Merge remote-tracking branch 'origin/master' into properlyClose

Signed-off-by: agherardi <alessandro.gherardi@yahoo.com>

Author: agherardi

.travis.yml

@@ -13,8 +13,8 @@ cache:
     - .autoconf
 env:
   matrix:
-    - TEST_SET="-Ptravis_e2e_skip"
-    - TEST_SET="-Ptravis_e2e"
+    - TEST_SET="-Ptravis_main"
+    - TEST_SET="-fn -Dtest=BroadcasterTest,ClientCloseTest,ResponseWriterOutputStreamTest -DfailIfNoTests=false"
 
 install: true
 

connectors/apache-connector/src/test/java/org/glassfish/jersey/apache/connector/AuthTest.java

@@ -29,6 +29,7 @@
 import javax.ws.rs.core.Context;
 import javax.ws.rs.core.HttpHeaders;
 import javax.ws.rs.core.Response;
+import javax.ws.rs.core.UriInfo;
 
 import javax.inject.Singleton;
 
@@ -40,6 +41,7 @@
 import org.apache.http.auth.AuthScope;
 import org.apache.http.auth.UsernamePasswordCredentials;
 import org.apache.http.client.CredentialsProvider;
+import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
 import org.junit.Ignore;
 import org.junit.Test;
 import static org.junit.Assert.assertEquals;
@@ -116,6 +118,8 @@ public void testPreemptiveAuthPost() {
     public static class AuthResource {
 
         int requestCount = 0;
+        int queryParamsBasicRequestCount = 0;
+        int queryParamsDigestRequestCount = 0;
 
         @GET
         public String get(@Context HttpHeaders h) {
@@ -144,6 +148,25 @@ public String getFilter(@Context HttpHeaders h) {
             return "GET";
         }
 
+        @GET
+        @Path("noauth")
+        public String get() {
+            return "GET";
+        }
+
+        @GET
+        @Path("digest")
+        public String getDigest(@Context HttpHeaders h) {
+            String value = h.getRequestHeaders().getFirst("Authorization");
+            if (value == null) {
+                throw new WebApplicationException(
+                        Response.status(401).header("WWW-Authenticate", "Digest realm=\"WallyWorld\"")
+                            .entity("Forbidden").build());
+            }
+
+            return "GET";
+        }
+
         @POST
         public String post(@Context HttpHeaders h, String e) {
             requestCount++;
@@ -205,6 +228,30 @@ public String deleteFilterWithEntity(@Context HttpHeaders h, String e) {
 
             return e;
         }
+
+        @GET
+        @Path("queryParamsBasic")
+        public String getQueryParamsBasic(@Context HttpHeaders h, @Context UriInfo uriDetails) {
+            queryParamsBasicRequestCount++;
+            String value = h.getRequestHeaders().getFirst("Authorization");
+            if (value == null) {
+                throw new WebApplicationException(
+                        Response.status(401).header("WWW-Authenticate", "Basic realm=\"WallyWorld\"").build());
+            }
+            return "GET " + queryParamsBasicRequestCount;
+        }
+
+        @GET
+        @Path("queryParamsDigest")
+        public String getQueryParamsDigest(@Context HttpHeaders h, @Context UriInfo uriDetails) {
+            queryParamsDigestRequestCount++;
+            String value = h.getRequestHeaders().getFirst("Authorization");
+            if (value == null) {
+                throw new WebApplicationException(
+                        Response.status(401).header("WWW-Authenticate", "Digest realm=\"WallyWorld\"").build());
+            }
+            return "GET " + queryParamsDigestRequestCount;
+        }
     }
 
     @Test
@@ -254,6 +301,35 @@ public void testAuthGetWithClientFilter() {
         assertEquals("GET", r.request().get(String.class));
     }
 
