Search in sources :

Example 51 with HttpRequest

use of org.apache.http.HttpRequest in project robolectric by robolectric.

the class DefaultRequestDirector method createTunnelToTarget.

// establishConnection
/**
 * Creates a tunnel to the target server.
 * The connection must be established to the (last) proxy.
 * A CONNECT request for tunnelling through the proxy will
 * be created and sent, the response received and checked.
 * This method does <i>not</i> update the connection with
 * information about the tunnel, that is left to the caller.
 *
 * @param route     the route to establish
 * @param context   the context for request execution
 *
 * @return  {@code true} if the tunnelled route is secure,
 *          {@code false} otherwise.
 *          The implementation here always returns {@code false},
 *          but derived classes may override.
 *
 * @throws HttpException    in case of a problem
 * @throws IOException      in case of an IO problem
 */
protected boolean createTunnelToTarget(HttpRoute route, HttpContext context) throws HttpException, IOException {
    HttpHost proxy = route.getProxyHost();
    HttpHost target = route.getTargetHost();
    HttpResponse response = null;
    boolean done = false;
    while (!done) {
        done = true;
        if (!this.managedConn.isOpen()) {
            this.managedConn.open(route, context, this.params);
        }
        HttpRequest connect = createConnectRequest(route, context);
        connect.setParams(this.params);
        // Populate the execution context
        context.setAttribute(ExecutionContext.HTTP_TARGET_HOST, target);
        context.setAttribute(ExecutionContext.HTTP_PROXY_HOST, proxy);
        context.setAttribute(ExecutionContext.HTTP_CONNECTION, managedConn);
        context.setAttribute(ClientContext.TARGET_AUTH_STATE, targetAuthState);
        context.setAttribute(ClientContext.PROXY_AUTH_STATE, proxyAuthState);
        context.setAttribute(ExecutionContext.HTTP_REQUEST, connect);
        this.requestExec.preProcess(connect, this.httpProcessor, context);
        response = this.requestExec.execute(connect, this.managedConn, context);
        response.setParams(this.params);
        this.requestExec.postProcess(response, this.httpProcessor, context);
        int status = response.getStatusLine().getStatusCode();
        if (status < 200) {
            throw new HttpException("Unexpected response to CONNECT request: " + response.getStatusLine());
        }
        CredentialsProvider credsProvider = (CredentialsProvider) context.getAttribute(ClientContext.CREDS_PROVIDER);
        if (credsProvider != null && HttpClientParams.isAuthenticating(params)) {
            if (this.proxyAuthHandler.isAuthenticationRequested(response, context)) {
                this.log.debug("Proxy requested authentication");
                Map<String, Header> challenges = this.proxyAuthHandler.getChallenges(response, context);
                try {
                    processChallenges(challenges, this.proxyAuthState, this.proxyAuthHandler, response, context);
                } catch (AuthenticationException ex) {
                    if (this.log.isWarnEnabled()) {
                        this.log.warn("Authentication error: " + ex.getMessage());
                        break;
                    }
                }
                updateAuthState(this.proxyAuthState, proxy, credsProvider);
                if (this.proxyAuthState.getCredentials() != null) {
                    done = false;
                    // Retry request
                    if (this.reuseStrategy.keepAlive(response, context)) {
                        this.log.debug("Connection kept alive");
                        // Consume response content
                        HttpEntity entity = response.getEntity();
                        if (entity != null) {
                            entity.consumeContent();
                        }
                    } else {
                        this.managedConn.close();
                    }
                }
            } else {
                // Reset proxy auth scope
                this.proxyAuthState.setAuthScope(null);
            }
        }
    }
    // can't be null
    int status = response.getStatusLine().getStatusCode();
    if (status > 299) {
        // Buffer response content
        HttpEntity entity = response.getEntity();
        if (entity != null) {
            response.setEntity(new BufferedHttpEntity(entity));
        }
        this.managedConn.close();
        throw new TunnelRefusedException("CONNECT refused by proxy: " + response.getStatusLine(), response);
    }
    this.managedConn.markReusable();
    // Leave it to derived classes, consider insecure by default here.
    return false;
}
Also used : HttpRequest(org.apache.http.HttpRequest) BasicHttpRequest(org.apache.http.message.BasicHttpRequest) AbortableHttpRequest(org.apache.http.client.methods.AbortableHttpRequest) TunnelRefusedException(org.apache.http.impl.client.TunnelRefusedException) HttpEntity(org.apache.http.HttpEntity) BufferedHttpEntity(org.apache.http.entity.BufferedHttpEntity) AuthenticationException(org.apache.http.auth.AuthenticationException) HttpResponse(org.apache.http.HttpResponse) CredentialsProvider(org.apache.http.client.CredentialsProvider) Header(org.apache.http.Header) BufferedHttpEntity(org.apache.http.entity.BufferedHttpEntity) HttpHost(org.apache.http.HttpHost) HttpException(org.apache.http.HttpException)

