001 /*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements. See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership. The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License. You may obtain a copy of the License at
009 *
010 * http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing,
013 * software distributed under the License is distributed on an
014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015 * KIND, either express or implied. See the License for the
016 * specific language governing permissions and limitations
017 * under the License.
018 */
019
020 package org.apache.geronimo.javamail.authentication;
021
022 import javax.mail.MessagingException;
023
024 /**
025 * Simplified version of the Java 5 SaslClient interface. This is used to
026 * implement a javamail authentication framework that mimics the Sasl framework
027 * on a 1.4.2 JVM. Only the methods required by the Javamail code are
028 * implemented here, but it should be a simple migration to the fuller SASL
029 * interface.
030 */
031 public interface ClientAuthenticator {
032 /**
033 * Evaluate a challenge and return a response that can be sent back to the
034 * server. Bot the challenge information and the response information are
035 * "raw data", minus any special encodings used by the transport. For
036 * example, SMTP DIGEST-MD5 authentication protocol passes information as
037 * Base64 encoded strings. That encoding must be removed before calling
038 * evaluateChallenge() and the resulting respose must be Base64 encoced
039 * before transmission to the server.
040 *
041 * It is the authenticator's responsibility to keep track of the state of
042 * the evaluations. That is, if the authentication process requires multiple
043 * challenge/response cycles, then the authenticator needs to keep track of
044 * context of the challenges.
045 *
046 * @param challenge
047 * The challenge data.
048 *
049 * @return An appropriate response for the challenge data.
050 */
051
052 public byte[] evaluateChallenge(byte[] challenge) throws MessagingException;
053
054 /**
055 * Indicates that the authenticator has data that should be sent when the
056 * authentication process is initiated. For example, the SMTP PLAIN
057 * authentication sends userid/password without waiting for a challenge
058 * response.
059 *
060 * If this method returns true, then the initial response is retrieved using
061 * evaluateChallenge() passing null for the challenge information.
062 *
063 * @return True if the challenge/response process starts with an initial
064 * response on the client side.
065 */
066 public boolean hasInitialResponse();
067
068 /**
069 * Indicates whether the client believes the challenge/response sequence is
070 * now complete.
071 *
072 * @return true if the client has evaluated what it believes to be the last
073 * challenge, false if there are additional stages to evaluate.
074 */
075
076 public boolean isComplete();
077
078 /**
079 * Return the mechanism name implemented by this authenticator.
080 *
081 * @return The string name of the authentication mechanism. This name should
082 * match the names commonly used by the mail servers (e.g., "PLAIN",
083 * "LOGIN", "DIGEST-MD5", etc.).
084 */
085 public String getMechanismName();
086 }