com.albroco.barebonesdigest

Class DigestChallengeResponse

java.lang.Object

com.albroco.barebonesdigest.DigestChallengeResponse

public final class DigestChallengeResponse
extends java.lang.Object

Represents a HTTP digest challenge response, as sent from the client to the server in a Authorization header.

Instances of this class is normally created as a response to an incoming challenge using responseTo(DigestChallenge). To generate the Authorization header, som additional values must be set:

• The username and password for authentication.
• The digest-uri used in the HTTP request.
• The request method of the request, such as "GET" or "POST".

Here is an example of how to create a response:

 
 DigestChallengeResponse response = DigestChallengeResponse.responseTo(challenge)
                                                           .username("user")
                                                           .password("passwd")
                                                           .digestUri("/example")
                                                           .requestMethod("GET");
 
 

Challenge response reuse (optional)

A challenge response from an earlier challenge can be reused in subsequent requests. If the server accepts the reused challenge this will cut down on unnecessary traffic.

Each time the challenge response is reused the nonce count must be increased by one, see incrementNonceCount(). It is also a good idea to generate a new random client nonce with randomizeClientNonce():

 
 response.incrementNonceCount().randomizeClientNonce(); // Response is now ready for reuse
 
 

Supporting auth-int quality of protection (optional, rarely used)

With auth-int quality of protection the challenge response includes a hash of the request's entity-body, which provides some protection from man-in-the-middle attacks. Not all requests include an entity-body, PUT and POST do but GET does not. To support auth-int, you must set either the digest of the entity-body (using entityBodyDigest(byte[])) or the entity-body itself (using entityBody(byte[])).

Overriding the default client nonce (not recommended)

The client nonce is a random string set by the client that is included in the challenge response. By default, a random string is generated for the client nonce using java.security.SecureRandom, which should be suitable for most purposes.

If you still for some reason need to override the default client nonce you can set it using clientNonce(String). You may also have to call firstRequestClientNonce(String), see the documentation of that method for details.

Concurrency

This class is thread safe, read and write operations are synchronized.

See Also:

RFC 2617, "HTTP Digest Access Authentication", Section 3.2.2, "The Authorization Request Header"

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	HTTP_HEADER_AUTHORIZATION The name of the HTTP request header ("Authorization").

Constructor Summary

Constructors

Constructor and Description
DigestChallengeResponse() Creates an empty challenge response.