Example 52 with HttpRequest

use of org.apache.http.HttpRequest in project robolectric by robolectric.

the class DefaultRequestDirector method createConnectRequest.

/**
 * Creates the CONNECT request for tunnelling.
 * Called by {@link #createTunnelToTarget createTunnelToTarget}.
 *
 * @param route     the route to establish
 * @param context   the context for request execution
 *
 * @return  the CONNECT request for tunnelling
 */
protected HttpRequest createConnectRequest(HttpRoute route, HttpContext context) {
    // see RFC 2817, section 5.2 and
    // INTERNET-DRAFT: Tunneling TCP based protocols through
    // Web proxy servers
    HttpHost target = route.getTargetHost();
    String host = target.getHostName();
    int port = target.getPort();
    if (port < 0) {
        Scheme scheme = connManager.getSchemeRegistry().getScheme(target.getSchemeName());
        port = scheme.getDefaultPort();
    }
    StringBuilder buffer = new StringBuilder(host.length() + 6);
    buffer.append(host);
    buffer.append(':');
    buffer.append(Integer.toString(port));
    String authority = buffer.toString();
    ProtocolVersion ver = HttpProtocolParams.getVersion(params);
    HttpRequest req = new BasicHttpRequest("CONNECT", authority, ver);
    return req;
}
Also used : HttpRequest(org.apache.http.HttpRequest) BasicHttpRequest(org.apache.http.message.BasicHttpRequest) AbortableHttpRequest(org.apache.http.client.methods.AbortableHttpRequest) Scheme(org.apache.http.conn.scheme.Scheme) AuthScheme(org.apache.http.auth.AuthScheme) HttpHost(org.apache.http.HttpHost) ProtocolVersion(org.apache.http.ProtocolVersion) BasicHttpRequest(org.apache.http.message.BasicHttpRequest)

Example 53 with HttpRequest

use of org.apache.http.HttpRequest in project undertow by undertow-io.

the class ServletFormAuthURLRewriteTestCase method testServletFormAuthWithOriginalRequestParams.

@Test
public void testServletFormAuthWithOriginalRequestParams() throws IOException {
    TestHttpClient client = new TestHttpClient();
    client.setRedirectStrategy(new DefaultRedirectStrategy() {

