jetty-9 - HTTP client: temporary commit.
This commit is contained in:
Simone Bordet
parent
772fa55b99
commit
52accdf761
|
|
@ -69,16 +69,20 @@ public class AuthenticationProtocolHandler extends Response.Listener.Adapter imp
|
|||
Request request = result.getRequest();
|
||||
final String uri = request.uri();
|
||||
Authentication authentication = null;
|
||||
String params = null;
|
||||
for (WWWAuthenticate wwwAuthenticate : wwwAuthenticates)
|
||||
{
|
||||
authentication = client.getAuthenticationStore().findAuthentication(wwwAuthenticate.type, uri, wwwAuthenticate.realm);
|
||||
if (authentication != null)
|
||||
{
|
||||
params = wwwAuthenticate.params;
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (authentication != null)
|
||||
{
|
||||
final Authentication authn = authentication;
|
||||
authn.authenticate(request);
|
||||
authn.authenticate(request, params, client.getConversation(request));
|
||||
request.send(new Adapter()
|
||||
{
|
||||
@Override
|
||||
|
|
@ -102,6 +106,7 @@ public class AuthenticationProtocolHandler extends Response.Listener.Adapter imp
|
|||
|
||||
private List<WWWAuthenticate> parseWWWAuthenticate(Response response)
|
||||
{
|
||||
// TODO: these should be ordered by strength
|
||||
List<WWWAuthenticate> result = new ArrayList<>();
|
||||
List<String> values = Collections.list(response.headers().getValues(HttpHeader.WWW_AUTHENTICATE.asString()));
|
||||
for (String value : values)
|
||||
|
|
|
|||
|
|
@ -18,11 +18,13 @@
|
|||
|
||||
package org.eclipse.jetty.client.api;
|
||||
|
||||
import org.eclipse.jetty.util.Attributes;
|
||||
|
||||
public interface Authentication
|
||||
{
|
||||
boolean matches(String type, String uri, String realm);
|
||||
|
||||
void authenticate(Request request);
|
||||
boolean authenticate(Request request, String params, Attributes context);
|
||||
|
||||
public static class Result
|
||||
{
|
||||
|
|
|
|||
|
|
@ -24,6 +24,7 @@ import java.nio.charset.UnsupportedCharsetException;
|
|||
import org.eclipse.jetty.client.api.Authentication;
|
||||
import org.eclipse.jetty.client.api.Request;
|
||||
import org.eclipse.jetty.http.HttpHeader;
|
||||
import org.eclipse.jetty.util.Attributes;
|
||||
import org.eclipse.jetty.util.B64Code;
|
||||
import org.eclipse.jetty.util.StringUtil;
|
||||
|
||||
|
|
@ -55,7 +56,7 @@ public class BasicAuthentication implements Authentication
|
|||
}
|
||||
|
||||
@Override
|
||||
public void authenticate(Request request)
|
||||
public boolean authenticate(Request request, String params, Attributes context)
|
||||
{
|
||||
String encoding = StringUtil.__ISO_8859_1;
|
||||
try
|
||||
|
|
|
|||
|
|
@ -0,0 +1,181 @@
|
|||
//
|
||||
// ========================================================================
|
||||
// Copyright (c) 1995-2012 Mort Bay Consulting Pty. Ltd.
|
||||
// ------------------------------------------------------------------------
|
||||
// All rights reserved. This program and the accompanying materials
|
||||
// are made available under the terms of the Eclipse Public License v1.0
|
||||
// and Apache License v2.0 which accompanies this distribution.
|
||||
//
|
||||
// The Eclipse Public License is available at
|
||||
// http://www.eclipse.org/legal/epl-v10.html
|
||||
//
|
||||
// The Apache License v2.0 is available at
|
||||
// http://www.opensource.org/licenses/apache2.0.php
|
||||
//
|
||||
// You may elect to redistribute this code under either of these licenses.