Method Summary

Modifier and Type	Method and Description
DigestChallengeResponse	algorithm(java.lang.String algorithm) Sets the algorithm directive, which must be the same as the algorithm directive of the challenge.
DigestChallengeResponse	challenge(DigestChallenge challenge) Sets the values of the realm, nonce, opaque, and algorithm directives and the supported quality of protection types based on a challenge.
DigestChallengeResponse	clientNonce(java.lang.String clientNonce) Sets the cnonce directive, which is a random string generated by the client that will be included in the challenge response hash.
DigestChallengeResponse	digestUri(java.lang.String digestUri) Sets the digest-uri directive, which must be exactly the same as the Request-URI of the Request-Line of the HTTP request.
DigestChallengeResponse	entityBody(byte[] entityBody) Sets the entity-body of the request, which is only used for the "auth-int" quality of protection.
DigestChallengeResponse	entityBodyDigest(byte[] entityBodyDigest) Sets the digest of the entity-body of the request, which is only used for the "auth-int" quality of protection.
DigestChallengeResponse	firstRequestClientNonce(java.lang.String firstRequestClientNonce) Sets the value of client nonce used in the first request.
java.lang.String	getAlgorithm() Returns the value of the algorithm directive.
java.lang.String	getClientNonce() Returns the value of the cnonce directive.
java.lang.String	getDigestUri() Returns the value of the digest-uri directive.
byte[]	getEntityBodyDigest() Returns the digest of the entity-body.
java.lang.String	getFirstRequestClientNonce() Returns the value of client nonce used in the first request.
java.lang.String	getHeaderValue() Returns the credentials, that is, the string to set in the Authorization HTTP request header.
java.lang.String	getNonce() Returns the unquoted value of the nonce directive
int	getNonceCount() Returns the integer representation of the nonce-count directive.
java.lang.String	getOpaque() Returns the the unquoted value of the opaque directive, or null.
java.lang.String	getPassword() Returns the password to use for authentication.
DigestChallenge.QualityOfProtection	getQop() Returns the "quality of protection" that will be used for the response.
java.lang.String	getQuotedNonce() Returns the quoted value of the nonce directive.
java.lang.String	getQuotedOpaque() Returns the the quoted value of the opaque directive, or null.
java.lang.String	getQuotedRealm() Returns the quoted value of the realm directive.
java.lang.String	getRealm() Returns the unquoted value of the realm directive.
java.lang.String	getRequestMethod() Returns the HTTP method of the request.
java.util.Set<DigestChallenge.QualityOfProtection>	getSupportedQopTypes() Returns the type of "quality of protection" that can be used when responding to the request.
java.lang.String	getUsername() Returns the username to use for authentication.
DigestChallengeResponse	incrementNonceCount() Increments the value of the nonce-count by one.
static boolean	isAlgorithmSupported(java.lang.String algorithm) Returns true if a given digest algorithm is supported.
static boolean	isChallengeSupported(DigestChallenge challenge) Returns true if a given challenge is supported and a response to it can be generated (given that all other required values are supplied).
boolean	isEntityBodyDigestRequired() Returns true if the digest of the entity-body is required to generate an authorization header for this response.
DigestChallengeResponse	nonce(java.lang.String unquotedNonce) Sets the nonce directive, which must be the same as the nonce directive of the challenge.
DigestChallengeResponse	nonceCount(int nonceCount) Sets the integer representation of the nonce-count directive, which indicates how many times this a challenge response with this nonce has been used.
DigestChallengeResponse	opaque(java.lang.String unquotedOpaque) Sets the opaque directive, which must be the same as the opaque directive of the challenge.
DigestChallengeResponse	password(java.lang.String password) Sets the password to use for authentication.
DigestChallengeResponse	quotedNonce(java.lang.String quotedNonce) Sets the nonce directive, which must be the same as the nonce directive of the challenge.
DigestChallengeResponse	quotedOpaque(java.lang.String quotedOpaque) Sets the opaque directive, which must be the same as the opaque directive of the challenge.
DigestChallengeResponse	quotedRealm(java.lang.String quotedRealm) Sets the realm directive, which must be the same as the realm directive of the challenge.
DigestChallengeResponse	randomizeClientNonce() Sets the cnonce directive to a random value.
DigestChallengeResponse	realm(java.lang.String unquotedRealm) Sets the realm directive, which must be the same as the realm directive of the challenge.
DigestChallengeResponse	requestMethod(java.lang.String requestMethod) Sets the HTTP method of the request (GET, POST, etc).
DigestChallengeResponse	resetNonceCount() Sets the value of the nonce-count to one.
static DigestChallengeResponse	responseTo(DigestChallenge challenge) Creates a digest challenge response, setting the values of the realm, nonce, opaque, and algorithm directives and the supported quality of protection types based on a challenge.
DigestChallengeResponse	supportedQopTypes(java.util.Set<DigestChallenge.QualityOfProtection> supportedQopTypes) Sets the type of "quality of protection" that can be used when responding to the request.
java.lang.String	toString()
DigestChallengeResponse	username(java.lang.String username) Sets the username to use for authentication.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

HTTP_HEADER_AUTHORIZATION

public static final java.lang.String HTTP_HEADER_AUTHORIZATION

The name of the HTTP request header ("Authorization").

See Also:

Constant Field Values

Constructor Detail

DigestChallengeResponse

public DigestChallengeResponse()

Creates an empty challenge response.

Consider using responseTo(DigestChallenge) when creating a response to a specific challenge.

Method Detail

isChallengeSupported

public static boolean isChallengeSupported(DigestChallenge challenge)

Returns true if a given challenge is supported and a response to it can be generated (given that all other required values are supplied).

For a challenge to be supported, the following requirements must be met:

• The digest algorithm must be supported (see isAlgorithmSupported(String)).
• The challenge must specify at least one supported qop (quality of protection), see supportedQopTypes(Set).

Parameters:

challenge - the challenge

Returns:

true if the challenge is supported

responseTo

public static DigestChallengeResponse responseTo(DigestChallenge challenge)

Creates a digest challenge response, setting the values of the realm, nonce, opaque, and algorithm directives and the supported quality of protection types based on a challenge.

If the challenge is not supported an exception is thrown. Use isChallengeSupported(DigestChallenge) to check if a challenge is supported before calling this method.

Parameters:

challenge - the challenge

Returns:

a response to the challenge.

