Path: blob/master/src/java.base/share/classes/java/net/Authenticator.java
41152 views
/*1* Copyright (c) 1997, 2021, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation. Oracle designates this7* particular file as subject to the "Classpath" exception as provided8* by Oracle in the LICENSE file that accompanied this code.9*10* This code is distributed in the hope that it will be useful, but WITHOUT11* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or12* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License13* version 2 for more details (a copy is included in the LICENSE file that14* accompanied this code).15*16* You should have received a copy of the GNU General Public License version17* 2 along with this work; if not, write to the Free Software Foundation,18* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.19*20* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA21* or visit www.oracle.com if you need additional information or have any22* questions.23*/2425package java.net;2627import sun.net.www.protocol.http.AuthenticatorKeys;2829/**30* The class Authenticator represents an object that knows how to obtain31* authentication for a network connection. Usually, it will do this32* by prompting the user for information.33* <p>34* Applications use this class by overriding {@link35* #getPasswordAuthentication()} in a sub-class. This method will36* typically use the various getXXX() accessor methods to get information37* about the entity requesting authentication. It must then acquire a38* username and password either by interacting with the user or through39* some other non-interactive means. The credentials are then returned40* as a {@link PasswordAuthentication} return value.41* <p>42* An instance of this concrete sub-class is then registered43* with the system by calling {@link #setDefault(Authenticator)}.44* When authentication is required, the system will invoke one of the45* requestPasswordAuthentication() methods which in turn will call the46* getPasswordAuthentication() method of the registered object.47* <p>48* All methods that request authentication have a default implementation49* that fails.50*51* @see java.net.Authenticator#setDefault(java.net.Authenticator)52* @see java.net.Authenticator#getPasswordAuthentication()53*54* @author Bill Foote55* @since 1.256*/5758// There are no abstract methods, but to be useful the user must59// subclass.60public abstract61class Authenticator {6263// The system-wide authenticator object. See setDefault().64private static volatile Authenticator theAuthenticator;6566private String requestingHost;67private InetAddress requestingSite;68private int requestingPort;69private String requestingProtocol;70private String requestingPrompt;71private String requestingScheme;72private URL requestingURL;73private RequestorType requestingAuthType;74private final String key = AuthenticatorKeys.computeKey(this);7576/**77* Constructor for subclasses to call.78*/79public Authenticator() {}8081/**82* The type of the entity requesting authentication.83*84* @since 1.585*/86public enum RequestorType {87/**88* Entity requesting authentication is a HTTP proxy server.89*/90PROXY,91/**92* Entity requesting authentication is a HTTP origin server.93*/94SERVER95}9697private void reset() {98requestingHost = null;99requestingSite = null;100requestingPort = -1;101requestingProtocol = null;102requestingPrompt = null;103requestingScheme = null;104requestingURL = null;105requestingAuthType = RequestorType.SERVER;106}107108109/**110* Sets the authenticator that will be used by the networking code111* when a proxy or an HTTP server asks for authentication.112* <p>113* First, if there is a security manager, its {@code checkPermission}114* method is called with a115* {@code NetPermission("setDefaultAuthenticator")} permission.116* This may result in a java.lang.SecurityException.117*118* @param a The authenticator to be set. If a is {@code null} then119* any previously set authenticator is removed.120*121* @throws SecurityException122* if a security manager exists and its123* {@code checkPermission} method doesn't allow124* setting the default authenticator.125*126* @see SecurityManager#checkPermission127* @see java.net.NetPermission128*/129public static synchronized void setDefault(Authenticator a) {130@SuppressWarnings("removal")131SecurityManager sm = System.getSecurityManager();132if (sm != null) {133NetPermission setDefaultPermission134= new NetPermission("setDefaultAuthenticator");135sm.checkPermission(setDefaultPermission);136}137138theAuthenticator = a;139}140141/**142* Gets the default authenticator.143* First, if there is a security manager, its {@code checkPermission}144* method is called with a145* {@code NetPermission("requestPasswordAuthentication")} permission.146* This may result in a java.lang.SecurityException.147* Then the default authenticator, if set, is returned.148* Otherwise, {@code null} is returned.149*150* @return The default authenticator, if set, {@code null} otherwise.151*152* @throws SecurityException153* if a security manager exists and its154* {@code checkPermission} method doesn't allow155* requesting password authentication.156* @since 9157* @see SecurityManager#checkPermission158* @see java.net.NetPermission159*/160public static Authenticator getDefault() {161@SuppressWarnings("removal")162SecurityManager sm = System.getSecurityManager();163if (sm != null) {164NetPermission requestPermission165= new NetPermission("requestPasswordAuthentication");166sm.checkPermission(requestPermission);167}168return theAuthenticator;169}170171/**172* Ask the authenticator that has been registered with the system173* for a password.174* <p>175* First, if there is a security manager, its {@code checkPermission}176* method is called with a177* {@code NetPermission("requestPasswordAuthentication")} permission.178* This may result in a java.lang.SecurityException.179*180* @param