Eclipse/jetty.project
1
0
Fork 0
mirror of https://github.com/jetty/jetty.project.git synced 2025-03-01 11:29:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged branch 'jetty-9.4.x' into 'jetty-10.0.x'.

Browse Source 
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
This commit is contained in:
Simone Bordet 2021-01-12 11:30:00 +01:00
commit 847e8c612f
4 changed files with 62 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
jetty-client/src/main/java/org/eclipse/jetty/client/util/BasicAuthentication.java
View File

@ -14,6 +14,7 @@
package org.eclipse.jetty.client.util;
import java.net.URI;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
@ -58,7 +59,9 @@ public class BasicAuthentication extends AbstractAuthentication
@Override
public Result authenticate(Request request, ContentResponse response, HeaderInfo headerInfo, Attributes context)
{
return new BasicResult(getURI(), headerInfo.getHeader(), user, password);
String charsetParam = headerInfo.getParameter("charset");
Charset charset = charsetParam == null ? null : Charset.forName(charsetParam);
return new BasicResult(getURI(), headerInfo.getHeader(), user, password, charset);
}
/**
@ -83,10 +86,17 @@ public class BasicAuthentication extends AbstractAuthentication
}
public BasicResult(URI uri, HttpHeader header, String user, String password)
{
this(uri, header, user, password, StandardCharsets.ISO_8859_1);
}
public BasicResult(URI uri, HttpHeader header, String user, String password, Charset charset)
{
this.uri = uri;
this.header = header;
byte[] authBytes = (user + ":" + password).getBytes(StandardCharsets.ISO_8859_1);
if (charset == null)
charset = StandardCharsets.ISO_8859_1;
byte[] authBytes = (user + ":" + password).getBytes(charset);
this.value = "Basic " + Base64.getEncoder().encodeToString(authBytes);
}

42
jetty-client/src/test/java/org/eclipse/jetty/client/HttpClientAuthenticationTest.java
View File

@ -17,6 +17,8 @@ import java.io.File;
import java.io.IOException;
import java.net.URI;
import java.nio.ByteBuffer;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.util.List;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.TimeUnit;
@ -74,17 +76,25 @@ public class HttpClientAuthenticationTest extends AbstractHttpClientServerTest
{
private String realm = "TestRealm";
public void startBasic(final Scenario scenario, Handler handler) throws Exception
public void startBasic(Scenario scenario, Handler handler) throws Exception
{
start(scenario, new BasicAuthenticator(), handler);
startBasic(scenario, handler, null);
}
public void startDigest(final Scenario scenario, Handler handler) throws Exception
public void startBasic(Scenario scenario, Handler handler, Charset charset) throws Exception
{
BasicAuthenticator authenticator = new BasicAuthenticator();
if (charset != null)
authenticator.setCharset(charset);
start(scenario, authenticator, handler);
}
public void startDigest(Scenario scenario, Handler handler) throws Exception
{
start(scenario, new DigestAuthenticator(), handler);
}
private void start(final Scenario scenario, Authenticator authenticator, Handler handler) throws Exception
private void start(Scenario scenario, Authenticator authenticator, Handler handler) throws Exception
{
server = new Server();
File realmFile = MavenTestingUtils.getTestResourceFile("realm.properties");
@ -136,6 +146,16 @@ public class HttpClientAuthenticationTest extends AbstractHttpClientServerTest
testAuthentication(scenario, new BasicAuthentication(uri, ANY_REALM, "basic", "basic"));
}
@ParameterizedTest
@ArgumentsSource(ScenarioProvider.class)
public void testBasicWithUTF8Password(Scenario scenario) throws Exception
{
startBasic(scenario, new EmptyServerHandler(), StandardCharsets.UTF_8);
URI uri = URI.create(scenario.getScheme() + "://localhost:" + connector.getLocalPort());
// @checkstyle-disable-check : AvoidEscapedUnicodeCharactersCheck
testAuthentication(scenario, new BasicAuthentication(uri, realm, "basic_utf8", "\u20AC"));
}
@ParameterizedTest
@ArgumentsSource(ScenarioProvider.class)
public void testDigestAuthentication(Scenario scenario) throws Exception
@ -154,11 +174,11 @@ public class HttpClientAuthenticationTest extends AbstractHttpClientServerTest
testAuthentication(scenario, new DigestAuthentication(uri, ANY_REALM, "digest", "digest"));
}
private void testAuthentication(final Scenario scenario, Authentication authentication) throws Exception
private void testAuthentication(Scenario scenario, Authentication authentication) throws Exception
{
AuthenticationStore authenticationStore = client.getAuthenticationStore();
final AtomicReference<CountDownLatch> requests = new AtomicReference<>(new CountDownLatch(1));
AtomicReference<CountDownLatch> requests = new AtomicReference<>(new CountDownLatch(1));
Request.Listener.Adapter requestListener = new Request.Listener.Adapter()
{
@Override
@ -242,7 +262,7 @@ public class HttpClientAuthenticationTest extends AbstractHttpClientServerTest
URI uri = URI.create(scenario.getScheme() + "://localhost:" + connector.getLocalPort());
client.getAuthenticationStore().addAuthentication(new BasicAuthentication(uri, realm, "basic", "basic"));
final CountDownLatch requests = new CountDownLatch(3);
CountDownLatch requests = new CountDownLatch(3);
Request.Listener.Adapter requestListener = new Request.Listener.Adapter()
{
@Override
@ -281,7 +301,7 @@ public class HttpClientAuthenticationTest extends AbstractHttpClientServerTest
URI uri = URI.create(scenario.getScheme() + "://localhost:" + connector.getLocalPort());
client.getAuthenticationStore().addAuthentication(new BasicAuthentication(uri, realm, "basic", "basic"));
final CountDownLatch requests = new CountDownLatch(3);
CountDownLatch requests = new CountDownLatch(3);
Request.Listener.Adapter requestListener = new Request.Listener.Adapter()
{
@Override
@ -309,7 +329,7 @@ public class HttpClientAuthenticationTest extends AbstractHttpClientServerTest
{
startBasic(scenario, new EmptyServerHandler());
final AtomicReference<CountDownLatch> requests = new AtomicReference<>(new CountDownLatch(2));
AtomicReference<CountDownLatch> requests = new AtomicReference<>(new CountDownLatch(2));
Request.Listener.Adapter requestListener = new Request.Listener.Adapter()
{
@Override
@ -381,7 +401,7 @@ public class HttpClientAuthenticationTest extends AbstractHttpClientServerTest
// Request without Authentication would cause a 401,
// but the client will throw an exception trying to
// send the credentials to the server.
final String cause = "thrown_explicitly_by_test";
String cause = "thrown_explicitly_by_test";
client.getAuthenticationStore().addAuthentication(new Authentication()
{
@Override
@ -397,7 +417,7 @@ public class HttpClientAuthenticationTest extends AbstractHttpClientServerTest
}
});
final CountDownLatch latch = new CountDownLatch(1);
CountDownLatch latch = new CountDownLatch(1);
client.newRequest("localhost", connector.getLocalPort())
.scheme(scenario.getScheme())
.path("/secure")

