1 /*******************************************************************************
2 * Copyright (c) 2012 Sonatype, Inc.
3 * All rights reserved. This program and the accompanying materials
4 * are made available under the terms of the Eclipse Public License v1.0
5 * which accompanies this distribution, and is available at
6 * http://www.eclipse.org/legal/epl-v10.html
9 * Sonatype, Inc. - initial API and implementation
10 *******************************************************************************/
11 package org
.eclipse
.aether
.repository
;
13 import java
.io
.UnsupportedEncodingException
;
14 import java
.security
.MessageDigest
;
15 import java
.security
.NoSuchAlgorithmException
;
17 import org
.eclipse
.aether
.RepositorySystemSession
;
20 * A helper to calculate a fingerprint/digest for the authentication data of a repository/proxy. Such a fingerprint can
21 * be used to detect changes in the authentication data across JVM restarts without exposing sensitive information.
23 public final class AuthenticationDigest
26 private final MessageDigest digest
;
28 private final RepositorySystemSession session
;
30 private final RemoteRepository repository
;
32 private final Proxy proxy
;
35 * Gets the fingerprint for the authentication of the specified repository.
37 * @param session The repository system session during which the fingerprint is requested, must not be {@code null}.
38 * @param repository The repository whose authentication is to be fingerprinted, must not be {@code null}.
39 * @return The fingerprint of the repository authentication or an empty string if no authentication is configured,
42 public static String
forRepository( RepositorySystemSession session
, RemoteRepository repository
)
45 Authentication auth
= repository
.getAuthentication();
48 AuthenticationDigest authDigest
= new AuthenticationDigest( session
, repository
, null );
49 auth
.digest( authDigest
);
50 digest
= authDigest
.digest();
56 * Gets the fingerprint for the authentication of the specified repository's proxy.
58 * @param session The repository system session during which the fingerprint is requested, must not be {@code null}.
59 * @param repository The repository whose proxy authentication is to be fingerprinted, must not be {@code null}.
60 * @return The fingerprint of the proxy authentication or an empty string if no proxy is present or if no proxy
61 * authentication is configured, never {@code null}.
63 public static String
forProxy( RepositorySystemSession session
, RemoteRepository repository
)
66 Proxy proxy
= repository
.getProxy();
69 Authentication auth
= proxy
.getAuthentication();
72 AuthenticationDigest authDigest
= new AuthenticationDigest( session
, repository
, proxy
);
73 auth
.digest( authDigest
);
74 digest
= authDigest
.digest();
80 private AuthenticationDigest( RepositorySystemSession session
, RemoteRepository repository
, Proxy proxy
)
82 this.session
= session
;
83 this.repository
= repository
;
88 private static MessageDigest
newDigest()
92 return MessageDigest
.getInstance( "SHA-1" );
94 catch ( NoSuchAlgorithmException e
)
98 return MessageDigest
.getInstance( "MD5" );
100 catch ( NoSuchAlgorithmException ne
)
102 throw new IllegalStateException( ne
);
108 * Gets the repository system session during which the authentication fingerprint is calculated.
110 * @return The repository system session, never {@code null}.
112 public RepositorySystemSession
getSession()
118 * Gets the repository requiring authentication. If {@link #getProxy()} is not {@code null}, the data gathered by
119 * this authentication digest does not apply to the repository's host but rather the proxy.
121 * @return The repository to be contacted, never {@code null}.
123 public RemoteRepository
getRepository()
129 * Gets the proxy (if any) to be authenticated with.
131 * @return The proxy or {@code null} if authenticating directly with the repository's host.
133 public Proxy
getProxy()
139 * Updates the digest with the specified strings.
141 * @param strings The strings to update the digest with, may be {@code null} or contain {@code null} elements.
143 public void update( String
... strings
)
145 if ( strings
!= null )
147 for ( String string
: strings
)
149 if ( string
!= null )
153 digest
.update( string
.getBytes( "UTF-8" ) );
155 catch ( UnsupportedEncodingException e
)
157 throw new IllegalStateException( e
);
165 * Updates the digest with the specified characters.
167 * @param chars The characters to update the digest with, may be {@code null}.
169 public void update( char... chars
)
173 for ( char c
: chars
)
175 digest
.update( (byte) ( c
>> 8 ) );
176 digest
.update( (byte) ( c
& 0xFF ) );
182 * Updates the digest with the specified bytes.
184 * @param bytes The bytes to update the digest with, may be {@code null}.
186 public void update( byte... bytes
)
190 digest
.update( bytes
);
194 private String
digest()
196 byte[] bytes
= digest
.digest();
197 StringBuilder buffer
= new StringBuilder( bytes
.length
* 2 );
198 for ( byte aByte
: bytes
)
200 int b
= aByte
& 0xFF;
203 buffer
.append( '0' );
205 buffer
.append( Integer
.toHexString( b
) );
207 return buffer
.toString();