HTTPCLIENT-1604: accept empty BASIC auth challenge as valid

git-svn-id: https://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk@1654753 13f79535-47bb-0310-9956-ffa450edef68
2015-01-26 10:03:12 +00:00 · 2015-01-26 10:03:12 +00:00 · 5f9f55df16
parent 0838afd074
commit 5f9f55df16
4 changed files with 6 additions and 13 deletions
--- a/httpclient/src/main/java/org/apache/http/impl/auth/DigestScheme.java
+++ b/httpclient/src/main/java/org/apache/http/impl/auth/DigestScheme.java
@ -140,6 +140,9 @@ public class DigestScheme extends RFC2617Scheme {
            final Header header) throws MalformedChallengeException {
        super.processChallenge(header);
        this.complete = true;
+        if (getParameters().isEmpty()) {
+            throw new MalformedChallengeException("Authentication challenge is empty");
+        }
    }

    /**
--- a/httpclient/src/main/java/org/apache/http/impl/auth/RFC2617Scheme.java
+++ b/httpclient/src/main/java/org/apache/http/impl/auth/RFC2617Scheme.java
@ -115,9 +115,6 @@ public abstract class RFC2617Scheme extends AuthSchemeBase implements Serializab
        final HeaderValueParser parser = BasicHeaderValueParser.INSTANCE;
        final ParserCursor cursor = new ParserCursor(pos, buffer.length());
        final HeaderElement[] elements = parser.parseElements(buffer, cursor);
-        if (elements.length == 0) {
-            throw new MalformedChallengeException("Authentication challenge is empty");
-        }
        this.params.clear();
        for (final HeaderElement element : elements) {
            this.params.put(element.getName().toLowerCase(Locale.ROOT), element.getValue());
--- a/httpclient/src/test/java/org/apache/http/impl/auth/TestBasicScheme.java
+++ b/httpclient/src/test/java/org/apache/http/impl/auth/TestBasicScheme.java
@ -37,7 +37,6 @@ import org.apache.http.Header;
 import org.apache.http.HttpRequest;
 import org.apache.http.auth.AUTH;
 import org.apache.http.auth.AuthScheme;
-import org.apache.http.auth.MalformedChallengeException;
 import org.apache.http.auth.UsernamePasswordCredentials;
 import org.apache.http.message.BasicHeader;
 import org.apache.http.message.BasicHttpRequest;
@ -52,12 +51,13 @@ import org.junit.Test;
 */
 public class TestBasicScheme {

-    @Test(expected=MalformedChallengeException.class)
-    public void testBasicAuthenticationWithNoRealm() throws Exception {
+    @Test
+    public void testBasicAuthenticationEmptyChallenge() throws Exception {
        final String challenge = "Basic";
        final Header header = new BasicHeader(AUTH.WWW_AUTH, challenge);
        final AuthScheme authscheme = new BasicScheme();
        authscheme.processChallenge(header);
+        Assert.assertNull(authscheme.getRealm());
    }

    @Test
--- a/httpclient/src/test/java/org/apache/http/impl/auth/TestRFC2617Scheme.java
+++ b/httpclient/src/test/java/org/apache/http/impl/auth/TestRFC2617Scheme.java
@ -142,13 +142,6 @@ public class TestRFC2617Scheme {
        authscheme.processChallenge(header);
    }

-    @Test(expected=MalformedChallengeException.class)
-    public void testEmptyHeader() throws Exception {
-        final TestAuthScheme authscheme = new TestAuthScheme();
-        final Header header = new BasicHeader(AUTH.WWW_AUTH, "Test    ");
-        authscheme.processChallenge(header);
-    }
-
    @Test(expected=MalformedChallengeException.class)
    public void testInvalidHeaderValue() throws Exception {
        final TestAuthScheme authscheme = new TestAuthScheme();