Search in sources :

Example 6 with HttpHeaders

use of org.apache.flink.shaded.netty4.io.netty.handler.codec.http.HttpHeaders in project async-http-client by AsyncHttpClient.

the class NettyRequestSender method sendRequestWithNewChannel.

private <//
T> //
ListenableFuture<T> sendRequestWithNewChannel(//
Request request, //
ProxyServer proxy, //
NettyResponseFuture<T> future, //
AsyncHandler<T> asyncHandler, boolean performingNextRequest) {
    // some headers are only set when performing the first request
    HttpHeaders headers = future.getNettyRequest().getHttpRequest().headers();
    Realm realm = future.getRealm();
    Realm proxyRealm = future.getProxyRealm();
    requestFactory.addAuthorizationHeader(headers, perConnectionAuthorizationHeader(request, proxy, realm));
    requestFactory.setProxyAuthorizationHeader(headers, perConnectionProxyAuthorizationHeader(request, proxyRealm));
    future.setInAuth(realm != null && realm.isUsePreemptiveAuth() && realm.getScheme() != AuthScheme.NTLM);
    future.setInProxyAuth(proxyRealm != null && proxyRealm.isUsePreemptiveAuth() && proxyRealm.getScheme() != AuthScheme.NTLM);
    // Do not throw an exception when we need an extra connection for a redirect
    // FIXME why? This violate the max connection per host handling, right?
    Bootstrap bootstrap = channelManager.getBootstrap(request.getUri(), proxy);
    Object partitionKey = future.getPartitionKey();
    // we disable channelPreemption when performing next requests
    final boolean acquireChannelLock = !performingNextRequest;
    try {
        // redirect.
        if (acquireChannelLock) {
            // if there's an exception here, channel wasn't preempted and resolve won't happen
            channelManager.acquireChannelLock(partitionKey);
        }
    } catch (Throwable t) {
        abort(null, future, getCause(t));
        // exit and don't try to resolve address
        return future;
    }
    scheduleRequestTimeout(future);
    //
    RequestHostnameResolver.INSTANCE.resolve(request, proxy, asyncHandler).addListener(new SimpleFutureListener<List<InetSocketAddress>>() {

        @Override
        protected void onSuccess(List<InetSocketAddress> addresses) {
            NettyConnectListener<T> connectListener = new NettyConnectListener<>(future, NettyRequestSender.this, channelManager, acquireChannelLock, partitionKey);
            NettyChannelConnector connector = new NettyChannelConnector(request.getLocalAddress(), addresses, asyncHandler, clientState, config);
            if (!future.isDone()) {
                connector.connect(bootstrap, connectListener);
            } else if (acquireChannelLock) {
                channelManager.releaseChannelLock(partitionKey);
            }
        }

        @Override
        protected void onFailure(Throwable cause) {
            if (acquireChannelLock) {
                channelManager.releaseChannelLock(partitionKey);
            }
            abort(null, future, getCause(cause));
        }
    });
    return future;
}
Also used : HttpHeaders(io.netty.handler.codec.http.HttpHeaders) DefaultHttpHeaders(io.netty.handler.codec.http.DefaultHttpHeaders) InetSocketAddress(java.net.InetSocketAddress) Bootstrap(io.netty.bootstrap.Bootstrap) List(java.util.List) NettyConnectListener(org.asynchttpclient.netty.channel.NettyConnectListener) Realm(org.asynchttpclient.Realm)

Example 7 with HttpHeaders

use of org.apache.flink.shaded.netty4.io.netty.handler.codec.http.HttpHeaders in project async-http-client by AsyncHttpClient.

the class ProxyUnauthorized407Interceptor method exitAfterHandling407.

