use of org.apache.flink.shaded.netty4.io.netty.handler.codec.http.HttpHeaders in project async-http-client by AsyncHttpClient.
the class NettyRequestSender method sendRequestWithNewChannel.
private <//
T> //
ListenableFuture<T> sendRequestWithNewChannel(//
Request request, //
ProxyServer proxy, //
NettyResponseFuture<T> future, //
AsyncHandler<T> asyncHandler, boolean performingNextRequest) {
// some headers are only set when performing the first request
HttpHeaders headers = future.getNettyRequest().getHttpRequest().headers();
Realm realm = future.getRealm();
Realm proxyRealm = future.getProxyRealm();
requestFactory.addAuthorizationHeader(headers, perConnectionAuthorizationHeader(request, proxy, realm));
requestFactory.setProxyAuthorizationHeader(headers, perConnectionProxyAuthorizationHeader(request, proxyRealm));
future.setInAuth(realm != null && realm.isUsePreemptiveAuth() && realm.getScheme() != AuthScheme.NTLM);
future.setInProxyAuth(proxyRealm != null && proxyRealm.isUsePreemptiveAuth() && proxyRealm.getScheme() != AuthScheme.NTLM);
// Do not throw an exception when we need an extra connection for a redirect
// FIXME why? This violate the max connection per host handling, right?
Bootstrap bootstrap = channelManager.getBootstrap(request.getUri(), proxy);
Object partitionKey = future.getPartitionKey();
// we disable channelPreemption when performing next requests
final boolean acquireChannelLock = !performingNextRequest;
try {
// redirect.
if (acquireChannelLock) {
// if there's an exception here, channel wasn't preempted and resolve won't happen
channelManager.acquireChannelLock(partitionKey);
}
} catch (Throwable t) {
abort(null, future, getCause(t));
// exit and don't try to resolve address
return future;
}
scheduleRequestTimeout(future);
//
RequestHostnameResolver.INSTANCE.resolve(request, proxy, asyncHandler).addListener(new SimpleFutureListener<List<InetSocketAddress>>() {
@Override
protected void onSuccess(List<InetSocketAddress> addresses) {
NettyConnectListener<T> connectListener = new NettyConnectListener<>(future, NettyRequestSender.this, channelManager, acquireChannelLock, partitionKey);
NettyChannelConnector connector = new NettyChannelConnector(request.getLocalAddress(), addresses, asyncHandler, clientState, config);
if (!future.isDone()) {
connector.connect(bootstrap, connectListener);
} else if (acquireChannelLock) {
channelManager.releaseChannelLock(partitionKey);
}
}
@Override
protected void onFailure(Throwable cause) {
if (acquireChannelLock) {
channelManager.releaseChannelLock(partitionKey);
}
abort(null, future, getCause(cause));
}
});
return future;
}
use of org.apache.flink.shaded.netty4.io.netty.handler.codec.http.HttpHeaders in project async-http-client by AsyncHttpClient.
the class ProxyUnauthorized407Interceptor method exitAfterHandling407.
public //
boolean exitAfterHandling407(//
Channel channel, //
NettyResponseFuture<?> future, //
HttpResponse response, //
Request request, //
int statusCode, //
ProxyServer proxyServer, HttpRequest httpRequest) {
if (future.isAndSetInProxyAuth(true)) {
LOGGER.info("Can't handle 407 as auth was already performed");
return false;
}
Realm proxyRealm = future.getProxyRealm();
if (proxyRealm == null) {
LOGGER.debug("Can't handle 407 as there's no proxyRealm");
return false;
}
List<String> proxyAuthHeaders = response.headers().getAll(PROXY_AUTHENTICATE);
if (proxyAuthHeaders.isEmpty()) {
LOGGER.info("Can't handle 407 as response doesn't contain Proxy-Authenticate headers");
return false;
}
// FIXME what's this???
future.setChannelState(ChannelState.NEW);
HttpHeaders requestHeaders = new DefaultHttpHeaders(false).add(request.getHeaders());
switch(proxyRealm.getScheme()) {
case BASIC:
if (getHeaderWithPrefix(proxyAuthHeaders, "Basic") == null) {
LOGGER.info("Can't handle 407 with Basic realm as Proxy-Authenticate headers don't match");
return false;
}
if (proxyRealm.isUsePreemptiveAuth()) {
// FIXME do we need this, as future.getAndSetAuth
// was tested above?