addr The InetAddress of the site requesting authorization,181* or null if not known.182* @param port the port for the requested connection183* @param protocol The protocol that's requesting the connection184* ({@link java.net.Authenticator#getRequestingProtocol()})185* @param prompt A prompt string for the user186* @param scheme The authentication scheme187*188* @return The username/password, or null if one can't be gotten.189*190* @throws SecurityException191* if a security manager exists and its192* {@code checkPermission} method doesn't allow193* the password authentication request.194*195* @see SecurityManager#checkPermission196* @see java.net.NetPermission197*/198public static PasswordAuthentication requestPasswordAuthentication(199InetAddress addr,200int port,201String protocol,202String prompt,203String scheme) {204205@SuppressWarnings("removal")206SecurityManager sm = System.getSecurityManager();207if (sm != null) {208NetPermission requestPermission209= new NetPermission("requestPasswordAuthentication");210sm.checkPermission(requestPermission);211}212213Authenticator a = theAuthenticator;214if (a == null) {215return null;216} else {217synchronized(a) {218a.reset();219a.requestingSite = addr;220a.requestingPort = port;221a.requestingProtocol = protocol;222a.requestingPrompt = prompt;223a.requestingScheme = scheme;224return a.getPasswordAuthentication();225}226}227}228229/**230* Ask the authenticator that has been registered with the system231* for a password. This is the preferred method for requesting a password232* because the hostname can be provided in cases where the InetAddress233* is not available.234* <p>235* First, if there is a security manager, its {@code checkPermission}236* method is called with a237* {@code NetPermission("requestPasswordAuthentication")} permission.238* This may result in a java.lang.SecurityException.239*240* @param host The hostname of the site requesting authentication.241* @param addr The InetAddress of the site requesting authentication,242* or null if not known.243* @param port the port for the requested connection.244* @param protocol The protocol that's requesting the connection245* ({@link java.net.Authenticator#getRequestingProtocol()})246* @param prompt A prompt string for the user which identifies the authentication realm.247* @param scheme The authentication scheme248*249* @return The username/password, or null if one can't be gotten.250*251* @throws SecurityException252* if a security manager exists and its253* {@code checkPermission} method doesn't allow254* the password authentication request.255*256* @see SecurityManager#checkPermission257* @see java.net.NetPermission258* @since 1.4259*/260public static PasswordAuthentication requestPasswordAuthentication(261String host,262InetAddress addr,263int port,264String protocol,265String prompt,266String scheme) {267268@SuppressWarnings("removal")269SecurityManager sm = System.getSecurityManager();270if (sm != null) {271NetPermission requestPermission272= new NetPermission("requestPasswordAuthentication");273sm.checkPermission(requestPermission);274}275276Authenticator a = theAuthenticator;277if (a == null) {278return null;279} else {280synchronized(a) {281a.reset();282a.requestingHost = host;283a.requestingSite = addr;284a.requestingPort = port;285a.requestingProtocol = protocol;286a.requestingPrompt = prompt;287a.requestingScheme = scheme;288return a.getPasswordAuthentication();289}290}291}292293/**294* Ask the authenticator that has been registered with the system295* for a password.296* <p>297* First, if there is a security manager, its {@code checkPermission}298* method is called with a299* {@code NetPermission("requestPasswordAuthentication")} permission.300* This may result in a java.lang.SecurityException.301*302* @param host The hostname of the site requesting authentication.303* @param addr The InetAddress of the site requesting authorization,304* or null if not known.305* @param port the port for the requested connection306* @param protocol The protocol that's requesting the connection307* ({@link java.net.Authenticator#getRequestingProtocol()})308* @param prompt A prompt string for the user309* @param scheme The authentication scheme310* @param url The requesting URL that caused the authentication311* @param reqType The type (server or proxy) of the entity requesting312* authentication.313*314* @return The username/password, or null if one can't be gotten.315*316* @throws SecurityException317* if a security manager exists and its318* {@code checkPermission} method doesn't allow319* the password authentication request.320*321* @see SecurityManager#checkPermission322* @see java.net.NetPermission323*324* @since 1.5325*/326public static PasswordAuthentication requestPasswordAuthentication(327String host,328InetAddress addr,329int port,330String protocol,331String prompt,332String scheme,333URL url,334RequestorType reqType) {335336@SuppressWarnings("removal")337SecurityManager sm = System.getSecurityManager();338if (sm != null) {339NetPermission requestPermission340= new NetPermission("requestPasswordAuthentication");341sm.checkPermission(requestPermission);342}343344Authenticator a = theAuthenticator;345if (a == null) {346return null;347} else {348synchronized(a) {349a.reset();350a.requestingHost = host;351a.requestingSite = addr;352a.requestingPort = port;353a.requestingProtocol = protocol;354a.requestingPrompt = prompt;355a.requestingScheme = scheme;356a.requestingURL = url;357a.requestingAuthType = reqType;358return a.getPasswordAuthentication();359}360}361}362363/**364* Ask the given {@code authenticator} for a password. If the given365* {@code authenticator} is null, the authenticator, if any, that has been366* registered with the system using {@link #setDefault(java.net.Authenticator)367* setDefault} is used.368* <p>369* First, if there is a security manager, its {@code