If you are using something other than Jersey you will need to build your own client and/or server pieces for Hawk integration. However, the core components required for carrying out Hawk authentication are available to you and this document provides a guide for the steps you need to undertake to integrate Hawk in to your own application.

To add Hawk to your project you need to include the following dependency:

    <dependency>
      <groupId>com.wealdtech.hawk</groupId>
      <artifactId>hawk-core</artifactId>
      <version>1.0.0</version>
    </dependency>

Clients

If you want your clients to authenticate using Hawk then you will need to start with a set of Hawk credentials:

HawkCredentials hawkCredentials = new HawkCredentials.Builder()
                                                     .keyId("dh37fgj492je")
                                                     .key("werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn")
                                                     .algorithm(Algorithm.SHA256)
                                                     .build();

Once these have been configuration you can create a Hawk client:

HawkClient hawkClient = new HawkClient.Builder().credentials(hawkCredentials).build();

And then for each request that you wish to send you need to generate an authorization header:

String authorizationHeader = hawkClient.generateAuthorizationHeader(uri, method, body, ext);

This string needs to be added to the outgoing HTTP request as the content of the "Authorization" header.

Servers

If you want your servers to authenticate using Hawk then you will need to catch each incoming request and process it accordingly. During the server setup you need to create a Hawk server instance:

HawkServer hawkServer = new HawkServer.Builder().build();

For each incoming request you need to determine if the request contains a Hawk Authorization header or a bewit. Once this has been determined you can parse the parameters accordingly, use the key ID passed in to obtain the relevant Hawk credentials, and use the Hawk server to carry out the authentication. For bewits you can use the following:

server.authenticate(credentials, requestUri);

and for authentication headers you can use the following:

server.authenticate(credentials, requestUri, requestMethod, authorizationHeaders, bodyHash);

If authentication fails then you need to generate a WWW-authenticate header in your response to the client:

String authenticate = server.generateAuthenticateHeader();
responseHeaders.put("WWW-Authenticate", authenticateheader);

There is a fully operational pure-Java HTTP server available for reference at SimpleHttpServer.java that shows all of the above in operation.