001// *************************************************************************************************************************** 002// * Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file * 003// * distributed with this work for additional information regarding copyright ownership. The ASF licenses this file * 004// * to you under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance * 005// * with the License. You may obtain a copy of the License at * 006// * * 007// * http://www.apache.org/licenses/LICENSE-2.0 * 008// * * 009// * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an * 010// * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the * 011// * specific language governing permissions and limitations under the License. * 012// *************************************************************************************************************************** 013package org.apache.juneau.http.header; 014 015import java.util.function.*; 016 017import org.apache.juneau.http.annotation.*; 018 019/** 020 * Represents a parsed <l>Authorization</l> HTTP request header. 021 * 022 * <p> 023 * Authentication credentials for HTTP authentication. 024 * 025 * <h5 class='figure'>Example</h5> 026 * <p class='bcode w800'> 027 * Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ== 028 * </p> 029 * 030 * <h5 class='topic'>RFC2616 Specification</h5> 031 * 032 * A user agent that wishes to authenticate itself with a server--usually, but not necessarily, after receiving a 401 033 * response--does so by including an Authorization request-header field with the request. 034 * 035 * <p> 036 * The Authorization field value consists of credentials containing the authentication information of the user agent for 037 * the realm of the resource being requested. 038 * 039 * <p class='bcode w800'> 040 * Authorization = "Authorization" ":" credentials 041 * </p> 042 * 043 * <p> 044 * HTTP access authentication is described in "HTTP Authentication: Basic and Digest Access Authentication". 045 * 046 * <p> 047 * If a request is authenticated and a realm specified, the same credentials SHOULD be valid for all other requests 048 * within this realm (assuming that the authentication scheme itself does not require otherwise, such as credentials 049 * that vary according to a challenge value or using synchronized clocks). 050 * 051 * <p> 052 * When a shared cache (see section 13.7) receives a request containing an Authorization field, it MUST NOT return the 053 * corresponding response as a reply to any other request, unless one of the following specific exceptions holds: 054 * <ol> 055 * <li>If the response includes the "s-maxage" cache-control directive, the cache MAY use that response in replying 056 * to a subsequent request. 057 * But (if the specified maximum age has passed) a proxy cache MUST first revalidate it with the origin 058 * server, using the request-headers from the new request to allow the origin server to authenticate the new 059 * request. 060 * (This is the defined behavior for s-maxage.) 061 * If the response includes "s-maxage=0", the proxy MUST always revalidate it before re-using it. 062 * <li>If the response includes the "must-revalidate" cache-control directive, the cache MAY use that response in 063 * replying to a subsequent request. 064 * But if the response is stale, all caches MUST first revalidate it with the origin server, using the 065 * request-headers from the new request to allow the origin server to authenticate the new request. 066 * <li>If the response includes the "public" cache-control directive, it MAY be returned in reply to any subsequent 067 * request. 068 * </ol> 069 * 070 * <ul class='seealso'> 071 * <li class='extlink'>{@doc ExtRFC2616} 072 * </ul> 073 */ 074@Header("Authorization") 075public class Authorization extends BasicStringHeader { 076 077 private static final long serialVersionUID = 1L; 078 079 /** 080 * Convenience creator. 081 * 082 * @param value 083 * The header value. 084 * <br>Can be any of the following: 085 * <ul> 086 * <li>{@link String} 087 * <li>Anything else - Converted to <c>String</c> then parsed. 088 * </ul> 089 * @return A new {@link Authorization} object. 090 */ 091 public static Authorization of(Object value) { 092 if (value == null) 093 return null; 094 return new Authorization(value); 095 } 096 097 /** 098 * Convenience creator using supplier. 099 * 100 * <p> 101 * Header value is re-evaluated on each call to {@link #getValue()}. 102 * 103 * @param value 104 * The header value supplier. 105 * <br>Can be any of the following: 106 * <ul> 107 * <li>{@link String} 108 * <li>Anything else - Converted to <c>String</c> then parsed. 109 * </ul> 110 * @return A new {@link Authorization} object. 111 */ 112 public static Authorization of(Supplier<?> value) { 113 if (value == null) 114 return null; 115 return new Authorization(value); 116 } 117 118 /** 119 * Constructor. 120 * 121 * @param value 122 * The header value. 123 * <br>Can be any of the following: 124 * <ul> 125 * <li>{@link String} 126 * <li>Anything else - Converted to <c>String</c> then parsed. 127 * <li>A {@link Supplier} of anything on this list. 128 * </ul> 129 */ 130 public Authorization(Object value) { 131 super("Authorization", value); 132 } 133 134 /** 135 * Constructor 136 * 137 * @param value 138 * The header value. 139 */ 140 public Authorization(String value) { 141 this((Object)value); 142 } 143}