public interface AuthScheme
 Authentication schemes can be either request or connection based. The former are
 expected to provide an authorization response with each request message while the latter
 is executed only once and applies to the underlying connection for its entire life span.
 Care must be taken when re-using connections authorized through a connection based
 authentication scheme and they may carry a particular security context and be authorized
 for a particular user identity. It is important that such schemes always provide
 the user identity they represent through the getPrincipal() method.
 
Authentication scheme are expected to transition through a series of standard phases or states.
Authentication scheme starts off its life cycle with no context and no specific state.
 The processChallenge(AuthChallenge, HttpContext) method is called  to
 process an authentication challenge received either from the target server or a proxy.
 The authentication scheme transitions to CHALLENGED state and is expected to validate
 the token passed to it as a parameter and initialize its internal state based on
 challenge details. Standard authentication schemes are expected to provide a realm
 attribute in the challenge. getRealm() can be called to obtain an identifier
 of the realm that requires authorization.
 
 Once the challenge has been fully processed the isResponseReady(HttpHost,
 CredentialsProvider, HttpContext) method to determine whether the scheme is capable of
 generating a authorization response based on its current state and it holds user credentials
 required to do so. If this method returns false the authentication is considered
 to be in FAILED state and no authorization response. Otherwise the scheme is considered
 to be in RESPONSE_READY state.
 
 Once the scheme is ready to respond to the challenge the generateAuthResponse(
 HttpHost, HttpRequest, HttpContext) method to generate a response token, which will
 be sent to the opposite endpoint in the subsequent request message.
 
 Certain non-standard schemes may involve multiple challenge / response exchanges to
 fully establish a shared context and complete the authentication process. Authentication
 schemes are required to return true isChallengeComplete() once the
 handshake is considered complete.
 
The authentication scheme is considered successfully completed and in SUCCESS state if the opposite endpoint accepts the request message containing the authorization response and responds with a message indicating no authentication failure . If the opposite endpoint sends status code 401 or 407 in response to a request message containing the terminal authorization response, the scheme is considered unsuccessful and in FAILED state.
| Modifier and Type | Method and Description | 
|---|---|
| String | generateAuthResponse(org.apache.hc.core5.http.HttpHost host,
                    org.apache.hc.core5.http.HttpRequest request,
                    org.apache.hc.core5.http.protocol.HttpContext context)Generates an authorization response based on the current state. | 
| String | getName()Returns textual designation of the given authentication scheme. | 
| Principal | getPrincipal()Returns  Principalwhose credentials are used to generate
 an authentication response. | 
| String | getRealm()Returns authentication realm. | 
| boolean | isChallengeComplete()Authentication process may involve a series of challenge-response exchanges. | 
| boolean | isConnectionBased()Determines if the authentication scheme is expected to provide an authorization response
 on a per connection basis instead of the standard per request basis | 
| boolean | isResponseReady(org.apache.hc.core5.http.HttpHost host,
               CredentialsProvider credentialsProvider,
               org.apache.hc.core5.http.protocol.HttpContext context)Determines whether or not an authorization response can be generated based on
 the actual authentication state. | 
| void | processChallenge(AuthChallenge authChallenge,
                org.apache.hc.core5.http.protocol.HttpContext context)Processes the given auth challenge. | 
String getName()
boolean isConnectionBased()
true if the scheme is connection based, false
 if the scheme is request based.void processChallenge(AuthChallenge authChallenge, org.apache.hc.core5.http.protocol.HttpContext context) throws MalformedChallengeException
authChallenge - the auth challengecontext - HTTP contextMalformedChallengeException - in case the auth challenge is incomplete,
 malformed or otherwise invalid.boolean isChallengeComplete()
true if the authentication process has been completed,
 false otherwise.String getRealm()
null.boolean isResponseReady(org.apache.hc.core5.http.HttpHost host,
                      CredentialsProvider credentialsProvider,
                      org.apache.hc.core5.http.protocol.HttpContext context)
                        throws AuthenticationException
credentialsProvider - The credentials to be used for authenticationcontext - HTTP contexttrue if an authorization response can be generated and
 the authentication handshake can proceed, false otherwise.AuthenticationException - if authorization string cannot
   be generated due to an authentication failurePrincipal getPrincipal()
Principal whose credentials are used to generate
 an authentication response. Connection based schemes are required
 to return a user Principal if authorization applies to
 for the entire life span of connection.isConnectionBased()String generateAuthResponse(org.apache.hc.core5.http.HttpHost host, org.apache.hc.core5.http.HttpRequest request, org.apache.hc.core5.http.protocol.HttpContext context) throws AuthenticationException
CredentialsProvider prior to this method call.request - The request being authenticatedcontext - HTTP contextAuthenticationException - if authorization string cannot
   be generated due to an authentication failureisResponseReady(HttpHost, CredentialsProvider, HttpContext)Copyright © 1999–2021 The Apache Software Foundation. All rights reserved.