@Test
  public void testConnectionBasedAuthOnlyIfChallenged() throws Exception {
    HttpRequest request = new BasicHttpRequest("GET", "/");
    HttpContext context = new BasicHttpContext();

    AuthState authstate = new AuthState();

    BasicScheme authscheme =
        new BasicScheme() {

          @Override
          public boolean isConnectionBased() {
            return true;
          }
        };

    BasicHeader challenge = new BasicHeader(AUTH.WWW_AUTH, "BASIC realm=auth-realm");
    authscheme.processChallenge(challenge);

    Credentials creds = new UsernamePasswordCredentials("user", "secret");

    authstate.setState(AuthProtocolState.SUCCESS);
    authstate.update(authscheme, creds);

    context.setAttribute(ClientContext.TARGET_AUTH_STATE, authstate);

    HttpRequestInterceptor interceptor = new RequestTargetAuthentication();
    interceptor.process(request, context);
    Header header = request.getFirstHeader(AUTH.WWW_AUTH_RESP);
    Assert.assertNull(header);
  }
    public void process(final HttpRequest request, final HttpContext context)
        throws HttpException, IOException {

      AuthState authState = (AuthState) context.getAttribute(ClientContext.TARGET_AUTH_STATE);

      if (authState.getAuthScheme() != null || authState.hasAuthOptions()) {
        return;
      }

      // If no authState has been established and this is a PUT or POST request, add preemptive
      // authorisation
      String requestMethod = request.getRequestLine().getMethod();
      if (requestMethod.equals(HttpPut.METHOD_NAME) || requestMethod.equals(HttpPost.METHOD_NAME)) {
        CredentialsProvider credentialsProvider =
            (CredentialsProvider) context.getAttribute(ClientContext.CREDS_PROVIDER);
        HttpHost targetHost = (HttpHost) context.getAttribute(ExecutionContext.HTTP_TARGET_HOST);
        Credentials credentials =
            credentialsProvider.getCredentials(
                new AuthScope(targetHost.getHostName(), targetHost.getPort()));
        if (credentials == null) {
          throw new HttpException("No credentials for preemptive authentication");
        }
        authState.update(authScheme, credentials);
      }
    }
  @Override
  public void process(final HttpRequest request, final HttpContext context)
      throws HttpException, IOException {
    AuthState authState = (AuthState) context.getAttribute(HttpClientContext.TARGET_AUTH_STATE);

    if (authState.getAuthScheme() == null) {
      Credentials creds = new UsernamePasswordCredentials(myUsername, myPassword);
      authState.update(new BasicScheme(), creds);
    }
  }
  @Test
  public void testExecEntityEnclosingRequestRetryOnAuthChallenge() throws Exception {
    final HttpRoute route = new HttpRoute(target);
    final HttpRequestWrapper request = HttpRequestWrapper.wrap(new HttpGet("http://bar/test"));
    final HttpResponse response1 = new BasicHttpResponse(HttpVersion.HTTP_1_1, 401, "Huh?");
    final InputStream instream1 = Mockito.spy(new ByteArrayInputStream(new byte[] {1, 2, 3}));
    response1.setEntity(EntityBuilder.create().setStream(instream1).build());
    final HttpResponse response2 = new BasicHttpResponse(HttpVersion.HTTP_1_1, 200, "OK");
    final InputStream instream2 = Mockito.spy(new ByteArrayInputStream(new byte[] {2, 3, 4}));
    response2.setEntity(EntityBuilder.create().setStream(instream2).build());

    final AuthState proxyAuthState = new AuthState();
    proxyAuthState.setState(AuthProtocolState.SUCCESS);
    proxyAuthState.update(new NTLMScheme(), new NTCredentials("user:pass"));

    final HttpClientContext context = new HttpClientContext();
    context.setAttribute(HttpClientContext.PROXY_AUTH_STATE, proxyAuthState);

