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@chemistry.apache.org Delivered-To: mailing list commits@chemistry.apache.org Received: (qmail 79891 invoked by uid 99); 15 Jan 2013 16:21:48 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 15 Jan 2013 16:21:48 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 15 Jan 2013 16:21:47 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id 076382388AB8; Tue, 15 Jan 2013 16:21:28 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1433490 - in /chemistry/objectivecmis/trunk/ObjectiveCMIS: Common/CMISAuthenticationProvider.h Common/CMISStandardAuthenticationProvider.h Common/CMISStandardAuthenticationProvider.m Utils/CMISHttpRequest.m Date: Tue, 15 Jan 2013 16:21:27 -0000 To: commits@chemistry.apache.org From: peberlein@apache.org X-Mailer: svnmailer-1.0.8-patched Message-Id: <20130115162128.076382388AB8@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: peberlein Date: Tue Jan 15 16:21:27 2013 New Revision: 1433490 URL: http://svn.apache.org/viewvc?rev=1433490&view=rev Log: added support for client certificate authentication Modified: chemistry/objectivecmis/trunk/ObjectiveCMIS/Common/CMISAuthenticationProvider.h chemistry/objectivecmis/trunk/ObjectiveCMIS/Common/CMISStandardAuthenticationProvider.h chemistry/objectivecmis/trunk/ObjectiveCMIS/Common/CMISStandardAuthenticationProvider.m chemistry/objectivecmis/trunk/ObjectiveCMIS/Utils/CMISHttpRequest.m Modified: chemistry/objectivecmis/trunk/ObjectiveCMIS/Common/CMISAuthenticationProvider.h URL: http://svn.apache.org/viewvc/chemistry/objectivecmis/trunk/ObjectiveCMIS/Common/CMISAuthenticationProvider.h?rev=1433490&r1=1433489&r2=1433490&view=diff ============================================================================== --- chemistry/objectivecmis/trunk/ObjectiveCMIS/Common/CMISAuthenticationProvider.h (original) +++ chemistry/objectivecmis/trunk/ObjectiveCMIS/Common/CMISAuthenticationProvider.h Tue Jan 15 16:21:27 2013 @@ -33,4 +33,8 @@ - (void)updateWithHttpURLResponse:(NSHTTPURLResponse*)httpUrlResponse; +- (BOOL)canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace; +- (void)didCancelAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge; +- (void)didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge; + @end Modified: chemistry/objectivecmis/trunk/ObjectiveCMIS/Common/CMISStandardAuthenticationProvider.h URL: http://svn.apache.org/viewvc/chemistry/objectivecmis/trunk/ObjectiveCMIS/Common/CMISStandardAuthenticationProvider.h?rev=1433490&r1=1433489&r2=1433490&view=diff ============================================================================== --- chemistry/objectivecmis/trunk/ObjectiveCMIS/Common/CMISStandardAuthenticationProvider.h (original) +++ chemistry/objectivecmis/trunk/ObjectiveCMIS/Common/CMISStandardAuthenticationProvider.h Tue Jan 15 16:21:27 2013 @@ -22,6 +22,17 @@ @interface CMISStandardAuthenticationProvider : NSObject +@property (nonatomic, strong) NSURLCredential *credential; + +/** + * Initialize with username and password that will be added as authorization header + */ - (id)initWithUsername:(NSString *)username andPassword:(NSString *)password; +/** + * Initialize with a credential object that will be provided when a corresponding challenge is received from the server. + * Both client certificate and username / password credentials are supported + */ +- (id)initWithCredential:(NSURLCredential *)credential; + @end \ No newline at end of file Modified: chemistry/objectivecmis/trunk/ObjectiveCMIS/Common/CMISStandardAuthenticationProvider.m URL: http://svn.apache.org/viewvc/chemistry/objectivecmis/trunk/ObjectiveCMIS/Common/CMISStandardAuthenticationProvider.m?rev=1433490&r1=1433489&r2=1433490&view=diff ============================================================================== --- chemistry/objectivecmis/trunk/ObjectiveCMIS/Common/CMISStandardAuthenticationProvider.m (original) +++ chemistry/objectivecmis/trunk/ObjectiveCMIS/Common/CMISStandardAuthenticationProvider.m Tue Jan 15 16:21:27 2013 @@ -43,14 +43,76 @@ return self; } + +- (id)initWithCredential:(NSURLCredential *)credential +{ + self = [super init]; + if (self) { + self.credential = credential; + } + return