// auth was already performed, most likely auth
// failed
LOGGER.info("Can't handle 407 with Basic realm as auth was preemptive and already performed");
return false;
}
// FIXME do we want to update the realm, or directly
// set the header?
Realm newBasicRealm = //
realm(proxyRealm).setUsePreemptiveAuth(//
true).build();
future.setProxyRealm(newBasicRealm);
break;
case DIGEST:
String digestHeader = getHeaderWithPrefix(proxyAuthHeaders, "Digest");
if (digestHeader == null) {
LOGGER.info("Can't handle 407 with Digest realm as Proxy-Authenticate headers don't match");
return false;
}
Realm newDigestRealm = //
realm(proxyRealm).setUri(//
request.getUri()).setMethodName(//
request.getMethod()).setUsePreemptiveAuth(//
true).parseProxyAuthenticateHeader(//
digestHeader).build();
future.setProxyRealm(newDigestRealm);
break;
case NTLM:
String ntlmHeader = getHeaderWithPrefix(proxyAuthHeaders, "NTLM");
if (ntlmHeader == null) {
LOGGER.info("Can't handle 407 with NTLM realm as Proxy-Authenticate headers don't match");
return false;
}
ntlmProxyChallenge(ntlmHeader, request, requestHeaders, proxyRealm, future);
Realm newNtlmRealm = //
realm(proxyRealm).setUsePreemptiveAuth(//
true).build();
future.setProxyRealm(newNtlmRealm);
break;
case KERBEROS:
case SPNEGO:
if (getHeaderWithPrefix(proxyAuthHeaders, NEGOTIATE) == null) {
LOGGER.info("Can't handle 407 with Kerberos or Spnego realm as Proxy-Authenticate headers don't match");
return false;
}
try {
kerberosProxyChallenge(channel, proxyAuthHeaders, request, proxyServer, proxyRealm, requestHeaders, future);
} catch (SpnegoEngineException e) {
// FIXME
String ntlmHeader2 = getHeaderWithPrefix(proxyAuthHeaders, "NTLM");
if (ntlmHeader2 != null) {
LOGGER.warn("Kerberos/Spnego proxy auth failed, proceeding with NTLM");
ntlmProxyChallenge(ntlmHeader2, request, requestHeaders, proxyRealm, future);
Realm newNtlmRealm2 = //
realm(proxyRealm).setScheme(//
AuthScheme.NTLM).setUsePreemptiveAuth(//
true).build();
future.setProxyRealm(newNtlmRealm2);
} else {
requestSender.abort(channel, future, e);
return false;
}
}
break;
default:
throw new IllegalStateException("Invalid Authentication scheme " + proxyRealm.getScheme());
}
RequestBuilder nextRequestBuilder = new RequestBuilder(future.getCurrentRequest()).setHeaders(requestHeaders);
if (future.getCurrentRequest().getUri().isSecured()) {
nextRequestBuilder.setMethod(CONNECT);
}
final Request nextRequest = nextRequestBuilder.build();
LOGGER.debug("Sending proxy authentication to {}", request.getUri());
if (//
future.isKeepAlive() && //
!HttpUtil.isTransferEncodingChunked(httpRequest) && !HttpUtil.isTransferEncodingChunked(response)) {
future.setConnectAllowed(true);
future.setReuseChannel(true);
requestSender.drainChannelAndExecuteNextRequest(channel, future, nextRequest);
} else {
channelManager.closeChannel(channel);
requestSender.sendNextRequest(nextRequest, future);
}
return true;
}
use of org.apache.flink.shaded.netty4.io.netty.handler.codec.http.HttpHeaders in project async-http-client by AsyncHttpClient.
the class Unauthorized401Interceptor method exitAfterHandling401.
