Commit Graph

704 Commits

Author SHA1 Message Date
Arturo Bernal 407b9152cc HTTPCLIENT-2318 - Enhance PoolingHttpClientConnectionManager with isShutdown State Check.
This commit introduces an `isShutdown` method to the `PoolingHttpClientConnectionManager` class, providing a thread-safe way to check whether the connection manager has been closed. The addition leverages an existing `AtomicBoolean` closed flag to ensure that the shutdown state can be queried reliably in concurrent environments.
2024-02-23 14:50:51 +01:00
Oleg Kalnichevski 8a7f707a61 Upgraded HttpCore to version 5.3-alpha2 2024-02-14 15:41:56 +01:00
Michael Lee 661589e386 Removed unused private fields and local variables 2024-02-10 14:18:04 +01:00
Michael Lee 5b411692a7 Correct logger name 2024-02-10 14:18:04 +01:00
Oleg Kalnichevski 2e46b62ffd HTTPCLIENT-2151: Support for JSSE in-built endpoint identification 2024-02-05 10:05:33 +01:00
Oleg Kalnichevski e6e873d88b Internal connection operators to make use of the target name from the request URI authority 2024-02-01 08:57:33 +01:00
Oleg Kalnichevski 91ab690e50 DefaultRoutePlanner to take request authority into account when determining a route for HTTPS requests 2024-02-01 08:57:33 +01:00
Oleg Kalnichevski 528a8c050b RouteInfo and HttpRoute to include the target name from the URI authority in case it differs from the target host (the host recognizes multiple authorities) 2024-02-01 08:57:33 +01:00
Oleg Kalnichevski fa8ca22d21 HTTPCLIENT-2316: BasicHttpClientConnectionManager incorrectly re-uses the released connection if it has been closed out by the protocol handler 2024-01-31 11:41:36 +01:00
Oleg Kalnichevski 23da984fb5 HTTPCLIENT-2070: Auth cache to no longer rely on Java serialization for auth state caching 2024-01-31 10:24:16 +01:00
Oleg Kalnichevski 3235f009d5 HTTPCLIENT-751: Support for RFC 2817 (Upgrading to TLS Within HTTP/1.1) 2024-01-29 14:15:16 +01:00
Oleg Kalnichevski 1111c62dd3 Classic ExecRuntime to support information responses (1xx) 2024-01-29 14:15:16 +01:00
Oleg Kalnichevski 7cf469c5cc Connect executors to update the execution context with the protocol and TLS details upon successful connect 2024-01-29 14:15:16 +01:00
Oleg Kalnichevski 9833c35728 Connection endpoints to provide TLS details and protocol version 2024-01-29 14:15:16 +01:00
Oleg Kalnichevski 9d225a6517 Realigned the behavior of TLS upgrade in the classic and async connection operators 2024-01-26 10:19:34 +01:00
Oleg Kalnichevski 9d75647eca Deprecated ConnectionSocketFactory, LayeredConnectionSocketFactory and their plain and SSL implementations in favor of DefaultClientTlsStrategy 2024-01-26 10:19:34 +01:00
Oleg Kalnichevski c7fa0b1dad Standard client TLS strategy implementations to support upgrade of blocking sockets 2024-01-26 10:19:34 +01:00
Oleg Kalnichevski 851c8df9ff Move plain socket create and connect operations to HttpClientConnectionOperator 2024-01-26 10:19:34 +01:00
Andrea Cosentino 4adaa20be6 Use MessageDigest.isEquals method when comparing signatures in NTLMEngineImpl
Signed-off-by: Andrea Cosentino <ancosen@gmail.com>
2024-01-25 14:07:20 +01:00
Oleg Kalnichevski 4f8f34fe5c More consistent request interceptor naming; fixed inconsistent sequence of request interceptors in the classic and async HttpClient builders 2024-01-22 16:35:27 +01:00
Oleg Kalnichevski a1e8e9082e Better ETag handling 2024-01-18 20:08:39 +01:00
Oleg Kalnichevski 07586902ec ETag API 2024-01-18 20:08:39 +01:00
Oleg Kalnichevski a1fa1739bf Fixed a design mistake of ConnectionEndpoint having a direct dependency on HttpRequestExecutor class 2024-01-17 12:55:14 +01:00
Clayton Walker a8db310f2d Allow backwards-compatible createSocket calls 2024-01-16 21:41:02 +01:00
Oleg Kalnichevski b66ad6e4ff Example demonstrating how to make HttpClient negotiate or force a particular version of HTTP protocol during the TLS handshake 2024-01-16 10:29:55 +01:00
Oleg Kalnichevski 5f6ad302ba Corrected the use of the wrong request object in the example 2024-01-14 11:29:05 +01:00
Oleg Kalnichevski 8d9c764d6e Added example demonstrating how to get details of the underlying connection endpoint 2024-01-14 11:18:43 +01:00
Oleg Kalnichevski b3da0ae138 Refactor ContextBuilder into a common abstract class and HttpClientContext specific builder 2024-01-12 09:23:42 +01:00
Oleg Kalnichevski ef77109f35 HTTPCLIENT-2315: client builders fails to apply system properties to the default connection manager 2024-01-08 15:30:28 +01:00
Philip Helger 8228ddf28a HTTPCLIENT-2314: Handle gracefully a failure of DnsResolver to return a list of resolved addresses (#533) 2024-01-07 15:45:32 +01:00
Oleg Kalnichevski e2385f7d9a HTTPCLIENT-2314: Throw ConnectionShutdownException in case of pooled connection having been closed or discarded instead of plain IllegalStateException 2024-01-05 14:29:15 +01:00
Oleg Kalnichevski c5de6961d1 Upgraded HttpClient version to 5.4-alpha2-SNAPSHOT 2023-12-29 10:47:10 +01:00
Oleg Kalnichevski bb27f666c2 Javadoc fix 2023-12-26 15:47:39 +01:00
Oleg Kalnichevski 4e43daf744 Regression: incorrect hash calculation (missing realm component) 2023-12-26 15:21:43 +01:00
Oleg Kalnichevski 1906539847 Use core percent codec instead of internal one 2023-12-23 13:28:51 +01:00
Oleg Kalnichevski 4dc82b40f6 Removed references to deprecated functions 2023-12-23 13:16:25 +01:00
Oleg Kalnichevski 20bd815e74 Upgraded HttpCore to version 5.3-alpha1 2023-12-23 12:24:16 +01:00
dependabot[bot] f2ea21bea9 Bump com.googlecode.maven-download-plugin:download-maven-plugin
Bumps [com.googlecode.maven-download-plugin:download-maven-plugin](https://github.com/maven-download-plugin/maven-download-plugin) from 1.6.8 to 1.7.1.
- [Release notes](https://github.com/maven-download-plugin/maven-download-plugin/releases)
- [Commits](https://github.com/maven-download-plugin/maven-download-plugin/compare/1.6.8...1.7.1)

