commons-net.jar Source Code

commons-net.jar is the bytecode of Apache Commons Net library, which implements the client side of many basic Internet protocols.

Apache Commons Net Source Code files are provided in the binary packge (commons-net-3.8.0-bin.zip). You can download it at Apache Commons Net Website.

The source code of commons-net-3.8.0.jar is provided below:

✍: FYIcenter

org/apache/commons/net/imap/AuthenticatingIMAPClient.java

/*
 * Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements.  See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to You under the Apache License, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.apache.commons.net.imap;

import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;

import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import javax.net.ssl.SSLContext;

import org.apache.commons.net.util.Base64;

/**
 * An IMAP Client class with authentication support.
 * @see IMAPSClient
 */
public class AuthenticatingIMAPClient extends IMAPSClient
{
    /**
     * Constructor for AuthenticatingIMAPClient that delegates to IMAPSClient.
     * Sets security mode to explicit (isImplicit = false).
     */
    public AuthenticatingIMAPClient()
    {
        this(DEFAULT_PROTOCOL, false);
    }

    /**
     * Constructor for AuthenticatingIMAPClient that delegates to IMAPSClient.
     * @param implicit The security mode (Implicit/Explicit).
     */
    public AuthenticatingIMAPClient(final boolean implicit)
    {
        this(DEFAULT_PROTOCOL, implicit);
    }

    /**
     * Constructor for AuthenticatingIMAPClient that delegates to IMAPSClient.
     * @param proto the protocol.
     */
    public AuthenticatingIMAPClient(final String proto)
    {
        this(proto, false);
    }

    /**
     * Constructor for AuthenticatingIMAPClient that delegates to IMAPSClient.
     * @param proto the protocol.
     * @param implicit The security mode(Implicit/Explicit).
     */
    public AuthenticatingIMAPClient(final String proto, final boolean implicit)
    {
        this(proto, implicit, null);
    }

    /**
     * Constructor for AuthenticatingIMAPClient that delegates to IMAPSClient.
     * @param proto the protocol.
     * @param implicit The security mode(Implicit/Explicit).
     * @param ctx the context
     */
    public AuthenticatingIMAPClient(final String proto, final boolean implicit, final SSLContext ctx)
    {
        super(proto, implicit, ctx);
    }

    /**
     * Constructor for AuthenticatingIMAPClient that delegates to IMAPSClient.
     * @param implicit The security mode(Implicit/Explicit).
     * @param ctx A pre-configured SSL Context.
     */
    public AuthenticatingIMAPClient(final boolean implicit, final SSLContext ctx)
    {
        this(DEFAULT_PROTOCOL, implicit, ctx);
    }

    /**
     * Constructor for AuthenticatingIMAPClient that delegates to IMAPSClient.
     * @param context A pre-configured SSL Context.
     */
    public AuthenticatingIMAPClient(final SSLContext context)
    {
        this(false, context);
    }

    /**
     * Authenticate to the IMAP server by sending the AUTHENTICATE command with the
     * selected mechanism, using the given username and the given password.
     *
     * @param method the method name
     * @param username user
     * @param password password
     * @return True if successfully completed, false if not.
     * @throws IOException  If an I/O error occurs while either sending a
     *      command to the server or receiving a reply from the server.
     * @throws NoSuchAlgorithmException If the CRAM hash algorithm
     *      cannot be instantiated by the Java runtime system.
     * @throws InvalidKeyException If the CRAM hash algorithm
     *      failed to use the given password.
     * @throws InvalidKeySpecException If the CRAM hash algorithm
     *      failed to use the given password.
     */
    public boolean authenticate(final AuthenticatingIMAPClient.AUTH_METHOD method,
                        final String username, final String password)
                        throws IOException, NoSuchAlgorithmException,
                        InvalidKeyException, InvalidKeySpecException
    {
        return auth(method, username, password);
    }

    /**
     * Authenticate to the IMAP server by sending the AUTHENTICATE command with the
     * selected mechanism, using the given username and the given password.
     *
     * @param method the method name
     * @param username user
     * @param password password
     * @return True if successfully completed, false if not.
     * @throws IOException  If an I/O error occurs while either sending a
     *      command to the server or receiving a reply from the server.
     * @throws NoSuchAlgorithmException If the CRAM hash algorithm
     *      cannot be instantiated by the Java runtime system.
     * @throws InvalidKeyException If the CRAM hash algorithm
     *      failed to use the given password.
     * @throws InvalidKeySpecException If the CRAM hash algorithm
     *      failed to use the given password.
     */
    public boolean auth(final AuthenticatingIMAPClient.AUTH_METHOD method,
                        final String username, final String password)
                        throws IOException, NoSuchAlgorithmException,
                        InvalidKeyException, InvalidKeySpecException
    {
        if (!IMAPReply.isContinuation(sendCommand(IMAPCommand.AUTHENTICATE, method.getAuthName())))
        {
            return false;
        }

