View Javadoc
1   /*
2    * ====================================================================
3    * Licensed to the Apache Software Foundation (ASF) under one
4    * or more contributor license agreements.  See the NOTICE file
5    * distributed with this work for additional information
6    * regarding copyright ownership.  The ASF licenses this file
7    * to you under the Apache License, Version 2.0 (the
8    * "License"); you may not use this file except in compliance
9    * with the License.  You may obtain a copy of the License at
10   *
11   *   http://www.apache.org/licenses/LICENSE-2.0
12   *
13   * Unless required by applicable law or agreed to in writing,
14   * software distributed under the License is distributed on an
15   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16   * KIND, either express or implied.  See the License for the
17   * specific language governing permissions and limitations
18   * under the License.
19   * ====================================================================
20   *
21   * This software consists of voluntary contributions made by many
22   * individuals on behalf of the Apache Software Foundation.  For more
23   * information on the Apache Software Foundation, please see
24   * <http://www.apache.org/>.
25   *
26   */
27  package org.apache.hc.client5.http.impl.auth;
28  
29  import java.io.ByteArrayInputStream;
30  import java.io.ByteArrayOutputStream;
31  import java.io.ObjectInputStream;
32  import java.io.ObjectOutputStream;
33  import java.nio.charset.StandardCharsets;
34  import java.util.List;
35  
36  import org.apache.commons.codec.binary.Base64;
37  import org.apache.hc.client5.http.auth.AuthChallenge;
38  import org.apache.hc.client5.http.auth.AuthScheme;
39  import org.apache.hc.client5.http.auth.StandardAuthScheme;
40  import org.apache.hc.client5.http.auth.AuthScope;
41  import org.apache.hc.client5.http.auth.ChallengeType;
42  import org.apache.hc.client5.http.auth.UsernamePasswordCredentials;
43  import org.apache.hc.core5.http.HttpHost;
44  import org.apache.hc.core5.http.HttpRequest;
45  import org.apache.hc.core5.http.ParseException;
46  import org.apache.hc.core5.http.message.BasicHttpRequest;
47  import org.apache.hc.core5.http.message.ParserCursor;
48  import org.apache.hc.core5.util.CharArrayBuffer;
49  import org.junit.Assert;
50  import org.junit.Test;
51  
52  /**
53   * Basic authentication test cases.
54   */
55  public class TestBasicScheme {
56  
57      private static AuthChallenge parse(final String s) throws ParseException {
58          final CharArrayBuffer buffer = new CharArrayBuffer(s.length());
59          buffer.append(s);
60          final ParserCursor cursor = new ParserCursor(0, buffer.length());
61          final List<AuthChallenge> authChallenges = AuthChallengeParser.INSTANCE.parse(ChallengeType.TARGET, buffer, cursor);
62          Assert.assertEquals(1, authChallenges.size());
63          return authChallenges.get(0);
64      }
65  
66      @Test
67      public void testBasicAuthenticationEmptyChallenge() throws Exception {
68          final String challenge = StandardAuthScheme.BASIC;
69          final AuthChallenge authChallenge = parse(challenge);
70          final AuthScheme authscheme = new BasicScheme();
71          authscheme.processChallenge(authChallenge, null);
72          Assert.assertNull(authscheme.getRealm());
73      }
74  
75      @Test
76      public void testBasicAuthenticationWith88591Chars() throws Exception {
77          final int[] germanChars = { 0xE4, 0x2D, 0xF6, 0x2D, 0xFc };
78          final StringBuilder buffer = new StringBuilder();
79          for (final int germanChar : germanChars) {
80              buffer.append((char)germanChar);
81          }
82  
83          final HttpHost host  = new HttpHost("somehost", 80);
84          final AuthScope authScope = new AuthScope(host, "some realm", null);
85          final UsernamePasswordCredentials creds = new UsernamePasswordCredentials("dh", buffer.toString().toCharArray());
86          final BasicCredentialsProvider credentialsProvider = new BasicCredentialsProvider();
87          credentialsProvider.setCredentials(authScope, creds);
88          final BasicScheme authscheme = new BasicScheme(StandardCharsets.ISO_8859_1);
89  
90          Assert.assertTrue(authscheme.isResponseReady(host, credentialsProvider, null));
91          final HttpRequest request = new BasicHttpRequest("GET", "/");
92          final String authResponse = authscheme.generateAuthResponse(host, request, null);
93          Assert.assertEquals(StandardAuthScheme.BASIC + " ZGg65C32Lfw=", authResponse);
94      }
95  
96      @Test
97      public void testBasicAuthentication() throws Exception {
98          final AuthChallenge authChallenge = parse(StandardAuthScheme.BASIC + " realm=\"test\"");