public //
boolean exitAfterHandling407(//
Channel channel, //
NettyResponseFuture<?> future, //
HttpResponse response, //
Request request, //
int statusCode, //
ProxyServer proxyServer, HttpRequest httpRequest) {
    if (future.isAndSetInProxyAuth(true)) {
        LOGGER.info("Can't handle 407 as auth was already performed");
        return false;
    }
    Realm proxyRealm = future.getProxyRealm();
    if (proxyRealm == null) {
        LOGGER.debug("Can't handle 407 as there's no proxyRealm");
        return false;
    }
    List<String> proxyAuthHeaders = response.headers().getAll(PROXY_AUTHENTICATE);
    if (proxyAuthHeaders.isEmpty()) {
        LOGGER.info("Can't handle 407 as response doesn't contain Proxy-Authenticate headers");
        return false;
    }
    // FIXME what's this???
    future.setChannelState(ChannelState.NEW);
    HttpHeaders requestHeaders = new DefaultHttpHeaders(false).add(request.getHeaders());
    switch(proxyRealm.getScheme()) {
        case BASIC:
            if (getHeaderWithPrefix(proxyAuthHeaders, "Basic") == null) {
                LOGGER.info("Can't handle 407 with Basic realm as Proxy-Authenticate headers don't match");
                return false;
            }
            if (proxyRealm.isUsePreemptiveAuth()) {
                // FIXME do we need this, as future.getAndSetAuth
                // was tested above?
                // auth was already performed, most likely auth
                // failed
                LOGGER.info("Can't handle 407 with Basic realm as auth was preemptive and already performed");
                return false;
            }
            // FIXME do we want to update the realm, or directly
            // set the header?
            Realm newBasicRealm = //
            realm(proxyRealm).setUsePreemptiveAuth(//
            true).build();
            future.setProxyRealm(newBasicRealm);
            break;
        case DIGEST:
            String digestHeader = getHeaderWithPrefix(proxyAuthHeaders, "Digest");
            if (digestHeader == null) {
                LOGGER.info("Can't handle 407 with Digest realm as Proxy-Authenticate headers don't match");
                return false;
            }
            Realm newDigestRealm = //
            realm(proxyRealm).setUri(//
            request.getUri()).setMethodName(//
            request.getMethod()).setUsePreemptiveAuth(//
            true).parseProxyAuthenticateHeader(//
            digestHeader).build();
            future.setProxyRealm(newDigestRealm);
            break;
        case NTLM:
            String ntlmHeader = getHeaderWithPrefix(proxyAuthHeaders, "NTLM");
            if (ntlmHeader == null) {
                LOGGER.info("Can't handle 407 with NTLM realm as Proxy-Authenticate headers don't match");
                return false;
            }
            ntlmProxyChallenge(ntlmHeader, request, requestHeaders, proxyRealm, future);
            Realm newNtlmRealm = //
            realm(proxyRealm).setUsePreemptiveAuth(//
            true).build();
            future.setProxyRealm(newNtlmRealm);
            break;
        case KERBEROS:
        case SPNEGO:
            if (getHeaderWithPrefix(proxyAuthHeaders, NEGOTIATE) == null) {
                LOGGER.info("Can't handle 407 with Kerberos or Spnego realm as Proxy-Authenticate headers don't match");
                return false;
            }
            try {
                kerberosProxyChallenge(channel, proxyAuthHeaders, request, proxyServer, proxyRealm, requestHeaders, future);
            } catch (SpnegoEngineException e) {
                // FIXME
                String ntlmHeader2 = getHeaderWithPrefix(proxyAuthHeaders, "NTLM");
                if (ntlmHeader2 != null) {
                    LOGGER.warn("Kerberos/Spnego proxy auth failed, proceeding with NTLM");
                    ntlmProxyChallenge(ntlmHeader2, request, requestHeaders, proxyRealm, future);
                    Realm newNtlmRealm2 = //
                    realm(proxyRealm).setScheme(//
                    AuthScheme.NTLM).setUsePreemptiveAuth(//
                    true).build();
                    future.setProxyRealm(newNtlmRealm2);
                } else {
                    requestSender.abort(channel, future, e);
                    return false;
                }
            }
            break;
        default:
            throw new IllegalStateException("Invalid Authentication scheme " + proxyRealm.getScheme());
    }
    RequestBuilder nextRequestBuilder = new RequestBuilder(future.getCurrentRequest()).setHeaders(requestHeaders);
    if (future.getCurrentRequest().getUri().isSecured()) {
        nextRequestBuilder.setMethod(CONNECT);
    }
    final Request nextRequest = nextRequestBuilder.build();
    LOGGER.debug("Sending proxy authentication to {}", request.getUri());
    if (//
    future.isKeepAlive() && //
    !HttpUtil.isTransferEncodingChunked(httpRequest) && !HttpUtil.isTransferEncodingChunked(response)) {
        future.setConnectAllowed(true);
        future.setReuseChannel(true);
        requestSender.drainChannelAndExecuteNextRequest(channel, future, nextRequest);
    } else {
        channelManager.closeChannel(channel);
        requestSender.sendNextRequest(nextRequest, future);
    }
    return true;
}
Also used : HttpHeaders(io.netty.handler.codec.http.HttpHeaders) DefaultHttpHeaders(io.netty.handler.codec.http.DefaultHttpHeaders) RequestBuilder(org.asynchttpclient.RequestBuilder) DefaultHttpHeaders(io.netty.handler.codec.http.DefaultHttpHeaders) SpnegoEngineException(org.asynchttpclient.spnego.SpnegoEngineException) Request(org.asynchttpclient.Request) HttpRequest(io.netty.handler.codec.http.HttpRequest) Realm(org.asynchttpclient.Realm)

