michael-o commented on code in PR #612:
URL:
https://github.com/apache/httpcomponents-client/pull/612#discussion_r1923233738
##########
httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/HttpAuthenticator.java:
##########
@@ -97,32 +101,17 @@ public boolean isChallenged(
final HttpResponse response,
final AuthExchange authExchange,
final HttpContext context) {
- final int challengeCode;
- switch (challengeType) {
- case TARGET:
- challengeCode = HttpStatus.SC_UNAUTHORIZED;
- break;
- case PROXY:
- challengeCode = HttpStatus.SC_PROXY_AUTHENTICATION_REQUIRED;
- break;
- default:
- throw new IllegalStateException("Unexpected challenge type: "
+ challengeType);
- }
-
- final HttpClientContext clientContext =
HttpClientContext.cast(context);
- final String exchangeId = clientContext.getExchangeId();
-
- if (response.getCode() == challengeCode) {
- if (LOG.isDebugEnabled()) {
- LOG.debug("{} Authentication required", exchangeId);
- }
+ if (checkChallenged(challengeType, response, context)) {
return true;
}
switch (authExchange.getState()) {
case CHALLENGED:
case HANDSHAKE:
if (LOG.isDebugEnabled()) {
- LOG.debug("{} Authentication succeeded", exchangeId);
+ final HttpClientContext clientContext =
HttpClientContext.cast(context);
+ final String exchangeId = clientContext.getExchangeId();
+ // The mutual auth may still fail
+ LOG.debug("{} Server has accepted authorization", exchangeId);
Review Comment:
authentication?
##########
httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/HttpAuthenticator.java:
##########
@@ -347,6 +439,9 @@ public void addAuthResponse(
Asserts.notNull(authScheme, "AuthScheme");
default:
}
+ // This is the SUCCESS and HANDSHAKE states, same as the initial
response.
+ // This only happens if the NEGOTIATE handshake requires multiple
requests, which is
Review Comment:
I would generalize away from Negotiate here.
##########
httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/HttpAuthenticator.java:
##########
@@ -331,12 +421,14 @@ public void addAuthResponse(
}
try {
final String authResponse =
authScheme.generateAuthResponse(host, request, context);
- final Header header = new BasicHeader(
- challengeType == ChallengeType.TARGET ?
HttpHeaders.AUTHORIZATION : HttpHeaders.PROXY_AUTHORIZATION,
- authResponse);
- request.addHeader(header);
+ if (authResponse != null) {
+ final Header header = new BasicHeader(
+ challengeType == ChallengeType.TARGET ?
HttpHeaders.AUTHORIZATION : HttpHeaders.PROXY_AUTHORIZATION,
+ authResponse);
+ request.addHeader(header);
+ }
break;
- } catch (final AuthenticationException ex) {
+ } catch (final AuthenticationException ex ) {
Review Comment:
stray space
##########
httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/HttpAuthenticator.java:
##########
@@ -186,52 +202,109 @@ public boolean updateAuthState(
authChallenges = parser.parse(challengeType, buffer, cursor);
} catch (final ParseException ex) {
if (LOG.isWarnEnabled()) {
+ final HttpClientContext clientContext =
HttpClientContext.cast(context);
+ final String exchangeId = clientContext.getExchangeId();
LOG.warn("{} Malformed challenge: {}", exchangeId,
header.getValue());
}
continue;
}
- for (final AuthChallenge authChallenge: authChallenges) {
+ for (final AuthChallenge authChallenge : authChallenges) {
final String schemeName =
authChallenge.getSchemeName().toLowerCase(Locale.ROOT);
if (!challengeMap.containsKey(schemeName)) {
challengeMap.put(schemeName, authChallenge);
}
}
}
+ return challengeMap;
+ }
+
+ /**
+ * Updates the {@link AuthExchange} state based on the challenge presented
in the response message
+ * using the given {@link AuthenticationStrategy}.
+ *
+ * @param host the hostname of the opposite endpoint.
+ * @param challengeType the challenge type (target or proxy).
+ * @param response the response message head.
+ * @param authStrategy the authentication strategy.
+ * @param authExchange the current authentication exchange state.
+ * @param context the current execution context.
+ * @return {@code true} if the request needs-to be re-sent ,
Review Comment:
stray space
##########
httpclient5/src/main/java/org/apache/hc/client5/http/impl/classic/ProtocolExec.java:
##########
@@ -189,6 +191,7 @@ public ClassicHttpResponse execute(
authenticator.addAuthResponse(proxy, ChallengeType.PROXY,
request, proxyAuthExchange, context);
}
+ //The is where the actual network communications happens
(eventually)
Review Comment:
communication
##########
httpclient5/src/main/java/org/apache/hc/client5/http/impl/classic/ProtocolExec.java:
##########
@@ -189,6 +191,7 @@ public ClassicHttpResponse execute(
authenticator.addAuthResponse(proxy, ChallengeType.PROXY,
request, proxyAuthExchange, context);
}
+ //The is where the actual network communications happens
(eventually)
Review Comment:
Space
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org
For additional commands, e-mail: dev-h...@hc.apache.org