99  
100         final BasicScheme authscheme = new BasicScheme();
101         authscheme.processChallenge(authChallenge, null);
102 
103         final HttpHost host  = new HttpHost("somehost", 80);
104         final AuthScope authScope = new AuthScope(host, "test", null);
105         final UsernamePasswordCredentials creds = new UsernamePasswordCredentials("testuser", "testpass".toCharArray());
106         final BasicCredentialsProvider credentialsProvider = new BasicCredentialsProvider();
107         credentialsProvider.setCredentials(authScope, creds);
108 
109         final HttpRequest request = new BasicHttpRequest("GET", "/");
110         Assert.assertTrue(authscheme.isResponseReady(host, credentialsProvider, null));
111         final String authResponse = authscheme.generateAuthResponse(host, request, null);
112 
113         final String expected = StandardAuthScheme.BASIC + " " + new String(
114                 Base64.encodeBase64("testuser:testpass".getBytes(StandardCharsets.US_ASCII)),
115                 StandardCharsets.US_ASCII);
116         Assert.assertEquals(expected, authResponse);
117         Assert.assertEquals("test", authscheme.getRealm());
118         Assert.assertTrue(authscheme.isChallengeComplete());
119         Assert.assertFalse(authscheme.isConnectionBased());
120     }
121 
122     @Test
123     public void testBasicProxyAuthentication() throws Exception {
124         final AuthChallenge authChallenge = parse(StandardAuthScheme.BASIC + " realm=\"test\"");
125 
126         final BasicScheme authscheme = new BasicScheme();
127         authscheme.processChallenge(authChallenge, null);
128 
129         final HttpHost host  = new HttpHost("somehost", 80);
130         final AuthScope authScope = new AuthScope(host, "test", null);
131         final UsernamePasswordCredentials creds = new UsernamePasswordCredentials("testuser", "testpass".toCharArray());
132         final BasicCredentialsProvider credentialsProvider = new BasicCredentialsProvider();
133         credentialsProvider.setCredentials(authScope, creds);
134 
135         final HttpRequest request = new BasicHttpRequest("GET", "/");
136         Assert.assertTrue(authscheme.isResponseReady(host, credentialsProvider, null));
137         final String authResponse = authscheme.generateAuthResponse(host, request, null);
138 
139         final String expected = StandardAuthScheme.BASIC + " " + new String(
140                 Base64.encodeBase64("testuser:testpass".getBytes(StandardCharsets.US_ASCII)),
141                 StandardCharsets.US_ASCII);
142         Assert.assertEquals(expected, authResponse);
143         Assert.assertEquals("test", authscheme.getRealm());
144         Assert.assertTrue(authscheme.isChallengeComplete());
145         Assert.assertFalse(authscheme.isConnectionBased());
146     }
147 
148     @Test
149     public void testSerialization() throws Exception {
150         final AuthChallenge authChallenge = parse(StandardAuthScheme.BASIC + " realm=\"test\"");
151 
152         final BasicScheme basicScheme = new BasicScheme();
153         basicScheme.processChallenge(authChallenge, null);
154 
155         final ByteArrayOutputStream buffer = new ByteArrayOutputStream();
156         final ObjectOutputStream out = new ObjectOutputStream(buffer);
157         out.writeObject(basicScheme);
158         out.flush();
159         final byte[] raw = buffer.toByteArray();
160         final ObjectInputStream in = new ObjectInputStream(new ByteArrayInputStream(raw));
161         final BasicScheme authScheme = (BasicScheme) in.readObject();
162 
163         Assert.assertEquals(basicScheme.getName(), authScheme.getName());
164         Assert.assertEquals(basicScheme.getRealm(), authScheme.getRealm());
165         Assert.assertEquals(basicScheme.isChallengeComplete(), authScheme.isChallengeComplete());
166     }
167 
168     @Test
169     public void testSerializationUnchallenged() throws Exception {
170         final BasicScheme basicScheme = new BasicScheme();
171 
172         final ByteArrayOutputStream buffer = new ByteArrayOutputStream();
173         final ObjectOutputStream out = new ObjectOutputStream(buffer);
174         out.writeObject(basicScheme);
175         out.flush();
176         final byte[] raw = buffer.toByteArray();
177         final ObjectInputStream in = new ObjectInputStream(new ByteArrayInputStream(raw));
178         final BasicScheme authScheme = (BasicScheme) in.readObject();
179 
180         Assert.assertEquals(basicScheme.getName(), authScheme.getName());
181         Assert.assertEquals(basicScheme.getRealm(), authScheme.getRealm());
182         Assert.assertEquals(basicScheme.isChallengeComplete(), authScheme.isChallengeComplete());
183     }
184 
185 }