Example 8 with HttpHeaders

use of org.apache.flink.shaded.netty4.io.netty.handler.codec.http.HttpHeaders in project async-http-client by AsyncHttpClient.

the class Unauthorized401Interceptor method exitAfterHandling401.

public //
boolean exitAfterHandling401(//
final Channel channel, //
final NettyResponseFuture<?> future, //
HttpResponse response, //
final Request request, //
int statusCode, //
Realm realm, //
ProxyServer proxyServer, HttpRequest httpRequest) {
    if (realm == null) {
        LOGGER.debug("Can't handle 401 as there's no realm");
        return false;
    }
    if (future.isAndSetInAuth(true)) {
        LOGGER.info("Can't handle 401 as auth was already performed");
        return false;
    }
    List<String> wwwAuthHeaders = response.headers().getAll(WWW_AUTHENTICATE);
    if (wwwAuthHeaders.isEmpty()) {
        LOGGER.info("Can't handle 401 as response doesn't contain WWW-Authenticate headers");
        return false;
    }
    // FIXME what's this???
    future.setChannelState(ChannelState.NEW);
    HttpHeaders requestHeaders = new DefaultHttpHeaders(false).add(request.getHeaders());
    switch(realm.getScheme()) {
        case BASIC:
            if (getHeaderWithPrefix(wwwAuthHeaders, "Basic") == null) {
                LOGGER.info("Can't handle 401 with Basic realm as WWW-Authenticate headers don't match");
                return false;
            }
            if (realm.isUsePreemptiveAuth()) {
                // FIXME do we need this, as future.getAndSetAuth
                // was tested above?
                // auth was already performed, most likely auth
                // failed
                LOGGER.info("Can't handle 401 with Basic realm as auth was preemptive and already performed");
                return false;
            }
            // FIXME do we want to update the realm, or directly
            // set the header?
            Realm newBasicRealm = //
            realm(realm).setUsePreemptiveAuth(//
            true).build();
            future.setRealm(newBasicRealm);
            break;
        case DIGEST:
            String digestHeader = getHeaderWithPrefix(wwwAuthHeaders, "Digest");
            if (digestHeader == null) {
                LOGGER.info("Can't handle 401 with Digest realm as WWW-Authenticate headers don't match");
                return false;
            }
            Realm newDigestRealm = //
            realm(realm).setUri(//
            request.getUri()).setMethodName(//
            request.getMethod()).setUsePreemptiveAuth(//
            true).parseWWWAuthenticateHeader(//
            digestHeader).build();
            future.setRealm(newDigestRealm);
            break;
        case NTLM:
            String ntlmHeader = getHeaderWithPrefix(wwwAuthHeaders, "NTLM");
            if (ntlmHeader == null) {
                LOGGER.info("Can't handle 401 with NTLM realm as WWW-Authenticate headers don't match");
                return false;
            }
            ntlmChallenge(ntlmHeader, request, requestHeaders, realm, future);
            Realm newNtlmRealm = //
            realm(realm).setUsePreemptiveAuth(//
            true).build();
            future.setRealm(newNtlmRealm);
            break;
        case KERBEROS:
        case SPNEGO:
            if (getHeaderWithPrefix(wwwAuthHeaders, NEGOTIATE) == null) {
                LOGGER.info("Can't handle 401 with Kerberos or Spnego realm as WWW-Authenticate headers don't match");
                return false;
            }
            try {
                kerberosChallenge(channel, wwwAuthHeaders, request, requestHeaders, realm, future);
            } catch (SpnegoEngineException e) {
                // FIXME
                String ntlmHeader2 = getHeaderWithPrefix(wwwAuthHeaders, "NTLM");
                if (ntlmHeader2 != null) {
                    LOGGER.warn("Kerberos/Spnego auth failed, proceeding with NTLM");
                    ntlmChallenge(ntlmHeader2, request, requestHeaders, realm, future);
                    Realm newNtlmRealm2 = //
                    realm(realm).setScheme(//
                    AuthScheme.NTLM).setUsePreemptiveAuth(//
                    true).build();
                    future.setRealm(newNtlmRealm2);
                } else {
                    requestSender.abort(channel, future, e);
                    return false;
                }
            }
            break;
        default:
            throw new IllegalStateException("Invalid Authentication scheme " + realm.getScheme());
    }
    final Request nextRequest = new RequestBuilder(future.getCurrentRequest()).setHeaders(requestHeaders).build();
    LOGGER.debug("Sending authentication to {}", request.getUri());
    if (//
    future.isKeepAlive() && //
    !HttpUtil.isTransferEncodingChunked(httpRequest) && !HttpUtil.isTransferEncodingChunked(response)) {
        future.setReuseChannel(true);
        requestSender.drainChannelAndExecuteNextRequest(channel, future, nextRequest);
    } else {
        channelManager.closeChannel(channel);
        requestSender.sendNextRequest(nextRequest, future);
    }
    return true;
}
Also used : HttpHeaders(io.netty.handler.codec.http.HttpHeaders) DefaultHttpHeaders(io.netty.handler.codec.http.DefaultHttpHeaders) RequestBuilder(org.asynchttpclient.RequestBuilder) DefaultHttpHeaders(io.netty.handler.codec.http.DefaultHttpHeaders) SpnegoEngineException(org.asynchttpclient.spnego.SpnegoEngineException) Request(org.asynchttpclient.Request) HttpRequest(io.netty.handler.codec.http.HttpRequest) Realm(org.asynchttpclient.Realm)