public //
boolean exitAfterHandling401(//
final Channel channel, //
final NettyResponseFuture<?> future, //
HttpResponse response, //
final Request request, //
int statusCode, //
Realm realm, //
ProxyServer proxyServer, HttpRequest httpRequest) {
if (realm == null) {
LOGGER.debug("Can't handle 401 as there's no realm");
return false;
}
if (future.isAndSetInAuth(true)) {
LOGGER.info("Can't handle 401 as auth was already performed");
return false;
}
List<String> wwwAuthHeaders = response.headers().getAll(WWW_AUTHENTICATE);
if (wwwAuthHeaders.isEmpty()) {
LOGGER.info("Can't handle 401 as response doesn't contain WWW-Authenticate headers");
return false;
}
// FIXME what's this???
future.setChannelState(ChannelState.NEW);
HttpHeaders requestHeaders = new DefaultHttpHeaders(false).add(request.getHeaders());
switch(realm.getScheme()) {
case BASIC:
if (getHeaderWithPrefix(wwwAuthHeaders, "Basic") == null) {
LOGGER.info("Can't handle 401 with Basic realm as WWW-Authenticate headers don't match");
return false;
}
if (realm.isUsePreemptiveAuth()) {
// FIXME do we need this, as future.getAndSetAuth
// was tested above?
// auth was already performed, most likely auth
// failed
LOGGER.info("Can't handle 401 with Basic realm as auth was preemptive and already performed");
return false;
}
// FIXME do we want to update the realm, or directly
// set the header?
Realm newBasicRealm = //
realm(realm).setUsePreemptiveAuth(//
true).build();
future.setRealm(newBasicRealm);
break;
case DIGEST:
String digestHeader = getHeaderWithPrefix(wwwAuthHeaders, "Digest");
if (digestHeader == null) {
LOGGER.info("Can't handle 401 with Digest realm as WWW-Authenticate headers don't match");
return false;
}
Realm newDigestRealm = //
realm(realm).setUri(//
request.getUri()).setMethodName(//
request.getMethod()).setUsePreemptiveAuth(//
true).parseWWWAuthenticateHeader(//
digestHeader).build();
future.setRealm(newDigestRealm);
break;
case NTLM:
String ntlmHeader = getHeaderWithPrefix(wwwAuthHeaders, "NTLM");
if (ntlmHeader == null) {
LOGGER.info("Can't handle 401 with NTLM realm as WWW-Authenticate headers don't match");
return false;
}
ntlmChallenge(ntlmHeader, request, requestHeaders, realm, future);
Realm newNtlmRealm = //
realm(realm).setUsePreemptiveAuth(//
true).build();
future.setRealm(newNtlmRealm);
break;
case KERBEROS:
case SPNEGO:
if (getHeaderWithPrefix(wwwAuthHeaders, NEGOTIATE) == null) {
LOGGER.info("Can't handle 401 with Kerberos or Spnego realm as WWW-Authenticate headers don't match");
return false;
}
try {
kerberosChallenge(channel, wwwAuthHeaders, request, requestHeaders, realm, future);
} catch (SpnegoEngineException e) {
// FIXME
String ntlmHeader2 = getHeaderWithPrefix(wwwAuthHeaders, "NTLM");
if (ntlmHeader2 != null) {
LOGGER.warn("Kerberos/Spnego auth failed, proceeding with NTLM");
ntlmChallenge(ntlmHeader2, request, requestHeaders, realm, future);
Realm newNtlmRealm2 = //
realm(realm).setScheme(//
AuthScheme.NTLM).setUsePreemptiveAuth(//
true).build();
future.setRealm(newNtlmRealm2);
} else {
requestSender.abort(channel, future, e);
return false;
}
}
break;
default:
throw new IllegalStateException("Invalid Authentication scheme " + realm.getScheme());
}
final Request nextRequest = new RequestBuilder(future.getCurrentRequest()).setHeaders(requestHeaders).build();
LOGGER.debug("Sending authentication to {}", request.getUri());
if (//
future.isKeepAlive() && //
!HttpUtil.isTransferEncodingChunked(httpRequest) && !HttpUtil.isTransferEncodingChunked(response)) {
future.setReuseChannel(true);
requestSender.drainChannelAndExecuteNextRequest(channel, future, nextRequest);
} else {
channelManager.closeChannel(channel);
requestSender.sendNextRequest(nextRequest, future);
}
return true;
}
use of org.apache.flink.shaded.netty4.io.netty.handler.codec.http.HttpHeaders in project ambry by linkedin.
the class ChannelWriteCallback method errorResponseTest.