Throws:

java.lang.IllegalArgumentException - if the challenge is not supported

See Also:

isChallengeSupported(DigestChallenge)

isAlgorithmSupported

public static boolean isAlgorithmSupported(java.lang.String algorithm)

Returns true if a given digest algorithm is supported.

Supported values are "MD5", "MD5-sess", "SHA-256", "SHA-256-sess", and null. null indicates that the digest is generated using MD5, but no algorithm directive is included in the response.

Parameters:

algorithm - the algorithm

Returns:

true if the algorithm is supported

algorithm

public DigestChallengeResponse algorithm(java.lang.String algorithm)

Sets the algorithm directive, which must be the same as the algorithm directive of the challenge.

Use isAlgorithmSupported(String) to check if a particular algorithm is supported.

Note: Setting the algorithm will also reset the entity-body to a byte array of zero length, see entityBody(byte[]). This is because the entity-body is not stored, only the digest is. If you need to set both entity-body and algorithm, make sure to set algorithm first.

Parameters:

algorithm - the value of the algorithm directive or null to not include an algorithm in the response

Returns:

this object

Throws:

java.lang.IllegalArgumentException - if the algorithm is not supported

See Also:

getAlgorithm(), isAlgorithmSupported(String), Section 3.2.2 of RFC 2617

getAlgorithm

public java.lang.String getAlgorithm()

Returns the value of the algorithm directive.

Returns:

the value of the algorithm directive or null if algorithm is not set

See Also:

algorithm(String)

username

public DigestChallengeResponse username(java.lang.String username)

Sets the username to use for authentication.

Parameters:

username - the username

Returns:

this object

See Also:

getUsername(), Section 3.2.2 of RFC 2617

getUsername

public java.lang.String getUsername()

Returns the username to use for authentication.

Returns:

the username

See Also:

username(String)

password

public DigestChallengeResponse password(java.lang.String password)

Sets the password to use for authentication.

Parameters:

password - the password

Returns:

this object

See Also:

getPassword()

getPassword

public java.lang.String getPassword()

Returns the password to use for authentication.

Returns:

the password

See Also:

password(String)

clientNonce

public DigestChallengeResponse clientNonce(java.lang.String clientNonce)

Sets the cnonce directive, which is a random string generated by the client that will be included in the challenge response hash.

There is normally no need to manually set the client nonce since it will have a default value of a randomly generated string. If you do, make sure to call firstRequestClientNonce(String) if you modify the client nonce for the first request, or some session variants of algorithms (those ending in -sess) may not work.

Parameters:

clientNonce - The unquoted value of the cnonce directive.

Returns:

this object

See Also:

getClientNonce(), randomizeClientNonce(), Section 3.2.2 of RFC 2617

getClientNonce

public java.lang.String getClientNonce()

Returns the value of the cnonce directive.

Unless overridden by calling clientNonce(String), the cnonce directive is set to a randomly generated string.

Returns:

the cnonce directive

See Also:

clientNonce(String)

randomizeClientNonce

public DigestChallengeResponse randomizeClientNonce()

Sets the cnonce directive to a random value.

Returns:

this object

See Also:

clientNonce(String), getClientNonce()

firstRequestClientNonce

public DigestChallengeResponse firstRequestClientNonce(java.lang.String firstRequestClientNonce)

Sets the value of client nonce used in the first request.

This value is used in session based algorithms (those ending in -sess). If the challenge is reused for multiple request, the original client nonce used when responding to the original challenge is used in subsequent challenge responses, even if the client changes the client nonce for subsequent requests.

Normally, there is no need to call this method. The default value of the client nonce is a randomly generated string, and the default value of the first request client nonce is the same string. It is only if you override the default value and supply your own client nonce for the first request that you must make sure to call this method with the same value:

response.clientNonce("my own client nonce").firstRequestClientNonce(response.getClientNonce());

Parameters:

firstRequestClientNonce - the client nonce value used in the first request

Returns:

this object

See Also:

getFirstRequestClientNonce(), clientNonce(String), getClientNonce(), randomizeClientNonce(), Section 3.2.2.2, A1, of RFC 2617

getFirstRequestClientNonce

public java.lang.String getFirstRequestClientNonce()

Returns the value of client nonce used in the first request.

This value is used in session based algorithms (those ending in -sess). If the challenge is reused for multiple request, the original client nonce used when responding to the original challenge is used in subsequent challenge responses, even if the client changes the client nonce for subsequent requests.

