Shikong/gb28181-docking-platform
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

认证 请求/响应 封装/完善

Browse Source
This commit is contained in:
shikong 2023-09-26 17:09:00 +08:00
parent d875a90fd6
commit 296747ec31
5 changed files with 20 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
gb28181-sip/src/main/java/cn/skcks/docking/gb28181/sip/method/register/request/RegisterRequestBuilder.java
View File

@ -44,10 +44,10 @@ public class RegisterRequestBuilder extends RegisterBuilder {
} }
@SneakyThrows @SneakyThrows
public Request createAuthorizationRequest(String callId, int expires, String id, String passwd, WWWAuthenticateHeader wwwAuthenticateHeader) { public Request createAuthorizationRequest(String callId, int expires, String id, String passwd, long cSeq, WWWAuthenticateHeader wwwAuthenticateHeader) {
SIPRequest request = (SIPRequest) createNoAuthorizationRequest(callId, expires); SIPRequest request = (SIPRequest) createNoAuthorizationRequest(callId, expires);
request.getCSeq().setSeqNumber(2L); request.getCSeq().setSeqNumber(cSeq + 1);
AuthorizationHeader authorization = DigestAuthenticationHelper.createAuthorization(getMethod(), getTargetIp(), getTargetPort(), getTargetId(), id, passwd, wwwAuthenticateHeader); AuthorizationHeader authorization = DigestAuthenticationHelper.createAuthorization(getMethod(), getTargetIp(), getTargetPort(), getTargetId(), id, passwd, (int) cSeq,wwwAuthenticateHeader);
return SipBuilder.addHeaders(request,authorization); return SipBuilder.addHeaders(request,authorization);
} }
} }

10
gb28181-sip/src/main/java/cn/skcks/docking/gb28181/sip/method/register/response/RegisterResponseBuilder.java
View File

@ -7,9 +7,7 @@ import cn.skcks.docking.gb28181.sip.utils.DigestAuthenticationHelper;
import cn.skcks.docking.gb28181.sip.utils.SipUtil; import cn.skcks.docking.gb28181.sip.utils.SipUtil;
import gov.nist.javax.sip.header.Authorization; import gov.nist.javax.sip.header.Authorization;
import gov.nist.javax.sip.message.SIPRequest; import gov.nist.javax.sip.message.SIPRequest;
import lombok.Data; import lombok.*;
import lombok.EqualsAndHashCode;
import lombok.ToString;
import lombok.experimental.SuperBuilder; import lombok.experimental.SuperBuilder;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils; import org.apache.commons.lang3.StringUtils;
@ -41,12 +39,12 @@ public class RegisterResponseBuilder extends RegisterBuilder {
sipRequest.getExpires()); sipRequest.getExpires());
} }
public Response createAuthorzatioinResponse(Request request, String password){ public Response createAuthorzatioinResponse(Request request, String domain, String password){
SIPRequest sipRequest = (SIPRequest) request; SIPRequest sipRequest = (SIPRequest) request;
Authorization authorization = sipRequest.getAuthorization(); Authorization authorization = sipRequest.getAuthorization();
if(authorization == null){ if(authorization == null){
String realm = SipUtil.nanoId(); String realm = SipUtil.nanoId();
WWWAuthenticateHeader wwwAuthenticateHeader = DigestAuthenticationHelper.generateChallenge(realm); WWWAuthenticateHeader wwwAuthenticateHeader = DigestAuthenticationHelper.generateChallenge(domain);
return SipBuilder.addHeaders( return SipBuilder.addHeaders(
SipResponseBuilder.createResponse(Response.UNAUTHORIZED, request), SipResponseBuilder.createResponse(Response.UNAUTHORIZED, request),
sipRequest.getContactHeader(), sipRequest.getContactHeader(),
@ -55,7 +53,7 @@ public class RegisterResponseBuilder extends RegisterBuilder {
boolean passed = DigestAuthenticationHelper.doAuthenticatePlainTextPassword(request,password); boolean passed = DigestAuthenticationHelper.doAuthenticatePlainTextPassword(request,password);
if(!passed){ if(!passed){
sipRequest.removeHeader(Authorization.NAME); sipRequest.removeHeader(Authorization.NAME);
return createAuthorzatioinResponse(request, password); return createAuthorzatioinResponse(request, domain, password);
} }
return SipBuilder.addHeaders( return SipBuilder.addHeaders(
SipResponseBuilder.createResponse(Response.OK, request), SipResponseBuilder.createResponse(Response.OK, request),

7
gb28181-sip/src/main/java/cn/skcks/docking/gb28181/sip/utils/DigestAuthenticationHelper.java
View File