+    @Test
+    public void testAuthGetBasicNoChallenge() {
+        ClientConfig cc = new ClientConfig();
+        cc.connectorProvider(new ApacheConnectorProvider());
+        Client client = ClientBuilder.newClient(cc);
+        client.register(HttpAuthenticationFeature.basicBuilder().build());
+        WebTarget r = client.target(getBaseUri()).path("test/noauth");
+
+        assertEquals("GET", r.request().get(String.class));
+    }
+
+    @Test
+    public void testAuthGetWithDigestFilter() {
+        ClientConfig cc = new ClientConfig();
+        PoolingHttpClientConnectionManager cm = new PoolingHttpClientConnectionManager();
+        cc.connectorProvider(new ApacheConnectorProvider());
+        cc.property(ApacheClientProperties.CONNECTION_MANAGER, cm);
+        Client client = ClientBuilder.newClient(cc);
+        client.register(HttpAuthenticationFeature.universal("name", "password"));
+        WebTarget r = client.target(getBaseUri()).path("test/digest");
+
+        assertEquals("GET", r.request().get(String.class));
+
+        // Verify the connection that was used for the request is available for reuse
+        // and no connections are leased
+        assertEquals(cm.getTotalStats().getAvailable(), 1);
+        assertEquals(cm.getTotalStats().getLeased(), 0);
+    }
+
     @Test
     @Ignore("JERSEY-1750: Cannot retry request with a non-repeatable request entity. How to buffer the entity?"
             + " Allow repeatable write in jersey?")
@@ -348,4 +424,40 @@ public void testAuthInteractivePost() {
 
         assertEquals("POST", r.request().post(Entity.text("POST"), String.class));
     }
+
+    @Test
+    public void testAuthGetQueryParamsBasic() {
+        ClientConfig cc = new ClientConfig();
+        cc.connectorProvider(new ApacheConnectorProvider());
+        Client client = ClientBuilder.newClient(cc);
+        client.register(HttpAuthenticationFeature.universal("name", "password"));
+
+        WebTarget r = client.target(getBaseUri()).path("test/queryParamsBasic");
+        assertEquals("GET 2", r.request().get(String.class));
+
+        r = client.target(getBaseUri())
+                .path("test/queryParamsBasic")
+                .queryParam("param1", "value1")
+                .queryParam("param2", "value2");
+        assertEquals("GET 3", r.request().get(String.class));
+
+    }
+
+    @Test
+    public void testAuthGetQueryParamsDigest() {
+        ClientConfig cc = new ClientConfig();
+        cc.connectorProvider(new ApacheConnectorProvider());
+        Client client = ClientBuilder.newClient(cc);
+        client.register(HttpAuthenticationFeature.universal("name", "password"));
+
+        WebTarget r = client.target(getBaseUri()).path("test/queryParamsDigest");
+        assertEquals("GET 2", r.request().get(String.class));
+
+        r = client.target(getBaseUri())
+                .path("test/queryParamsDigest")
+                .queryParam("param1", "value1")
+                .queryParam("param2", "value2");
+        assertEquals("GET 3", r.request().get(String.class));
+
+    }
 }

connectors/jdk-connector/src/main/java/org/glassfish/jersey/jdk/connector/internal/ProxyBasicAuthenticator.java

@@ -17,8 +17,8 @@
 package org.glassfish.jersey.jdk.connector.internal;
 
 import java.nio.charset.Charset;
+import java.util.Base64;
 
-import org.glassfish.jersey.internal.util.Base64;
 
 /**
  * @author Ondrej Kosatka (ondrej.kosatka at oracle.com)
@@ -46,6 +46,6 @@ static String generateAuthorizationHeader(String userName, String password) thro
         System.arraycopy(prefix, 0, usernamePassword, 0, prefix.length);
         System.arraycopy(passwordBytes, 0, usernamePassword, prefix.length, passwordBytes.length);
 
