1 /* 2 * Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 /** 25 * @test 26 * @bug 8087112 27 * @modules jdk.incubator.httpclient 28 * jdk.httpserver 29 * @run main/othervm BasicAuthTest 30 * @summary Basic Authentication Test 31 */ 32 33 import com.sun.net.httpserver.BasicAuthenticator; 34 import com.sun.net.httpserver.HttpContext; 35 import com.sun.net.httpserver.HttpExchange; 36 import com.sun.net.httpserver.HttpHandler; 37 import com.sun.net.httpserver.HttpServer; 38 import java.io.IOException; 39 import java.io.InputStream; 40 import java.io.OutputStream; 41 import java.net.InetSocketAddress; 42 import java.net.PasswordAuthentication; 43 import java.net.URI; 44 import jdk.incubator.http.*; 45 import java.util.concurrent.ExecutorService; 46 import java.util.concurrent.Executors; 47 import static java.nio.charset.StandardCharsets.US_ASCII; 48 import static jdk.incubator.http.HttpRequest.BodyProcessor.fromString; 49 import static jdk.incubator.http.HttpResponse.BodyHandler.asString; 50 51 public class BasicAuthTest { 52 53 static volatile boolean ok; 54 static final String RESPONSE = "Hello world"; 55 static final String POST_BODY = "This is the POST body 123909090909090"; 56 57 public static void main(String[] args) throws Exception { 58 HttpServer server = HttpServer.create(new InetSocketAddress(0), 10); 59 ExecutorService e = Executors.newCachedThreadPool(); 60 Handler h = new Handler(); 61 HttpContext serverContext = server.createContext("/test", h); 62 int port = server.getAddress().getPort(); 63 System.out.println("Server port = " + port); 64 65 ClientAuth ca = new ClientAuth(); 66 ServerAuth sa = new ServerAuth("foo realm"); 67 serverContext.setAuthenticator(sa); 68 server.setExecutor(e); 69 server.start(); 70 HttpClient client = HttpClient.newBuilder() 71 .authenticator(ca) 72 .build(); 73 74 try { 75 URI uri = new URI("http://127.0.0.1:" + Integer.toString(port) + "/test/foo"); 76 HttpRequest req = HttpRequest.newBuilder(uri).GET().build(); 77 78 HttpResponse resp = client.send(req, asString()); 79 ok = resp.statusCode() == 200 && resp.body().equals(RESPONSE); 80 81 if (!ok || ca.count != 1) 82 throw new RuntimeException("Test failed"); 83 84 // repeat same request, should succeed but no additional authenticator calls 85 86 resp = client.send(req, asString()); 87 ok = resp.statusCode() == 200 && resp.body().equals(RESPONSE); 88 89 if (!ok || ca.count != 1) 90 throw new RuntimeException("Test failed"); 91 92 // try a POST 93 94 req = HttpRequest.newBuilder(uri) 95 .POST(fromString(POST_BODY)) 96 .build(); 97 resp = client.send(req, asString()); 98 ok = resp.statusCode() == 200; 99 100 if (!ok || ca.count != 1) 101 throw new RuntimeException("Test failed"); 102 } finally { 103 server.stop(0); 104 e.shutdownNow(); 105 } 106 System.out.println("OK"); 107 } 108 109 static class ServerAuth extends BasicAuthenticator { 110 111 ServerAuth(String realm) { 112 super(realm); 113 } 114 115 @Override 116 public boolean checkCredentials(String username, String password) { 117 if (!"user".equals(username) || !"passwd".equals(password)) { 118 return false; 119 } 120 return true; 121 } 122 123 } 124 125 static class ClientAuth extends java.net.Authenticator { 126 volatile int count = 0; 127 128 @Override 129 protected PasswordAuthentication getPasswordAuthentication() { 130 count++; 131 return new PasswordAuthentication("user", "passwd".toCharArray()); 132 } 133 } 134 135 static class Handler implements HttpHandler { 136 static volatile boolean ok; 137 138 @Override 139 public void handle(HttpExchange he) throws IOException { 140 String method = he.getRequestMethod(); 141 InputStream is = he.getRequestBody(); 142 if (method.equalsIgnoreCase("POST")) { 143 String requestBody = new String(is.readAllBytes(), US_ASCII); 144 if (!requestBody.equals(POST_BODY)) { 145 he.sendResponseHeaders(500, -1); 146 ok = false; 147 } else { 148 he.sendResponseHeaders(200, -1); 149 ok = true; 150 } 151 } else { // GET 152 he.sendResponseHeaders(200, RESPONSE.length()); 153 OutputStream os = he.getResponseBody(); 154 os.write(RESPONSE.getBytes(US_ASCII)); 155 os.close(); 156 ok = true; 157 } 158 } 159 160 } 161 }