---
updated-dependencies:
- dependency-name: com.googlecode.maven-download-plugin:download-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-23 10:44:13 +01:00
Arturo Bernal 94e43b2bb4 Implement username* validation and decoding in DigestScheme (#511)
Introduces validation and decoding logic for the 'username*' field in the DigestScheme class. The changes ensure compliance with RFC 7616 and RFC 5987 by handling cases where the 'username' contains characters not allowed in an ABNF quoted-string.
2023-12-13 11:54:49 +01:00
Arturo Bernal 3eaf9bf5c0 Implement Support for Userhash Parameter in Digest Authentication as per RFC 7616 (#509)
This commit introduces support for the userhash parameter in Digest Authentication, conforming to the specifications outlined in RFC 7616. The userhash parameter enhances security by allowing the client to hash the username before transmission, thereby protecting the username during transport. This implementation ensures that when the server indicates support for username hashing (userhash=true), the client correctly calculates and includes the hashed username in the Authorization header field, adhering to the protocol defined in RFC 7616 for enhanced security in HTTP Digest Access Authentication.
2023-12-13 11:54:49 +01:00
Arturo Bernal 6976ab58f2 Enforce Support for UTF-8 Encoding Scheme in Digest Authentication as per RFC 7616 (#508)
This commit enforces the use of the 'UTF-8' encoding scheme as the sole allowed value for character encoding in Digest Authentication, in alignment with the guidelines specified in RFC 7616.
2023-12-13 11:54:49 +01:00
Arturo Bernal 7b761fb2c3 Enforce UTF-8 Encoding in BasicSchemeFactory for RFC 7617 Compliance (#506)
- Deprecated the constructor in BasicSchemeFactory that allows setting a custom Charset.
- Updated the default constructor to use StandardCharsets.UTF_8, aligning with RFC 7617 which mandates UTF-8 encoding for Basic Authentication.
2023-12-13 11:54:48 +01:00
Arturo Bernal aa5bc56abe Implement Password Validation in BasicScheme. (#505)
Introduced a new method, `validatePassword`, in the `BasicScheme` class to enforce password validation in line with RFC 7617 standards. This method includes control character validation for passwords, ensuring they adhere to RFC 7617 by not containing any control characters.
2023-12-13 11:54:48 +01:00
Arturo Bernal 7724432894 HTTPCLIENT-2301. Refactor release method to use local conn variable. This commit updates the release method to use the local conn variable from internalEndpoint.detach() for accurate state management and resource cleanup, addressing the issue HTTPCLIENT-2301. (#502) 2023-12-13 11:54:47 +01:00
Arturo Bernal 6a5516f99e Refactor RequestIfRange class to use DateUtils for date parsing. (#497)
* Updates the RequestIfRange class to utilize DateUtils for parsing standard HTTP dates.
* Optimize time difference check in RequestIfRange with Instant API.
2023-12-13 11:54:47 +01:00
Oleg Kalnichevski 915b9b34d7 HTTPCLIENT-2293: Better name for the standard date pattern 2023-12-13 11:54:46 +01:00
Oleg Kalnichevski 4b7986370f HTTPCLIENT-2293: client protocol handlers to try to send `Host` as the first header in the request header section per RFC 9110 section 7.2 2023-12-13 11:54:45 +01:00
Arturo Bernal 83e0339d27 HTTPCLIENT-2293 - Implement RFC-compliant TRACE request interceptor (#486)
- Add RequestTraceInterceptor class to handle HTTP TRACE requests in compliance with RFC 7231, Section 4.3.8.
  - Throw ProtocolException for sensitive headers like 'Authorization' and 'Cookie' in TRACE requests.
  - Throw ProtocolException if TRACE request contains a body.