|
||||
// ========================================================================
|
||||
//
|
||||
|
||||
package org.eclipse.jetty.client.util;
|
||||
|
||||
import java.nio.charset.Charset;
|
||||
import java.security.MessageDigest;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.regex.Matcher;
|
||||
import java.util.regex.Pattern;
|
||||
|
||||
import org.eclipse.jetty.client.api.Authentication;
|
||||
import org.eclipse.jetty.client.api.Request;
|
||||
import org.eclipse.jetty.http.HttpHeader;
|
||||
import org.eclipse.jetty.util.Attributes;
|
||||
import org.eclipse.jetty.util.TypeUtil;
|
||||
|
||||
public class DigestAuthentication implements Authentication
|
||||
{
|
||||
private static final Pattern PARAM_PATTERN = Pattern.compile("([^=]+)=(.*)");
|
||||
|
||||
private final String uri;
|
||||
private final String realm;
|
||||
private final String user;
|
||||
private final String password;
|
||||
|
||||
public DigestAuthentication(String uri, String realm, String user, String password)
|
||||
{
|
||||
this.uri = uri;
|
||||
this.realm = realm;
|
||||
this.user = user;
|
||||
this.password = password;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean matches(String type, String uri, String realm)
|
||||
{
|
||||
if (!"digest".equalsIgnoreCase(type))
|
||||
return false;
|
||||
|
||||
if (!uri.startsWith(this.uri))
|
||||
return false;
|
||||
|
||||
return this.realm.equals(realm);
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean authenticate(Request request, String paramString, Attributes context)
|
||||
{
|
||||
Map<String, String> params = parseParams(paramString);
|
||||
String nonce = params.get("nonce");
|
||||
if (nonce == null || nonce.length() == 0)
|
||||
return false;
|
||||
String opaque = params.get("opaque");
|
||||
String algorithm = params.get("algorithm");
|
||||
if (algorithm == null)
|
||||
algorithm = "MD5";
|
||||
MessageDigest digester = getMessageDigest(algorithm);
|
||||
if (digester == null)
|
||||
return false;
|
||||
String serverQOP = params.get("qop");
|
||||
String clientQOP = null;
|
||||
if (serverQOP != null)
|
||||
{
|
||||
List<String> serverQOPValues = Arrays.asList(serverQOP.split(","));
|
||||
if (serverQOPValues.contains("auth"))
|
||||
clientQOP = "auth";
|
||||
else if (serverQOPValues.contains("auth-int"))
|
||||
clientQOP = "auth-int";
|
||||
}
|
||||
|
||||
String hash = compute(digester, clientQOP, content, nonce);
|
||||
|
||||
StringBuilder value = new StringBuilder("Digest");
|
||||
value.append(" username=\"").append(user).append("\"");
|
||||
value.append(", realm=\"").append(realm).append("\"");
|
||||
value.append(", nonce=\"").append(nonce).append("\"");
|
||||
if (opaque != null)
|
||||
value.append(", opaque=\"").append(opaque).append("\"");
|
||||
value.append(", algorithm=\"").append(algorithm).append("\"");
|
||||
value.append(", uri=\"").append(request.uri()).append("\"");
|
||||
if (clientQOP != null)
|
||||
value.append(", qop=\"").append(clientQOP).append("\"");
|
||||
value.append(", response=\"").append(hash).append("\"");
|
||||
|
||||
request.header(HttpHeader.AUTHORIZATION.asString(), value.toString());
|
||||
}
|
||||
|
||||
private Map<String, String> parseParams(String paramString)
|
||||
{
|
||||
Map<String, String> result = new HashMap<>();
|
||||
List<String> parts = splitParams(paramString);
|
||||
for (String part : parts)
|
||||
{
|
||||
Matcher matcher = PARAM_PATTERN.matcher(part);
|
||||
if (matcher.matches())
|
||||
result.put(matcher.group(1).trim().toLowerCase(), matcher.group(2).trim());
|
||||
}
|
||||
return result;
|
||||
}
|
||||
|
||||
private List<String> splitParams(String paramString)
|
||||
{
|
||||
List<String> result = new ArrayList<>();
|
||||
int start = 0;
|
||||
for (int i = 0; i < paramString.length(); ++i)
|
||||
{
|
||||
int quotes = 0;
|
||||
char ch = paramString.charAt(i);
|
||||
switch (ch)
|
||||
{
|
||||
case '"':
|
||||
++quotes;
|
||||
break;
|
||||
case ',':
|
||||
if (quotes % 2 == 0)
|
||||
{
|
||||
result.add(paramString.substring(start, i).trim());
|
||||
start = i + 1;
|
||||
}
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
}
|
||||
result.add(paramString.substring(start, paramString.length()).trim());
|
||||
return result;
|
||||
}
|
||||
|
||||
private MessageDigest getMessageDigest(String algorithm)
|
||||
{
|
||||
try
|
