View Javadoc
1   /*
2    * ====================================================================
3    * Licensed to the Apache Software Foundation (ASF) under one
4    * or more contributor license agreements.  See the NOTICE file
5    * distributed with this work for additional information
6    * regarding copyright ownership.  The ASF licenses this file
7    * to you under the Apache License, Version 2.0 (the
8    * "License"); you may not use this file except in compliance
9    * with the License.  You may obtain a copy of the License at
10   *
11   *   http://www.apache.org/licenses/LICENSE-2.0
12   *
13   * Unless required by applicable law or agreed to in writing,
14   * software distributed under the License is distributed on an
15   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16   * KIND, either express or implied.  See the License for the
17   * specific language governing permissions and limitations
18   * under the License.
19   * ====================================================================
20   *
21   * This software consists of voluntary contributions made by many
22   * individuals on behalf of the Apache Software Foundation.  For more
23   * information on the Apache Software Foundation, please see
24   * <http://www.apache.org/>.
25   *
26   */
27  package org.apache.hc.client5.testing.sync;
28  
29  import java.io.IOException;
30  import java.util.function.Consumer;
31  
32  import org.apache.hc.client5.http.auth.CredentialsProvider;
33  import org.apache.hc.client5.http.auth.NTCredentials;
34  import org.apache.hc.client5.http.auth.StandardAuthScheme;
35  import org.apache.hc.client5.http.classic.methods.HttpGet;
36  import org.apache.hc.client5.http.impl.auth.CredentialsProviderBuilder;
37  import org.apache.hc.client5.http.impl.classic.CloseableHttpClient;
38  import org.apache.hc.client5.http.impl.classic.HttpClientBuilder;
39  import org.apache.hc.client5.http.protocol.HttpClientContext;
40  import org.apache.hc.client5.testing.sync.extension.TestClientResources;
41  import org.apache.hc.core5.http.ClassicHttpRequest;
42  import org.apache.hc.core5.http.ClassicHttpResponse;
43  import org.apache.hc.core5.http.HttpException;
44  import org.apache.hc.core5.http.HttpHeaders;
45  import org.apache.hc.core5.http.HttpHost;
46  import org.apache.hc.core5.http.HttpStatus;
47  import org.apache.hc.core5.http.URIScheme;
48  import org.apache.hc.core5.http.io.HttpRequestHandler;
49  import org.apache.hc.core5.http.io.entity.EntityUtils;
50  import org.apache.hc.core5.http.protocol.HttpContext;
51  import org.apache.hc.core5.testing.classic.ClassicTestServer;
52  import org.apache.hc.core5.util.Timeout;
53  import org.junit.jupiter.api.Assertions;
54  import org.junit.jupiter.api.Test;
55  import org.junit.jupiter.api.extension.RegisterExtension;
56  
57  /**
58   * Unit tests for some of the NTLM auth functionality..
59   */
60  public class TestClientAuthenticationFakeNTLM {
61  
62      public static final Timeout TIMEOUT = Timeout.ofMinutes(1);
63  
64      @RegisterExtension
65      private TestClientResources testResources = new TestClientResources(URIScheme.HTTP, TIMEOUT);
66  
67      public ClassicTestServer startServer() throws IOException {
68          return testResources.startServer(null, null, null);
69      }
70  
71      public CloseableHttpClient startClient(final Consumer<HttpClientBuilder> clientCustomizer) {
72          return testResources.startClient(clientCustomizer);
73      }
74  
75      public CloseableHttpClient startClient() {
76          return testResources.startClient(builder -> {});
77      }
78  
79      public HttpHost targetHost() {
80          return testResources.targetHost();
81      }
82  
83      static class NtlmResponseHandler implements HttpRequestHandler {
84  
85          @Override
86          public void handle(
87                  final ClassicHttpRequest request,
88                  final ClassicHttpResponse response,
89                  final HttpContext context) throws HttpException, IOException {
90              response.setCode(HttpStatus.SC_UNAUTHORIZED);
91              response.setHeader("Connection", "Keep-Alive");
92              response.setHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.NTLM);
93          }
94      }
95  
96      @Test
97      public void testNTLMAuthenticationFailure() throws Exception {
98          final ClassicTestServer server = startServer();
99          server.registerHandler("*", new NtlmResponseHandler());
100         final HttpHost target = targetHost();
101 
102         final CredentialsProvider credsProvider = CredentialsProviderBuilder.create()
103                 .add(target, new NTCredentials("test", "test".toCharArray(), null, null))
104                 .build();
105 
106         final CloseableHttpClient client = startClient(builder -> builder
107                 .setDefaultCredentialsProvider(credsProvider)
108         );
109 
110         final HttpContext context = HttpClientContext.create();
111         final HttpGet httpget = new HttpGet("/");
112 
113         client.execute(target, httpget, context, response -> {
114             EntityUtils.consume(response.getEntity());
115             Assertions.assertEquals(HttpStatus.SC_UNAUTHORIZED, response.getCode());
116             return null;
117         });
118     }
119 
120     static class NtlmType2MessageResponseHandler implements HttpRequestHandler {
121 
122         private final String authenticateHeaderValue;
123 
124         public NtlmType2MessageResponseHandler(final String type2Message) {
125             this.authenticateHeaderValue = StandardAuthScheme.NTLM + " " + type2Message;
126         }
127 
128         @Override
129         public void handle(
130                 final ClassicHttpRequest request,
131                 final ClassicHttpResponse response,
132                 final HttpContext context) throws HttpException, IOException {
133             response.setCode(HttpStatus.SC_UNAUTHORIZED);