-        return "Basic " + Base64.encodeAsString(usernamePassword);
+        return "Basic " + Base64.getEncoder().encodeToString(usernamePassword);
     }
 }

connectors/jdk-connector/src/test/java/org/glassfish/jersey/jdk/connector/internal/ProxyTest.java

@@ -19,6 +19,7 @@
 import java.io.IOException;
 import java.io.OutputStream;
 import java.nio.charset.Charset;
+import java.util.Base64;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 
@@ -31,7 +32,6 @@
 
 import org.glassfish.jersey.client.ClientConfig;
 import org.glassfish.jersey.client.ClientProperties;
-import org.glassfish.jersey.internal.util.Base64;
 import org.glassfish.jersey.jdk.connector.JdkConnectorProperties;
 import org.glassfish.jersey.jdk.connector.JdkConnectorProvider;
 import org.glassfish.jersey.server.ResourceConfig;
@@ -227,7 +227,7 @@ private boolean verifyBasicAuthorizationHeader(Response response, String authori
                 response.setStatus(400);
                 return false;
             }
-            String decoded = new String(Base64.decode(authorizationHeader.substring(6).getBytes()),
+            String decoded = new String(Base64.getDecoder().decode(authorizationHeader.substring(6).getBytes()),
                     CHARACTER_SET);
             final String[] split = decoded.split(":");
             final String username = split[0];

connectors/jetty-connector/src/test/java/org/glassfish/jersey/jetty/connector/AsyncTest.java

@@ -110,6 +110,8 @@ public void handleTimeout(AsyncResponse asyncResponse) {
                 }
             });
             asyncResponse.setTimeout(1, TimeUnit.SECONDS);
+            asyncResponse.resume(Response.status(Response.Status.SERVICE_UNAVAILABLE)
+                    .entity("Operation time out.").build());
 
             new Thread(new Runnable() {
 

connectors/jetty-connector/src/test/java/org/glassfish/jersey/jetty/connector/HelloWorldTest.java

@@ -71,7 +71,6 @@ protected Application configure() {
 
     @Override
     protected void configureClient(ClientConfig config) {
-        config.property(ClientProperties.ASYNC_THREADPOOL_SIZE, 20);
         config.connectorProvider(new JettyConnectorProvider());
     }
 

core-client/src/main/java/org/glassfish/jersey/client/authentication/AuthenticationUtil.java

@@ -0,0 +1,66 @@
+/*
+ * Copyright (c) 2013, 2018 Oracle and/or its affiliates. All rights reserved.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Eclipse Public License v. 2.0, which is available at
+ * http://www.eclipse.org/legal/epl-2.0.
+ *
+ * This Source Code may also be made available under the following Secondary
+ * Licenses when the conditions for such availability set forth in the
+ * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
+ * version 2 with the GNU Classpath Exception, which is available at
+ * https://www.gnu.org/software/classpath/license.html.
+ *
+ * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
+ */
+
+package org.glassfish.jersey.client.authentication;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URI;
+import java.net.URISyntaxException;
+
+import javax.ws.rs.client.ClientRequestContext;
+
+/**
+ * Common authentication utilities
+ */
+class AuthenticationUtil {
+   static void discardInputAndClose(InputStream is) {
+        byte[] buf = new byte[4096];
+        try {
+            while (true) {
+                if (is.read(buf) <= 0) {
+                    break;
+                }
+            }
+        } catch (IOException ex) {
+            // ignore
+        } finally {
+            try {
+                is.close();
+            } catch (IOException ex) {
+                // ignore
+            }
+        }
+    }
+
+    static URI getCacheKey(ClientRequestContext request) {
+        URI requestUri = request.getUri();
+        if (requestUri.getRawQuery() != null) {
+            // Return a URI without the query part of the request URI
+            try {
+                return new URI(
+                        requestUri.getScheme(),
+                        requestUri.getAuthority(),
+                        requestUri.getPath(),
+                        null,
+                        requestUri.getFragment());
+            } catch (URISyntaxException e) {
+                // Ignore and fall through
+            }
+        }
+        return requestUri;
+    }
+}

core-client/src/main/java/org/glassfish/jersey/client/authentication/BasicAuthenticator.java