Example 9 with HttpHeaders

use of org.apache.flink.shaded.netty4.io.netty.handler.codec.http.HttpHeaders in project ambry by linkedin.

the class ChannelWriteCallback method errorResponseTest.

/**
 * Tests that error responses are correctly formed.
 */
@Test
public void errorResponseTest() {
    EmbeddedChannel channel = createEmbeddedChannel();
    for (RestServiceErrorCode errorCode : RestServiceErrorCode.values()) {
        HttpHeaders httpHeaders = new DefaultHttpHeaders();
        httpHeaders.set(MockNettyMessageProcessor.REST_SERVICE_ERROR_CODE_HEADER_NAME, errorCode);
        channel.writeInbound(RestTestUtils.createRequest(HttpMethod.HEAD, TestingUri.OnResponseCompleteWithRestException.toString(), httpHeaders));
        HttpResponse response = channel.readOutbound();
        HttpResponseStatus expectedStatus = getExpectedHttpResponseStatus(errorCode);
        assertEquals("Unexpected response status", expectedStatus, response.status());
        boolean containsFailureReasonHeader = response.headers().contains(NettyResponseChannel.FAILURE_REASON_HEADER);
        if (expectedStatus == HttpResponseStatus.BAD_REQUEST) {
            assertTrue("Could not find failure reason header.", containsFailureReasonHeader);
        } else {
            assertFalse("Should not have found failure reason header.", containsFailureReasonHeader);
        }
        if (HttpStatusClass.CLIENT_ERROR.contains(response.status().code())) {
            assertEquals("Wrong error code", errorCode, RestServiceErrorCode.valueOf(response.headers().get(NettyResponseChannel.ERROR_CODE_HEADER)));
        } else {
            assertFalse("Should not have found error code header", response.headers().contains(NettyResponseChannel.ERROR_CODE_HEADER));
        }
        if (response instanceof FullHttpResponse) {
            // assert that there is no content
            assertEquals("The response should not contain content", 0, ((FullHttpResponse) response).content().readableBytes());
        } else {
            HttpContent content = channel.readOutbound();
            assertTrue("End marker should be received", content instanceof LastHttpContent);
        }
        assertNull("There should be no more data in the channel", channel.readOutbound());
        boolean shouldBeAlive = !NettyResponseChannel.CLOSE_CONNECTION_ERROR_STATUSES.contains(expectedStatus);
        assertEquals("Channel state (open/close) not as expected", shouldBeAlive, channel.isActive());
        assertEquals("Connection header should be consistent with channel state", shouldBeAlive, HttpUtil.isKeepAlive(response));
        if (!shouldBeAlive) {
            channel = createEmbeddedChannel();
        }
    }
    channel.close();
}
Also used : HttpHeaders(io.netty.handler.codec.http.HttpHeaders) DefaultHttpHeaders(io.netty.handler.codec.http.DefaultHttpHeaders) DefaultHttpHeaders(io.netty.handler.codec.http.DefaultHttpHeaders) HttpResponseStatus(io.netty.handler.codec.http.HttpResponseStatus) EmbeddedChannel(io.netty.channel.embedded.EmbeddedChannel) FullHttpResponse(io.netty.handler.codec.http.FullHttpResponse) HttpResponse(io.netty.handler.codec.http.HttpResponse) FullHttpResponse(io.netty.handler.codec.http.FullHttpResponse) LastHttpContent(io.netty.handler.codec.http.LastHttpContent) DefaultLastHttpContent(io.netty.handler.codec.http.DefaultLastHttpContent) LastHttpContent(io.netty.handler.codec.http.LastHttpContent) HttpContent(io.netty.handler.codec.http.HttpContent) DefaultHttpContent(io.netty.handler.codec.http.DefaultHttpContent) DefaultLastHttpContent(io.netty.handler.codec.http.DefaultLastHttpContent) UtilsTest(com.github.ambry.utils.UtilsTest) Test(org.junit.Test)