||||
{
|
||||
return MessageDigest.getInstance(algorithm);
|
||||
}
|
||||
catch (NoSuchAlgorithmException x)
|
||||
{
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
private String compute(Request request, MessageDigest digester, String qop, byte[] content, String serverNonce)
|
||||
{
|
||||
Charset charset = Charset.forName("ISO-8859-1");
|
||||
String A1 = user + ":" + realm + ":" + password;
|
||||
String hashA1 = TypeUtil.toHexString(digester.digest(A1.getBytes(charset)));
|
||||
|
||||
String A2 = request.method().asString() + ":" + request.uri();
|
||||
if ("auth-int".equals(qop))
|
||||
A2 += ":" + TypeUtil.toHexString(digester.digest(content));
|
||||
String hashA2 = TypeUtil.toHexString(digester.digest(A2.getBytes(charset)));
|
||||
|
||||
String A3;
|
||||
if (qop != null)
|
||||
A3 = hashA1 + ":" + serverNonce + ":" + nonceCount + ":" + clientNonce + ":" + qop + ":" + hashA2;
|
||||
else
|
||||
A3 = hashA1 + ":" + serverNonce + ":" + hashA2;
|
||||
|
||||
return TypeUtil.toHexString(digester.digest(A3.getBytes(charset)));
|
||||
}
|
||||
}
|
||||
|
|
@ -22,10 +22,12 @@ import java.io.File;
|
|||
import java.util.concurrent.TimeUnit;
|
||||
import java.util.concurrent.atomic.AtomicInteger;
|
||||
|
||||
import org.eclipse.jetty.client.api.Authentication;
|
||||
import org.eclipse.jetty.client.api.AuthenticationStore;
|
||||
import org.eclipse.jetty.client.api.ContentResponse;
|
||||
import org.eclipse.jetty.client.api.Request;
|
||||
import org.eclipse.jetty.client.util.BasicAuthentication;
|
||||
import org.eclipse.jetty.client.util.DigestAuthentication;
|
||||
import org.eclipse.jetty.http.HttpHeader;
|
||||
import org.eclipse.jetty.security.Authenticator;
|
||||
import org.eclipse.jetty.security.ConstraintMapping;
|
||||
|
|
@ -84,7 +86,18 @@ public class HttpClientAuthenticationTest extends AbstractHttpClientServerTest
|
|||
public void test_BasicAuthentication() throws Exception
|
||||
{
|
||||
startBasic(new EmptyHandler());
|
||||
test_Authentication(new BasicAuthentication("http://localhost:" + connector.getLocalPort(), realm, "basic", "basic"));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void test_DigestAuthentication() throws Exception
|
||||
{
|
||||
startDigest(new EmptyHandler());
|
||||
test_Authentication(new DigestAuthentication("http://localhost:" + connector.getLocalPort(), realm));
|
||||
}
|
||||
|
||||
private void test_Authentication(Authentication authentication) throws Exception
|
||||
{
|
||||
AuthenticationStore authenticationStore = client.getAuthenticationStore();
|
||||
|
||||
final AtomicInteger requests = new AtomicInteger();
|
||||
|
|
@ -99,7 +112,7 @@ public class HttpClientAuthenticationTest extends AbstractHttpClientServerTest
|
|||
client.getRequestListeners().add(requestListener);
|
||||
|
||||
// Request without Authentication causes a 401
|
||||
Request request = client.newRequest("localhost", connector.getLocalPort());
|
||||
Request request = client.newRequest("localhost", connector.getLocalPort()).path("/test");
|
||||
ContentResponse response = request.send().get(5, TimeUnit.SECONDS);
|
||||
Assert.assertNotNull(response);
|
||||
Assert.assertEquals(401, response.status());
|
||||
|
|
@ -107,9 +120,7 @@ public class HttpClientAuthenticationTest extends AbstractHttpClientServerTest
|
|||
client.getRequestListeners().remove(requestListener);
|
||||
requests.set(0);
|
||||
|
||||
String user = "basic";
|
||||
String password = "basic";
|
||||
authenticationStore.addAuthentication(new BasicAuthentication("http://localhost:" + connector.getLocalPort(), realm, user, password));
|
||||
authenticationStore.addAuthentication(authentication);
|
||||
|
||||
requestListener = new Request.Listener.Adapter()
|
||||
{
|
||||
|
|
@ -149,14 +160,4 @@ public class HttpClientAuthenticationTest extends AbstractHttpClientServerTest
|
|||
client.getRequestListeners().remove(requestListener);
|
||||
requests.set(0);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void test_DigestAuthentication() throws Exception
|
||||
{
|
||||
startDigest(new EmptyHandler());
|
||||
|
||||
Request request = client.newRequest("localhost", connector.getLocalPort());
|
||||
ContentResponse response = request.send().get(5, TimeUnit.SECONDS);
|
||||
Assert.assertEquals(401, response.status());
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue