HTTPCLIENT-1524: RFC 2617 auth schemes (basic and digest) cannot handle auth parameters with mixed or upper case

git-svn-id: https://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk@1606699 13f79535-47bb-0310-9956-ffa450edef68

httpclient/src/main/java/org/apache/http/impl/auth/RFC2617Scheme.java

@@ -120,7 +120,7 @@ public abstract class RFC2617Scheme extends AuthSchemeBase implements Serializab
         }
         this.params.clear();
         for (final HeaderElement element : elements) {
-            this.params.put(element.getName(), element.getValue());
+            this.params.put(element.getName().toLowerCase(Locale.ROOT), element.getValue());
         }
     }
 

httpclient/src/test/java/org/apache/http/impl/auth/TestDigestScheme.java

@@ -607,6 +607,22 @@ public class TestDigestScheme {
         Assert.assertEquals("f2a3f18799759d4f1a1c068b92b573cb", table.get("nonce"));
     }
 
+    @Test
+    public void testParameterCaseSensitivity() throws Exception {
+        final String challenge = "Digest Realm=\"-\", " +
+                "nonce=\"YjYuNGYyYmJhMzUuY2I5ZDhlZDE5M2ZlZDM 1Mjk3NGJkNTIyYjgyNTcwMjQ=\", " +
+                "opaque=\"98700A3D9CE17065E2246B41035C6609\", qop=\"auth\"";
+        final Header authChallenge = new BasicHeader(AUTH.PROXY_AUTH, challenge);
+        final HttpRequest request = new BasicHttpRequest("GET", "/");
+        final Credentials cred = new UsernamePasswordCredentials("username","password");
+        final DigestScheme authscheme = new DigestScheme();
+        final HttpContext context = new BasicHttpContext();
+        authscheme.processChallenge(authChallenge);
+        Assert.assertEquals("-", authscheme.getRealm());
+
+        authscheme.authenticate(cred, request, context);
+    }
+
     @Test(expected=AuthenticationException.class)
     public void testDigestAuthenticationQopIntOnlyNonRepeatableEntity() throws Exception {
         final String challenge = "Digest realm=\"realm1\", nonce=\"f2a3f18799759d4f1a1c068b92b573cb\", " +