Skip to content

Better handling of http(s).proxyUser and http(s).proxyPassword #123

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
jborgland wants to merge 2 commits into from
Closed

Better handling of http(s).proxyUser and http(s).proxyPassword #123

Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
44b60dd
Better handling of http(s).proxyUser and http(s).proxyPassword
jborgland Dec 12, 2018
c83c7f9
Checkstyle fixes
jborgland Dec 13, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Next Next commit
Better handling of http(s).proxyUser and http(s).proxyPassword
  • Loading branch information
@jborgland
jborgland committed Dec 12, 2018
commit 44b60dd691a62e112f9b80390db7db055bb91bd5
57 changes: 38 additions & 19 deletions httpclient/src/main/java/org/apache/http/impl/client/SystemDefaultCredentialsProvider.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -116,25 +116,16 @@ public Credentials getCredentials(final AuthScope authscope) {
if (systemcreds == null) {
systemcreds = getSystemCreds(protocol, authscope, Authenticator.RequestorType.PROXY);
}
if (systemcreds == null) {
final String proxyHost = System.getProperty(protocol + ".proxyHost");
if (proxyHost != null) {
final String proxyPort = System.getProperty(protocol + ".proxyPort");
if (proxyPort != null) {
try {
final AuthScope systemScope = new AuthScope(proxyHost, Integer.parseInt(proxyPort));
if (authscope.match(systemScope) >= 0) {
final String proxyUser = System.getProperty(protocol + ".proxyUser");
if (proxyUser != null) {
final String proxyPassword = System.getProperty(protocol + ".proxyPassword");
systemcreds = new PasswordAuthentication(proxyUser, proxyPassword != null ? proxyPassword.toCharArray() : new char[] {});
}
}
} catch (final NumberFormatException ex) {
}
}
}
}
if (systemcreds == null) {
// Look for values given using http.proxyUser/http.proxyPassword or
// https.proxyUser/https.proxyPassword. We cannot simply use the protocol from
// the origin since a proxy retrieved from https.proxyHost/https.proxyPort will
// still use http as protocol
systemcreds = getProxyCredentials("http", authscope);
if (systemcreds == null) {
systemcreds = getProxyCredentials("https", authscope);
}
Copy link
Member

@michael-o michael-o Dec 12, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I haven't found any better solution yet, but this looks really redudant in most cases. Shouldn't it fall back for https => http only?

Copy link
Author

@jborgland jborgland Dec 12, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You mean to only do it if protocol is http? Sure.

One could imagine other completely different types of fixes as well. I tried to make a fix that was completely local to the SystemDefaultCredentialsProvider but when it's called (from AuthenticationStrategyImpl) there's more information available - like the fact that it is in fact a proxy that we're connecting to, and the HTTP status code (one could for example decide to use these system properties as the primary source if the status code is 407).

Copy link
Member

@ok2c ok2c Dec 13, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@jborgland Feel free to propose API changes in master

}
if (systemcreds != null) {
final String domain = System.getProperty("http.auth.ntlm.domain");
if (domain != null) {
Expand All @@ -154,6 +145,34 @@ public Credentials getCredentials(final AuthScope authscope) {
return null;
}

private static PasswordAuthentication getProxyCredentials(String protocol, AuthScope authscope) {
final String proxyHost = System.getProperty(protocol + ".proxyHost");
if (proxyHost == null) {
return null;
}
final String proxyPort = System.getProperty(protocol + ".proxyPort");
if (proxyPort == null) {
return null;
}

try {
final AuthScope systemScope = new AuthScope(proxyHost, Integer.parseInt(proxyPort));
if (authscope.match(systemScope) >= 0) {
final String proxyUser = System.getProperty(protocol + ".proxyUser");
if (proxyUser == null) {
return null;
}
final String proxyPassword = System.getProperty(protocol + ".proxyPassword");

return new PasswordAuthentication(proxyUser,
proxyPassword != null ? proxyPassword.toCharArray() : new char[] {});
}
} catch (final NumberFormatException ex) {
}

return null;
}

@Override
public void clear() {
internal.clear();
Expand Down