11/*
2- * Copyright (c) 1997, 2024 , Oracle and/or its affiliates. All rights reserved.
2+ * Copyright (c) 1997, 2025 , Oracle and/or its affiliates. All rights reserved.
33 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
44 *
55 * This code is free software; you can redistribute it and/or modify it
@@ -321,7 +321,11 @@ public boolean supportsPreemptiveAuthorization() {
321321 */
322322 @ Override
323323 public String getHeaderValue (URL url , String method ) {
324- return getHeaderValueImpl (url .getFile (), method );
324+ try {
325+ return getHeaderValueImpl (url .getFile (), method );
326+ } catch (IOException _) {
327+ return null ;
328+ }
325329 }
326330
327331 /**
@@ -339,7 +343,11 @@ public String getHeaderValue(URL url, String method) {
339343 * @return the value of the HTTP header this authentication wants set
340344 */
341345 String getHeaderValue (String requestURI , String method ) {
342- return getHeaderValueImpl (requestURI , method );
346+ try {
347+ return getHeaderValueImpl (requestURI , method );
348+ } catch (IOException _) {
349+ return null ;
350+ }
343351 }
344352
345353 /**
@@ -369,25 +377,26 @@ public boolean isAuthorizationStale (String header) {
369377 * @param conn The connection to apply the header(s) to
370378 * @param p A source of header values for this connection, if needed.
371379 * @param raw Raw header values for this connection, if needed.
372- * @return true if all goes well, false if no headers were set.
380+ * @throws IOException if no headers were set
373381 */
374382 @ Override
375- public boolean setHeaders (HttpURLConnection conn , HeaderParser p , String raw ) {
383+ public void setHeaders (HttpURLConnection conn , HeaderParser p , String raw )
384+ throws IOException {
376385 // no need to synchronize here:
377386 // already locked by s.n.w.p.h.HttpURLConnection
378387 assert conn .isLockHeldByCurrentThread ();
379388
380389 params .setNonce (p .findValue ("nonce" ));
381390 params .setOpaque (p .findValue ("opaque" ));
382391 params .setQop (p .findValue ("qop" ));
383- params .setUserhash (Boolean .valueOf (p .findValue ("userhash" )));
392+ params .setUserhash (Boolean .parseBoolean (p .findValue ("userhash" )));
384393 String charset = p .findValue ("charset" );
385394 if (charset == null ) {
386395 charset = "ISO_8859_1" ;
387396 } else if (!charset .equalsIgnoreCase ("UTF-8" )) {
388397 // UTF-8 is only valid value. ISO_8859_1 represents default behavior
389398 // when the parameter is not set.
390- return false ;
399+ throw new IOException ( "Illegal charset in header" ) ;
391400 }
392401 params .setCharset (charset .toUpperCase (Locale .ROOT ));
393402
@@ -405,7 +414,7 @@ public boolean setHeaders(HttpURLConnection conn, HeaderParser p, String raw) {
405414 }
406415
407416 if (params .nonce == null || authMethod == null || pw == null || realm == null ) {
408- return false ;
417+ throw new IOException ( "Server challenge incomplete" ) ;
409418 }
410419 if (authMethod .length () >= 1 ) {
411420 // Method seems to get converted to all lower case elsewhere.
@@ -415,8 +424,7 @@ public boolean setHeaders(HttpURLConnection conn, HeaderParser p, String raw) {
415424 + authMethod .substring (1 ).toLowerCase (Locale .ROOT );
416425 }
417426
418- if (!setAlgorithmNames (p , params ))
419- return false ;
427+ setAlgorithmNames (p , params );
420428
421429 // If authQop is true, then the server is doing RFC2617 and
422430 // has offered qop=auth. We do not support any other modes
@@ -426,20 +434,17 @@ public boolean setHeaders(HttpURLConnection conn, HeaderParser p, String raw) {
426434 params .setNewCnonce ();
427435 }
428436
429- String value = getHeaderValueImpl (uri , method );
430- if (value != null ) {
431- conn .setAuthenticationProperty (getHeaderName (), value );
432- return true ;
433- } else {
434- return false ;
435- }
437+ String value = getHeaderValueImpl (uri , method );
438+ assert value != null ;
439+ conn .setAuthenticationProperty (getHeaderName (), value );
436440 }
437441
438442 // Algorithm name is stored in two separate fields (of Paramaeters)
439443 // This allows for variations in digest algorithm name (aliases)
440444 // and also allow for the -sess variant defined in HTTP Digest protocol
441- // returns false if algorithm not supported
442- private static boolean setAlgorithmNames (HeaderParser p , Parameters params ) {
445+ // throws IOException if algorithm not supported
446+ private static void setAlgorithmNames (HeaderParser p , Parameters params )
447+ throws IOException {
443448 String algorithm = p .findValue ("algorithm" );
444449 String digestName = algorithm ;
445450 if (algorithm == null || algorithm .isEmpty ()) {
@@ -459,18 +464,17 @@ private static boolean setAlgorithmNames(HeaderParser p, Parameters params) {
459464 var oid = KnownOIDs .findMatch (digestName );
460465 if (oid == null ) {
461466 log ("unknown algorithm: " + algorithm );
462- return false ;
467+ throw new IOException ( "Unknown algorithm: " + algorithm ) ;
463468 }
464469 digestName = oid .stdName ();
465470 params .setAlgorithm (algorithm );
466471 params .setDigestName (digestName );
467- return true ;
468472 }
469473
470474 /* Calculate the Authorization header field given the request URI
471475 * and based on the authorization information in params
472476 */
473- private String getHeaderValueImpl (String uri , String method ) {
477+ private String getHeaderValueImpl (String uri , String method ) throws IOException {
474478 String response ;
475479 char [] passwd = pw .getPassword ();
476480 boolean qop = params .authQop ();
@@ -479,11 +483,7 @@ private String getHeaderValueImpl (String uri, String method) {
479483 String nonce = params .getNonce ();
480484 String algorithm = params .getAlgorithm ();
481485 String digest = params .getDigestName ();
482- try {
483- validateDigest (digest );
484- } catch (IOException e ) {
485- return null ;
486- }
486+ validateDigest (digest );
487487 Charset charset = params .getCharset ();
488488 boolean userhash = params .getUserhash ();
489489 params .incrementNC ();
@@ -505,7 +505,7 @@ private String getHeaderValueImpl (String uri, String method) {
505505 digest , session , charset );
506506 } catch (CharacterCodingException | NoSuchAlgorithmException ex ) {
507507 log (ex .getMessage ());
508- return null ;
508+ throw new IOException ( "Failed to compute digest" , ex ) ;
509509 }
510510
511511 String ncfield = "\" " ;
@@ -534,7 +534,7 @@ private String getHeaderValueImpl (String uri, String method) {
534534 }
535535 } catch (CharacterCodingException | NoSuchAlgorithmException ex ) {
536536 log (ex .getMessage ());
537- return null ;
537+ throw new IOException ( "Failed to compute user hash" , ex ) ;
538538 }
539539
540540 String value = authMethod
0 commit comments