You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hc.apache.org by ol...@apache.org on 2011/10/07 16:35:40 UTC
svn commit: r1180056 - in /httpcomponents/httpclient/trunk/httpclient/src:
main/java/org/apache/http/auth/ main/java/org/apache/http/impl/client/
test/java/org/apache/http/impl/client/
Author: olegk
Date: Fri Oct 7 14:35:40 2011
New Revision: 1180056
URL: http://svn.apache.org/viewvc?rev=1180056&view=rev
Log:
Improved auth state tracking in HttpHttpAuthenticator
Modified:
httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/auth/AuthState.java
httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/client/HttpAuthenticator.java
httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/client/TestBasicResponseHandler.java
httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/client/TestHttpAuthenticator.java
Modified: httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/auth/AuthState.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/auth/AuthState.java?rev=1180056&r1=1180055&r2=1180056&view=diff
==============================================================================
--- httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/auth/AuthState.java (original)
+++ httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/auth/AuthState.java Fri Oct 7 14:35:40 2011
@@ -67,6 +67,7 @@ public class AuthState {
*/
public void invalidate() {
this.state = AuthProtocolState.UNCHALLENGED;
+ this.authOptions = null;
this.authScheme = null;
this.authScope = null;
this.credentials = null;
@@ -159,15 +160,32 @@ public class AuthState {
* Returns available authentication options.
*
* @return authentication options, if available, <code>null</null> otherwise.
+ *
+ * @since 4.2
*/
public Queue<AuthOption> getAuthOptions() {
return this.authOptions;
}
/**
+ * Returns <code>true</code> if authentication options are available, <code>false</code>
+ * otherwise.
+ *
+ * @return <code>true</code> if authentication options are available, <code>false</code>
+ * otherwise.
+ *
+ * @since 4.2
+ */
+ public boolean hasAuthOptions() {
+ return this.authOptions != null && !this.authOptions.isEmpty();
+ }
+
+ /**
* Sets authentication options to select from when authenticating.
*
* @param authOptions authentication options
+ *
+ * @since 4.2
*/
public void setAuthOptions(final Queue<AuthOption> authOptions) {
this.authOptions = authOptions != null && !authOptions.isEmpty() ? authOptions : null;
Modified: httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/client/HttpAuthenticator.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/client/HttpAuthenticator.java?rev=1180056&r1=1180055&r2=1180056&view=diff
==============================================================================
--- httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/client/HttpAuthenticator.java (original)
+++ httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/client/HttpAuthenticator.java Fri Oct 7 14:35:40 2011
@@ -63,7 +63,6 @@ public class HttpAuthenticator {
final AuthState authState,
final HttpContext context) {
if (authStrategy.isAuthenticationRequested(response, context)) {
- authState.setState(AuthProtocolState.CHALLENGED);
return true;
} else {
switch (authState.getState()) {
@@ -93,25 +92,39 @@ public class HttpAuthenticator {
this.log.debug("Response contains no authentication challenges");
return false;
}
+
AuthScheme authScheme = authState.getAuthScheme();
- if (authScheme != null) {
- String id = authScheme.getSchemeName();
- Header challenge = challenges.get(id.toLowerCase(Locale.US));
- if (challenge != null) {
- this.log.debug("Authorization challenge processed");
- authScheme.processChallenge(challenge);
- if (authScheme.isComplete()) {
- this.log.debug("Authentication failed");
- authState.setState(AuthProtocolState.FAILURE);
- authState.setCredentials(null);
- return false;
+ switch (authState.getState()) {
+ case FAILURE:
+ return false;
+ case SUCCESS:
+ case CHALLENGED:
+ if (authScheme == null) {
+ this.log.debug("Auth scheme is null");
+ authState.invalidate();
+ authState.setState(AuthProtocolState.FAILURE);
+ return false;
+ }
+ case UNCHALLENGED:
+ if (authScheme != null) {
