Example 26 with RecordingHostnameVerifier
use of okhttp3.RecordingHostnameVerifier in project okhttp by square.
the class CallTest method noProactiveProxyAuthorization.
/**
* Confirm that we don't send the Proxy-Authorization header from the request to the proxy server.
* We used to have that behavior but it is problematic because unrelated requests end up sharing
* credentials. Worse, that approach leaks proxy credentials to the origin server.
*/
@Test
public void noProactiveProxyAuthorization() throws Exception {
server.useHttps(sslClient.socketFactory, true);
server.enqueue(new MockResponse().setSocketPolicy(SocketPolicy.UPGRADE_TO_SSL_AT_END).clearHeaders());
server.enqueue(new MockResponse().setBody("response body"));
client = client.newBuilder().sslSocketFactory(sslClient.socketFactory, sslClient.trustManager).proxy(server.toProxyAddress()).hostnameVerifier(new RecordingHostnameVerifier()).build();
Request request = new Request.Builder().url("https://android.com/foo").header("Proxy-Authorization", "password").build();
Response response = client.newCall(request).execute();
assertEquals("response body", response.body().string());
RecordedRequest connect = server.takeRequest();
assertNull(connect.getHeader("Proxy-Authorization"));
RecordedRequest get = server.takeRequest();
assertEquals("password", get.getHeader("Proxy-Authorization"));
}
Also used :
MockResponse(okhttp3.mockwebserver.MockResponse)
RecordedRequest(okhttp3.mockwebserver.RecordedRequest)
MockResponse(okhttp3.mockwebserver.MockResponse)
RecordedRequest(okhttp3.mockwebserver.RecordedRequest)
Test(org.junit.Test)
Example 27 with RecordingHostnameVerifier
use of okhttp3.RecordingHostnameVerifier in project okhttp by square.
the class URLConnectionTest method redirectedFromHttpsToHttpFollowingProtocolRedirects.
@Test
public void redirectedFromHttpsToHttpFollowingProtocolRedirects() throws Exception {
server2.enqueue(new MockResponse().setBody("This is insecure HTTP!"));
server.useHttps(sslClient.socketFactory, false);
server.enqueue(new MockResponse().setResponseCode(HttpURLConnection.HTTP_MOVED_TEMP).addHeader("Location: " + server2.url("/").url()).setBody("This page has moved!"));
urlFactory.setClient(urlFactory.client().newBuilder().sslSocketFactory(sslClient.socketFactory, sslClient.trustManager).hostnameVerifier(new RecordingHostnameVerifier()).followSslRedirects(true).build());
HttpsURLConnection connection = (HttpsURLConnection) urlFactory.open(server.url("/").url());
assertContent("This is insecure HTTP!", connection);
assertNull(connection.getCipherSuite());
assertNull(connection.getLocalCertificates());
assertNull(connection.getServerCertificates());
assertNull(connection.getPeerPrincipal());
assertNull(connection.getLocalPrincipal());
}
Also used :
MockResponse(okhttp3.mockwebserver.MockResponse)
HttpsURLConnection(javax.net.ssl.HttpsURLConnection)
Test(org.junit.Test)
Example 28 with RecordingHostnameVerifier
use of okhttp3.RecordingHostnameVerifier in project okhttp by square.
the class URLConnectionTest method connectViaHttpProxyToHttpsUsingBadProxyAndHttpResponseCache.
/** Tolerate bad https proxy response when using HttpResponseCache. Android bug 6754912. */
@Test
public void connectViaHttpProxyToHttpsUsingBadProxyAndHttpResponseCache() throws Exception {
initResponseCache();
server.useHttps(sslClient.socketFactory, true);
// The inclusion of a body in the response to a CONNECT is key to reproducing b/6754912.
MockResponse badProxyResponse = new MockResponse().setSocketPolicy(UPGRADE_TO_SSL_AT_END).setBody("bogus proxy connect response content");
server.enqueue(badProxyResponse);
server.enqueue(new MockResponse().setBody("response"));
// Configure a single IP address for the host and a single configuration, so we only need one
// failure to fail permanently.
urlFactory.setClient(urlFactory.client().newBuilder().dns(new SingleInetAddressDns()).sslSocketFactory(sslClient.socketFactory, sslClient.trustManager).connectionSpecs(Util.immutableList(ConnectionSpec.MODERN_TLS)).hostnameVerifier(new RecordingHostnameVerifier()).proxy(server.toProxyAddress()).build());
URL url = new URL("https://android.com/foo");
connection = urlFactory.open(url);
assertContent("response", connection);
RecordedRequest connect = server.takeRequest();
assertEquals("CONNECT android.com:443 HTTP/1.1", connect.getRequestLine());
assertEquals("android.com:443", connect.getHeader("Host"));
}
Also used :
RecordedRequest(okhttp3.mockwebserver.RecordedRequest)
MockResponse(okhttp3.mockwebserver.MockResponse)
SingleInetAddressDns(okhttp3.internal.SingleInetAddressDns)
URL(java.net.URL)
Test(org.junit.Test)
Example 29 with RecordingHostnameVerifier
use of okhttp3.RecordingHostnameVerifier in project okhttp by square.
the class URLConnectionTest method testSecureStreamingPost.