        @Override
        public boolean isRedirected(final HttpRequest request, final HttpResponse response, final HttpContext context) throws ProtocolException {
            if (response.getStatusLine().getStatusCode() == StatusCodes.FOUND) {
                return true;
            }
            return super.isRedirected(request, response, context);
        }
    });
    try {
        final String uri = DefaultServer.getDefaultServerURL() + "/servletContext/secured/echoParam?param=developer";
        HttpPost post = new HttpPost(uri);
        post.setEntity(new StringEntity("String Entity"));
        HttpResponse result = client.execute(post);
        assertEquals(StatusCodes.OK, result.getStatusLine().getStatusCode());
        String response = HttpClientUtils.readResponse(result);
        Assert.assertTrue(response.startsWith("j_security_check"));
        BasicNameValuePair[] pairs = new BasicNameValuePair[] { new BasicNameValuePair("j_username", "user1"), new BasicNameValuePair("j_password", "password1") };
        final List<NameValuePair> data = new ArrayList<>();
        data.addAll(Arrays.asList(pairs));
        post = new HttpPost(DefaultServer.getDefaultServerURL() + "/servletContext/" + response);
        post.setEntity(new UrlEncodedFormEntity(data));
        result = client.execute(post);
        assertEquals(StatusCodes.OK, result.getStatusLine().getStatusCode());
        response = HttpClientUtils.readResponse(result);
        assertEquals("developer", response);
    } finally {
        client.getConnectionManager().shutdown();
    }
}
Also used : HttpRequest(org.apache.http.HttpRequest) ProtocolException(org.apache.http.ProtocolException) HttpPost(org.apache.http.client.methods.HttpPost) BasicNameValuePair(org.apache.http.message.BasicNameValuePair) NameValuePair(org.apache.http.NameValuePair) HttpContext(org.apache.http.protocol.HttpContext) ArrayList(java.util.ArrayList) HttpResponse(org.apache.http.HttpResponse) UrlEncodedFormEntity(org.apache.http.client.entity.UrlEncodedFormEntity) TestHttpClient(io.undertow.testutils.TestHttpClient) StringEntity(org.apache.http.entity.StringEntity) BasicNameValuePair(org.apache.http.message.BasicNameValuePair) DefaultRedirectStrategy(org.apache.http.impl.client.DefaultRedirectStrategy) Test(org.junit.Test)

Example 54 with HttpRequest

use of org.apache.http.HttpRequest in project undertow by undertow-io.

the class ServletFormAuthDefaultPageTestCase method testServletFormAuthWithoutSavedPostBody.

@Test
public void testServletFormAuthWithoutSavedPostBody() throws IOException {
    TestHttpClient client = new TestHttpClient();
    client.setRedirectStrategy(new DefaultRedirectStrategy() {

        @Override
        public boolean isRedirected(final HttpRequest request, final HttpResponse response, final HttpContext context) throws ProtocolException {
            if (response.getStatusLine().getStatusCode() == StatusCodes.FOUND) {
                return true;
            }
            if (request.getRequestLine().getUri().equals(DEFAULT_PAGE)) {
                response.setStatusCode(StatusCodes.OK);
                // Skip redirecting, because the resource isn't available in this test
                return false;
            }
            // force the test to fail
            response.setStatusCode(StatusCodes.EXPECTATION_FAILED);
            return super.isRedirected(request, response, context);
        }
    });
    try {
        BasicNameValuePair[] pairs = new BasicNameValuePair[] { new BasicNameValuePair("j_username", "user1"), new BasicNameValuePair("j_password", "password1") };
        final List<NameValuePair> data = new ArrayList<>();
        data.addAll(Arrays.asList(pairs));
        HttpPost post = new HttpPost(DefaultServer.getDefaultServerURL() + "/servletContext/j_security_check");
        post.setEntity(new UrlEncodedFormEntity(data));
        HttpResponse result = client.execute(post);
        assertEquals(StatusCodes.OK, result.getStatusLine().getStatusCode());
        String response = HttpClientUtils.readResponse(result);
        Assert.assertEquals("", response);
    } finally {
        client.getConnectionManager().shutdown();
    }
}
Also used : HttpRequest(org.apache.http.HttpRequest) ProtocolException(org.apache.http.ProtocolException) BasicNameValuePair(org.apache.http.message.BasicNameValuePair) NameValuePair(org.apache.http.NameValuePair) HttpPost(org.apache.http.client.methods.HttpPost) HttpContext(org.apache.http.protocol.HttpContext) ArrayList(java.util.ArrayList) HttpResponse(org.apache.http.HttpResponse) UrlEncodedFormEntity(org.apache.http.client.entity.UrlEncodedFormEntity) TestHttpClient(io.undertow.testutils.TestHttpClient) BasicNameValuePair(org.apache.http.message.BasicNameValuePair) DefaultRedirectStrategy(org.apache.http.impl.client.DefaultRedirectStrategy) Test(org.junit.Test)

Example 55 with HttpRequest

use of org.apache.http.HttpRequest in project undertow by undertow-io.

the class ServletFormAuthDefaultPageTestCase method testServletFormAuth.