134             response.setHeader("Connection", "Keep-Alive");
135             if (!request.containsHeader(HttpHeaders.AUTHORIZATION)) {
136                 response.setHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.NTLM);
137             } else {
138                 response.setHeader(HttpHeaders.WWW_AUTHENTICATE, authenticateHeaderValue);
139             }
140         }
141     }
142 
143     @Test
144     public void testNTLMv1Type2Message() throws Exception {
145         final ClassicTestServer server = startServer();
146         server.registerHandler("*", new NtlmType2MessageResponseHandler("TlRMTVNTUAACAA" +
147                 "AADAAMADgAAAAzggLiASNFZ4mrze8AAAAAAAAAAAAAAAAAAAAABgBwFwAAAA9T" +
148                 "AGUAcgB2AGUAcgA="));
149         final HttpHost target = targetHost();
150 
151         final CredentialsProvider credsProvider = CredentialsProviderBuilder.create()
152                 .add(target, new NTCredentials("test", "test".toCharArray(), null, null))
153                 .build();
154 
155         final CloseableHttpClient client = startClient(builder -> builder
156                 .setDefaultCredentialsProvider(credsProvider)
157         );
158 
159         final HttpContext context = HttpClientContext.create();
160         final HttpGet httpget = new HttpGet("/");
161 
162         client.execute(target, httpget, context, response -> {
163             EntityUtils.consume(response.getEntity());
164             Assertions.assertEquals(HttpStatus.SC_UNAUTHORIZED, response.getCode());
165             return null;
166         });
167     }
168 
169     @Test
170     public void testNTLMv2Type2Message() throws Exception {
171         final ClassicTestServer server = startServer();
172         server.registerHandler("*", new NtlmType2MessageResponseHandler("TlRMTVNTUAACAA" +
173                 "AADAAMADgAAAAzgoriASNFZ4mrze8AAAAAAAAAACQAJABEAAAABgBwFwAAAA9T" +
174                 "AGUAcgB2AGUAcgACAAwARABvAG0AYQBpAG4AAQAMAFMAZQByAHYAZQByAAAAAAA="));
175         final HttpHost target = targetHost();
176 
177         final CredentialsProvider credsProvider = CredentialsProviderBuilder.create()
178                 .add(target, new NTCredentials("test", "test".toCharArray(), null, null))
179                 .build();
180 
181         final CloseableHttpClient client = startClient(builder -> builder
182                 .setDefaultCredentialsProvider(credsProvider)
183         );
184 
185         final HttpContext context = HttpClientContext.create();
186         final HttpGet httpget = new HttpGet("/");
187 
188         client.execute(target, httpget, context, response -> {
189             EntityUtils.consume(response.getEntity());
190             Assertions.assertEquals(HttpStatus.SC_UNAUTHORIZED, response.getCode());
191             return null;
192         });
193     }
194 
195     static class NtlmType2MessageOnlyResponseHandler implements HttpRequestHandler {
196 
197         private final String authenticateHeaderValue;
198 
199         public NtlmType2MessageOnlyResponseHandler(final String type2Message) {
200             this.authenticateHeaderValue = StandardAuthScheme.NTLM + " " + type2Message;
201         }
202 
203         @Override
204         public void handle(
205                 final ClassicHttpRequest request,
206                 final ClassicHttpResponse response,
207                 final HttpContext context) throws HttpException, IOException {
208             response.setCode(HttpStatus.SC_UNAUTHORIZED);
209             response.setHeader("Connection", "Keep-Alive");
210             response.setHeader(HttpHeaders.WWW_AUTHENTICATE, authenticateHeaderValue);
211         }
212     }
213 
214     @Test
215     public void testNTLMType2MessageOnlyAuthenticationFailure() throws Exception {
216         final ClassicTestServer server = startServer();
217         server.registerHandler("*", new NtlmType2MessageOnlyResponseHandler("TlRMTVNTUAACAA" +
218                 "AADAAMADgAAAAzggLiASNFZ4mrze8AAAAAAAAAAAAAAAAAAAAABgBwFwAAAA9T" +
219                 "AGUAcgB2AGUAcgA="));
220         final HttpHost target = targetHost();
221 
222         final CloseableHttpClient client = startClient();
223 
224         final HttpClientContext context = HttpClientContext.create();
225         context.setCredentialsProvider(CredentialsProviderBuilder.create()
226                 .add(target, new NTCredentials("test", "test".toCharArray(), null, null))
227                 .build());
228         final HttpGet httpget = new HttpGet("/");
229 
230         client.execute(target, httpget, context, response -> {
231             EntityUtils.consume(response.getEntity());
232             Assertions.assertEquals(HttpStatus.SC_UNAUTHORIZED, response.getCode());
233             return null;
234         });
235     }
236 
237     @Test
238     public void testNTLMType2NonUnicodeMessageOnlyAuthenticationFailure() throws Exception {
239         final ClassicTestServer server = startServer();
240         server.registerHandler("*", new NtlmType2MessageOnlyResponseHandler("TlRMTVNTUAACAA" +
241                 "AABgAGADgAAAAyggLiASNFZ4mrze8AAAAAAAAAAAAAAAAAAAAABgBwFwAAAA9T" +
242                 "ZXJ2ZXI="));
243         final HttpHost target = targetHost();
244 
245 
246         final CloseableHttpClient client = startClient();
247 
248         final HttpClientContext context = HttpClientContext.create();
249         context.setCredentialsProvider(CredentialsProviderBuilder.create()
250                 .add(target, new NTCredentials("test", "test".toCharArray(), null, null))
251                 .build());
252         final HttpGet httpget = new HttpGet("/");
253 
254         client.execute(target, httpget, context, response -> {
255             EntityUtils.consume(response.getEntity());
256             Assertions.assertEquals(HttpStatus.SC_UNAUTHORIZED, response.getCode());
257             return null;
258         });
259     }
260 
261 }