        switch (method) {
            case PLAIN:
            {
                // the server sends an empty response ("+ "), so we don't have to read it.
                final int result = sendData(
                    Base64.encodeBase64StringUnChunked(("\000" + username + "\000" + password)
                            .getBytes(getCharset())));
                if (result == IMAPReply.OK)
                {
                    setState(IMAP.IMAPState.AUTH_STATE);
                }
                return result == IMAPReply.OK;
            }
            case CRAM_MD5:
            {
                // get the CRAM challenge (after "+ ")
                final byte[] serverChallenge = Base64.decodeBase64(getReplyString().substring(2).trim());
                // get the Mac instance
                final Mac hmac_md5 = Mac.getInstance("HmacMD5");
                hmac_md5.init(new SecretKeySpec(password.getBytes(getCharset()), "HmacMD5"));
                // compute the result:
                final byte[] hmacResult = convertToHexString(hmac_md5.doFinal(serverChallenge)).getBytes(getCharset());
                // join the byte arrays to form the reply
                final byte[] usernameBytes = username.getBytes(getCharset());
                final byte[] toEncode = new byte[usernameBytes.length + 1 /* the space */ + hmacResult.length];
                System.arraycopy(usernameBytes, 0, toEncode, 0, usernameBytes.length);
                toEncode[usernameBytes.length] = ' ';
                System.arraycopy(hmacResult, 0, toEncode, usernameBytes.length + 1, hmacResult.length);
                // send the reply and read the server code:
                final int result = sendData(Base64.encodeBase64StringUnChunked(toEncode));
                if (result == IMAPReply.OK)
                {
                    setState(IMAP.IMAPState.AUTH_STATE);
                }
                return result == IMAPReply.OK;
            }
            case LOGIN:
            {
                // the server sends fixed responses (base64("Username") and
                // base64("Password")), so we don't have to read them.
                if (sendData(Base64.encodeBase64StringUnChunked(username.getBytes(getCharset()))) != IMAPReply.CONT)
                {
                    return false;
                }
                final int result = sendData(Base64.encodeBase64StringUnChunked(password.getBytes(getCharset())));
                if (result == IMAPReply.OK)
                {
                    setState(IMAP.IMAPState.AUTH_STATE);
                }
                return result == IMAPReply.OK;
            }
            case XOAUTH:
            case XOAUTH2:
            {
                final int result = sendData(username);
                if (result == IMAPReply.OK)
                {
                    setState(IMAP.IMAPState.AUTH_STATE);
                }
                return result == IMAPReply.OK;
            }
        }
        return false; // safety check
    }

    /**
     * Converts the given byte array to a String containing the hex values of the bytes.
     * For example, the byte 'A' will be converted to '41', because this is the ASCII code
     * (and the byte value) of the capital letter 'A'.
     * @param a The byte array to convert.
     * @return The resulting String of hex codes.
     */
    private String convertToHexString(final byte[] a)
    {
        final StringBuilder result = new StringBuilder(a.length*2);
        for (final byte element : a)
        {
            if ( (element & 0x0FF) <= 15 ) {
                result.append("0");
            }
            result.append(Integer.toHexString(element & 0x0FF));
        }
        return result.toString();
    }

    /**
     * The enumeration of currently-supported authentication methods.
     */
    public enum AUTH_METHOD
    {
        /** The standarised (RFC4616) PLAIN method, which sends the password unencrypted (insecure). */
        PLAIN("PLAIN"),
        /** The standarised (RFC2195) CRAM-MD5 method, which doesn't send the password (secure). */
        CRAM_MD5("CRAM-MD5"),
        /** The unstandarised Microsoft LOGIN method, which sends the password unencrypted (insecure). */
        LOGIN("LOGIN"),
        /** XOAUTH */
        XOAUTH("XOAUTH"),
        /** XOAUTH 2 */
        XOAUTH2("XOAUTH2");

        private final String authName;

        AUTH_METHOD(final String name){
            this.authName=name;
        }
        /**
         * Gets the name of the given authentication method suitable for the server.
         * @return The name of the given authentication method suitable for the server.
         */
        public final String getAuthName()
        {
            return authName;
        }
    }
}
/* kate: indent-width 4; replace-tabs on; */

org/apache/commons/net/imap/AuthenticatingIMAPClient.java

 

⇒ Download and Install commons-net.jar Binary Package

⇐ What Is commons-net.jar

⇑ Downloading and Reviewing commons-net.jar

⇑⇑ FAQ for Apache commons-net.jar

2009-02-08, 82543👍, 0💬