![]() |
IOS Streaming Browser 1.0
An IOS streaming browser to stream the display to others or to a projector
|
#import <HTTPAuthenticationRequest.h>
Public Member Functions | |
(id) | - initWithRequest: |
(BOOL) | - isBasic |
(BOOL) | - isDigest |
(NSString *) | - base64Credentials |
(NSString *) | - username |
(NSString *) | - realm |
(NSString *) | - nonce |
(NSString *) | - uri |
(NSString *) | - qop |
(NSString *) | - nc |
(NSString *) | - cnonce |
(NSString *) | - response |
(NSString *) | - quotedSubHeaderFieldValue:fromHeaderFieldValue: |
(NSString *) | - nonquotedSubHeaderFieldValue:fromHeaderFieldValue: |
Protected Attributes | |
BOOL | isBasic |
BOOL | isDigest |
NSString * | base64Credentials |
NSString * | username |
NSString * | realm |
NSString * | nonce |
NSString * | uri |
NSString * | qop |
NSString * | nc |
NSString * | cnonce |
NSString * | response |
Definition at line 11 of file HTTPAuthenticationRequest.h.
- (NSString *) base64Credentials |
returns NSString
- (NSString *) cnonce |
A client-specified data string which MUST be different each time a digest-response is sent as part of initial authentication. The cnonce-value is an opaque quoted string value provided by the client and used by both client and server to avoid chosen plaintext attacks, and to provide mutual authentication. The security of the implementation depends on a good choice. It is RECOMMENDED that it contain at least 64 bits of entropy. This directive is required and MUST be present exactly once; otherwise, authentication fails.
- (id) initWithRequest: | (HTTPMessage *) | request |
Initializes the HTTPAuthenticationRequest with an HTTPMessage param HTTPMessage returns id
Initialize the HTTPAuthenticationRequest with an HTTPMessage param HTTPMessage returns id
Definition at line 32 of file HTTPAuthenticationRequest.m.
:(HTTPMessage *)request { if ((self = [super init])) { // Get the Authorization header field from the HTTP message NSString *authInfo = [request headerField:@"Authorization"]; // Set the basic authentication flag to no isBasic = NO; // Check if the authorization header field to see if it has length greater than or equal to 6 characters. (i.e. the word 'Basic' plus a space if ([authInfo length] >= 6) { // Returns a new string containing the characters of the receiver up to, but not including, the one at a given index isBasic = [[authInfo substringToIndex:6] caseInsensitiveCompare:@"Basic "] == NSOrderedSame; } // Set the digest authentication flag to no isDigest = NO; // Check is the authorization header field is 'Digest' if ([authInfo length] >= 7) { // a new string containing the characters of the receiver up to, but not including, the one at a given index. isDigest = [[authInfo substringToIndex:7] caseInsensitiveCompare:@"Digest "] == NSOrderedSame; } // if using basic authentication if (isBasic) { // Gets the substring in the 7th position, makes a copy, and then schedules it for autorelease NSMutableString *temp = [[[authInfo substringFromIndex:6] mutableCopy] autorelease]; // Trims any whitespace from the string CFStringTrimWhitespace((CFMutableStringRef)temp); // Copies the value in the temp string to the base64Credentials variable base64Credentials = [temp copy]; } // If using digest authentication if (isDigest) { // Get the username from the header username = [[self quotedSubHeaderFieldValue:@"username" fromHeaderFieldValue:authInfo] retain]; // Get the realm from the header realm = [[self quotedSubHeaderFieldValue:@"realm" fromHeaderFieldValue:authInfo] retain]; // Get the nonce from the header nonce = [[self quotedSubHeaderFieldValue:@"nonce" fromHeaderFieldValue:authInfo] retain]; // Get the URI from the header uri = [[self quotedSubHeaderFieldValue:@"uri" fromHeaderFieldValue:authInfo] retain]; // It appears from RFC 2617 that the qop is to be given unquoted // Tests show that Firefox performs this way, but Safari does not // Thus we'll attempt to retrieve the value as nonquoted, but we'll verify it doesn't start with a quote qop = [self nonquotedSubHeaderFieldValue:@"qop" fromHeaderFieldValue:authInfo]; // If there is a quality of protection setting if(qop && ([qop characterAtIndex:0] == '"')) { // gets the quality of protection // Possible values are: // auth-int indicate authentication with integrity protection // auth-param qop = [self quotedSubHeaderFieldValue:@"qop" fromHeaderFieldValue:authInfo]; } // Increment the reference count for the quality of protection [qop retain]; //Retrieves a nonquoted "Sub Header Field Value" from a given header field value. nc = [[self nonquotedSubHeaderFieldValue:@"nc" fromHeaderFieldValue:authInfo] retain]; // Retrieves a quoted "Sub Header Field Value" from a given header field value. cnonce = [[self quotedSubHeaderFieldValue:@"cnonce" fromHeaderFieldValue:authInfo] retain]; // Retrieves a quoted "Sub Header Field Value" from a given header field value. response = [[self quotedSubHeaderFieldValue:@"response" fromHeaderFieldValue:authInfo] retain]; } } return self; }
- (BOOL) isBasic |
Getter method for accessing whether basic authentication returns BOOL
- (BOOL) isDigest |
Getter method for accessing whether digest authentication returns BOOL
- (NSString *) nc |
The nc-value is the hexadecimal count of the number of requests (including the current request) that the client has sent with the nonce value in this request. For example, in the first request sent in response to a given nonce value, the client sends "nc=00000001". The purpose of this directive is to allow the server to detect request replays by maintaining its own copy of this count - if the same nc-value is seen twice, then the request is a replay. See the description below of the construction of the response value. This directive may appear at most once; if multiple instances are present, the client should abort the authentication exchange.
