src/jdk.incubator.httpclient/share/classes/jdk/incubator/http/AuthenticationFilter.java
equal
deleted
inserted
replaced
32 import java.net.InetSocketAddress; |
32 import java.net.InetSocketAddress; |
33 import java.net.URISyntaxException; |
33 import java.net.URISyntaxException; |
34 import java.net.URL; |
34 import java.net.URL; |
35 import java.util.Base64; |
35 import java.util.Base64; |
36 import java.util.LinkedList; |
36 import java.util.LinkedList; |
|
37 import java.util.List; |
37 import java.util.Objects; |
38 import java.util.Objects; |
38 import java.util.WeakHashMap; |
39 import java.util.WeakHashMap; |
|
40 |
|
41 import jdk.incubator.http.internal.common.Log; |
39 import jdk.incubator.http.internal.common.Utils; |
42 import jdk.incubator.http.internal.common.Utils; |
40 import static java.net.Authenticator.RequestorType.PROXY; |
43 import static java.net.Authenticator.RequestorType.PROXY; |
41 import static java.net.Authenticator.RequestorType.SERVER; |
44 import static java.net.Authenticator.RequestorType.SERVER; |
42 import static java.nio.charset.StandardCharsets.ISO_8859_1; |
45 import static java.nio.charset.StandardCharsets.ISO_8859_1; |
43 |
46 |
53 static final int retry_limit = Utils.getIntegerNetProperty( |
56 static final int retry_limit = Utils.getIntegerNetProperty( |
54 "jdk.httpclient.auth.retrylimit", DEFAULT_RETRY_LIMIT); |
57 "jdk.httpclient.auth.retrylimit", DEFAULT_RETRY_LIMIT); |
55 |
58 |
56 static final int UNAUTHORIZED = 401; |
59 static final int UNAUTHORIZED = 401; |
57 static final int PROXY_UNAUTHORIZED = 407; |
60 static final int PROXY_UNAUTHORIZED = 407; |
|
61 |
|
62 private static final List<String> BASIC_DUMMY = |
|
63 List.of("Basic " + Base64.getEncoder() |
|
64 .encodeToString("o:o".getBytes(ISO_8859_1))); |
58 |
65 |
59 // A public no-arg constructor is required by FilterFactory |
66 // A public no-arg constructor is required by FilterFactory |
60 public AuthenticationFilter() {} |
67 public AuthenticationFilter() {} |
61 |
68 |
62 private PasswordAuthentication getCredentials(String header, |
69 private PasswordAuthentication getCredentials(String header, |
155 String hdrname = proxy ? "Proxy-Authorization" : "Authorization"; |
162 String hdrname = proxy ? "Proxy-Authorization" : "Authorization"; |
156 StringBuilder sb = new StringBuilder(128); |
163 StringBuilder sb = new StringBuilder(128); |
157 sb.append(pw.getUserName()).append(':').append(pw.getPassword()); |
164 sb.append(pw.getUserName()).append(':').append(pw.getPassword()); |
158 String s = encoder.encodeToString(sb.toString().getBytes(ISO_8859_1)); |
165 String s = encoder.encodeToString(sb.toString().getBytes(ISO_8859_1)); |
159 String value = "Basic " + s; |
166 String value = "Basic " + s; |
|
167 if (proxy) { |
|
168 if (r.isConnect()) { |
|
169 if (!Utils.PROXY_TUNNEL_FILTER |
|
170 .test(hdrname, List.of(value))) { |
|
171 Log.logError("{0} disabled", hdrname); |
|
172 return; |
|
173 } |
|
174 } else if (r.proxy() != null) { |
|
175 if (!Utils.PROXY_FILTER |
|
176 .test(hdrname, List.of(value))) { |
|
177 Log.logError("{0} disabled", hdrname); |
|
178 return; |
|
179 } |
|
180 } |
|
181 } |
160 r.setSystemHeader(hdrname, value); |
182 r.setSystemHeader(hdrname, value); |
161 } |
183 } |
162 |
184 |
163 // Information attached to a HttpRequestImpl relating to authentication |
185 // Information attached to a HttpRequestImpl relating to authentication |
164 static class AuthInfo { |
186 static class AuthInfo { |
228 |
250 |
229 // TODO: Need to generalise from Basic only. Delegate to a provider class etc. |
251 // TODO: Need to generalise from Basic only. Delegate to a provider class etc. |
230 |
252 |
231 if (!scheme.equalsIgnoreCase("Basic")) { |
253 if (!scheme.equalsIgnoreCase("Basic")) { |
232 return null; // error gets returned to app |
254 return null; // error gets returned to app |
|
255 } |
|
256 |
|
257 if (proxy) { |
|
258 if (r.isConnectResponse) { |
|
259 if (!Utils.PROXY_TUNNEL_FILTER |
|
260 .test("Proxy-Authorization", BASIC_DUMMY)) { |
|
261 Log.logError("{0} disabled", "Proxy-Authorization"); |
|
262 return null; |
|
263 } |
|
264 } else if (req.proxy() != null) { |
|
265 if (!Utils.PROXY_FILTER |
|
266 .test("Proxy-Authorization", BASIC_DUMMY)) { |
|
267 Log.logError("{0} disabled", "Proxy-Authorization"); |
|
268 return null; |
|
269 } |
|
270 } |
233 } |
271 } |
234 |
272 |
235 AuthInfo au = proxy ? exchange.proxyauth : exchange.serverauth; |
273 AuthInfo au = proxy ? exchange.proxyauth : exchange.serverauth; |
236 if (au == null) { |
274 if (au == null) { |
237 // if no authenticator, let the user deal with 407/401 |
275 // if no authenticator, let the user deal with 407/401 |