格式调整
This commit is contained in:
Lawrence
@@ -1,28 +1,28 @@
|
||||
/*
|
||||
* Conditions Of Use
|
||||
*
|
||||
* This software was developed by employees of the National Institute of
|
||||
* Standards and Technology (NIST), an agency of the Federal Government.
|
||||
* Pursuant to title 15 Untied States Code Section 105, works of NIST
|
||||
* employees are not subject to copyright protection in the United States
|
||||
* and are considered to be in the public domain. As a result, a formal
|
||||
* license is not needed to use the software.
|
||||
*
|
||||
* This software is provided by NIST as a service and is expressly
|
||||
* provided "AS IS." NIST MAKES NO WARRANTY OF ANY KIND, EXPRESS, IMPLIED
|
||||
* OR STATUTORY, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTY OF
|
||||
* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT
|
||||
* AND DATA ACCURACY. NIST does not warrant or make any representations
|
||||
* regarding the use of the software or the results thereof, including but
|
||||
* not limited to the correctness, accuracy, reliability or usefulness of
|
||||
* the software.
|
||||
*
|
||||
* Permission to use this software is contingent upon your acceptance
|
||||
* of the terms of this agreement
|
||||
*
|
||||
* .
|
||||
*
|
||||
*/
|
||||
* Conditions Of Use
|
||||
*
|
||||
* This software was developed by employees of the National Institute of
|
||||
* Standards and Technology (NIST), an agency of the Federal Government.
|
||||
* Pursuant to title 15 Untied States Code Section 105, works of NIST
|
||||
* employees are not subject to copyright protection in the United States
|
||||
* and are considered to be in the public domain. As a result, a formal
|
||||
* license is not needed to use the software.
|
||||
*
|
||||
* This software is provided by NIST as a service and is expressly
|
||||
* provided "AS IS." NIST MAKES NO WARRANTY OF ANY KIND, EXPRESS, IMPLIED
|
||||
* OR STATUTORY, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTY OF
|
||||
* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT
|
||||
* AND DATA ACCURACY. NIST does not warrant or make any representations
|
||||
* regarding the use of the software or the results thereof, including but
|
||||
* not limited to the correctness, accuracy, reliability or usefulness of
|
||||
* the software.
|
||||
*
|
||||
* Permission to use this software is contingent upon your acceptance
|
||||
* of the terms of this agreement
|
||||
*
|
||||
* .
|
||||
*
|
||||
*/
|
||||
package com.genersoft.iot.vmp.gb28181.auth;
|
||||
|
||||
import java.security.MessageDigest;
|
||||
@@ -42,18 +42,18 @@ import gov.nist.core.InternalErrorHandler;
|
||||
|
||||
/**
|
||||
* Implements the HTTP digest authentication method server side functionality.
|
||||
*
|
||||
*
|
||||
* @author M. Ranganathan
|
||||
* @author Marc Bednarek
|
||||
*/
|
||||
|
||||
public class DigestServerAuthenticationHelper {
|
||||
|
||||
|
||||
private MessageDigest messageDigest;
|
||||
|
||||
|
||||
public static final String DEFAULT_ALGORITHM = "MD5";
|
||||
public static final String DEFAULT_SCHEME = "Digest";
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -63,11 +63,11 @@ public class DigestServerAuthenticationHelper {
|
||||
|
||||
/**
|
||||
* Default constructor.
|
||||
* @throws NoSuchAlgorithmException
|
||||
* @throws NoSuchAlgorithmException
|
||||
*/
|
||||
public DigestServerAuthenticationHelper()
|
||||
throws NoSuchAlgorithmException {
|
||||
messageDigest = MessageDigest.getInstance(DEFAULT_ALGORITHM);
|
||||
public DigestServerAuthenticationHelper()
|
||||
throws NoSuchAlgorithmException {
|
||||
messageDigest = MessageDigest.getInstance(DEFAULT_ALGORITHM);
|
||||
}
|
||||
|
||||
public static String toHexString(byte b[]) {
|
||||
@@ -79,7 +79,7 @@ public class DigestServerAuthenticationHelper {
|
||||
}
|
||||
return new String(c);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Generate the challenge string.
