This is authorization function for my camera. I have errors http 401 (unautorized) in any requests. Requests without authorization working correctly. I wrote this code using documentation: https://www.oasis-open.org/committees/download.php/13392/wss-v1.1-spec-pr-UsernameTokenProfile-01.htm and sniffing traffic of OnvifDeviceManager (authorization working here!) . I send return value from this function using post-method. Where is problem? May be with string nonce? Is it random number?
public static String getAuthXML(String body)
{
Date date = new Date(System.currentTimeMillis() - 3 * 3_600_000);
//time of camera - UTC, time of my PC - GMT+3:00 (3 hours difference)
String now = dateformat.format(date).concat("T").concat(timeformatptz.format(date).concat("Z"));
String nonce = "";
//generate random hex-number (21 symbol)
while (nonce.length() < 21)
nonce = nonce.concat(new BigInteger(String.valueOf(date.getTime())).toString(16));
nonce = nonce.substring(0, 21);
MessageDigest md = MessageDigest.getInstance("SHA-1");
md.reset();
md.update(nonce.concat(now).concat(pass).getBytes(StandardCharsets.UTF_8));
String sha1 = new String(md.digest());
return "<s:Envelope xmlns:s=\"http://www.w3.org/2003/05/soap-envelope\"><s:Header><Security s:mustUnderstand=\"1\" xmlns=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\"><UsernameToken><Username>"
.concat(login)
.concat("</Username><Password Type=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText\">")
.concat(pass)
.concat("</Password><Password Type=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest\">")
.concat(Base64.getEncoder().encodeToString(sha1.getBytes(StandardCharsets.UTF_8)))
.concat("</Password><Nonce EncodingType=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary\">")
.concat(Base64.getEncoder().encodeToString(nonce.getBytes(StandardCharsets.UTF_8)))
.concat("</Nonce><Created xmlns=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\">")
.concat(now)
.concat("</Created></UsernameToken></Security></s:Header><s:Body xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\">")
.concat(body)
.concat("</s:Body></s:Envelope>");
}
P.S.: sorry for my English, i'm Russian)
MessageDigest md = MessageDigest.getInstance("SHA-1");
md.reset();
md.update(nonce.concat(now).concat(pass).getBytes(StandardCharsets.UTF_8));
return "<s:Envelope xmlns:s=\"http://www.w3.org/2003/05/soap-envelope\"><s:Header><Security s:mustUnderstand=\"1\" xmlns=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\"><UsernameToken><Username>"
.concat(login)
.concat("</Username><Password Type=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest\">")
.concat(Base64.getEncoder().encodeToString(md.digest()))
.concat("</Password><Nonce EncodingType=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary\">")
.concat(Base64.getEncoder().encodeToString(nonce.getBytes(StandardCharsets.UTF_8)))
.concat("</Nonce><Created xmlns=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\">")
.concat(now)
.concat("</Created></UsernameToken></Security></s:Header><s:Body xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\">")
.concat(body)
.concat("</s:Body></s:Envelope>");