Issue #2737 - Allow "=" characters in the AuthenticationProtocolHandler PARAM_PATTERN

Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
This commit is contained in:
Lachlan Roberts 2018-07-19 21:26:59 +10:00
parent d96aee4498
commit 1373e90e32
2 changed files with 37 additions and 1 deletions

View File

@ -47,7 +47,7 @@ public abstract class AuthenticationProtocolHandler implements ProtocolHandler
public static final int DEFAULT_MAX_CONTENT_LENGTH = 16*1024; public static final int DEFAULT_MAX_CONTENT_LENGTH = 16*1024;
public static final Logger LOG = Log.getLogger(AuthenticationProtocolHandler.class); public static final Logger LOG = Log.getLogger(AuthenticationProtocolHandler.class);
private static final Pattern PARAM_PATTERN = Pattern.compile("([^=]+)=([^=]+)?"); private static final Pattern PARAM_PATTERN = Pattern.compile("([^=]+)=(.*)");
private static final Pattern TYPE_PATTERN = Pattern.compile("([^\\s]+)(\\s+(.*))?"); private static final Pattern TYPE_PATTERN = Pattern.compile("([^\\s]+)(\\s+(.*))?");
private static final Pattern MULTIPLE_CHALLENGE_PATTERN = Pattern.compile("(.*?)\\s*,\\s*([^=\\s,]+(\\s+[^=\\s].*)?)"); private static final Pattern MULTIPLE_CHALLENGE_PATTERN = Pattern.compile("(.*?)\\s*,\\s*([^=\\s,]+(\\s+[^=\\s].*)?)");
private static final Pattern BASE64_PATTERN = Pattern.compile("[\\+\\-\\.\\/\\dA-Z_a-z~]+=*"); private static final Pattern BASE64_PATTERN = Pattern.compile("[\\+\\-\\.\\/\\dA-Z_a-z~]+=*");

View File

@ -732,4 +732,40 @@ public class HttpClientAuthenticationTest extends AbstractHttpClientServerTest
Assert.assertTrue(headerInfos.get(1).getType().equalsIgnoreCase("Negotiate")); Assert.assertTrue(headerInfos.get(1).getType().equalsIgnoreCase("Negotiate"));
Assert.assertTrue(headerInfos.get(1).getBase64().equals("YIIJvwYGKwYBBQUCoIIJszCCCa+gJDAi=")); Assert.assertTrue(headerInfos.get(1).getBase64().equals("YIIJvwYGKwYBBQUCoIIJszCCCa+gJDAi="));
} }
@Test
public void testEqualsInParam()
{
AuthenticationProtocolHandler aph = new WWWAuthenticationProtocolHandler(client);
HeaderInfo headerInfo;
headerInfo = aph.getHeaderInfo("Digest realm=\"=the=rmo=stat=\", qop=\"=a=u=t=h=\", nonce=\"=1523430383=\"").get(0);
Assert.assertTrue(headerInfo.getType().equalsIgnoreCase("Digest"));
Assert.assertTrue(headerInfo.getParameter("qop").equals("=a=u=t=h="));
Assert.assertTrue(headerInfo.getParameter("realm").equals("=the=rmo=stat="));
Assert.assertTrue(headerInfo.getParameter("nonce").equals("=1523430383="));
// test multiple authentications
List<HeaderInfo> headerInfoList = aph.getHeaderInfo("Digest qop=\"=au=th=\", realm=\"=ther=mostat=\", nonce=\"=152343=0383=\", "
+ "Digest realm=\"=thermostat2\", qop=\"=auth2\", nonce=\"=4522530354\", "
+ "Digest qop=\"auth3=\", nonce=\"9523570528=\", realm=\"thermostat3=\", ");
Assert.assertTrue(headerInfoList.get(0).getType().equalsIgnoreCase("Digest"));
Assert.assertTrue(headerInfoList.get(0).getParameter("qop").equals("=au=th="));
Assert.assertTrue(headerInfoList.get(0).getParameter("realm").equals("=ther=mostat="));
Assert.assertTrue(headerInfoList.get(0).getParameter("nonce").equals("=152343=0383="));
Assert.assertTrue(headerInfoList.get(1).getType().equalsIgnoreCase("Digest"));
Assert.assertTrue(headerInfoList.get(1).getParameter("qop").equals("=auth2"));
Assert.assertTrue(headerInfoList.get(1).getParameter("realm").equals("=thermostat2"));
Assert.assertTrue(headerInfoList.get(1).getParameter("nonce").equals("=4522530354"));
Assert.assertTrue(headerInfoList.get(2).getType().equalsIgnoreCase("Digest"));
Assert.assertTrue(headerInfoList.get(2).getParameter("qop").equals("auth3="));
Assert.assertTrue(headerInfoList.get(2).getParameter("realm").equals("thermostat3="));
Assert.assertTrue(headerInfoList.get(2).getParameter("nonce").equals("9523570528="));
}
} }