checkPermission}370* method is called with a371* {@code NetPermission("requestPasswordAuthentication")} permission.372* This may result in a java.lang.SecurityException.373*374* @param authenticator the authenticator, or {@code null}.375* @param host The hostname of the site requesting authentication.376* @param addr The InetAddress of the site requesting authorization,377* or null if not known.378* @param port the port for the requested connection379* @param protocol The protocol that's requesting the connection380* ({@link java.net.Authenticator#getRequestingProtocol()})381* @param prompt A prompt string for the user382* @param scheme The authentication scheme383* @param url The requesting URL that caused the authentication384* @param reqType The type (server or proxy) of the entity requesting385* authentication.386*387* @return The username/password, or {@code null} if one can't be gotten.388*389* @throws SecurityException390* if a security manager exists and its391* {@code checkPermission} method doesn't allow392* the password authentication request.393*394* @see SecurityManager#checkPermission395* @see java.net.NetPermission396*397* @since 9398*/399public static PasswordAuthentication requestPasswordAuthentication(400Authenticator authenticator,401String host,402InetAddress addr,403int port,404String protocol,405String prompt,406String scheme,407URL url,408RequestorType reqType) {409410@SuppressWarnings("removal")411SecurityManager sm = System.getSecurityManager();412if (sm != null) {413NetPermission requestPermission414= new NetPermission("requestPasswordAuthentication");415sm.checkPermission(requestPermission);416}417418Authenticator a = authenticator == null ? theAuthenticator : authenticator;419if (a == null) {420return null;421} else {422return a.requestPasswordAuthenticationInstance(host,423addr,424port,425protocol,426prompt,427scheme,428url,429reqType);430}431}432433/**434* Ask this authenticator for a password.435*436* @param host The hostname of the site requesting authentication.437* @param addr The InetAddress of the site requesting authorization,438* or null if not known.439* @param port the port for the requested connection440* @param protocol The protocol that's requesting the connection441* ({@link java.net.Authenticator#getRequestingProtocol()})442* @param prompt A prompt string for the user443* @param scheme The authentication scheme444* @param url The requesting URL that caused the authentication445* @param reqType The type (server or proxy) of the entity requesting446* authentication.447*448* @return The username/password, or null if one can't be gotten449*450* @since 9451*/452public PasswordAuthentication453requestPasswordAuthenticationInstance(String host,454InetAddress addr,455int port,456String protocol,457String prompt,458String scheme,459URL url,460RequestorType reqType) {461synchronized (this) {462this.reset();463this.requestingHost = host;464this.requestingSite = addr;465this.requestingPort = port;466this.requestingProtocol = protocol;467this.requestingPrompt = prompt;468this.requestingScheme = scheme;469this.requestingURL = url;470this.requestingAuthType = reqType;471return this.getPasswordAuthentication();472}473}474475/**476* Gets the {@code hostname} of the477* site or proxy requesting authentication, or {@code null}478* if not available.479*480* @return the hostname of the connection requiring authentication, or null481* if it's not available.482* @since 1.4483*/484protected final String getRequestingHost() {485return requestingHost;486}487488/**489* Gets the {@code InetAddress} of the490* site requesting authorization, or {@code null}491* if not available.492*493* @return the InetAddress of the site requesting authorization, or null494* if it's not available.495*/496protected final InetAddress getRequestingSite() {497return requestingSite;498}499500/**501* Gets the port number for the requested connection.502* @return an {@code int} indicating the503* port for the requested connection.504*/505protected final int getRequestingPort() {506return requestingPort;507}508509/**510* Give the protocol that's requesting the connection. Often this511* will be based on a URL, but in a future JDK it could be, for512* example, "SOCKS" for a password-protected SOCKS5 firewall.513*514* @return the protocol, optionally followed by "/version", where515* version is a version number.516*517* @see java.net.URL#getProtocol()518*/519protected final String getRequestingProtocol() {520return requestingProtocol;521}522523/**524* Gets the prompt string given by the requestor.525*526* @return the prompt string given by the requestor (realm for527* http requests)528*/529protected final String getRequestingPrompt() {530return requestingPrompt;531}532533/**534* Gets the scheme of the requestor (the HTTP scheme535* for an HTTP firewall, for example).536*537* @return the scheme of the requestor538*539*/540protected final String getRequestingScheme() {541return requestingScheme;542}543544/**545* Called when password authorization is needed. Subclasses should546* override the default implementation, which returns null.547* @return The PasswordAuthentication collected from the548* user, or null if none is provided.549*/550protected PasswordAuthentication getPasswordAuthentication() {551return null;552}553554/**555* Returns the URL that resulted in this556* request for authentication.557*558* @since 1.5559*560* @return the requesting URL561*562*/563protected URL getRequestingURL () {564return requestingURL;565}566567/**568* Returns whether the requestor is a Proxy or a Server.569*570* @since 1.5571*572* @return the authentication type of the requestor573*574*/575protected RequestorType getRequestorType () {576return requestingAuthType;577}578579static String getKey(Authenticator a) {580return a.key;581}582static {583AuthenticatorKeys.setAuthenticatorKeyAccess(Authenticator::getKey);584}585}586587588