Returns:

the value of client nonce used in the first request.

See Also:

firstRequestClientNonce(String), clientNonce(String), getClientNonce(), randomizeClientNonce(), Section 3.2.2.2, A1, of RFC 2617

quotedNonce

public DigestChallengeResponse quotedNonce(java.lang.String quotedNonce)

Sets the nonce directive, which must be the same as the nonce directive of the challenge.

Setting the nonce directive resets the nonce count to one.

Parameters:

quotedNonce - the quoted value of the nonce directive

Returns:

this object

See Also:

getQuotedNonce(), nonce(String), getNonce(), Section 3.2.2 of RFC 2617

getQuotedNonce

public java.lang.String getQuotedNonce()

Returns the quoted value of the nonce directive.

Returns:

the quoted value of the nonce directive

See Also:

quotedNonce(String), nonce(String), getNonce()

nonce

public DigestChallengeResponse nonce(java.lang.String unquotedNonce)

Sets the nonce directive, which must be the same as the nonce directive of the challenge.

Setting the nonce directive resets the nonce count to one.

Parameters:

unquotedNonce - the unquoted value of the nonce directive

Returns:

this object

See Also:

getNonce(), quotedNonce(String), getQuotedNonce(), Section 3.2.2 of RFC 2617

getNonce

public java.lang.String getNonce()

Returns the unquoted value of the nonce directive

Returns:

the unquoted value of the nonce directive

See Also:

nonce(String), quotedNonce(String), getQuotedNonce()

nonceCount

public DigestChallengeResponse nonceCount(int nonceCount)

Sets the integer representation of the nonce-count directive, which indicates how many times this a challenge response with this nonce has been used.

This is useful when using a challenge response from a previous challenge when sending a request. For each time a challenge response is used, the nonce count should be increased by one.

Parameters:

nonceCount - integer representation of the nonce-count directive

Returns:

this object

See Also:

getNonceCount(), resetNonceCount(), incrementNonceCount(), Section 3.2.2 of RFC 2617

incrementNonceCount

public DigestChallengeResponse incrementNonceCount()

Increments the value of the nonce-count by one.

Returns:

this object

See Also:

nonceCount(int), getNonceCount(), resetNonceCount()

resetNonceCount

public DigestChallengeResponse resetNonceCount()

Sets the value of the nonce-count to one.

Returns:

this object

See Also:

nonceCount(int), getNonceCount(), incrementNonceCount()

getNonceCount

public int getNonceCount()

Returns the integer representation of the nonce-count directive.

Returns:

the integer representation of the nonce-count directive

See Also:

nonceCount(int), resetNonceCount(), incrementNonceCount()

quotedOpaque

public DigestChallengeResponse quotedOpaque(java.lang.String quotedOpaque)

Sets the opaque directive, which must be the same as the opaque directive of the challenge.

Parameters:

quotedOpaque - the quoted value of the opaque directive, or null if no opaque directive should be included in the challenge response

Returns:

this object

See Also:

getQuotedOpaque(), opaque(String), getOpaque(), Section 3.2.2 of RFC 2617

getQuotedOpaque

public java.lang.String getQuotedOpaque()

Returns the the quoted value of the opaque directive, or null.

Returns:

the the quoted value of the opaque directive, or null if the opaque is not set

See Also:

quotedOpaque(String), opaque(String), getOpaque()

opaque

public DigestChallengeResponse opaque(java.lang.String unquotedOpaque)

Sets the opaque directive, which must be the same as the opaque directive of the challenge.

Note: Since the value of the opaque directive is always received from a challenge quoted it is normally better to use the quotedOpaque(String) method to avoid unnecessary quoting/unquoting.

Parameters:

unquotedOpaque - the unquoted value of the opaque directive, or null if no opaque directive should be included in the challenge response

Returns:

this object

See Also:

getOpaque(), quotedOpaque(String), getQuotedOpaque(), Section 3.2.2 of RFC 2617

getOpaque

public java.lang.String getOpaque()

Returns the the unquoted value of the opaque directive, or null.

Returns:

the the unquoted value of the opaque directive, or null if the opaque is not set

See Also:

opaque(String), quotedOpaque(String), getQuotedOpaque()

supportedQopTypes

public DigestChallengeResponse supportedQopTypes(java.util.Set<DigestChallenge.QualityOfProtection> supportedQopTypes)

Sets the type of "quality of protection" that can be used when responding to the request.

