[cxf] branch 3.5.x-fixes updated: [CXF-8761] DigestAuthSupplier: Must not decode URL encoded URI parts (#996)

[re...@apache.org]

This is an automated email from the ASF dual-hosted git repository.

reta pushed a commit to branch 3.5.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git


The following commit(s) were added to refs/heads/3.5.x-fixes by this push:
     new b1f80c4971 [CXF-8761] DigestAuthSupplier: Must not decode URL encoded URI parts (#996)
b1f80c4971 is described below

commit b1f80c49718d0d92c547a6cf84756d6f5c2baae0
Author: Thomas Faller <tf...@gmx.de>
AuthorDate: Tue Oct 4 02:34:43 2022 +0200

    [CXF-8761] DigestAuthSupplier: Must not decode URL encoded URI parts (#996)
---
 .../cxf/transport/http/auth/DigestAuthSupplier.java   |  6 +++---
 .../transport/http/auth/DigestAuthSupplierTest.java   | 19 +++++++++++++++++++
 2 files changed, 22 insertions(+), 3 deletions(-)

diff --git a/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/DigestAuthSupplier.java b/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/DigestAuthSupplier.java
index f2e4488af2..b076ae3fd7 100644
--- a/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/DigestAuthSupplier.java
+++ b/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/DigestAuthSupplier.java
@@ -100,9 +100,9 @@ public class DigestAuthSupplier implements HttpAuthSupplier {
     }
 
     private static String getAuthURI(URI currentURI) {
-        String authURI = currentURI.getPath();
-        if (currentURI.getQuery() != null) {
-            authURI += '?' + currentURI.getQuery();
+        String authURI = currentURI.getRawPath();
+        if (currentURI.getRawQuery() != null) {
+            authURI += '?' + currentURI.getRawQuery();
         }
         return authURI;
     }
diff --git a/rt/transports/http/src/test/java/org/apache/cxf/transport/http/auth/DigestAuthSupplierTest.java b/rt/transports/http/src/test/java/org/apache/cxf/transport/http/auth/DigestAuthSupplierTest.java
index e9dc03c513..127b88b885 100644
--- a/rt/transports/http/src/test/java/org/apache/cxf/transport/http/auth/DigestAuthSupplierTest.java
+++ b/rt/transports/http/src/test/java/org/apache/cxf/transport/http/auth/DigestAuthSupplierTest.java
@@ -91,4 +91,23 @@ public class DigestAuthSupplierTest {
         expectedParams.put("algorithm", "MD5");
         assertEquals(expectedParams, params);
     }
+
+    @Test
+    public void testUrlEncodedUri() throws Exception {
+        AuthorizationPolicy authPolicy = new AuthorizationPolicy();
+        authPolicy.setUserName("testUser");
+        authPolicy.setPassword("testPassword");
+
+        // uri with utf-8 url encoded path and query
+        URI uri = new URI("http://localhost.com/sch%C3%B6ne?gr%C3%BC%C3%9Fe");
+        assertEquals("/schöne", uri.getPath());
+        assertEquals("grüße", uri.getQuery());
+
+        DigestAuthSupplier authSupplier = new DigestAuthSupplier();
+        String authToken = authSupplier.getAuthorization(authPolicy, uri, new MessageImpl(), "Digest");
+        HttpAuthHeader authHeader = new HttpAuthHeader(authToken);
+        assertTrue(authHeader.authTypeIsDigest());
+        // uri parts must stay encoded
+        assertEquals("/sch%C3%B6ne?gr%C3%BC%C3%9Fe", authHeader.getParams().get("uri"));
+    }
 }