Merged branch 'jetty-9.4.x' into 'master'.

jetty-client/src/main/java/org/eclipse/jetty/client/AuthenticationProtocolHandler.java

@@ -117,7 +117,7 @@ public abstract class AuthenticationProtocolHandler implements ProtocolHandler
 
             Authentication authentication = null;
             Authentication.HeaderInfo headerInfo = null;
-            URI authURI = getAuthenticationURI(request);
+            URI authURI = resolveURI(request, getAuthenticationURI(request));
             if (authURI != null)
             {
                 for (Authentication.HeaderInfo element : headerInfos)
@@ -155,11 +155,7 @@ public abstract class AuthenticationProtocolHandler implements ProtocolHandler
                 String path = null;
                 if (requestURI == null)
                 {
-                    String uri = request.getScheme() + "://" + request.getHost();
+                    requestURI = resolveURI(request, null);
-                    int port = request.getPort();
-                    if (port > 0)
-                        uri += ":" + port;
-                    requestURI = URI.create(uri);
                     path = request.getPath();
                 }
                 Request newRequest = client.copyRequest(request, requestURI);
@@ -187,6 +183,17 @@ public abstract class AuthenticationProtocolHandler implements ProtocolHandler
             }
         }
 
+        private URI resolveURI(HttpRequest request, URI uri)
+        {
+            if (uri != null)
+                return uri;
+            String target = request.getScheme() + "://" + request.getHost();
+            int port = request.getPort();
+            if (port > 0)
+                target += ":" + port;
+            return URI.create(target);
+        }
+
         private void copyIfAbsent(HttpRequest oldRequest, Request newRequest, HttpHeader header)
         {
             HttpField field = oldRequest.getHeaders().getField(header);

jetty-client/src/main/java/org/eclipse/jetty/client/HttpProxy.java

@@ -162,6 +162,9 @@ public class HttpProxy extends ProxyConfiguration.Proxy
                     .header(HttpHeader.HOST, target)
                     .idleTimeout(2 * connectTimeout, TimeUnit.MILLISECONDS)
                     .timeout(connectTimeout, TimeUnit.MILLISECONDS);
+            ProxyConfiguration.Proxy proxy = destination.getProxy();
+            if (proxy != null && proxy.isSecure())
+                connect.scheme(HttpScheme.HTTPS.asString());
 
             final HttpConversation conversation = ((HttpRequest)connect).getConversation();
             conversation.setAttribute(EndPoint.class.getName(), endPoint);

jetty-client/src/main/java/org/eclipse/jetty/client/ProxyConfiguration.java

@@ -122,6 +122,9 @@ public class ProxyConfiguration
          */
         public boolean matches(Origin origin)
         {
+            if (getAddress().equals(origin.getAddress()))
+                return false;
+
             boolean result = included.isEmpty();
             Origin.Address address = origin.getAddress();
             for (String included : this.included)

jetty-proxy/src/test/java/org/eclipse/jetty/proxy/ForwardProxyTLSServerTest.java

@@ -504,6 +504,29 @@ public class ForwardProxyTLSServerTest
         });
     }
 
+    @Test
+    public void testProxyAuthenticationWithIncludedAddressWithResponseContent() throws Exception
+    {
+        final String realm = "test-realm";
+        testProxyAuthentication(realm, new ConnectHandler()
+        {
+            @Override
+            public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
+            {
+                String proxyAuth = request.getHeader(HttpHeader.PROXY_AUTHORIZATION.asString());
+                if (proxyAuth == null)
+                {
+                    baseRequest.setHandled(true);
+                    response.setStatus(HttpStatus.PROXY_AUTHENTICATION_REQUIRED_407);
+                    response.setHeader(HttpHeader.PROXY_AUTHENTICATE.asString(), "Basic realm=\"" + realm + "\"");
+                    response.getOutputStream().write(new byte[1024]);
+                    return;
+                }
+                super.handle(target, baseRequest, request, response);
+            }
+        }, true);
+    }
+
     @Test
     public void testProxyAuthenticationClosesConnection() throws Exception
     {
@@ -529,12 +552,20 @@ public class ForwardProxyTLSServerTest
     }
 
     private void testProxyAuthentication(String realm, ConnectHandler connectHandler) throws Exception
+    {
+        testProxyAuthentication(realm, connectHandler, false);
+    }
+
+    private void testProxyAuthentication(String realm, ConnectHandler connectHandler, boolean includeAddress) throws Exception
     {
         startTLSServer(new ServerHandler());
         startProxy(connectHandler);
 
         HttpClient httpClient = new HttpClient(newSslContextFactory());
-        httpClient.getProxyConfiguration().getProxies().add(newHttpProxy());
+        HttpProxy httpProxy = newHttpProxy();
+        if (includeAddress)
+            httpProxy.getIncludedAddresses().add("localhost:" + serverConnector.getLocalPort());
+        httpClient.getProxyConfiguration().getProxies().add(httpProxy);
         URI uri = URI.create((proxySslContextFactory == null ? "http" : "https") + "://localhost:" + proxyConnector.getLocalPort());
         httpClient.getAuthenticationStore().addAuthentication(new BasicAuthentication(uri, realm, "proxyUser", "proxyPassword"));
         httpClient.start();