2023-12-13 11:54:45 +01:00
Arturo Bernal 888232447b HTTPCLIENT-2293 - Implement 'If-Range' request validation as per RFC 9110 (#485)
- Ensure the presence of 'Range' header when 'If-Range' is specified.
- Enforce strong validator requirements when 'If-Range' is paired with a Date.
- Exit processing early if 'Last-Modified' header is missing, ensuring strong validation adherence.
2023-12-13 11:54:45 +01:00
Arturo Bernal 889a6bb085 HTTPCLIENT-2293 Enforce port specification for CONNECT requests as per RFC 9110 (#482)
- This adheres to RFC 9110, which states: "There is no default port; a client MUST send the port number even if the CONNECT request is based on a URI reference that contains an authority component with an elided port.
2023-12-13 11:54:44 +01:00
Arturo Bernal 8466b19861 Refactor HttpClient synchronized sections for virtual threads (#476)
- Replaced `synchronized` blocks with `ReentrantLock` in `LeaseRequest` to better support virtual threads introduced in JDK 21.
- Ensured each `LeaseRequest` instance has its own unique lock for maintaining original synchronization semantics.
- Addressed potential performance and deadlock issues with virtual threads by using explicit lock primitives from `java.util.concurrent.locks`.
2023-12-13 11:54:44 +01:00
Oleg Kalnichevski f7de67ff25 Upgraded project version to 5.4-alpha1 2023-12-13 11:54:30 +01:00
Oleg Kalnichevski 9e3d79bede Fixed NPE in debug log 2023-12-10 12:40:50 +01:00
Arturo Bernal 5ab7f21dcb Refactor ExponentialBackoffManager and TestLinearBackoffManager Tests to Remove Thread.sleep(). (#495)
This commit enhances the ExponentialBackoffManager and TestLinearBackoffManager unit tests by replacing the use of Thread.sleep() with direct manipulation of internal state to simulate the cooldown period. This change improves test reliability and ensures consistent behavior in resource-constrained environments.
2023-12-06 20:36:57 +01:00
Arturo Bernal 5c69779f7d Fix features BackoffManager Unit Tests in Resource-Constrained Environments. (#494)
This commit improves the reliability of BackoffManager unit tests by replacing the use of Thread.sleep() with a more robust approach that manipulates lastRouteProbes to simulate the cooldown period. This enhancement ensures that the tests run successfully even in resource-constrained environments, making them more resilient and reliable.
2023-12-06 20:36:40 +01:00
Oleg Kalnichevski f6a37780cf Upgraded HttpClient version to 5.3.1-SNAPSHOT 2023-12-06 16:54:47 +01:00
Oleg Kalnichevski f7ac968aaf HTTPCLIENT-2310: Async Connect exec handler incorrectly pipes CONNECT requests through the main request protocol chain 2023-12-02 11:31:41 +01:00
Oleg Kalnichevski a46c9e5656 Added missing #disconnectEndpoint method to AsyncConnectExec 2023-11-30 13:33:04 +01:00
nfawcett 8a2b0f584a
Improve debug logging around connections that cannot be reused (#515) 2023-11-29 16:50:47 +01:00
Gary Gregory ed1c1d61f2 Use String#isEmpty() 2023-11-28 11:29:24 -05:00
Cédric Tabin 6d60624cd3 Fixes Invalid Proxy exception when using a SSL client without Proxy 2023-11-23 14:09:34 +01:00
Oleg Kalnichevski 83d603c9d8 SEE OTHER redirect handling fix 2023-11-19 18:47:40 +01:00
dependabot[bot] 3486b47452 Bump com.googlecode.maven-download-plugin:download-maven-plugin
Bumps [com.googlecode.maven-download-plugin:download-maven-plugin](https://github.com/maven-download-plugin/maven-download-plugin) from 1.6.8 to 1.7.1.
- [Release notes](https://github.com/maven-download-plugin/maven-download-plugin/releases)
- [Commits](https://github.com/maven-download-plugin/maven-download-plugin/compare/1.6.8...1.7.1)