/**
* Users have reported problems using HTTPS with streaming request bodies.
* http://code.google.com/p/android/issues/detail?id=12860
*/
private void testSecureStreamingPost(StreamingMode streamingMode) throws Exception {
server.useHttps(sslClient.socketFactory, false);
server.enqueue(new MockResponse().setBody("Success!"));
urlFactory.setClient(urlFactory.client().newBuilder().sslSocketFactory(sslClient.socketFactory, sslClient.trustManager).hostnameVerifier(new RecordingHostnameVerifier()).build());
connection = urlFactory.open(server.url("/").url());
connection.setDoOutput(true);
byte[] requestBody = { 'A', 'B', 'C', 'D' };
if (streamingMode == StreamingMode.FIXED_LENGTH) {
connection.setFixedLengthStreamingMode(requestBody.length);
} else if (streamingMode == StreamingMode.CHUNKED) {
connection.setChunkedStreamingMode(0);
}
OutputStream outputStream = connection.getOutputStream();
outputStream.write(requestBody);
outputStream.close();
assertEquals("Success!", readAscii(connection.getInputStream(), Integer.MAX_VALUE));
RecordedRequest request = server.takeRequest();
assertEquals("POST / HTTP/1.1", request.getRequestLine());
if (streamingMode == StreamingMode.FIXED_LENGTH) {
assertEquals(Collections.<Integer>emptyList(), request.getChunkSizes());
} else if (streamingMode == StreamingMode.CHUNKED) {
assertEquals(Arrays.asList(4), request.getChunkSizes());
}
assertEquals("ABCD", request.getBody().readUtf8());
}
Also used :
RecordedRequest(okhttp3.mockwebserver.RecordedRequest)
MockResponse(okhttp3.mockwebserver.MockResponse)
OutputStream(java.io.OutputStream)
Example 30 with RecordingHostnameVerifier
use of okhttp3.RecordingHostnameVerifier in project okhttp by square.
the class URLConnectionTest method connectViaHttpsReusingConnections.
private void connectViaHttpsReusingConnections(boolean rebuildClient) throws Exception {
server.useHttps(sslClient.socketFactory, false);
server.enqueue(new MockResponse().setBody("this response comes via HTTPS"));
server.enqueue(new MockResponse().setBody("another response via HTTPS"));
// The pool will only reuse sockets if the SSL socket factories are the same.
SSLSocketFactory clientSocketFactory = sslClient.socketFactory;
RecordingHostnameVerifier hostnameVerifier = new RecordingHostnameVerifier();
CookieJar cookieJar = new JavaNetCookieJar(new CookieManager());
ConnectionPool connectionPool = new ConnectionPool();
urlFactory.setClient(new OkHttpClient.Builder().cache(cache).connectionPool(connectionPool).cookieJar(cookieJar).sslSocketFactory(clientSocketFactory, sslClient.trustManager).hostnameVerifier(hostnameVerifier).build());
connection = urlFactory.open(server.url("/").url());
assertContent("this response comes via HTTPS", connection);
if (rebuildClient) {
urlFactory.setClient(new OkHttpClient.Builder().cache(cache).connectionPool(connectionPool).cookieJar(cookieJar).sslSocketFactory(clientSocketFactory, sslClient.trustManager).hostnameVerifier(hostnameVerifier).build());
}
connection = urlFactory.open(server.url("/").url());
assertContent("another response via HTTPS", connection);
assertEquals(0, server.takeRequest().getSequenceNumber());
assertEquals(1, server.takeRequest().getSequenceNumber());
}
Also used :
MockResponse(okhttp3.mockwebserver.MockResponse)
SSLSocketFactory(javax.net.ssl.SSLSocketFactory)
CookieManager(java.net.CookieManager)
Aggregations
MockResponse (okhttp3.mockwebserver.MockResponse)35
Test (org.junit.Test)31
RecordedRequest (okhttp3.mockwebserver.RecordedRequest)20
URL (java.net.URL)8
RecordingHostnameVerifier (okhttp3.RecordingHostnameVerifier)6
SSLSocketFactory (javax.net.ssl.SSLSocketFactory)5
Call (okhttp3.Call)4
CertificatePinner (okhttp3.CertificatePinner)4
OkHttpClient (okhttp3.OkHttpClient)4
Request (okhttp3.Request)4
SingleInetAddressDns (okhttp3.internal.SingleInetAddressDns)4
SSLHandshakeException (javax.net.ssl.SSLHandshakeException)3
RecordingOkAuthenticator (okhttp3.internal.RecordingOkAuthenticator)3
HttpURLConnection (java.net.HttpURLConnection)2
HttpsURLConnection (javax.net.ssl.HttpsURLConnection)2
SSLContext (javax.net.ssl.SSLContext)2
SSLPeerUnverifiedException (javax.net.ssl.SSLPeerUnverifiedException)2
SSLProtocolException (javax.net.ssl.SSLProtocolException)2
Response (okhttp3.Response)2
OkHttpURLConnection (okhttp3.internal.huc.OkHttpURLConnection)2
