Skip to content

Commit b0c8459

Browse files
committed
qop is required in RFC 7616
1 parent 80241a2 commit b0c8459

1 file changed

Lines changed: 8 additions & 12 deletions

File tree

java/org/apache/tomcat/websocket/DigestAuthenticator.java

Lines changed: 8 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -65,21 +65,17 @@ public String getAuthorization(String method, String requestUri, String authenti
6565
String messageQop = parameterMap.get("qop");
6666
String algorithm = parameterMap.get("algorithm") == null ? "MD5" : parameterMap.get("algorithm");
6767
String opaque = parameterMap.get("opaque");
68-
69-
StringBuilder challenge = new StringBuilder();
70-
71-
if (messageQop != null && !messageQop.isEmpty()) {
72-
if (cnonceGenerator == null) {
73-
synchronized (cnonceGeneratorLock) {
74-
if (cnonceGenerator == null) {
75-
cnonceGenerator = new SecureRandom();
76-
}
68+
if (cnonceGenerator == null) {
69+
synchronized (cnonceGeneratorLock) {
70+
if (cnonceGenerator == null) {
71+
cnonceGenerator = new SecureRandom();
7772
}
7873
}
79-
80-
cNonce = cnonceGenerator.nextLong();
81-
nonceCount++;
8274
}
75+
cNonce = cnonceGenerator.nextLong();
76+
nonceCount++;
77+
78+
StringBuilder challenge = new StringBuilder();
8379

8480
challenge.append("Digest ");
8581
challenge.append("username=\"").append(userName).append("\",");

0 commit comments

Comments
 (0)