Better handling of http(s).proxyUser and http(s).proxyPassword

2018-12-12 15:58:39 +01:00 · 2018-12-12 15:58:39 +01:00 · eac6c062b5
parent b7a945ff91
commit eac6c062b5
1 changed files with 35 additions and 16 deletions
--- a/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/SystemDefaultCredentialsProvider.java
+++ b/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/SystemDefaultCredentialsProvider.java
@ -135,22 +135,13 @@ public class SystemDefaultCredentialsProvider implements CredentialsStore {
                        protocol, authscope, Authenticator.RequestorType.PROXY, clientContext);
            }
            if (systemcreds == null) {
-                final String proxyHost = System.getProperty(protocol + ".proxyHost");
-                if (proxyHost != null) {
-                    final String proxyPort = System.getProperty(protocol + ".proxyPort");
-                    if (proxyPort != null) {
-                        try {
-                            final AuthScope systemScope = new AuthScope(proxyHost, Integer.parseInt(proxyPort));
-                            if (authscope.match(systemScope) >= 0) {
-                                final String proxyUser = System.getProperty(protocol + ".proxyUser");
-                                if (proxyUser != null) {
-                                    final String proxyPassword = System.getProperty(protocol + ".proxyPassword");
-                                    systemcreds = new PasswordAuthentication(proxyUser, proxyPassword != null ? proxyPassword.toCharArray() : new char[] {});
-                                }
-                            }
-                        } catch (final NumberFormatException ex) {
-                        }
-                    }
+                // Look for values given using http.proxyUser/http.proxyPassword or
+                // https.proxyUser/https.proxyPassword. We cannot simply use the protocol from
+                // the origin since a proxy retrieved from https.proxyHost/https.proxyPort will
+                // still use http as protocol
+                systemcreds = getProxyCredentials("http", authscope);
+                if (systemcreds == null) {
+                    systemcreds = getProxyCredentials("https", authscope);
                }
            }
            if (systemcreds != null) {
@ -169,6 +160,34 @@ public class SystemDefaultCredentialsProvider implements CredentialsStore {
        return null;
    }

+    private static PasswordAuthentication getProxyCredentials(final String protocol, final AuthScope authscope) {
+        final String proxyHost = System.getProperty(protocol + ".proxyHost");
+        if (proxyHost == null) {
+            return null;
+        }
+        final String proxyPort = System.getProperty(protocol + ".proxyPort");
+        if (proxyPort == null) {
+            return null;
+        }
+
+        try {
+            final AuthScope systemScope = new AuthScope(proxyHost, Integer.parseInt(proxyPort));
+            if (authscope.match(systemScope) >= 0) {
+                final String proxyUser = System.getProperty(protocol + ".proxyUser");
+                if (proxyUser == null) {
+                    return null;
+                }
+                final String proxyPassword = System.getProperty(protocol + ".proxyPassword");
+
+                return new PasswordAuthentication(proxyUser,
+                        proxyPassword != null ? proxyPassword.toCharArray() : new char[] {});
+            }
+        } catch (final NumberFormatException ex) {
+        }
+
+        return null;
+    }
+
    @Override
    public void clear() {
        internal.clear();