Normally, this value is sent by the server in the challenge, but setting it manually can be used to force a particular qop type. To see which quality of protection that will be used in the response, see getQop().

Parameters:

supportedQopTypes - the types of quality of protection that the server supports, must not be empty

Returns:

this object

Throws:

java.lang.IllegalArgumentException - if supportedQopTypes is empty

See Also:

getSupportedQopTypes(), getQop()

getSupportedQopTypes

public java.util.Set<DigestChallenge.QualityOfProtection> getSupportedQopTypes()

Returns the type of "quality of protection" that can be used when responding to the request.

Returns:

the types of quality of protection that the server supports

See Also:

supportedQopTypes(Set), getQop()

getQop

public DigestChallenge.QualityOfProtection getQop()

Returns the "quality of protection" that will be used for the response.

This is a derived value, computed from the set of supported "quality of protection" types:

1. If DigestChallenge.QualityOfProtection.AUTH is supported it is used.
2. Otherwise, if DigestChallenge.QualityOfProtection.AUTH_INT is supported it is used.
3. Otherwise, if DigestChallenge.QualityOfProtection.UNSPECIFIED_RFC2069_COMPATIBLE is supported it is used.
4. Otherwise, there is no way of responding to the challenge without violating the specification. null will be returned.

Returns:

the "quality of protection" that will be used for the response

See Also:

supportedQopTypes(Set), getSupportedQopTypes(), entityBodyDigest(byte[]), getEntityBodyDigest(), entityBody(byte[])

digestUri

public DigestChallengeResponse digestUri(java.lang.String digestUri)

Sets the digest-uri directive, which must be exactly the same as the Request-URI of the Request-Line of the HTTP request.

The digest URI is explained in Section 3.2.2 of RFC 2617, and refers to the explanation of Request-URI found in Section 5.1.2 of RFC 2616.

Examples: If the Request-Line is

 GET http://www.w3.org/pub/WWW/TheProject.html HTTP/1.1
 

the Request-URI (and digest-uri) is "http://www.w3.org/pub/WWW/TheProject.html". If Request-Line is

 GET /pub/WWW/TheProject.html HTTP/1.1
 

the Request-URI is "/pub/WWW/TheProject.html".

This can be problematic since depending on the HTTP stack being used the Request-Line and Request-URI values may not be accessible. If in doubt, a sensible guess is to set the digest-uri to the path part of the URL being requested, for instance using getPath() in the URL class.

Parameters:

digestUri - the value of the digest-uri directive

Returns:

this object

See Also:

getDigestUri()

getDigestUri

public java.lang.String getDigestUri()

Returns the value of the digest-uri directive.

Returns:

the value of the digest-uri directive

See Also:

digestUri(String)

quotedRealm

public DigestChallengeResponse quotedRealm(java.lang.String quotedRealm)

Sets the realm directive, which must be the same as the realm directive of the challenge.

Parameters:

quotedRealm - the quoted value of the realm directive

Returns:

this object

See Also:

getQuotedRealm(), realm(String), getRealm(), Section 3.2.1 of RFC 2617, Section 3.2.2 of RFC 2617

getQuotedRealm

public java.lang.String getQuotedRealm()

Returns the quoted value of the realm directive.

Returns:

the quoted value of the realm directive

See Also:

quotedRealm(String), realm(String), getRealm()

realm

public DigestChallengeResponse realm(java.lang.String unquotedRealm)

Sets the realm directive, which must be the same as the realm directive of the challenge.

Parameters:

unquotedRealm - the unquoted value of the realm directive

Returns:

this object

See Also:

getRealm(), quotedRealm(String), getQuotedRealm(), Section 3.2.1 of RFC 2617, Section 3.2.2 of RFC 2617

getRealm

public java.lang.String getRealm()

Returns the unquoted value of the realm directive.

Returns:

the unquoted value of the realm directive

See Also:

realm(String), quotedRealm(String), getQuotedRealm()

requestMethod

public DigestChallengeResponse requestMethod(java.lang.String requestMethod)

Sets the HTTP method of the request (GET, POST, etc).

Parameters:

requestMethod - the request method

Returns:

this object

See Also:

getRequestMethod(), Section 5.1.1 of RFC 2616

getRequestMethod

public java.lang.String getRequestMethod()

Returns the HTTP method of the request.

