Check hashed passphrase returned by LCPAuthenticating

[mickael-menu]

Same PR for Swift: readium/r2-lcp-swift#75

When the test-app only had a hashed version of a passphrase, it could not send it through LCPAuthenticating.

This PR allows to provide both hashed and clear passphrases.

With this, it would be possible to implement retrieving the passphrases using Authentication for OPDS (as defined here: https://readium.org/lcp-specs/notes/lcp-key-retrieval.html) by creating a OPDSLCPAuthentication class implementing LCPAuthenticating.

You can also create a simple LCPAuthenticating implementation to provide a raw clean or hashed passphrase. The fallback is used, for example, to revert on showing a credentials pop-up if the passphrase was wrong.

class LCPPassphrase(val passphrase: String, val fallback: LCPAuthenticating) : LCPAuthenticating {

    override fun requestPassphrase(license: LCPAuthenticatedLicense, reason: LCPAuthenticationReason, completion: (String?) -> Unit) {
        if (reason != LCPAuthenticationReason.passphraseNotFound) {
            fallback.requestPassphrase(license, reason, completion)
            return
        }

        completion(passphrase)
    }

}

[llemeurfr]

Do you mean the app has to store the passphrase in clear in order to handle this? This is not good practice, even if secured.

[mickael-menu]

@llemeurfr No this is to be able to provide a hashed passphrase instead of a clear passphrase from a dialog. For example, by getting the hashed passphrase from an authenticated OPDS feed. We talked about this a few weeks ago for Swift.