---
updated-dependencies:
- dependency-name: com.googlecode.maven-download-plugin:download-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-11-19 11:46:28 +01:00
Carter Kozak 180d90c847
HTTPCLIENT-2305: SSLConnectionSocketFactory allows socket.connect to be decorated (#499) 2023-11-02 10:19:52 -04:00
Marcono1234 19f3922b37 HTTPCLIENT-2302: Add comment to TrustStrategy usage in examples (#492) 2023-10-12 15:34:42 +02:00
Marcono1234 9c83250ab4
Add security warning to TrustStrategy implementations documentation (#490) 2023-10-03 22:14:12 +02:00
Oleg Kalnichevski 6d1aafaf87 HTTPCLIENT-2300: abstract char message consumers to use UTF-8 by default if a charset has not been explicitly specified by the Content-Type 2023-09-26 16:41:24 +02:00
Oleg Kalnichevski 11c7af28c4 HTTPCLIENT-2299: Socket timeout value set via DefaultManagedHttpClientConnection#setSocketTimeout is not correctly persisted and can be overwritten upon connection activation 2023-09-23 10:55:57 +02:00
Oleg Kalnichevski aa5a7c7fe0 HTTPCLIENT-2292: HttpClient ignores socketConfig#getSocksProxyAddress 2023-08-31 16:58:09 +02:00
cachescrubber 509ba6753f
Document exec chain behaviour when automatic retries are enabled. (#480) 2023-08-31 16:55:37 +02:00
Oleg Kalnichevski 8a54e70359 HTTPCLIENT-2291: fixed inconsistency in behavior between the class and async implementation of the request re-execution. The async request retry exec will now re-start request execution from itself instead of form the very beginning of the execution chain 2023-08-31 09:35:17 +02:00
Oleg Kalnichevski 9d23ddbea7 Upgraded HttpClient version to 5.3-alpha2-SNAPSHOT 2023-08-19 18:39:58 +02:00
Oleg Kalnichevski e4eada63e4 Fixed potential NPE in DigestScheme 2023-08-13 18:08:02 +02:00
Oleg Kalnichevski 091c822edc Removed test case requiring online DNS name resolution 2023-08-12 17:14:53 +02:00
Oleg Kalnichevski 2176eb3861 GGS based experimental authentication schemes deprecated and disabled by default 2023-08-12 17:14:53 +02:00
Oleg Kalnichevski 83c6079e65 NTLM scheme deprecated and disabled by default 2023-08-12 17:14:53 +02:00
Arturo Bernal 8aa4fbc8de Improve AIMDBackoffManager Tests Stability
Enhanced test robustness for AIMDBackoffManager by introducing buffers to sleep durations in cooldown-related tests and adjusting the concurrency test. Due to persistent instability, removed the time-dependent `probeDoesNotAdjustDuringCooldownPeriod` test.
2023-08-12 17:14:53 +02:00
Arturo Bernal f203dcd34e Add AbstractBackoff, LinearBackoffManager, and ExponentialBackoffManager classes
- Create AbstractBackoff class as a base for different backoff strategies
- Add LinearBackoffManager class for implementing linear backoff algorithm in networking and communication systems. This class provides a thread-safe and configurable implementation of linear backoff, allowing for gradual adjustment of maximum connection pool sizes for a given route based on traffic and other factors. The class supports customizable cool-down periods and increment values for each route, and uses a ConcurrentHashMap to ensure thread safety and accurate tracking of backoff and probe attempts
- Implement ExponentialBackoffManager for connection pool control.
This commit introduces the ExponentialBackoffManager class, which manages the connection pool control for HTTP routes based on the Exponential Backoff algorithm. This implementation helps improve connection handling and stability in case of connection failures or network issues.
2023-08-12 17:14:53 +02:00
Arturo Bernal b565f8fab7 Improve AIMDBackoffManager with atomic references, thread-safety, and parameter checks
In this commit, we have made several improvements to the AIMDBackoffManager class:

* Replaced volatile variables with AtomicReference and AtomicInteger to ensure better thread-safety and atomic operations.
* Updated the @Contract annotation to reflect the new thread-safe behavior of the class.
 * Added parameter validation checks to public methods for better error handling and prevention of incorrect usage.
* Improved the code readability and organization by separating sections of the class with blank lines and consistent indentation.
* These enhancements make the AIMDBackoffManager class more robust, reliable, and easier to maintain.
2023-08-12 17:14:53 +02:00
Arturo Bernal 1bd7f07d17 Update NTCredentials to determine workstation name at runtime
This change modifies the NTCredentials class to determine the local workstation name at runtime or request time, in line with the underlying NTLM implementation. The deprecated constructor with the workstation parameter is replaced with a new constructor that does not require the workstation parameter. Instead, it automatically retrieves the workstation name using the getWorkstationName() method.
2023-08-12 17:14:53 +02:00
Arturo Bernal 94d73429dd Add DistributedProxySelector for efficient and thread-safe proxy selection
This commit introduces the DistributedProxySelector class, which enables efficient and thread-safe proxy selection among multiple ProxySelector instances. The new class ensures proper distribution of proxy selector usage with the help of AtomicInteger and maintains thread safety using ThreadLocal.

Key features and improvements:

Distributes proxy selection among multiple ProxySelector instances
Ensures thread safety by using ThreadLocal<ProxySelector>
Properly handles exceptions and connection failures
Comprehensive JavaDoc documentation for class, methods, and variables
Includes unit tests for various scenarios and edge cases
This new functionality provides a robust and efficient solution for distributing proxy selection in multi-threaded environments, improving the overall performance and reliability of the system.
2023-08-12 17:14:53 +02:00
Arturo Bernal 17da6d24ca Add support for preamble and epilogue in multipart entities
Previously, multipart entities did not support adding a preamble or epilogue to the message. This commit adds support for these features by modifying the AbstractMultipartFormat class to accept preamble and epilogue strings in its constructor. The HttpRFC6532Multipart, HttpRFC7578Multipart, and HttpStrictMultipart classes are updated to pass these parameters to the parent constructor when creating instances of multipart entities.

