import org.apache.commons.httpclient.auth.InvalidCredentialsException; //导入依赖的package包/类
/**
 * Produces bearer authorization string for the given set of {@link Credentials}.
 * 
 * @param   credentials                     The set of credentials to be used for authentication
 * @param   method                          The method being authenticated
 * @throws  InvalidCredentialsException     If authentication credentials are not valid or not applicable for this authentication 
 *                                          scheme.
 * @throws AuthenticationException         If authorization string cannot be generated due to an authentication failure.
 * 
 * @return a basic authorization string
 */
public String authenticate(Credentials credentials, HttpMethod method) throws AuthenticationException {
    Log_OC.d(TAG, "enter BearerScheme.authenticate(Credentials, HttpMethod)");

    if (method == null) {
        throw new IllegalArgumentException("Method may not be null");
    }
    BearerCredentials bearer = null;
    try {
        bearer = (BearerCredentials) credentials;
    } catch (ClassCastException e) {
        throw new InvalidCredentialsException(
                "Credentials cannot be used for bearer authentication: " 
                + credentials.getClass().getName());
    }
    return BearerAuthScheme.authenticate(
        bearer, 
        method.getParams().getCredentialCharset());
}
 

import org.apache.commons.httpclient.auth.InvalidCredentialsException; //导入依赖的package包/类
/**
 * Produces Negotiate authorization string based on token created by 
 * processChallenge.
 * 
 * @param credentials Never used be the Negotiate scheme but must be provided to 
 * satisfy common-httpclient API. Credentials from JAAS will be used insted.
 * @param method The method being authenticated
 * 
 * @throws AuthenticationException if authorization string cannot 
 *   be generated due to an authentication failure
 * 
 * @return an Negotiate authorization string
 * 
 * @since 3.0
 */
public String authenticate(
    Credentials credentials, 
    HttpMethod method
) throws AuthenticationException {
    LOG.debug("enter NegotiateScheme.authenticate(Credentials, HttpMethod)");

    if (state == UNINITIATED) {
        throw new IllegalStateException(
           "Negotiation authentication process has not been initiated");
    }

    try {
        try {                
            if(context==null) {
                LOG.info("host: " + method.getURI().getHost());
                init( method.getURI().getHost() );
            }
        } catch (org.apache.commons.httpclient.URIException urie) {
            LOG.error(urie.getMessage());
            state = FAILED;
            throw new AuthenticationException(urie.getMessage());
        }
    
        // HTTP 1.1 issue:
        // Mutual auth will never complete do to 200 insted of 401 in 
        // return from server. "state" will never reach ESTABLISHED
        // but it works anyway
        token = context.initSecContext(token, 0, token.length);
        LOG.info("got token, sending " + token.length + " to server");
    } catch (GSSException gsse) {
        LOG.fatal(gsse.getMessage());
        state = FAILED;
        if( gsse.getMajor() == GSSException.DEFECTIVE_CREDENTIAL
                || gsse.getMajor() == GSSException.CREDENTIALS_EXPIRED )
            throw new InvalidCredentialsException(gsse.getMessage(),gsse);
        if( gsse.getMajor() == GSSException.NO_CRED )
            throw new CredentialsNotAvailableException(gsse.getMessage(),gsse);
        if( gsse.getMajor() == GSSException.DEFECTIVE_TOKEN
                || gsse.getMajor() == GSSException.DUPLICATE_TOKEN
                || gsse.getMajor() == GSSException.OLD_TOKEN )
            throw new AuthChallengeException(gsse.getMessage(),gsse);
        // other error
        throw new AuthenticationException(gsse.getMessage());
    }
    return "Negotiate " + new String(new Base64().encode(token));
}