/** * Checks for certain params existence in the value, and replace them with real values obtained * from <tt>request</tt>. * * @param value the value of the header param * @param request the request we are processing * @return the value with replaced params */ private static String processParams(String value, Request request) { if (value.indexOf("${from.address}") != -1) { FromHeader fromHeader = (FromHeader) request.getHeader(FromHeader.NAME); if (fromHeader != null) { value = value.replace("${from.address}", fromHeader.getAddress().getURI().toString()); } } if (value.indexOf("${from.userID}") != -1) { FromHeader fromHeader = (FromHeader) request.getHeader(FromHeader.NAME); if (fromHeader != null) { URI fromURI = fromHeader.getAddress().getURI(); String fromAddr = fromURI.toString(); // strips sip: or sips: if (fromURI.isSipURI()) { fromAddr = fromAddr.replaceFirst(fromURI.getScheme() + ":", ""); } // take the userID part int index = fromAddr.indexOf('@'); if (index > -1) fromAddr = fromAddr.substring(0, index); value = value.replace("${from.userID}", fromAddr); } } if (value.indexOf("${to.address}") != -1) { ToHeader toHeader = (ToHeader) request.getHeader(ToHeader.NAME); if (toHeader != null) { value = value.replace("${to.address}", toHeader.getAddress().getURI().toString()); } } if (value.indexOf("${to.userID}") != -1) { ToHeader toHeader = (ToHeader) request.getHeader(ToHeader.NAME); if (toHeader != null) { URI toURI = toHeader.getAddress().getURI(); String toAddr = toURI.toString(); // strips sip: or sips: if (toURI.isSipURI()) { toAddr = toAddr.replaceFirst(toURI.getScheme() + ":", ""); } // take the userID part int index = toAddr.indexOf('@'); if (index > -1) toAddr = toAddr.substring(0, index); value = value.replace("${to.userID}", toAddr); } } return value; }
/** * Check the response and answer true if authentication succeeds. We are making simplifying * assumptions here and assuming that the password is available to us for computation of the MD5 * hash. We also dont cache authentications so that the user has to authenticate on each * registration. * * @param user is the username * @param authHeader is the Authroization header from the SIP request. * @param requestLine is the SIP Request line from the SIP request. * @exception SIPAuthenticationException is thrown when authentication fails or message is bad */ public boolean doAuthenticate(String user, AuthorizationHeader authHeader, Request request) { String realm = authHeader.getRealm(); String username = authHeader.getUsername(); URI requestURI = request.getRequestURI(); if (username == null) { ProxyDebug.println( "DEBUG, DigestAuthenticateMethod, doAuthenticate(): " + "WARNING: userName parameter not set in the header received!!!"); username = user; } if (realm == null) { ProxyDebug.println( "DEBUG, DigestAuthenticateMethod, doAuthenticate(): " + "WARNING: realm parameter not set in the header received!!! WE use the default one"); realm = DEFAULT_REALM; } ProxyDebug.println( "DEBUG, DigestAuthenticateMethod, doAuthenticate(): " + "Trying to authenticate user: "******" for " + " the realm: " + realm); String password = (String) passwordTable.get(username + "@" + realm); if (password == null) { ProxyDebug.println( "DEBUG, DigestAuthenticateMethod, doAuthenticate(): " + "ERROR: password not found for the user: "******"@" + realm); return false; } String nonce = authHeader.getNonce(); // If there is a URI parameter in the Authorization header, // then use it. URI uri = authHeader.getURI(); // There must be a URI parameter in the authorization header. if (uri == null) { ProxyDebug.println( "DEBUG, DigestAuthenticateMethod, doAuthenticate(): " + "ERROR: uri paramater not set in the header received!"); return false; } ProxyDebug.println( "DEBUG, DigestAuthenticationMethod, doAuthenticate(), username:"******"!"); ProxyDebug.println("DEBUG, DigestAuthenticationMethod, doAuthenticate(), realm:" + realm + "!"); ProxyDebug.println( "DEBUG, DigestAuthenticationMethod, doAuthenticate(), password:"******"!"); ProxyDebug.println("DEBUG, DigestAuthenticationMethod, doAuthenticate(), uri:" + uri + "!"); ProxyDebug.println("DEBUG, DigestAuthenticationMethod, doAuthenticate(), nonce:" + nonce + "!"); ProxyDebug.println( "DEBUG, DigestAuthenticationMethod, doAuthenticate(), method:" + request.getMethod() + "!"); String A1 = username + ":" + realm + ":" + password; String A2 = request.getMethod().toUpperCase() + ":" + uri.toString(); byte mdbytes[] = messageDigest.digest(A1.getBytes()); String HA1 = ProxyUtilities.toHexString(mdbytes); ProxyDebug.println("DEBUG, DigestAuthenticationMethod, doAuthenticate(), HA1:" + HA1 + "!"); mdbytes = messageDigest.digest(A2.getBytes()); String HA2 = ProxyUtilities.toHexString(mdbytes); ProxyDebug.println("DEBUG, DigestAuthenticationMethod, doAuthenticate(), HA2:" + HA2 + "!"); String cnonce = authHeader.getCNonce(); String KD = HA1 + ":" + nonce; if (cnonce != null) { KD += ":" + cnonce; } KD += ":" + HA2; mdbytes = messageDigest.digest(KD.getBytes()); String mdString = ProxyUtilities.toHexString(mdbytes); String response = authHeader.getResponse(); ProxyDebug.println( "DEBUG, DigestAuthenticateMethod, doAuthenticate(): " + "we have to compare his response: " + response + " with our computed" + " response: " + mdString); int res = (mdString.compareTo(response)); if (res == 0) { ProxyDebug.println( "DEBUG, DigestAuthenticateMethod, doAuthenticate(): " + "User authenticated..."); } else { ProxyDebug.println( "DEBUG, DigestAuthenticateMethod, doAuthenticate(): " + "User not authenticated..."); } return res == 0; }