1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18 package org.apache.commons.net.imap;
19
20 import java.io.IOException;
21 import java.security.InvalidKeyException;
22 import java.security.NoSuchAlgorithmException;
23 import java.security.spec.InvalidKeySpecException;
24 import java.util.Base64;
25
26 import javax.crypto.Mac;
27 import javax.crypto.spec.SecretKeySpec;
28 import javax.net.ssl.SSLContext;
29
30
31
32
33
34
35 public class AuthenticatingIMAPClient extends IMAPSClient {
36
37
38 private static final String MAC_ALGORITHM = "HmacMD5";
39
40
41
42
43 public enum AUTH_METHOD {
44
45
46
47 PLAIN("PLAIN"),
48
49
50 CRAM_MD5("CRAM-MD5"),
51
52
53 LOGIN("LOGIN"),
54
55
56 XOAUTH("XOAUTH"),
57
58
59 XOAUTH2("XOAUTH2");
60
61 private final String authName;
62
63 AUTH_METHOD(final String name) {
64 this.authName = name;
65 }
66
67
68
69
70
71
72 public final String getAuthName() {
73 return authName;
74 }
75 }
76
77
78
79
80 public AuthenticatingIMAPClient() {
81 this(DEFAULT_PROTOCOL, false);
82 }
83
84
85
86
87
88
89 public AuthenticatingIMAPClient(final boolean implicit) {
90 this(DEFAULT_PROTOCOL, implicit);
91 }
92
93
94
95
96
97
98
99 public AuthenticatingIMAPClient(final boolean implicit, final SSLContext ctx) {
100 this(DEFAULT_PROTOCOL, implicit, ctx);
101 }
102
103
104
105
106
107
108 public AuthenticatingIMAPClient(final SSLContext context) {
109 this(false, context);
110 }
111
112
113
114
115
116
117 public AuthenticatingIMAPClient(final String proto) {
118 this(proto, false);
119 }
120
121
122
123
124
125
126
127 public AuthenticatingIMAPClient(final String proto, final boolean implicit) {
128 this(proto, implicit, null);
129 }
130
131
132
133
134
135
136
137
138 public AuthenticatingIMAPClient(final String proto, final boolean implicit, final SSLContext ctx) {
139 super(proto, implicit, ctx);
140 }
141
142
143
144
145
146
147
148
149
150
151
152
153
154 public boolean auth(final AuthenticatingIMAPClient.AUTH_METHOD method, final String user, final String password)
155 throws IOException, NoSuchAlgorithmException, InvalidKeyException, InvalidKeySpecException {
156 if (!IMAPReply.isContinuation(sendCommand(IMAPCommand.AUTHENTICATE, method.getAuthName()))) {
157 return false;
158 }
159
160 switch (method) {
161 case PLAIN: {
162
163 final int result = sendData(Base64.getEncoder().encodeToString(("\000" + user + "\000" + password).getBytes(getCharset())));
164 if (result == IMAPReply.OK) {
165 setState(IMAP.IMAPState.AUTH_STATE);
166 }
167 return result == IMAPReply.OK;
168 }
169 case CRAM_MD5: {
170
171 final byte[] serverChallenge = Base64.getDecoder().decode(getReplyString().substring(2).trim());
172
173 final Mac hmacMd5 = Mac.getInstance(MAC_ALGORITHM);
174 hmacMd5.init(new SecretKeySpec(password.getBytes(getCharset()), MAC_ALGORITHM));
175
176 final byte[] hmacResult = convertToHexString(hmacMd5.doFinal(serverChallenge)).getBytes(getCharset());
177
178 final byte[] usernameBytes = user.getBytes(getCharset());
179 final byte[] toEncode = new byte[usernameBytes.length + 1 + hmacResult.length];
180 System.arraycopy(usernameBytes, 0, toEncode, 0, usernameBytes.length);
181 toEncode[usernameBytes.length] = ' ';
182 System.arraycopy(hmacResult, 0, toEncode, usernameBytes.length + 1, hmacResult.length);
183
184 final int result = sendData(Base64.getEncoder().encodeToString(toEncode));
185 if (result == IMAPReply.OK) {
186 setState(IMAP.IMAPState.AUTH_STATE);
187 }
188 return result == IMAPReply.OK;
189 }
190 case LOGIN: {
191
192
193 if (sendData(Base64.getEncoder().encodeToString(user.getBytes(getCharset()))) != IMAPReply.CONT) {
194 return false;
195 }
196 final int result = sendData(Base64.getEncoder().encodeToString(password.getBytes(getCharset())));
197 if (result == IMAPReply.OK) {
198 setState(IMAP.IMAPState.AUTH_STATE);
199 }
200 return result == IMAPReply.OK;
201 }
202 case XOAUTH:
203 case XOAUTH2: {
204 final int result = sendData(user);
205 if (result == IMAPReply.OK) {
206 setState(IMAP.IMAPState.AUTH_STATE);
207 }
208 return result == IMAPReply.OK;
209 }
210 }
211 return false;
212 }
213
214
215
216
217
218
219
220
221
222
223
224
225
226 public boolean authenticate(final AuthenticatingIMAPClient.AUTH_METHOD method, final String user, final String password)
227 throws IOException, NoSuchAlgorithmException, InvalidKeyException, InvalidKeySpecException {
228 return auth(method, user, password);
229 }
230
231
232
233
234
235
236
237
238 private String convertToHexString(final byte[] a) {
239 final StringBuilder result = new StringBuilder(a.length * 2);
240 for (final byte element : a) {
241 if ((element & 0x0FF) <= 15) {
242 result.append("0");
243 }
244 result.append(Integer.toHexString(element & 0x0FF));
245 }
246 return result.toString();
247 }
248 }
249