/**
* Tests that error responses are correctly formed.
*/
@Test
public void errorResponseTest() {
EmbeddedChannel channel = createEmbeddedChannel();
for (RestServiceErrorCode errorCode : RestServiceErrorCode.values()) {
HttpHeaders httpHeaders = new DefaultHttpHeaders();
httpHeaders.set(MockNettyMessageProcessor.REST_SERVICE_ERROR_CODE_HEADER_NAME, errorCode);
channel.writeInbound(RestTestUtils.createRequest(HttpMethod.HEAD, TestingUri.OnResponseCompleteWithRestException.toString(), httpHeaders));
HttpResponse response = channel.readOutbound();
HttpResponseStatus expectedStatus = getExpectedHttpResponseStatus(errorCode);
assertEquals("Unexpected response status", expectedStatus, response.status());
boolean containsFailureReasonHeader = response.headers().contains(NettyResponseChannel.FAILURE_REASON_HEADER);
if (expectedStatus == HttpResponseStatus.BAD_REQUEST) {
assertTrue("Could not find failure reason header.", containsFailureReasonHeader);
} else {
assertFalse("Should not have found failure reason header.", containsFailureReasonHeader);
}
if (HttpStatusClass.CLIENT_ERROR.contains(response.status().code())) {
assertEquals("Wrong error code", errorCode, RestServiceErrorCode.valueOf(response.headers().get(NettyResponseChannel.ERROR_CODE_HEADER)));
} else {
assertFalse("Should not have found error code header", response.headers().contains(NettyResponseChannel.ERROR_CODE_HEADER));
}
if (response instanceof FullHttpResponse) {
// assert that there is no content
assertEquals("The response should not contain content", 0, ((FullHttpResponse) response).content().readableBytes());
} else {
HttpContent content = channel.readOutbound();
assertTrue("End marker should be received", content instanceof LastHttpContent);
}
assertNull("There should be no more data in the channel", channel.readOutbound());
boolean shouldBeAlive = !NettyResponseChannel.CLOSE_CONNECTION_ERROR_STATUSES.contains(expectedStatus);
assertEquals("Channel state (open/close) not as expected", shouldBeAlive, channel.isActive());
assertEquals("Connection header should be consistent with channel state", shouldBeAlive, HttpUtil.isKeepAlive(response));
if (!shouldBeAlive) {
channel = createEmbeddedChannel();
}
}
channel.close();
}
use of org.apache.flink.shaded.netty4.io.netty.handler.codec.http.HttpHeaders in project ambry by linkedin.
the class FrontendIntegrationTest method getBlobInfoAndVerify.
/**
* Gets the blob info of the blob with blob ID {@code blobId} and verifies them against what is expected.
* @param blobId the blob ID of the blob to HEAD.
* @param getOption the options to use while getting the blob.
* @param expectedHeaders the expected headers in the response.
* @param isPrivate {@code true} if the blob is expected to be private
* @param accountName the expected account name in the response.
* @param containerName the expected container name in response.
* @param usermetadata if non-null, this is expected to come as the body.
* @throws ExecutionException
* @throws InterruptedException
*/
private void getBlobInfoAndVerify(String blobId, GetOption getOption, HttpHeaders expectedHeaders, boolean isPrivate, String accountName, String containerName, byte[] usermetadata) throws ExecutionException, InterruptedException {
HttpHeaders headers = new DefaultHttpHeaders();
if (getOption != null) {
headers.add(RestUtils.Headers.GET_OPTION, getOption.toString());
}
FullHttpRequest httpRequest = buildRequest(HttpMethod.GET, blobId + "/" + RestUtils.SubResource.BlobInfo, headers, null);
ResponseParts responseParts = nettyClient.sendRequest(httpRequest, null, null).get();
HttpResponse response = getHttpResponse(responseParts);
assertEquals("Unexpected response status", HttpResponseStatus.OK, response.status());
checkCommonGetHeadHeaders(response.headers());
verifyBlobProperties(expectedHeaders, isPrivate, response);
verifyAccountAndContainerHeaders(accountName, containerName, response);
verifyUserMetadata(expectedHeaders, response, usermetadata, responseParts.queue);
assertTrue("Channel should be active", HttpUtil.isKeepAlive(response));
}
Aggregations