- (NSString *) nonce |
The server-specified data string received in the preceding digest-challenge. This directive is required and MUST be present exactly once; otherwise, authentication fails.
- (NSString *) nonquotedSubHeaderFieldValue: | (NSString *) | param | |
fromHeaderFieldValue: | (NSString *) | header | |
param NSString param NSString returns NSString
- (NSString *) qop |
Indicates what "quality of protection" the client accepted. If present, it may appear exactly once and its value MUST be one of the alternatives in qop-options. If not present, it defaults to "auth". These values affect the computation of the response. Note that this is a single token, not a quoted list of alternatives.
- (NSString *) quotedSubHeaderFieldValue: | (NSString *) | param | |
fromHeaderFieldValue: | (NSString *) | header | |
- (NSString *) realm |
The realm containing the user's account. This directive is required if the server provided any realms in the "digest-challenge", in which case it may appear exactly once and its value SHOULD be one of those realms. If the directive is missing, "realm-value" will set to the empty string when computing A1 (see below for details).
- (NSString *) response |
A string of 32 hex digits computed as defined below, which proves that the user knows a password. This directive is required and MUST be present exactly once; otherwise, authentication fails.
- (NSString *) uri |
Indicates the principal name of the service with which the client wishes to connect, formed from the serv-type, host, and serv-name. For example, the FTP service on "ftp.example.com" would have a "digest-uri" value of "ftp/ftp.example.com"; the SMTP server from the example above would have a "digest-uri" value of "smtp/mail3.example.com/example.com".
Servers SHOULD check that the supplied value is correct. This will detect accidental connection to the incorrect server. It is also so that clients will be trained to provide values that will work with implementations that use a shared back-end authentication service that can provide server authentication.
The serv-type component should match the service being offered. The host component should match one of the host names of the host on which the service is running, or it's IP address. Servers SHOULD NOT normally support the IP address form, because server authentication by IP address is not very useful; they should only do so if the DNS is unavailable or unreliable. The serv-name component should match one of the service's configured service names.
This directive may appear at most once; if multiple instances are present, the client should abort the authentication exchange.
Note: In the HTTP use of Digest authentication, the digest-uri is the URI (usually a URL) of the resource requested -- hence the name of the directive.
- (NSString *) username |
The user's name in the specified realm, encoded according to the value of the "charset" directive. This directive is required and MUST be present exactly once; otherwise, authentication fails.
- (NSString *) base64Credentials [protected] |
base64 encoding of basic authentication credentials
Returns base64 credentials returns NSString
Definition at line 26 of file HTTPAuthenticationRequest.h.
- (NSString *) cnonce [protected] |
This MUST be specified if a qop directive is sent (see above), and MUST NOT be specified if the server did not send a qop directive in the WWW-Authenticate header field. The cnonce-value is an opaque quoted string value provided by the client and used by both client and server to avoid chosen plaintext attacks, to provide mutual authentication, and to provide some message integrity protection.
