From 1373e90e32ac88d14d7362410a7b8462e834518c Mon Sep 17 00:00:00 2001 From: Lachlan Roberts Date: Thu, 19 Jul 2018 21:26:59 +1000 Subject: [PATCH] Issue #2737 - Allow "=" characters in the AuthenticationProtocolHandler PARAM_PATTERN Signed-off-by: Lachlan Roberts --- .../client/AuthenticationProtocolHandler.java | 2 +- .../client/HttpClientAuthenticationTest.java | 36 +++++++++++++++++++ 2 files changed, 37 insertions(+), 1 deletion(-) diff --git a/jetty-client/src/main/java/org/eclipse/jetty/client/AuthenticationProtocolHandler.java b/jetty-client/src/main/java/org/eclipse/jetty/client/AuthenticationProtocolHandler.java index c6a160ea214..6d390f87c08 100644 --- a/jetty-client/src/main/java/org/eclipse/jetty/client/AuthenticationProtocolHandler.java +++ b/jetty-client/src/main/java/org/eclipse/jetty/client/AuthenticationProtocolHandler.java @@ -47,7 +47,7 @@ public abstract class AuthenticationProtocolHandler implements ProtocolHandler public static final int DEFAULT_MAX_CONTENT_LENGTH = 16*1024; public static final Logger LOG = Log.getLogger(AuthenticationProtocolHandler.class); - private static final Pattern PARAM_PATTERN = Pattern.compile("([^=]+)=([^=]+)?"); + private static final Pattern PARAM_PATTERN = Pattern.compile("([^=]+)=(.*)"); private static final Pattern TYPE_PATTERN = Pattern.compile("([^\\s]+)(\\s+(.*))?"); private static final Pattern MULTIPLE_CHALLENGE_PATTERN = Pattern.compile("(.*?)\\s*,\\s*([^=\\s,]+(\\s+[^=\\s].*)?)"); private static final Pattern BASE64_PATTERN = Pattern.compile("[\\+\\-\\.\\/\\dA-Z_a-z~]+=*"); diff --git a/jetty-client/src/test/java/org/eclipse/jetty/client/HttpClientAuthenticationTest.java b/jetty-client/src/test/java/org/eclipse/jetty/client/HttpClientAuthenticationTest.java index ccaacd51dbd..aa6249d33fe 100644 --- a/jetty-client/src/test/java/org/eclipse/jetty/client/HttpClientAuthenticationTest.java +++ b/jetty-client/src/test/java/org/eclipse/jetty/client/HttpClientAuthenticationTest.java @@ -732,4 +732,40 @@ public class HttpClientAuthenticationTest extends AbstractHttpClientServerTest Assert.assertTrue(headerInfos.get(1).getType().equalsIgnoreCase("Negotiate")); Assert.assertTrue(headerInfos.get(1).getBase64().equals("YIIJvwYGKwYBBQUCoIIJszCCCa+gJDAi=")); } + + + + @Test + public void testEqualsInParam() + { + AuthenticationProtocolHandler aph = new WWWAuthenticationProtocolHandler(client); + HeaderInfo headerInfo; + + headerInfo = aph.getHeaderInfo("Digest realm=\"=the=rmo=stat=\", qop=\"=a=u=t=h=\", nonce=\"=1523430383=\"").get(0); + Assert.assertTrue(headerInfo.getType().equalsIgnoreCase("Digest")); + Assert.assertTrue(headerInfo.getParameter("qop").equals("=a=u=t=h=")); + Assert.assertTrue(headerInfo.getParameter("realm").equals("=the=rmo=stat=")); + Assert.assertTrue(headerInfo.getParameter("nonce").equals("=1523430383=")); + + + // test multiple authentications + List headerInfoList = aph.getHeaderInfo("Digest qop=\"=au=th=\", realm=\"=ther=mostat=\", nonce=\"=152343=0383=\", " + + "Digest realm=\"=thermostat2\", qop=\"=auth2\", nonce=\"=4522530354\", " + + "Digest qop=\"auth3=\", nonce=\"9523570528=\", realm=\"thermostat3=\", "); + + Assert.assertTrue(headerInfoList.get(0).getType().equalsIgnoreCase("Digest")); + Assert.assertTrue(headerInfoList.get(0).getParameter("qop").equals("=au=th=")); + Assert.assertTrue(headerInfoList.get(0).getParameter("realm").equals("=ther=mostat=")); + Assert.assertTrue(headerInfoList.get(0).getParameter("nonce").equals("=152343=0383=")); + + Assert.assertTrue(headerInfoList.get(1).getType().equalsIgnoreCase("Digest")); + Assert.assertTrue(headerInfoList.get(1).getParameter("qop").equals("=auth2")); + Assert.assertTrue(headerInfoList.get(1).getParameter("realm").equals("=thermostat2")); + Assert.assertTrue(headerInfoList.get(1).getParameter("nonce").equals("=4522530354")); + + Assert.assertTrue(headerInfoList.get(2).getType().equalsIgnoreCase("Digest")); + Assert.assertTrue(headerInfoList.get(2).getParameter("qop").equals("auth3=")); + Assert.assertTrue(headerInfoList.get(2).getParameter("realm").equals("thermostat3=")); + Assert.assertTrue(headerInfoList.get(2).getParameter("nonce").equals("9523570528=")); + } }