|
||||
*
|
||||
@@ -121,34 +121,34 @@ public class DigestServerAuthenticationHelper {
|
||||
*
|
||||
* @param request - the request to authenticate.
|
||||
* @param hashedPassword -- the MD5 hashed string of username:realm:plaintext password.
|
||||
*
|
||||
*
|
||||
* @return true if authentication succeded and false otherwise.
|
||||
*/
|
||||
public boolean doAuthenticateHashedPassword(Request request, String hashedPassword) {
|
||||
AuthorizationHeader authHeader = (AuthorizationHeader) request.getHeader(AuthorizationHeader.NAME);
|
||||
AuthorizationHeader authHeader = (AuthorizationHeader) request.getHeader(AuthorizationHeader.NAME);
|
||||
if ( authHeader == null ) return false;
|
||||
String realm = authHeader.getRealm();
|
||||
String username = authHeader.getUsername();
|
||||
|
||||
|
||||
if ( username == null || realm == null ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
String nonce = authHeader.getNonce();
|
||||
URI uri = authHeader.getURI();
|
||||
if (uri == null) {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
String A2 = request.getMethod().toUpperCase() + ":" + uri.toString();
|
||||
String HA1 = hashedPassword;
|
||||
|
||||
|
||||
|
||||
byte[] mdbytes = messageDigest.digest(A2.getBytes());
|
||||
String HA2 = toHexString(mdbytes);
|
||||
|
||||
|
||||
String cnonce = authHeader.getCNonce();
|
||||
String KD = HA1 + ":" + nonce;
|
||||
if (cnonce != null) {
|
||||
@@ -158,7 +158,7 @@ public class DigestServerAuthenticationHelper {
|
||||
mdbytes = messageDigest.digest(KD.getBytes());
|
||||
String mdString = toHexString(mdbytes);
|
||||
String response = authHeader.getResponse();
|
||||
|
||||
|
||||
|
||||
return mdString.equals(response);
|
||||
}
|
||||
@@ -168,11 +168,11 @@ public class DigestServerAuthenticationHelper {
|
||||
*
|
||||
* @param request - the request to authenticate.
|
||||
* @param pass -- the plain text password.
|
||||
*
|
||||
*
|
||||
* @return true if authentication succeded and false otherwise.
|
||||
*/
|
||||
public boolean doAuthenticatePlainTextPassword(Request request, String pass) {
|
||||
AuthorizationHeader authHeader = (AuthorizationHeader) request.getHeader(AuthorizationHeader.NAME);
|
||||
AuthorizationHeader authHeader = (AuthorizationHeader) request.getHeader(AuthorizationHeader.NAME);
|
||||
if ( authHeader == null ) return false;
|
||||
String realm = authHeader.getRealm().trim();
|
||||
String username = authHeader.getUsername().trim();
|
||||
@@ -184,7 +184,7 @@ public class DigestServerAuthenticationHelper {
|
||||
String nonce = authHeader.getNonce();
|
||||
URI uri = authHeader.getURI();
|
||||
if (uri == null) {
|
||||
return false;
|
||||
return false;
|
||||
}
|
||||
// qop 保护质量 包含auth(默认的)和auth-int(增加了报文完整性检测)两种策略
|
||||
String qop = authHeader.getQop();
|
||||
@@ -233,6 +233,6 @@ public class DigestServerAuthenticationHelper {
|
||||
String response = authHeader.getResponse();
|
||||
System.out.println("response: " + response);
|
||||
return mdString.equals(response);
|
||||
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
@@ -43,7 +43,6 @@ public interface DeviceMapper {
|
||||
")")
|
||||
int add(Device device);
|
||||
|
||||
|
||||
@Update(value = {" <script>" +
|
||||
"UPDATE device " +
|
||||
"SET deviceId='${deviceId}'" +
|
||||
|
||||
Reference in New Issue
Block a user