1
jetty-client/src/test/resources/realm.properties
View File

@ -1,4 +1,5 @@
# Format is <user>:<password>,<roles>
basic:basic
basic_utf8:\u20AC
digest:digest
spnego_client:,admin

26
jetty-security/src/main/java/org/eclipse/jetty/security/authentication/BasicAuthenticator.java
View File

@ -14,6 +14,7 @@
package org.eclipse.jetty.security.authentication;
import java.io.IOException;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import javax.servlet.ServletRequest;
@ -29,14 +30,18 @@ import org.eclipse.jetty.server.Authentication.User;
import org.eclipse.jetty.server.UserIdentity;
import org.eclipse.jetty.util.security.Constraint;
/**
* @version $Rev: 4793 $ $Date: 2009-03-19 00:00:01 +0100 (Thu, 19 Mar 2009) $
*/
public class BasicAuthenticator extends LoginAuthenticator
{
private Charset _charset;
public BasicAuthenticator()
public Charset getCharset()
{
return _charset;
}
public void setCharset(Charset charset)
{
this._charset = charset;
}
@Override
@ -66,7 +71,10 @@ public class BasicAuthenticator extends LoginAuthenticator
if ("basic".equalsIgnoreCase(method))
{
credentials = credentials.substring(space + 1);
credentials = new String(Base64.getDecoder().decode(credentials), StandardCharsets.ISO_8859_1);
Charset charset = getCharset();
if (charset == null)
charset = StandardCharsets.ISO_8859_1;
credentials = new String(Base64.getDecoder().decode(credentials), charset);
int i = credentials.indexOf(':');
if (i > 0)
{
@ -75,9 +83,7 @@ public class BasicAuthenticator extends LoginAuthenticator
UserIdentity user = login(username, password, request);
if (user != null)
{
return new UserAuthentication(getAuthMethod(), user);
}
}
}
}
@ -86,7 +92,11 @@ public class BasicAuthenticator extends LoginAuthenticator
if (DeferredAuthentication.isDeferred(response))
return Authentication.UNAUTHENTICATED;
response.setHeader(HttpHeader.WWW_AUTHENTICATE.asString(), "basic realm=\"" + _loginService.getName() + '"');
String value = "basic realm=\"" + _loginService.getName() + "\"";
Charset charset = getCharset();
if (charset != null)
value += ", charset=\"" + charset.name() + "\"";
response.setHeader(HttpHeader.WWW_AUTHENTICATE.asString(), value);
response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
return Authentication.SEND_CONTINUE;
}