HTTPCLIENT-2073: (regression) WindowsNegotiateScheme incorrectly rejects empty NTLM challenge

httpclient5-win/src/main/java/org/apache/hc/client5/http/impl/win/WindowsNegotiateScheme.java

@@ -32,12 +32,12 @@ import org.apache.commons.codec.binary.Base64;
 import org.apache.hc.client5.http.RouteInfo;
 import org.apache.hc.client5.http.auth.AuthChallenge;
 import org.apache.hc.client5.http.auth.AuthScheme;
-import org.apache.hc.client5.http.auth.StandardAuthScheme;
 import org.apache.hc.client5.http.auth.AuthenticationException;
 import org.apache.hc.client5.http.auth.BasicUserPrincipal;
 import org.apache.hc.client5.http.auth.ChallengeType;
 import org.apache.hc.client5.http.auth.CredentialsProvider;
 import org.apache.hc.client5.http.auth.MalformedChallengeException;
+import org.apache.hc.client5.http.auth.StandardAuthScheme;
 import org.apache.hc.client5.http.protocol.HttpClientContext;
 import org.apache.hc.core5.annotation.Experimental;
 import org.apache.hc.core5.http.HttpHost;
@@ -45,6 +45,7 @@ import org.apache.hc.core5.http.HttpRequest;
 import org.apache.hc.core5.http.protocol.HttpContext;
 import org.apache.hc.core5.net.URIAuthority;
 import org.apache.hc.core5.util.Args;
+import org.apache.hc.core5.util.TextUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -133,12 +134,9 @@ public class WindowsNegotiateScheme implements AuthScheme {
             final AuthChallenge authChallenge,
             final HttpContext context) throws MalformedChallengeException {
         Args.notNull(authChallenge, "AuthChallenge");
-        if (authChallenge.getValue() == null) {
-            throw new MalformedChallengeException("Missing auth challenge");
-        }
         challengeType = authChallenge.getChallengeType();
         challenge = authChallenge.getValue();
-        if (challenge.isEmpty()) {
+        if (TextUtils.isBlank(challenge)) {
             if (clientCred != null) {
                 dispose(); // run cleanup first before throwing an exception otherwise can leak OS resources
                 if (continueNeeded) {

httpclient5/src/test/java/org/apache/hc/client5/http/impl/auth/TestAuthChallengeParser.java

@@ -29,8 +29,8 @@ package org.apache.hc.client5.http.impl.auth;
 import java.util.List;
 
 import org.apache.hc.client5.http.auth.AuthChallenge;
-import org.apache.hc.client5.http.auth.StandardAuthScheme;
 import org.apache.hc.client5.http.auth.ChallengeType;
+import org.apache.hc.client5.http.auth.StandardAuthScheme;
 import org.apache.hc.core5.http.NameValuePair;
 import org.apache.hc.core5.http.ParseException;
 import org.apache.hc.core5.http.message.BasicNameValuePair;
@@ -308,6 +308,19 @@ public class TestAuthChallengeParser {
         assertNameValuePair(new BasicNameValuePair("blah", null), params1.get(1));
     }
 
+    @Test
+    public void testParseNTLMAuthChallenge() throws Exception {
+        final CharArrayBuffer buffer = new CharArrayBuffer(64);
+        buffer.append(StandardAuthScheme.NTLM);
+        final ParserCursor cursor = new ParserCursor(0, buffer.length());
+        final List<AuthChallenge> challenges = parser.parse(ChallengeType.TARGET, buffer, cursor);
+        Assert.assertNotNull(challenges);
+        Assert.assertEquals(1, challenges.size());
+        final AuthChallenge challenge1 = challenges.get(0);
+        Assert.assertEquals(StandardAuthScheme.NTLM, challenge1.getSchemeName());
+        Assert.assertEquals(null, challenge1.getValue());
+    }
+
     private static void assertNameValuePair (
             final NameValuePair expected,
             final NameValuePair result) {