self; +} + + - (NSDictionary *)httpHeadersToApply { - NSMutableString *loginString = [NSMutableString stringWithFormat:@"%@:%@", self.username, self.password]; - NSString *encodedLoginData = [CMISBase64Encoder stringByEncodingText:[loginString dataUsingEncoding:NSUTF8StringEncoding]]; - NSString *authHeader = [NSString stringWithFormat:@"Basic %@", encodedLoginData]; - return [NSDictionary dictionaryWithObject:authHeader forKey:@"Authorization"]; + if (self.username.length > 0 && self.password.length > 0) { + NSMutableString *loginString = [NSMutableString stringWithFormat:@"%@:%@", self.username, self.password]; + NSString *encodedLoginData = [CMISBase64Encoder stringByEncodingText:[loginString dataUsingEncoding:NSUTF8StringEncoding]]; + NSString *authHeader = [NSString stringWithFormat:@"Basic %@", encodedLoginData]; + return [NSDictionary dictionaryWithObject:authHeader forKey:@"Authorization"]; + } else { + return [NSDictionary dictionary]; + } +} + + +- (BOOL)canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace +{ + // default implementation mimics default NSURLConnectionDelegate behavior + NSString *authenticationMethod = protectionSpace.authenticationMethod; + if ([authenticationMethod isEqualToString:NSURLAuthenticationMethodClientCertificate] && self.credential.identity) { + return YES; // client certificat requested and certificate identity available + } + if ([authenticationMethod isEqualToString:NSURLAuthenticationMethodHTTPBasic] && self.credential.user && self.credential.hasPassword) { + return YES; // basic authentication requested and username & password available + } + + return NO; } + +- (void)didCancelAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge +{ + // nothing to do in the default implementation +} + + +- (void)didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge +{ + if (challenge.previousFailureCount == 0) { + if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodClientCertificate] && + self.credential.identity) { + log(@"Authenticating with client certificate"); + [challenge.sender useCredential:self.credential forAuthenticationChallenge:challenge]; + } else if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodHTTPBasic] && + self.credential.user && self.credential.hasPassword) { + log(@"Authenticating with username and password"); + [challenge.sender useCredential:self.credential forAuthenticationChallenge:challenge]; + } else if (challenge.proposedCredential) { + log(@"Authenticating with proposed credential"); + [challenge.sender useCredential:challenge.proposedCredential forAuthenticationChallenge:challenge]; + } else { + log(@"Authenticating without credential"); + [challenge.sender continueWithoutCredentialForAuthenticationChallenge:challenge]; + } + } else { + log(@"Authentication failed, cancelling logon"); + [challenge.sender cancelAuthenticationChallenge:challenge]; + } +} + + - (void)updateWithHttpURLResponse:(NSHTTPURLResponse*)httpUrlResponse { // nothing to do in the default implementation Modified: chemistry/objectivecmis/trunk/ObjectiveCMIS/Utils/CMISHttpRequest.m URL: http://svn.apache.org/viewvc/chemistry/objectivecmis/trunk/ObjectiveCMIS/Utils/CMISHttpRequest.m?rev=1433490&r1=1433489&r2=1433490&view=diff ============================================================================== --- chemistry/objectivecmis/trunk/ObjectiveCMIS/Utils/CMISHttpRequest.m (original) +++ chemistry/objectivecmis/trunk/ObjectiveCMIS/Utils/CMISHttpRequest.m Tue Jan 15 16:21:27 2013 @@ -128,6 +128,24 @@ NSString * const kCMISExceptionVersionin } +- (BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace +{ + return [self.authenticationProvider canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace]; +} + + +- (void)connection:(NSURLConnection *)connection didCancelAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge +{ + [self.authenticationProvider didCancelAuthenticationChallenge:challenge]; +} + + +- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge +{ + [self.authenticationProvider didReceiveAuthenticationChallenge:challenge]; +} + + - (void)connection:(NSURLConnection *)connection didReceiveResponse:(NSURLResponse *)response { self.responseBody = [[NSMutableData alloc] init];