public void handleComplete(HttpServerExchange exchange, HttpCompletionHandler completionHandler) {
NegotiationContext negContext = exchange.getAttachment(NegotiationContext.ATTACHMENT_KEY);
boolean authAdded = false;
if (negContext != null) {
byte[] responseChallenge = negContext.useResponseToken();
exchange.putAttachment(NegotiationContext.ATTACHMENT_KEY, null);
if (responseChallenge != null) {
HeaderMap headers = exchange.getResponseHeaders();
headers.add(
WWW_AUTHENTICATE, NEGOTIATE_PREFIX + FlexBase64.encodeString(responseChallenge, false));
authAdded = true;
}
}
if (Util.shouldChallenge(exchange)) {
if (!authAdded) {
exchange.getResponseHeaders().add(WWW_AUTHENTICATE, NEGOTIATE.toString());
}
// We only set this is actually challenging the client, the previously set header may have
// been a FYI for the
// client.
exchange.setResponseCode(CODE_401.getCode());
}
completionHandler.handleComplete();
}
