12a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)/* 22a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * Copyright (c) 2008-2009, Motorola, Inc. 32a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * 42a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * All rights reserved. 52a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * 62a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * Redistribution and use in source and binary forms, with or without 72a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * modification, are permitted provided that the following conditions are met: 8868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) * 92a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * - Redistributions of source code must retain the above copyright notice, 102a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * this list of conditions and the following disclaimer. 11c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) * 122a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * - Redistributions in binary form must reproduce the above copyright notice, 132a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * this list of conditions and the following disclaimer in the documentation 14d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * and/or other materials provided with the distribution. 152a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * 162a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * - Neither the name of the Motorola, Inc. nor the names of its contributors 172a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * may be used to endorse or promote products derived from this software 182a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * without specific prior written permission. 192a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * 202a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 212a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 222a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 232a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE 242a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 252a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 26c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 27c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 28c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 29c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 30d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * POSSIBILITY OF SUCH DAMAGE. 31d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) */ 32d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) 33d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles)package javax.obex; 34d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) 35d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles)/** 36d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * This interface provides a way to respond to authentication challenge and 37d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * authentication response headers. When a client or server receives an 38d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * authentication challenge or authentication response header, the 39d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * <code>onAuthenticationChallenge()</code> or 40a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) * <code>onAuthenticationResponse()</code> will be called, respectively, by the 41d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * implementation. 42d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * <P> 43d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * For more information on how the authentication procedure works in OBEX, 44d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * please review the IrOBEX specification at <A 45d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * HREF="http://www.irda.org">http://www.irda.org</A>. 46d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * <P> 47d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * <STRONG>Authentication Challenges</STRONG> 48d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * <P> 49d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * When a client or server receives an authentication challenge header, the 50d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * <code>onAuthenticationChallenge()</code> method will be invoked by the OBEX 51d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * API implementation. The application will then return the user name (if 52d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * needed) and password via a <code>PasswordAuthentication</code> object. The 53d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * password in this object is not sent in the authentication response. Instead, 54d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * the 16-byte challenge received in the authentication challenge is combined 55d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * with the password returned from the <code>onAuthenticationChallenge()</code> 56d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * method and passed through the MD5 hash algorithm. The resulting value is sent 57d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * in the authentication response along with the user name if it was provided. 58d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * <P> 59d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * <STRONG>Authentication Responses</STRONG> 60d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * <P> 61d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * When a client or server receives an authentication response header, the 62d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * <code>onAuthenticationResponse()</code> method is invoked by the API 63d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * implementation with the user name received in the authentication response 64d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * header. (The user name will be <code>null</code> if no user name was provided 65d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * in the authentication response header.) The application must determine the 66d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * correct password. This value should be returned from the 67d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * <code>onAuthenticationResponse()</code> method. If the authentication request 68d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * should fail without the implementation checking the password, 69d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * <code>null</code> should be returned by the application. (This is needed for 70d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * reasons like not recognizing the user name, etc.) If the returned value is 71d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * not <code>null</code>, the OBEX API implementation will combine the password 72d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * returned from the <code>onAuthenticationResponse()</code> method and 73d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * challenge sent via the authentication challenge, apply the MD5 hash 74d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * algorithm, and compare the result to the response hash received in the 75d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * authentication response header. If the values are not equal, an 765d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) * <code>IOException</code> will be thrown if the client requested 77a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) * authentication. If the server requested authentication, the 78d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * <code>onAuthenticationFailure()</code> method will be called on the 79d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * <code>ServerRequestHandler</code> that failed authentication. The connection 80d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * is <B>not</B> closed if authentication failed. 81d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * @hide 82d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) */ 83d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles)public interface Authenticator { 84d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) 85d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) /** 86d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * Called when a client or a server receives an authentication challenge 87d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * header. It should respond to the challenge with a 88d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * <code>PasswordAuthentication</code> that contains the correct user name 89d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * and password for the challenge. 90d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * @param description the description of which user name and password should 91d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * be used; if no description is provided in the authentication 92d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * challenge or the description is encoded in an encoding scheme that 93d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * is not supported, an empty string will be provided 94d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * @param isUserIdRequired <code>true</code> if the user ID is required; 95d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * <code>false</code> if the user ID is not required 96d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * @param isFullAccess <code>true</code> if full access to the server will 97d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * be granted; <code>false</code> if read only access will be granted 98d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * @return a <code>PasswordAuthentication</code> object containing the user 99d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * name and password used for authentication 100d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) */ 101d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) PasswordAuthentication onAuthenticationChallenge(String description, boolean isUserIdRequired, 102d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) boolean isFullAccess); 103d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) 104d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) /** 105d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * Called when a client or server receives an authentication response 106d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * header. This method will provide the user name and expect the correct 107d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * password to be returned. 108d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) * @param userName the user name provided in the authentication response; may 109c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) * be <code>null</code> 110c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) * @return the correct password for the user name provided; if 1112a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * <code>null</code> is returned then the authentication request 112c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) * failed 113c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) */ 1142a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) byte[] onAuthenticationResponse(byte[] userName); 115c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)} 1162a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)