@ -219,7 +219,7 @@ public class DigestAuthenticationHelper {
} }
@SneakyThrows @SneakyThrows
public static AuthorizationHeader createAuthorization(String method,String serverIp, int serverPort, String serverId, String deviceId,String password, WWWAuthenticateHeader www){ public static AuthorizationHeader createAuthorization(String method,String serverIp, int serverPort, String serverId, String deviceId,String password, int nonceCount, WWWAuthenticateHeader www){
String hostAddress = SipBuilder.createHostAddress(serverIp, serverPort); String hostAddress = SipBuilder.createHostAddress(serverIp, serverPort);
SipURI sipURI = SipBuilder.createSipURI(serverId, hostAddress); SipURI sipURI = SipBuilder.createSipURI(serverId, hostAddress);
if (www == null) { if (www == null) {
@ -235,8 +235,7 @@ public class DigestAuthenticationHelper {
String qop = www.getQop(); String qop = www.getQop();
String cNonce = null; String cNonce = null;
int nc = 1; String ncStr = String.format("%08x", nonceCount).toUpperCase();
String ncStr = String.format("%08x", nc).toUpperCase();
if (qop != null) { if (qop != null) {
if ("auth".equalsIgnoreCase(qop)) { if ("auth".equalsIgnoreCase(qop)) {
// 客户端随机数这是一个不透明的字符串值由客户端提供并且客户端和服务器都会使用以避免用明文文本 // 客户端随机数这是一个不透明的字符串值由客户端提供并且客户端和服务器都会使用以避免用明文文本
@ -277,7 +276,7 @@ public class DigestAuthenticationHelper {
if (qop != null) { if (qop != null) {
authorizationHeader.setQop(qop); authorizationHeader.setQop(qop);
authorizationHeader.setCNonce(cNonce); authorizationHeader.setCNonce(cNonce);
authorizationHeader.setNonceCount(nc); authorizationHeader.setNonceCount(nonceCount);
} }
return authorizationHeader; return authorizationHeader;
} }

13
gb28181-sip/src/test/java/cn/skcks/docking/gb28181/sip/process/RequestTest.java
View File

@ -23,6 +23,8 @@ public class RequestTest {
int remotePort = 5060; int remotePort = 5060;
String remoteId = "00000000000000000002"; String remoteId = "00000000000000000002";
public static final String domain = "4405010000";
@Test @Test
@SneakyThrows @SneakyThrows
void test() { void test() {
@ -55,16 +57,17 @@ public class RequestTest {
log.info("\n{}", passedAuthorzatioinResponse); log.info("\n{}", passedAuthorzatioinResponse);
log.info("有密码的认证"); log.info("有密码的认证");
Response authorzatioinResponse = registerResponseBuilder.createAuthorzatioinResponse(noAuthorizationRequest, "123456"); Response authorzatioinResponse = registerResponseBuilder.createAuthorzatioinResponse(noAuthorizationRequest, domain, "123456");
log.info("\n{}", noAuthorizationRequest); log.info("\n{}", noAuthorizationRequest);
// 401 响应 // 401 响应
log.info("\n{}", authorzatioinResponse); log.info("\n{}", authorzatioinResponse);
SIPResponse sipResponse = (SIPResponse)authorzatioinResponse; SIPResponse sipResponse = (SIPResponse) authorzatioinResponse;
WWWAuthenticateHeader wwwAuthenticateHeader = (WWWAuthenticateHeader)sipResponse.getHeader(WWWAuthenticateHeader.NAME); WWWAuthenticateHeader wwwAuthenticateHeader = (WWWAuthenticateHeader) sipResponse.getHeader(WWWAuthenticateHeader.NAME);
long cSeq = sipResponse.getCSeq().getSeqNumber();
// 重新发起带有认证信息的请求 // 重新发起带有认证信息的请求
Request authorizationRequest = registerRequestBuilder.createAuthorizationRequest(callId, 3600, localId, "123456", wwwAuthenticateHeader); Request authorizationRequest = registerRequestBuilder.createAuthorizationRequest(callId, 3600, localId, "123456", cSeq, wwwAuthenticateHeader);
log.info("\n{}", authorizationRequest); log.info("\n{}", authorizationRequest);
authorzatioinResponse = registerResponseBuilder.createAuthorzatioinResponse(authorizationRequest, "123456"); authorzatioinResponse = registerResponseBuilder.createAuthorzatioinResponse(authorizationRequest, domain, "123456");
// 注册成功 // 注册成功
log.info("\n{}", authorzatioinResponse); log.info("\n{}", authorzatioinResponse);
} }

4
gb28181-sip/src/test/java/cn/skcks/docking/gb28181/sip/utils/AuthenticationTest.java
View File

@ -17,13 +17,13 @@ public class AuthenticationTest {
@Test @Test
void test() { void test() {
AuthorizationHeader authorization = DigestAuthenticationHelper.createAuthorization(Request.REGISTER, serverIp, serverPort, serverId, deviceId, "123456", null); AuthorizationHeader authorization = DigestAuthenticationHelper.createAuthorization(Request.REGISTER, serverIp, serverPort, serverId, deviceId, "123456", 1,null);
log.info("\n{}", authorization); log.info("\n{}", authorization);
WWWAuthenticateHeader wwwAuthenticateHeader = DigestAuthenticationHelper.generateChallenge(domain); WWWAuthenticateHeader wwwAuthenticateHeader = DigestAuthenticationHelper.generateChallenge(domain);
log.info("\n{}", wwwAuthenticateHeader); log.info("\n{}", wwwAuthenticateHeader);
authorization = DigestAuthenticationHelper.createAuthorization(Request.REGISTER, serverIp, serverPort, serverId, deviceId, "123456", wwwAuthenticateHeader); authorization = DigestAuthenticationHelper.createAuthorization(Request.REGISTER, serverIp, serverPort, serverId, deviceId, "123456", 1, wwwAuthenticateHeader);
log.info("\n{}", authorization); log.info("\n{}", authorization);
boolean passed = DigestAuthenticationHelper.doAuthenticatePlainTextPassword(Request.REGISTER, authorization, "123456"); boolean passed = DigestAuthenticationHelper.doAuthenticatePlainTextPassword(Request.REGISTER, authorization, "123456");