You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hc.apache.org by ol...@apache.org on 2019/08/11 13:01:44 UTC
[httpcomponents-client] branch master updated: HTTPCLIENT-2009: Fxied StringIndexOutOfBoundsException in AuthSupport#extractFromAuthority

This is an automated email from the ASF dual-hosted git repository.

olegk pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/httpcomponents-client.git


The following commit(s) were added to refs/heads/master by this push:
     new 90e3487  HTTPCLIENT-2009: Fxied StringIndexOutOfBoundsException in AuthSupport#extractFromAuthority
90e3487 is described below

commit 90e34878a1224d6bd89af5878841e026bdab5d92
Author: itonyli <42...@qq.com>
AuthorDate: Sun Aug 11 20:38:10 2019 +0800

    HTTPCLIENT-2009: Fxied StringIndexOutOfBoundsException in AuthSupport#extractFromAuthority
---
 .../apache/hc/client5/http/impl/AuthSupport.java   | 18 +++-----
 .../hc/client5/http/impl/TestAuthSupport.java      | 52 ++++++++++++++++++++++
 2 files changed, 58 insertions(+), 12 deletions(-)

diff --git a/httpclient5/src/main/java/org/apache/hc/client5/http/impl/AuthSupport.java b/httpclient5/src/main/java/org/apache/hc/client5/http/impl/AuthSupport.java
index e6685a4..1071d5a 100644
--- a/httpclient5/src/main/java/org/apache/hc/client5/http/impl/AuthSupport.java
+++ b/httpclient5/src/main/java/org/apache/hc/client5/http/impl/AuthSupport.java
@@ -54,20 +54,14 @@ public class AuthSupport {
         if (authority == null) {
             return;
         }
-        final String userinfo = authority.getUserInfo();
-        if (userinfo == null) {
+        final String userInfo = authority.getUserInfo();
+        if (userInfo == null) {
             return;
         }
-        final int atColon = userinfo.indexOf(':');
-        final String userName;
-        final char[] password;
-        if (atColon >= 0) {
-            userName = userinfo.substring(0, atColon);
-            password = userinfo.substring(atColon + 1).toCharArray();
-        } else {
-            userName = userinfo.substring(0, atColon);
-            password = null;
-        }
+        final int atColon = userInfo.indexOf(':');
+        final String userName = atColon >= 0 ? userInfo.substring(0, atColon) : userInfo;
+        final char[] password = atColon >= 0 ? userInfo.substring(atColon + 1).toCharArray() : null;
+
         credentialsStore.setCredentials(
                 new AuthScope(scheme, authority.getHostName(), authority.getPort(), null, AuthSchemes.BASIC.ident),
                 new UsernamePasswordCredentials(userName, password));
diff --git a/httpclient5/src/test/java/org/apache/hc/client5/http/impl/TestAuthSupport.java b/httpclient5/src/test/java/org/apache/hc/client5/http/impl/TestAuthSupport.java
new file mode 100644
index 0000000..1101050
--- /dev/null
+++ b/httpclient5/src/test/java/org/apache/hc/client5/http/impl/TestAuthSupport.java
@@ -0,0 +1,52 @@
+/*
+ * ====================================================================
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ * ====================================================================
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation.  For more
+ * information on the Apache Software Foundation, please see
+ * <http://www.apache.org/>.
+ *
+ */
+package org.apache.hc.client5.http.impl;
+
+import org.apache.hc.client5.http.auth.AuthScope;
+import org.apache.hc.client5.http.auth.Credentials;
+import org.apache.hc.client5.http.impl.auth.BasicCredentialsProvider;
+import org.apache.hc.core5.net.URIAuthority;
+import org.junit.Assert;
+import org.junit.Test;
+
+/**
+ * Simple tests for {@link AuthSupport}.
+ */
+public class TestAuthSupport {
+
+    @Test
+    public void testExtractFromAuthority() {
+        final URIAuthority uriAuthority = new URIAuthority("testUser", "localhost", 8080);
+        final BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
+
+        AuthSupport.extractFromAuthority("http", uriAuthority, basicCredentialsProvider);
+
+        final Credentials credentials = basicCredentialsProvider.getCredentials(new AuthScope("localhost", 8080), null);
+        Assert.assertEquals("testUser", credentials.getUserPrincipal().getName());
+        Assert.assertNull(credentials.getPassword());
+    }
+}