A cnonce is a a client-specified data string which MUST be different each time a digest-response is sent as part of initial authentication. The cnonce-value is an opaque quoted string value provided by the client and used by both client and server to avoid chosen plaintext attacks, and to provide mutual authentication. The security of the implementation depends on a good choice. It is RECOMMENDED that it contain at least 64 bits of entropy. This directive is required and MUST be present exactly once; otherwise, authentication fails.
Definition at line 62 of file HTTPAuthenticationRequest.h.
- (BOOL) isBasic [protected] |
Whether basic authentication basic access authentication is a method designed to allow a web browser, or other client program, to provide credentials – in the form of a user name and password – when making a request
Gets whether basic authentication returns BOOL
Definition at line 16 of file HTTPAuthenticationRequest.h.
- (BOOL) isDigest [protected] |
Digest access authentication is one of the agreed methods a web server can use to negotiate credentials with a web user's browser. It uses encryption to send the password over the network which is safer than the Basic access authentication that sends plaintext.
Whether digest authentication returns BOOL
Definition at line 21 of file HTTPAuthenticationRequest.h.
- (NSString *) nc [protected] |
This MUST be specified if a qop directive is sent (see above), and MUST NOT be specified if the server did not send a qop directive in the WWW-Authenticate header field. The nc-value is the hexadecimal count of the number of requests (including the current request) that the client has sent with the nonce value in this request. For example, in the first request sent in response to a given nonce value, the client sends "nc=00000001". The purpose of this directive is to allow the server to detect request replays by maintaining its own copy of this count - if the same nc-value is seen twice, then the request is a replay.
Returns the nonce count The nc-value is the hexadecimal count of the number of requests (including the current request) that the client has sent with the nonce value in this request. For example, in the first request sent in response to a given nonce value, the client sends "nc=00000001". The purpose of this directive is to allow the server to detect request replays by maintaining its own copy of this count - if the same nc-value is seen twice, then the request is a replay. See the description below of the construction of the response value. This directive may appear at most once; if multiple instances are present, the client should abort the authentication exchange.
Definition at line 57 of file HTTPAuthenticationRequest.h.
- (NSString *) nonce [protected] |
A server-specified data string which should be uniquely generated each time a 401 response is made. It is recommended that this string be base64 or hexadecimal data. Specifically, since the string is passed in the header lines as a quoted string, the double-quote character is not allowed.
Returns the nonce The server-specified data string received in the preceding digest-challenge. This directive is required and MUST be present exactly once; otherwise, authentication fails.
Definition at line 42 of file HTTPAuthenticationRequest.h.
- (NSString *) qop [protected] |
This directive is optional, but is made so only for backward compatibility with RFC 2069 [6]; it SHOULD be used by all implementations compliant with this version of the Digest scheme. If present, it is a quoted string of one or more tokens indicating the "quality of protection" values supported by the server. The value "auth" indicates authentication; the value "auth-int"indicates authentication with integrity protection;
Returns the quality of protection Indicates what "quality of protection" the client accepted. If present, it may appear exactly once and its value MUST be one of the alternatives in qop-options. If not present, it defaults to "auth". These values affect the computation of the response. Note that this is a single token, not a quoted list of alternatives.
Definition at line 52 of file HTTPAuthenticationRequest.h.
- (NSString *) realm [protected] |
A string to be displayed to users so they know which username and password to use. This string should contain at least the name of the host performing the authentication and might additionally indicate the collection of users who might have access. An example might be "registered_users@gotham.news.com".
Returns the realm The realm containing the user's account. This directive is required if the server provided any realms in the "digest-challenge", in which case it may appear exactly once and its value SHOULD be one of those realms. If the directive is missing, "realm-value" will set to the empty string when computing A1 (see below for details).
Definition at line 36 of file HTTPAuthenticationRequest.h.
- (NSString *) response [protected] |
A string of 32 hex digits computed as defined below, which proves that the user knows a password
Returns the response A string of 32 hex digits computed as defined below, which proves that the user knows a password. This directive is required and MUST be present exactly once; otherwise, authentication fails.
Definition at line 67 of file HTTPAuthenticationRequest.h.
- (NSString *) uri [protected] |
The URI from Request-URI of the Request-Line; duplicated here because proxies are allowed to change the Request-Line in transit.
Returns the URI
Definition at line 47 of file HTTPAuthenticationRequest.h.
- (NSString *) username [protected] |
The user's name in the specified realm.
Returns the username The user's name in the specified realm, encoded according to the value of the "charset" directive. This directive is required and MUST be present exactly once; otherwise, authentication fails.
Definition at line 31 of file HTTPAuthenticationRequest.h.