// Adds an 'Authorization' header to the supplied request based on the challenge
// contained in the supplied response. In order to succeed, the SIP identity
// designated in the From header of the request must have an entry in the
// credential database supplied to instantiateAllTestFixtures()
bool addCredentialsToRequest( SipMessage& request, const SipMessage& response )
{
bool result = false;
CredentialDB* pCredDB = CredentialDB::getInstance( mCredentialDbName );
if( pCredDB )
{
// retrieve information in the Www-authenticate: header
UtlString dummy, nonce, realm;
if( response.getAuthenticateData( &dummy,
&realm,
&nonce,
&dummy,
&dummy,
&dummy,
HttpMessage::SERVER,
0 ) )
{
// look for credentials belonging to the requesting user.
Url fromUrl;
UtlString userId;
UtlString authTypeDB;
UtlString passTokenDB;
UtlString fromUriAsString;
UtlString user;
request.getFromUrl(fromUrl);
fromUrl.getUserId( user );
fromUrl.getUri( fromUriAsString );
if( pCredDB->getCredential(fromUrl,
realm,
userId,
passTokenDB,
authTypeDB) )
{
// generate response hash
// TBD - 25-jan-2010 work might be needed if these tests are re-enabled
UtlString responseHash;
UtlString method;
request.getRequestMethod(&method);
HttpMessage::buildMd5Digest(passTokenDB.data(),
HTTP_MD5_ALGORITHM,
nonce.data(),
NULL, // client nonce
"00000001", // nonce count
"",
method.data(),
fromUriAsString.data(),
NULL,
&responseHash
);
// add authorization header
request.removeHeader( HTTP_AUTHORIZATION_FIELD, 0);
request.setDigestAuthorizationData( user.data(),
realm.data(),
nonce.data(),
fromUriAsString.data(),
responseHash.data(),
HTTP_MD5_ALGORITHM,
NULL,//clientNonce.data(),
NULL,
HTTP_QOP_AUTH,
"00000001", // nonce count
HttpMessage::SERVER
);
result = true;
}
}
}
return result;
}