@Test
public void testServletFormAuth() throws IOException {
    TestHttpClient client = new TestHttpClient();
    client.setRedirectStrategy(new DefaultRedirectStrategy() {

        @Override
        public boolean isRedirected(final HttpRequest request, final HttpResponse response, final HttpContext context) throws ProtocolException {
            if (response.getStatusLine().getStatusCode() == StatusCodes.FOUND) {
                return true;
            }
            if (request.getRequestLine().getUri().equals(DEFAULT_PAGE)) {
                response.setStatusCode(StatusCodes.OK);
                // Skip redirecting, because the resource isn't available in this test
                return false;
            }
            return super.isRedirected(request, response, context);
        }
    });
    try {
        final String uri = DefaultServer.getDefaultServerURL() + "/servletContext/secured/test";
        HttpGet get = new HttpGet(uri);
        HttpResponse result = client.execute(get);
        assertEquals(StatusCodes.OK, result.getStatusLine().getStatusCode());
        String response = HttpClientUtils.readResponse(result);
        Assert.assertTrue(response.startsWith("j_security_check"));
        BasicNameValuePair[] pairs = new BasicNameValuePair[] { new BasicNameValuePair("j_username", "user1"), new BasicNameValuePair("j_password", "password1") };
        final List<NameValuePair> data = new ArrayList<>();
        data.addAll(Arrays.asList(pairs));
        HttpPost post = new HttpPost(DefaultServer.getDefaultServerURL() + "/servletContext/j_security_check;jsessionid=dsjahfklsahdfjklsa");
        post.setEntity(new UrlEncodedFormEntity(data));
        result = client.execute(post);
        assertEquals(StatusCodes.OK, result.getStatusLine().getStatusCode());
        response = HttpClientUtils.readResponse(result);
        Assert.assertEquals("", response);
    } finally {
        client.getConnectionManager().shutdown();
    }
}
Also used : HttpRequest(org.apache.http.HttpRequest) ProtocolException(org.apache.http.ProtocolException) BasicNameValuePair(org.apache.http.message.BasicNameValuePair) NameValuePair(org.apache.http.NameValuePair) HttpPost(org.apache.http.client.methods.HttpPost) HttpGet(org.apache.http.client.methods.HttpGet) HttpContext(org.apache.http.protocol.HttpContext) ArrayList(java.util.ArrayList) HttpResponse(org.apache.http.HttpResponse) UrlEncodedFormEntity(org.apache.http.client.entity.UrlEncodedFormEntity) TestHttpClient(io.undertow.testutils.TestHttpClient) BasicNameValuePair(org.apache.http.message.BasicNameValuePair) DefaultRedirectStrategy(org.apache.http.impl.client.DefaultRedirectStrategy) Test(org.junit.Test)

Aggregations

HttpRequest (org.apache.http.HttpRequest)155 HttpResponse (org.apache.http.HttpResponse)57 HttpContext (org.apache.http.protocol.HttpContext)56 HttpHost (org.apache.http.HttpHost)52 Test (org.junit.Test)40 IOException (java.io.IOException)36 Header (org.apache.http.Header)33 HttpException (org.apache.http.HttpException)33 HttpEntity (org.apache.http.HttpEntity)27 HttpEntityEnclosingRequest (org.apache.http.HttpEntityEnclosingRequest)25 BasicHttpRequest (org.apache.http.message.BasicHttpRequest)22 HttpGet (org.apache.http.client.methods.HttpGet)21 HttpPost (org.apache.http.client.methods.HttpPost)21 URI (java.net.URI)19 ProtocolException (org.apache.http.ProtocolException)18 AbortableHttpRequest (org.apache.http.client.methods.AbortableHttpRequest)16 StringEntity (org.apache.http.entity.StringEntity)16 ArrayList (java.util.ArrayList)14 NameValuePair (org.apache.http.NameValuePair)14 CredentialsProvider (org.apache.http.client.CredentialsProvider)14