+ String id = authScheme.getSchemeName();
+ Header challenge = challenges.get(id.toLowerCase(Locale.US));
+ if (challenge != null) {
+ this.log.debug("Authorization challenge processed");
+ authScheme.processChallenge(challenge);
+ if (authScheme.isComplete()) {
+ this.log.debug("Authentication failed");
+ authState.invalidate();
+ authState.setState(AuthProtocolState.FAILURE);
+ return false;
+ } else {
+ authState.setState(AuthProtocolState.HANDSHAKE);
+ return true;
+ }
} else {
- authState.setState(AuthProtocolState.HANDSHAKE);
- return true;
+ authState.invalidate();
+ // Retry authentication with a different scheme
}
- } else {
- authState.invalidate();
- // Retry authentication with a different scheme
}
}
Queue<AuthOption> authOptions = authStrategy.select(challenges, host, response, context);
Modified: httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/client/TestBasicResponseHandler.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/client/TestBasicResponseHandler.java?rev=1180056&r1=1180055&r2=1180056&view=diff
==============================================================================
--- httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/client/TestBasicResponseHandler.java (original)
+++ httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/client/TestBasicResponseHandler.java Fri Oct 7 14:35:40 2011
@@ -27,7 +27,6 @@
package org.apache.http.impl.client;
-import java.io.ByteArrayInputStream;
import java.io.InputStream;
import junit.framework.Assert;
Modified: httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/client/TestHttpAuthenticator.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/client/TestHttpAuthenticator.java?rev=1180056&r1=1180055&r2=1180056&view=diff
==============================================================================
--- httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/client/TestHttpAuthenticator.java (original)
+++ httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/client/TestHttpAuthenticator.java Fri Oct 7 14:35:40 2011
@@ -92,7 +92,6 @@ public class TestHttpAuthenticator {
Assert.assertTrue(this.httpAuthenticator.isAuthenticationRequested(
response, this.authStrategy, this.authState, this.context));
- Assert.assertEquals(AuthProtocolState.CHALLENGED, this.authState.getState());
Mockito.verify(this.authStrategy).isAuthenticationRequested(response, this.context);
}
@@ -205,6 +204,40 @@ public class TestHttpAuthenticator {
}
@Test
+ public void testAuthenticationFailed() throws Exception {
+ HttpHost host = new HttpHost("somehost", 80);
+ HttpResponse response = new BasicHttpResponse(HttpVersion.HTTP_1_1, HttpStatus.SC_UNAUTHORIZED, "UNAUTHORIZED");
+ response.addHeader(new BasicHeader(AUTH.WWW_AUTH, "Basic realm=\"test\""));
+ response.addHeader(new BasicHeader(AUTH.WWW_AUTH, "Digest realm=\"realm1\", nonce=\"1234\""));
+
+ this.authState.setState(AuthProtocolState.FAILURE);
+
+ TargetAuthenticationStrategy authStrategy = new TargetAuthenticationStrategy();
+
+ Assert.assertFalse(this.httpAuthenticator.authenticate(host,
+ response, authStrategy, this.authState, this.context));
+
+ Assert.assertEquals(AuthProtocolState.FAILURE, this.authState.getState());
+ }
+
+ @Test
+ public void testAuthenticationNoAuthScheme() throws Exception {
+ HttpHost host = new HttpHost("somehost", 80);
+ HttpResponse response = new BasicHttpResponse(HttpVersion.HTTP_1_1, HttpStatus.SC_UNAUTHORIZED, "UNAUTHORIZED");
+ response.addHeader(new BasicHeader(AUTH.WWW_AUTH, "Basic realm=\"test\""));
+ response.addHeader(new BasicHeader(AUTH.WWW_AUTH, "Digest realm=\"realm1\", nonce=\"1234\""));
+
+ this.authState.setState(AuthProtocolState.CHALLENGED);
+
+ TargetAuthenticationStrategy authStrategy = new TargetAuthenticationStrategy();
+
+ Assert.assertFalse(this.httpAuthenticator.authenticate(host,
+ response, authStrategy, this.authState, this.context));
+
+ Assert.assertEquals(AuthProtocolState.FAILURE, this.authState.getState());
+ }
+
+ @Test
public void testAuthenticationFailure() throws Exception {
HttpHost host = new HttpHost("somehost", 80);
HttpResponse response = new BasicHttpResponse(HttpVersion.HTTP_1_1, HttpStatus.SC_UNAUTHORIZED, "UNAUTHORIZED");