1 /* 2 * Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 */ 24 25 /** 26 * @test 27 * @bug 8087112 28 * @modules java.httpclient 29 * jdk.httpserver 30 * @run main/othervm BasicAuthTest 31 * @summary Basic Authentication Test 32 */ 33 34 import com.sun.net.httpserver.BasicAuthenticator; 35 import com.sun.net.httpserver.HttpContext; 36 import com.sun.net.httpserver.HttpExchange; 37 import com.sun.net.httpserver.HttpHandler; 38 import com.sun.net.httpserver.HttpServer; 39 import java.io.IOException; 40 import java.io.InputStream; 41 import java.io.OutputStream; 42 import java.net.InetSocketAddress; 43 import java.net.PasswordAuthentication; 44 import java.net.URI; 45 import java.net.http.*; 46 import java.util.concurrent.ExecutorService; 47 import java.util.concurrent.Executors; 48 import static java.nio.charset.StandardCharsets.US_ASCII; 49 50 public class BasicAuthTest { 51 52 static volatile boolean ok; 53 static final String RESPONSE = "Hello world"; 54 static final String POST_BODY = "This is the POST body 123909090909090"; 55 56 public static void main(String[] args) throws Exception { 57 HttpServer server = HttpServer.create(new InetSocketAddress(0), 10); 58 ExecutorService e = Executors.newCachedThreadPool(); 59 Handler h = new Handler(); 60 HttpContext serverContext = server.createContext("/test", h); 61 int port = server.getAddress().getPort(); 62 System.out.println("Server port = " + port); 63 64 ClientAuth ca = new ClientAuth(); 65 ServerAuth sa = new ServerAuth("foo realm"); 66 serverContext.setAuthenticator(sa); 67 server.setExecutor(e); 68 server.start(); 69 HttpClient client = HttpClient.create() 70 .authenticator(ca) 71 .build(); 72 73 try { 74 URI uri = new URI("http://127.0.0.1:" + Integer.toString(port) + "/test/foo"); 75 HttpRequest req = client.request(uri).GET(); 76 77 HttpResponse resp = req.response(); 78 ok = resp.statusCode() == 200 && 79 resp.body(HttpResponse.asString()).equals(RESPONSE); 80 81 if (!ok || ca.count != 1) 82 throw new RuntimeException("Test failed"); 83 84 // repeat same request, should succeed but no additional authenticator calls 85 86 req = client.request(uri).GET(); 87 resp = req.response(); 88 ok = resp.statusCode() == 200 && 89 resp.body(HttpResponse.asString()).equals(RESPONSE); 90 91 if (!ok || ca.count != 1) 92 throw new RuntimeException("Test failed"); 93 94 // try a POST 95 96 req = client.request(uri) 97 .body(HttpRequest.fromString(POST_BODY)) 98 .POST(); 99 resp = req.response(); 100 ok = resp.statusCode() == 200; 101 102 if (!ok || ca.count != 1) 103 throw new RuntimeException("Test failed"); 104 } finally { 105 client.executorService().shutdownNow(); 106 server.stop(0); 107 e.shutdownNow(); 108 } 109 System.out.println("OK"); 110 } 111 112 static class ServerAuth extends BasicAuthenticator { 113 114 ServerAuth(String realm) { 115 super(realm); 116 } 117 118 @Override 119 public boolean checkCredentials(String username, String password) { 120 if (!"user".equals(username) || !"passwd".equals(password)) { 121 return false; 122 } 123 return true; 124 } 125 126 } 127 128 static class ClientAuth extends java.net.Authenticator { 129 volatile int count = 0; 130 131 @Override 132 protected PasswordAuthentication getPasswordAuthentication() { 133 count++; 134 return new PasswordAuthentication("user", "passwd".toCharArray()); 135 } 136 } 137 138 static class Handler implements HttpHandler { 139 static volatile boolean ok; 140 141 @Override 142 public void handle(HttpExchange he) throws IOException { 143 String method = he.getRequestMethod(); 144 InputStream is = he.getRequestBody(); 145 if (method.equalsIgnoreCase("POST")) { 146 String requestBody = new String(is.readAllBytes(), US_ASCII); 147 if (!requestBody.equals(POST_BODY)) { 148 he.sendResponseHeaders(500, -1); 149 ok = false; 150 } else { 151 he.sendResponseHeaders(200, -1); 152 ok = true; 153 } 154 } else { // GET 155 he.sendResponseHeaders(200, RESPONSE.length()); 156 OutputStream os = he.getResponseBody(); 157 os.write(RESPONSE.getBytes(US_ASCII)); 158 os.close(); 159 ok = true; 160 } 161 } 162 163 } 164 }