// Adds an 'Authorization' header to the supplied request based on the challenge // contained in the supplied response. In order to succeed, the SIP identity // designated in the From header of the request must have an entry in the // credential database supplied to instantiateAllTestFixtures() bool addCredentialsToRequest( SipMessage& request, const SipMessage& response ) { bool result = false; CredentialDB* pCredDB = CredentialDB::getInstance( mCredentialDbName ); if( pCredDB ) { // retrieve information in the Www-authenticate: header UtlString dummy, nonce, realm; if( response.getAuthenticateData( &dummy, &realm, &nonce, &dummy, &dummy, &dummy, HttpMessage::SERVER, 0 ) ) { // look for credentials belonging to the requesting user. Url fromUrl; UtlString userId; UtlString authTypeDB; UtlString passTokenDB; UtlString fromUriAsString; UtlString user; request.getFromUrl(fromUrl); fromUrl.getUserId( user ); fromUrl.getUri( fromUriAsString ); if( pCredDB->getCredential(fromUrl, realm, userId, passTokenDB, authTypeDB) ) { // generate response hash // TBD - 25-jan-2010 work might be needed if these tests are re-enabled UtlString responseHash; UtlString method; request.getRequestMethod(&method); HttpMessage::buildMd5Digest(passTokenDB.data(), HTTP_MD5_ALGORITHM, nonce.data(), NULL, // client nonce "00000001", // nonce count "", method.data(), fromUriAsString.data(), NULL, &responseHash ); // add authorization header request.removeHeader( HTTP_AUTHORIZATION_FIELD, 0); request.setDigestAuthorizationData( user.data(), realm.data(), nonce.data(), fromUriAsString.data(), responseHash.data(), HTTP_MD5_ALGORITHM, NULL,//clientNonce.data(), NULL, HTTP_QOP_AUTH, "00000001", // nonce count HttpMessage::SERVER ); result = true; } } } return result; }