Returns:

the HTTP method

See Also:

requestMethod(String)

entityBody

public DigestChallengeResponse entityBody(byte[] entityBody)

Sets the entity-body of the request, which is only used for the "auth-int" quality of protection.

The default value is a byte array of zero length. Note that the entity-body is not stored, to save space only the digest of the entity-body is stored. For this reason, changing the digest algorithm (see algorithm(String)) will reset the entity-body to a zero-length array.

With "auth-int" quality of protection, the whole entity-body of the message is hashed and included in the response, providing some protection against tampering.

The entity-body is not the same as the message-body as explained in RFC 2616, Section 7.2:

[…]The entity-body is obtained from the message-body by decoding any Transfer-Encoding that might have been applied to ensure safe and proper transfer of the message.

So if, for example, Transfer-Encoding is gzip, the entity-body is the unzipped message and the message-body is the gzipped message.

Not all requests include an entity-body, as explained in RFC 2616, Section 4.3:

[…]The presence of a message-body in a request is signaled by the inclusion of a Content-Length or Transfer-Encoding header field in the request's message-headers.[…]

In particular, PUT and POST requests include an entity-body (although it may be of zero length), GET requests do not. To be fully conformant with the standards, "auth-int" cannot be used to authenticate requests without an entity-body. Some servers implementations allow requests without an entity-body to be authenticated using an entity-body of zero length.

Parameters:

entityBody - the entity-body

Returns:

this object

See Also:

entityBodyDigest(byte[])

entityBodyDigest

public DigestChallengeResponse entityBodyDigest(byte[] entityBodyDigest)

Sets the digest of the entity-body of the request, which is only used for the "auth-int" quality of protection.

Note that the entity-body is not the same as the message-body. See entityBody(byte[]) for details.

Here is an example of how to compute the SHA-256 digest of an entity body:

 
 MessageDigest md = MessageDigest.getInstance("SHA-256");
 md.update(entityBody);
 byte[] digest = md.digest();
 
 

Parameters:

entityBodyDigest - the digest of the entity-body

Returns:

this object

See Also:

entityBody(byte[])

getEntityBodyDigest

public byte[] getEntityBodyDigest()

Returns the digest of the entity-body.

Returns:

the digest of the entity-body

isEntityBodyDigestRequired

public boolean isEntityBodyDigestRequired()

Returns true if the digest of the entity-body is required to generate an authorization header for this response.

For most challenges the digest of the entity-body is not used. It is only required if getQop() returns DigestChallenge.QualityOfProtection.AUTH_INT.

Returns:

true if the digest of the entity-body must be set

See Also:

entityBody(byte[]), entityBodyDigest(byte[]), getSupportedQopTypes()

challenge

public DigestChallengeResponse challenge(DigestChallenge challenge)

Sets the values of the realm, nonce, opaque, and algorithm directives and the supported quality of protection types based on a challenge.

If the challenge is not supported an exception is thrown. Use isChallengeSupported(DigestChallenge) to check if a challenge is supported before calling this method.

Parameters:

challenge - the challenge

Returns:

this object

Throws:

java.lang.IllegalArgumentException - if the challenge is not supported

See Also:

isChallengeSupported(DigestChallenge)

getHeaderValue

public java.lang.String getHeaderValue()

Returns the credentials, that is, the string to set in the Authorization HTTP request header.

Before calling this method a number of values and directives must be set. The following are the most important:

• username(String).
• password(String).
• digestUri(String).
• requestMethod(String).

If the qop type is auth-int the following must also be set unless the default value (zero-length entity body) is applicable:

• entityBody(byte[]) or entityBodyDigest(byte[]). See also isEntityBodyDigestRequired().

The following directives must also be set, but are normally parsed from the challenge or have default values, listed here mostly for completions sake:

• quotedRealm(String), parsed from the challenge.
• quotedNonce(String), parsed from the challenge.
• supportedQopTypes(Set), parsed from the challenge.
• clientNonce(String)}, except if using the DigestChallenge.QualityOfProtection.UNSPECIFIED_RFC2069_COMPATIBLE qop (not recommended). Set to a random value by default.
• firstRequestClientNonce(String) if the algorithm is MD-sess. Set to the client nonce by default.

Returns:

the string to set in the Authorization HTTP request header

Throws:

InsufficientInformationException - if any of the mandatory directives and values listed above has not been set

See Also:

Section 3.2.2 of RFC 2617

toString

public java.lang.String toString()

Overrides:

toString in class java.lang.Object