package com.bradmcevoy.http.http11.auth; import com.bradmcevoy.http.Request; import com.bradmcevoy.http.Resource; /** * Provides a source of nonce values to be used in Digest authentication, * and a means to validate nonce values. * * Implementations should ensure that nonce values are available across all * servers in a cluster, and that they expire appropriately. * * Implementations should also ensure that nonce-count values are always * increasing, if provided. * * @author brad */ public interface NonceProvider { public enum NonceValidity { OK, EXPIRED, INVALID } /** * Check to see if the given nonce is known. If known, is it still valid * or has it expired. * * The request may also be considered invalid if the nonceCount value is * non-null and is not greater then any previous value for the valid nonce value. * * @param nonce - the nonce value given by a client to be checked. * @param nonceCount - may be null for non-auth requests. otherwise this should * be a monotonically increasing value. The server should record the previous * value and ensure that this value is greater then any previously given. * @return */ NonceValidity getNonceValidity( String nonce, Long nonceCount ); /** * Create and return a nonce value to be used for an authentication session. * * * @param resource - the resource being accessed. * @param request - the current request * @return - some string to be used as a nonce value. */ String createNonce( Resource resource, Request request ); }