    Mockito.when(managedConn.isOpen()).thenReturn(Boolean.TRUE);
    Mockito.when(managedConn.isStale()).thenReturn(Boolean.FALSE);
    Mockito.when(
            requestExecutor.execute(
                Mockito.same(request),
                Mockito.<HttpClientConnection>any(),
                Mockito.<HttpClientContext>any()))
        .thenReturn(response1, response2);
    Mockito.when(
            reuseStrategy.keepAlive(Mockito.<HttpResponse>any(), Mockito.<HttpClientContext>any()))
        .thenReturn(Boolean.FALSE);
    Mockito.when(
            targetAuthStrategy.isAuthenticationRequested(
                Mockito.eq(target), Mockito.same(response1), Mockito.<HttpClientContext>any()))
        .thenReturn(Boolean.TRUE);

    final CloseableHttpResponse finalResponse =
        mainClientExec.execute(route, request, context, execAware);
    Mockito.verify(requestExecutor, Mockito.times(2)).execute(request, managedConn, context);
    Mockito.verify(managedConn).close();
    Mockito.verify(instream2, Mockito.never()).close();

    Assert.assertNotNull(finalResponse);
    Assert.assertEquals(200, finalResponse.getStatusLine().getStatusCode());
    Assert.assertNull(proxyAuthState.getAuthScheme());
    Assert.assertNull(proxyAuthState.getCredentials());
  }
  @Test
  public void testNoTargetAuthForConnectRequests() throws Exception {
    HttpRequest request = new BasicHttpRequest("CONNECT", "www.somedomain.com");
    HttpContext context = new BasicHttpContext();

    BasicScheme authscheme = new BasicScheme();
    Credentials creds = new UsernamePasswordCredentials("user", "secret");
    BasicHeader challenge = new BasicHeader(AUTH.WWW_AUTH, "BASIC realm=auth-realm");
    authscheme.processChallenge(challenge);

    AuthState authstate = new AuthState();
    authstate.update(authscheme, creds);

    context.setAttribute(ClientContext.TARGET_AUTH_STATE, authstate);

    HttpRequestInterceptor interceptor = new RequestTargetAuthentication();
    interceptor.process(request, context);
    Header header = request.getFirstHeader(AUTH.WWW_AUTH_RESP);
    Assert.assertNull(header);
  }
  @Test
  public void testTargetAuth() throws Exception {
    HttpRequest request = new BasicHttpRequest("GET", "/");
    HttpContext context = new BasicHttpContext();

    BasicScheme authscheme = new BasicScheme();
    Credentials creds = new UsernamePasswordCredentials("user", "secret");
    BasicHeader challenge = new BasicHeader(AUTH.WWW_AUTH, "BASIC realm=auth-realm");
    authscheme.processChallenge(challenge);

    AuthState authstate = new AuthState();
    authstate.update(authscheme, creds);

    context.setAttribute(ClientContext.TARGET_AUTH_STATE, authstate);

    HttpRequestInterceptor interceptor = new RequestTargetAuthentication();
    interceptor.process(request, context);
    Header header = request.getFirstHeader(AUTH.WWW_AUTH_RESP);
    Assert.assertNotNull(header);
    Assert.assertEquals("Basic dXNlcjpzZWNyZXQ=", header.getValue());
  }
    @Override
    public void process(final HttpRequest request, final HttpContext context)
        throws HttpException, IOException {
      AuthState authState = (AuthState) context.getAttribute(HttpClientContext.TARGET_AUTH_STATE);

      // If no auth scheme available yet, try to initialize it preemptively
      if (authState.getAuthScheme() == null) {
        AuthScheme authScheme = (AuthScheme) context.getAttribute("preemptive-auth");
        CredentialsProvider credsProvider =
            (CredentialsProvider) context.getAttribute(HttpClientContext.CREDS_PROVIDER);
        HttpHost targetHost = (HttpHost) context.getAttribute(HttpCoreContext.HTTP_TARGET_HOST);
        if (authScheme != null) {
          Credentials creds =
              credsProvider.getCredentials(
                  new AuthScope(targetHost.getHostName(), targetHost.getPort()));
          if (creds == null) {
            throw new HttpException("No credentials for preemptive authentication");
          }
          authState.update(authScheme, creds);
        }
      }
    }