Example 10 with HttpHeaders

use of org.apache.flink.shaded.netty4.io.netty.handler.codec.http.HttpHeaders in project ambry by linkedin.

the class FrontendIntegrationTest method getBlobInfoAndVerify.

/**
 * Gets the blob info of the blob with blob ID {@code blobId} and verifies them against what is expected.
 * @param blobId the blob ID of the blob to HEAD.
 * @param getOption the options to use while getting the blob.
 * @param expectedHeaders the expected headers in the response.
 * @param isPrivate {@code true} if the blob is expected to be private
 * @param accountName the expected account name in the response.
 * @param containerName the expected container name in response.
 * @param usermetadata if non-null, this is expected to come as the body.
 * @throws ExecutionException
 * @throws InterruptedException
 */
private void getBlobInfoAndVerify(String blobId, GetOption getOption, HttpHeaders expectedHeaders, boolean isPrivate, String accountName, String containerName, byte[] usermetadata) throws ExecutionException, InterruptedException {
    HttpHeaders headers = new DefaultHttpHeaders();
    if (getOption != null) {
        headers.add(RestUtils.Headers.GET_OPTION, getOption.toString());
    }
    FullHttpRequest httpRequest = buildRequest(HttpMethod.GET, blobId + "/" + RestUtils.SubResource.BlobInfo, headers, null);
    ResponseParts responseParts = nettyClient.sendRequest(httpRequest, null, null).get();
    HttpResponse response = getHttpResponse(responseParts);
    assertEquals("Unexpected response status", HttpResponseStatus.OK, response.status());
    checkCommonGetHeadHeaders(response.headers());
    verifyBlobProperties(expectedHeaders, isPrivate, response);
    verifyAccountAndContainerHeaders(accountName, containerName, response);
    verifyUserMetadata(expectedHeaders, response, usermetadata, responseParts.queue);
    assertTrue("Channel should be active", HttpUtil.isKeepAlive(response));
}
Also used : HttpHeaders(io.netty.handler.codec.http.HttpHeaders) DefaultHttpHeaders(io.netty.handler.codec.http.DefaultHttpHeaders) DefaultFullHttpRequest(io.netty.handler.codec.http.DefaultFullHttpRequest) FullHttpRequest(io.netty.handler.codec.http.FullHttpRequest) DefaultHttpHeaders(io.netty.handler.codec.http.DefaultHttpHeaders) HttpResponse(io.netty.handler.codec.http.HttpResponse) ResponseParts(com.github.ambry.rest.NettyClient.ResponseParts)

Aggregations

HttpHeaders (io.netty.handler.codec.http.HttpHeaders)286 DefaultHttpHeaders (io.netty.handler.codec.http.DefaultHttpHeaders)149 FullHttpRequest (io.netty.handler.codec.http.FullHttpRequest)83 DefaultFullHttpRequest (io.netty.handler.codec.http.DefaultFullHttpRequest)73 Test (org.junit.Test)68 Test (org.junit.jupiter.api.Test)57 Test (org.testng.annotations.Test)51 HttpRequest (io.netty.handler.codec.http.HttpRequest)43 HttpResponse (io.netty.handler.codec.http.HttpResponse)40 AsciiString (io.netty.util.AsciiString)29 ByteBuf (io.netty.buffer.ByteBuf)27 EmbeddedChannel (io.netty.channel.embedded.EmbeddedChannel)27 BStruct (org.ballerinalang.model.values.BStruct)26 FullHttpResponse (io.netty.handler.codec.http.FullHttpResponse)22 LastHttpContent (io.netty.handler.codec.http.LastHttpContent)22 HttpServletResponse (javax.servlet.http.HttpServletResponse)20 DefaultLastHttpContent (io.netty.handler.codec.http.DefaultLastHttpContent)19 Cookie (io.netty.handler.codec.http.cookie.Cookie)19 BValue (org.ballerinalang.model.values.BValue)19 ChannelPromise (io.netty.channel.ChannelPromise)18