@@ -16,12 +16,15 @@
 
 package org.glassfish.jersey.client.authentication;
 
+import java.util.Base64;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+
 import javax.ws.rs.client.ClientRequestContext;
 import javax.ws.rs.client.ClientResponseContext;
 import javax.ws.rs.core.HttpHeaders;
 
 import org.glassfish.jersey.client.internal.LocalizationMessages;
-import org.glassfish.jersey.internal.util.Base64;
 
 /**
  * Implementation of Basic Http Authentication method (RFC 2617).
@@ -32,6 +35,8 @@
  */
 final class BasicAuthenticator {
 
+    private static final Logger LOGGER = Logger.getLogger(BasicAuthenticator.class.getName());
+
     private final HttpAuthenticationFilter.Credentials defaultCredentials;
 
     /**
@@ -61,22 +66,22 @@ private String calculateAuthentication(HttpAuthenticationFilter.Credentials cred
         System.arraycopy(prefix, 0, usernamePassword, 0, prefix.length);
         System.arraycopy(password, 0, usernamePassword, prefix.length, password.length);
 
-        return "Basic " + Base64.encodeAsString(usernamePassword);
+        return "Basic " + Base64.getEncoder().encodeToString(usernamePassword);
     }
 
     /**
      * Adds authentication information to the request.
      *
      * @param request Request context.
-     * @throws RequestAuthenticationException in case that basic credentials missing or are in invalid format
      */
-    public void filterRequest(ClientRequestContext request) throws RequestAuthenticationException {
+    public void filterRequest(ClientRequestContext request) {
         HttpAuthenticationFilter.Credentials credentials = HttpAuthenticationFilter.getCredentials(request,
                 defaultCredentials, HttpAuthenticationFilter.Type.BASIC);
         if (credentials == null) {
-            throw new RequestAuthenticationException(LocalizationMessages.AUTHENTICATION_CREDENTIALS_MISSING_BASIC());
+            LOGGER.fine(LocalizationMessages.AUTHENTICATION_CREDENTIALS_NOT_PROVIDED_BASIC());
+        } else {
+            request.getHeaders().add(HttpHeaders.AUTHORIZATION, calculateAuthentication(credentials));
         }
-        request.getHeaders().add(HttpHeaders.AUTHORIZATION, calculateAuthentication(credentials));
     }
 
     /**

core-client/src/main/java/org/glassfish/jersey/client/authentication/DigestAuthenticator.java

@@ -90,7 +90,7 @@ protected boolean removeEldestEntry(final Map.Entry eldest) {
      * @throws IOException When error with encryption occurs.
      */
     boolean filterRequest(final ClientRequestContext request) throws IOException {
-        final DigestScheme digestScheme = digestCache.get(request.getUri());
+        final DigestScheme digestScheme = digestCache.get(AuthenticationUtil.getCacheKey(request));
         if (digestScheme != null) {
             final HttpAuthenticationFilter.Credentials cred = HttpAuthenticationFilter.getCredentials(request,
                     this.credentials, HttpAuthenticationFilter.Type.DIGEST);
@@ -131,10 +131,11 @@ public boolean filterResponse(final ClientRequestContext request, final ClientRe
 
             final boolean success = HttpAuthenticationFilter.repeatRequest(request, response, createNextAuthToken(digestScheme,
                     request, cred));
+            URI cacheKey = AuthenticationUtil.getCacheKey(request);
             if (success) {
-                digestCache.put(request.getUri(), digestScheme);
+                digestCache.put(cacheKey, digestScheme);
             } else {
-                digestCache.remove(request.getUri());
+                digestCache.remove(cacheKey);
             }
             return success;
         }