Merge pull request AsyncHttpClient#512 from elakito/master

511: GrizzlyAsyncHttpProvider not honoring usePreemtiveAuth

Author: Stephane Landelle

api/src/test/java/org/asynchttpclient/async/BasicAuthTest.java

@@ -34,6 +34,7 @@
 import org.asynchttpclient.HttpResponseHeaders;
 import org.asynchttpclient.HttpResponseStatus;
 import org.asynchttpclient.Realm;
+import org.asynchttpclient.Realm.AuthScheme;
 import org.asynchttpclient.Response;
 import org.asynchttpclient.SimpleAsyncHttpClient;
 import org.asynchttpclient.consumers.AppendableBodyConsumer;
@@ -64,6 +65,8 @@ public abstract class BasicAuthTest extends AbstractBasicTest {
     protected static final String MY_MESSAGE = "my message";
 
     private Server server2;
+    private Server serverNoAuth;
+    private int portNoAuth;
 
     public abstract String getProviderClass();
 
@@ -72,6 +75,7 @@ public abstract class BasicAuthTest extends AbstractBasicTest {
     public void setUpGlobal() throws Exception {
         port1 = findFreePort();
         port2 = findFreePort();
+        portNoAuth = findFreePort();
 
         server = newJettyHttpServer(port1);
         addBasicAuthHandler(server, false, configureHandler());
@@ -81,13 +85,19 @@ public void setUpGlobal() throws Exception {
         addDigestAuthHandler(server2, true, new RedirectHandler());
         server2.start();
 
+        // need noAuth server to verify the preemptive auth mode (see basicAuthTetPreemtiveTest) 
+        serverNoAuth = newJettyHttpServer(portNoAuth);
+        serverNoAuth.setHandler(new SimpleHandler());
+        serverNoAuth.start();
+
         logger.info("Local HTTP server started successfully");
     }
 
     @AfterClass(alwaysRun = true)
     public void tearDownGlobal() throws Exception {
         super.tearDownGlobal();
         server2.stop();
+        serverNoAuth.stop();
     }
 
     @Override
@@ -100,6 +110,10 @@ protected String getTargetUrl2() {
         return "http://127.0.0.1:" + port2 + "/uff";
     }
 
+    protected String getTargetUrlNoAuth() {
+        return "http://127.0.0.1:" + portNoAuth + "/";
+    }
+
     @Override
     public AbstractHandler configureHandler() throws Exception {
         return new SimpleHandler();
@@ -247,8 +261,10 @@ public Integer onCompleted() throws Exception {
     public void basicAuthTestPreemtiveTest() throws IOException, ExecutionException, TimeoutException, InterruptedException {
         AsyncHttpClient client = getAsyncHttpClient(null);
         try {
-            Future<Response> f = client.prepareGet(getTargetUrl())//
-                    .setRealm((new Realm.RealmBuilder()).setPrincipal(USER).setPassword(ADMIN).setUsePreemptiveAuth(true).build())//
+        	// send the request to the no-auth endpoint to be able to verify the auth header is
+        	// really sent preemptively for the initial call.
+            Future<Response> f = client.prepareGet(getTargetUrlNoAuth())//
+                    .setRealm((new Realm.RealmBuilder()).setScheme(AuthScheme.BASIC).setPrincipal(USER).setPassword(ADMIN).setUsePreemptiveAuth(true).build())//
                     .execute();
 
             Response resp = f.get(3, TimeUnit.SECONDS);

providers/grizzly/src/main/java/org/asynchttpclient/providers/grizzly/filters/AsyncHttpClientFilter.java

@@ -14,15 +14,20 @@
 package org.asynchttpclient.providers.grizzly.filters;
 
 import static org.asynchttpclient.providers.grizzly.filters.SwitchingSSLFilter.getHandshakeError;
+import static org.asynchttpclient.providers.grizzly.GrizzlyAsyncHttpProvider.NTLM_ENGINE;
 import static org.asynchttpclient.util.AsyncHttpProviderUtils.getAuthority;
+import static org.asynchttpclient.util.AuthenticatorUtils.computeBasicAuthentication;
+import static org.asynchttpclient.util.AuthenticatorUtils.computeDigestAuthentication;
 import static org.asynchttpclient.util.MiscUtil.isNonEmpty;
 
+
 import org.asynchttpclient.AsyncCompletionHandler;
 import org.asynchttpclient.AsyncHandler;
 import org.asynchttpclient.AsyncHttpClientConfig;
 import org.asynchttpclient.FluentCaseInsensitiveStringsMap;
 import org.asynchttpclient.FluentStringsMap;
 import org.asynchttpclient.ProxyServer;
+import org.asynchttpclient.Realm;
 import org.asynchttpclient.Request;
 import org.asynchttpclient.RequestBuilder;
 import org.asynchttpclient.Response;
@@ -262,6 +267,7 @@ private boolean sendAsGrizzlyRequest(final RequestInfoHolder requestInfoHolder,
         addHostHeader(request, uri, requestPacket);
         addGeneralHeaders(request, requestPacket);
         addCookies(request, requestPacket);
+        addAuthorizationHeader(request, requestPacket);
 
         initTransferCompletionHandler(request, httpTxContext.getHandler());
 
@@ -398,6 +404,36 @@ private static void addHostHeader(final Request request, final URI uri, final Ht
         }
     }
 
+    private void addAuthorizationHeader(final Request request, final HttpRequestPacket requestPacket) {
+        Realm realm = request.getRealm();
+        if (realm == null) {
+            realm = config.getRealm();
+        }
+        if (realm != null && realm.getUsePreemptiveAuth()) {
+            final String authHeaderValue = generateAuthHeader(realm);
+            if (authHeaderValue != null) {
+                requestPacket.addHeader(Header.Authorization, authHeaderValue);
+            }
+        }
+    }
+
+    private String generateAuthHeader(final Realm realm) {
+        try {
+            switch (realm.getAuthScheme()) {
+            case BASIC:
+                return computeBasicAuthentication(realm);
+            case DIGEST:
+                return computeDigestAuthentication(realm);
+            case NTLM:
+                return NTLM_ENGINE.generateType1Msg("NTLM " + realm.getNtlmDomain(), realm.getNtlmHost());
+            default:
+                return null;
+            }
+        } catch (Exception e) {
+            throw new RuntimeException(e);
+        }
+    }
+
     private static boolean isUpgradeRequest(final AsyncHandler handler) {
         return (handler instanceof UpgradeHandler);
     }