@Test
public void testConnectionBasedAuthOnlyIfChallenged() throws Exception {
HttpRequest request = new BasicHttpRequest("GET", "/");
HttpContext context = new BasicHttpContext();
AuthState authstate = new AuthState();
BasicScheme authscheme =
new BasicScheme() {
@Override
public boolean isConnectionBased() {
return true;
}
};
BasicHeader challenge = new BasicHeader(AUTH.WWW_AUTH, "BASIC realm=auth-realm");
authscheme.processChallenge(challenge);
Credentials creds = new UsernamePasswordCredentials("user", "secret");
authstate.setState(AuthProtocolState.SUCCESS);
authstate.update(authscheme, creds);
context.setAttribute(ClientContext.TARGET_AUTH_STATE, authstate);
HttpRequestInterceptor interceptor = new RequestTargetAuthentication();
interceptor.process(request, context);
Header header = request.getFirstHeader(AUTH.WWW_AUTH_RESP);
Assert.assertNull(header);
}
@Test
public void testExecEntityEnclosingRequestRetryOnAuthChallenge() throws Exception {
final HttpRoute route = new HttpRoute(target);
final HttpRequestWrapper request = HttpRequestWrapper.wrap(new HttpGet("http://bar/test"));
final HttpResponse response1 = new BasicHttpResponse(HttpVersion.HTTP_1_1, 401, "Huh?");
final InputStream instream1 = Mockito.spy(new ByteArrayInputStream(new byte[] {1, 2, 3}));
response1.setEntity(EntityBuilder.create().setStream(instream1).build());
final HttpResponse response2 = new BasicHttpResponse(HttpVersion.HTTP_1_1, 200, "OK");
final InputStream instream2 = Mockito.spy(new ByteArrayInputStream(new byte[] {2, 3, 4}));
response2.setEntity(EntityBuilder.create().setStream(instream2).build());
final AuthState proxyAuthState = new AuthState();
proxyAuthState.setState(AuthProtocolState.SUCCESS);
proxyAuthState.update(new NTLMScheme(), new NTCredentials("user:pass"));
final HttpClientContext context = new HttpClientContext();
context.setAttribute(HttpClientContext.PROXY_AUTH_STATE, proxyAuthState);
Mockito.when(managedConn.isOpen()).thenReturn(Boolean.TRUE);
Mockito.when(managedConn.isStale()).thenReturn(Boolean.FALSE);
Mockito.when(
requestExecutor.execute(
Mockito.same(request),
Mockito.<HttpClientConnection>any(),
Mockito.<HttpClientContext>any()))
.thenReturn(response1, response2);
Mockito.when(
reuseStrategy.keepAlive(Mockito.<HttpResponse>any(), Mockito.<HttpClientContext>any()))
.thenReturn(Boolean.FALSE);
Mockito.when(
targetAuthStrategy.isAuthenticationRequested(
Mockito.eq(target), Mockito.same(response1), Mockito.<HttpClientContext>any()))
.thenReturn(Boolean.TRUE);
final CloseableHttpResponse finalResponse =
mainClientExec.execute(route, request, context, execAware);
Mockito.verify(requestExecutor, Mockito.times(2)).execute(request, managedConn, context);
Mockito.verify(managedConn).close();
Mockito.verify(instream2, Mockito.never()).close();
Assert.assertNotNull(finalResponse);
Assert.assertEquals(200, finalResponse.getStatusLine().getStatusCode());
Assert.assertNull(proxyAuthState.getAuthScheme());
Assert.assertNull(proxyAuthState.getCredentials());
}
