diff --git a/gb28181-sip/src/main/java/cn/skcks/docking/gb28181/sip/utils/DigestAuthenticationHelper.java b/gb28181-sip/src/main/java/cn/skcks/docking/gb28181/sip/utils/DigestAuthenticationHelper.java index f52e7d7..2657a0e 100644 --- a/gb28181-sip/src/main/java/cn/skcks/docking/gb28181/sip/utils/DigestAuthenticationHelper.java +++ b/gb28181-sip/src/main/java/cn/skcks/docking/gb28181/sip/utils/DigestAuthenticationHelper.java @@ -6,6 +6,7 @@ import cn.skcks.docking.gb28181.sip.generic.SipBuilder; import lombok.*; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.ObjectUtils; +import org.apache.commons.lang3.StringUtils; import javax.sip.SipFactory; import javax.sip.address.SipURI; @@ -154,7 +155,7 @@ public class DigestAuthenticationHelper { } public static boolean doAuthenticatePlainTextPassword(String method,AuthorizationHeader authorizationHeader, String password) { - if ( authorizationHeader == null || authorizationHeader.getRealm() == null) { + if(ObjectUtils.anyNull(authorizationHeader)){ return false; } @@ -183,7 +184,6 @@ public class DigestAuthenticationHelper { String ncStr = String.format("%08x", nc).toUpperCase(); String A1 = String.join(":",username , realm , password); String A2 = String.join(":", method.toUpperCase() , uri.toString()); - byte[] mdbytes = messageDigest.digest(A1.getBytes()); String HA1 = toHexString(mdbytes); log.debug("A1: " + A1); @@ -213,15 +213,22 @@ public class DigestAuthenticationHelper { mdbytes = messageDigest.digest(KD.getBytes()); String mdString = toHexString(mdbytes); log.debug("mdString: " + mdString); + + String mdString2 = toHexString(messageDigest.digest(StringUtils.joinWith(":", HA1, nonce, nc, cnonce, qop, HA2).getBytes())); + log.debug("mdString2: " + mdString2); + + String mdString3 = toHexString(messageDigest.digest(StringUtils.joinWith(":", HA1, nonce, nc, HA2).getBytes())); + log.debug("mdString3: " + mdString); + String response = authorizationHeader.getResponse(); log.debug("response: " + response); - return mdString.equals(response); + + + return mdString.equals(response) || mdString2.equals(response) || mdString3.equals(response); } @SneakyThrows - public static AuthorizationHeader createAuthorization(String method,String serverIp, int serverPort, String serverId, String deviceId,String password, int nonceCount, WWWAuthenticateHeader www){ - String hostAddress = SipBuilder.createHostAddress(serverIp, serverPort); - SipURI sipURI = SipBuilder.createSipURI(serverId, hostAddress); + public static AuthorizationHeader createAuthorization(String method,SipURI sipURI, String deviceId,String password, int nonceCount, WWWAuthenticateHeader www){ if (www == null) { AuthorizationHeader authorizationHeader = SipBuilder.getHeaderFactory().createAuthorizationHeader("Digest"); authorizationHeader.setUsername(deviceId); @@ -280,4 +287,17 @@ public class DigestAuthenticationHelper { } return authorizationHeader; } + + @SneakyThrows + public static AuthorizationHeader createAuthorization(String method,String domain, String serverId, String deviceId,String password, int nonceCount, WWWAuthenticateHeader www){ + SipURI sipURI = SipBuilder.createSipURI(serverId, domain); + return createAuthorization(method, sipURI, deviceId, password, nonceCount, www); + } + + @SneakyThrows + public static AuthorizationHeader createAuthorization(String method,String serverIp, int serverPort, String serverId, String deviceId,String password, int nonceCount, WWWAuthenticateHeader www){ + String hostAddress = SipBuilder.createHostAddress(serverIp, serverPort); + SipURI sipURI = SipBuilder.createSipURI(serverId, hostAddress); + return createAuthorization(method, sipURI, deviceId, password, nonceCount, www); + } } diff --git a/gb28181-sip/src/test/java/cn/skcks/docking/gb28181/sip/utils/AuthenticationTest.java b/gb28181-sip/src/test/java/cn/skcks/docking/gb28181/sip/utils/AuthenticationTest.java index be25bd9..02e428a 100644 --- a/gb28181-sip/src/test/java/cn/skcks/docking/gb28181/sip/utils/AuthenticationTest.java +++ b/gb28181-sip/src/test/java/cn/skcks/docking/gb28181/sip/utils/AuthenticationTest.java @@ -1,5 +1,6 @@ package cn.skcks.docking.gb28181.sip.utils; +import lombok.SneakyThrows; import lombok.extern.slf4j.Slf4j; import org.junit.jupiter.api.Test; @@ -9,25 +10,39 @@ import javax.sip.message.Request; @Slf4j public class AuthenticationTest { - public static final String serverId = "44050100002000000001"; - public static final String serverIp = "10.10.10.200"; + public static final String serverId = "44050100002000000003"; + public static final String serverIp = "10.10.10.20"; public static final int serverPort = 5060; public static final String domain = "4405010000"; - public static final String deviceId = "44050100001110000010"; + public static final String deviceId = "44050100001110000035"; + @SneakyThrows @Test void test() { AuthorizationHeader authorization = DigestAuthenticationHelper.createAuthorization(Request.REGISTER, serverIp, serverPort, serverId, deviceId, "123456", 1,null); log.info("\n{}", authorization); WWWAuthenticateHeader wwwAuthenticateHeader = DigestAuthenticationHelper.generateChallenge(domain); + + + wwwAuthenticateHeader.setAlgorithm("MD5"); + wwwAuthenticateHeader.setQop("auth"); + wwwAuthenticateHeader.setNonce("08a895ede05c7ac592ced4070c1ef4aa"); + wwwAuthenticateHeader.setRealm(domain); log.info("\n{}", wwwAuthenticateHeader); + authorization = DigestAuthenticationHelper.createAuthorization(Request.REGISTER, serverIp, serverPort, serverId, deviceId, "123456", 1, wwwAuthenticateHeader); log.info("\n{}", authorization); boolean passed = DigestAuthenticationHelper.doAuthenticatePlainTextPassword(Request.REGISTER, authorization, "123456"); log.info("authorization passed {}", passed); + authorization = DigestAuthenticationHelper.createAuthorization(Request.REGISTER, domain, serverId, deviceId, "123456", 1, wwwAuthenticateHeader); + log.info("\n{}", authorization); + + passed = DigestAuthenticationHelper.doAuthenticatePlainTextPassword(Request.REGISTER, authorization, "123456"); + log.info("authorization passed {}", passed); + } }