This change allows users to include custom content at the beginning and end of their multipart messages, which can be useful in certain scenarios such as adding metadata or information about the message contents.
2023-08-12 17:14:53 +02:00
Arturo Bernal 0df9e63932 Enhance ContentResponseHandler to be fault-tolerant
This commit enhances the `ContentResponseHandler` class to be more fault-tolerant by handling responses with null or empty bodies without throwing exceptions. If the response was successful (a 2xx status code), the `Content` object is returned. If no response body exists, `Content.NO_CONTENT` is returned.

The implementation extends `ContentResponseHandler` and overrides its methods to handle the response entity and transform it into the actual response object. This is designed to be efficient and use minimal memory.
2023-08-12 17:14:53 +02:00
Arturo Bernal efe57e03c6 Workaround for URL quoting issue with LLv6 host literals. Due to an issue with URL quoting for LLv6 host literals, the original implementation of SystemDefaultDnsResolver does not support constructing URLs with LLv6 literals that have a ZoneID. This commit implements a workaround that strips the ZoneID from LLv6 literals before resolving them. This allows URLs with LLv6 literals to be constructed without quoting the ZoneID. Note that this workaround does not fully comply with RFC 6874, but it should work in most cases. 2023-08-12 17:14:53 +02:00
Oleg Kalnichevski 95e8abbda8 BEARER auth scheme support (RFC 6750) 2023-08-12 17:14:53 +02:00
Oleg Kalnichevski 2d77d1d579 Normalize scheme name in AuthScope 2023-08-12 17:14:53 +02:00
Oleg Kalnichevski ff35df66a5 Removed references in specific RFCs 2023-08-12 17:14:53 +02:00
Oleg Kalnichevski 55f86b9fd7 Credentials interface should be able to represent different types of user credentials including token based with no password 2023-08-12 17:14:53 +02:00
Oleg Kalnichevski c0194331c3 Upgraded project version to 5.3-alpha1-SNAPSHOT 2023-08-12 17:14:16 +02:00
Christoph Kaser 223669659c Check for timeToLive == 0
Allows setting connection timeToLive and validateAfterInactivity to zero to always close or validate a connection
2023-07-22 13:04:18 +02:00
John Vasileff d72a136817 Per RFC 7616, use the provided Response algorithm in the Request
For digest authentication, in RFC 7616 section "3.4 The Authorization
Header Field":

    The values of the opaque and algorithm fields must be those supplied
    in the WWW-Authenticate response header field for the entity being
    requested.

This commit honors that rule, and removes the previous behavior that
augmented the request header with "algorithm=MD5" when none was provided
in the server's response.

Aside from the specification, it also stands to reason that if the
server failed to provide "algorithm=..." in its "WWW-Authenticate"
header, the server should be fine with the client failing to provide
"algorithm=..." in the "Authorization" header.

The motivation for this change is that including "algorithm=MD5" in the
"Authorization" header causes http requests to fail when made to an
embedded system, which I suspect to be a an Espressif ESP32 web server.
2023-07-20 20:18:05 +02:00
Oleg Kalnichevski 9ad56ad734 Improvements in the ClientConfiguration sample app 2023-07-13 17:57:04 +02:00
Gary Gregory 09ae5f212a Mostly missing Javadoc in org.apache.hc.client5.http.entity and minor
clean ups
2023-07-02 16:31:07 -04:00
Oleg Kalnichevski 3e38a5e5ec HTTPCLIENT-2271: Do not optimize the path component of the resolved URI by default. 2023-04-27 17:13:53 +02:00
Oleg Kalnichevski 48e4229843 HTTPCLIENT-2262: Corrected RequestConfig#connectionRequestTimeout javadocs 2023-03-17 11:23:07 +01:00
Alice Li cda24a64ba chore: update ClientProxyAuthenticationExample 2023-03-13 15:43:31 +01:00
Arturo Bernal 078c7c7eb7 Remove unnecessary declarations. 2023-03-13 15:43:31 +01:00
MartinWitt f198fc0e62 Make inner classes static (#405) 2023-03-13 15:43:24 +01:00
Gary Gregory f78ec699ab Camel case names 2023-03-13 15:43:16 +01:00
Alen Turkovic 4695041df4 Pass HttpContext to SSLConnectionSocketFactory#prepareSocket method (#404) 2023-03-13 15:42:38 +01:00