A review request for JDK-8005406: HTTP server implementation should use Base64
API
Description:
jdk8 has java.util.Base64 to define a standard API for base64
encoding/decoding. It would be good to investigate whether this API could be
used in the com.sun.net.httpserver implementation to replace the existing code
in BasicAuthentication.
Changes have been made to two files
sun/net/www/protocol/http/BasicAuthentication.java
and sun/net/www/protocol/http/NegotiateAuthentication.java to refactor the
classes to use java.util.Base64 (Base64.Encoder & Base64.Decoder)
rather than sun.misc.BASE64Encoder & sun.misc.BASE64Decoder
Diffs inline
regards
Mark Sheppard.
---------------------------------BasicAuthnetication------------------------------------
@@ -32,7 +32,8 @@ import java.io.IOException;
import java.io.IOException;
import java.io.OutputStream;
import sun.net.www.HeaderParser;
-import sun.misc.BASE64Encoder;
+import java.util.Base64;
+import java.util.Base64.Encoder;
/**
* BasicAuthentication: Encapsulate an http server authentication using
@@ -76,7 +77,7 @@ class BasicAuthentication extends Authen
System.arraycopy(nameBytes, 0, concat, 0, nameBytes.length);
System.arraycopy(passwdBytes, 0, concat, nameBytes.length,
passwdBytes.length);
- this.auth = "Basic " + (new BasicBASE64Encoder()).encode(concat);
+ this.auth = "Basic " + Base64.getEncoder().encodeToString(concat);
this.pw = pw;
}
@@ -116,7 +117,7 @@ class BasicAuthentication extends Authen
System.arraycopy(nameBytes, 0, concat, 0, nameBytes.length);
System.arraycopy(passwdBytes, 0, concat, nameBytes.length,
passwdBytes.length);
- this.auth = "Basic " + (new BasicBASE64Encoder()).encode(concat);
+ this.auth = "Basic " + Base64.getEncoder().encodeToString(concat);
this.pw = pw;
}
@@ -202,11 +203,4 @@ class BasicAuthentication extends Authen
return npath;
}
- /* It is never expected that the header value will exceed the bytesPerLine
*/
- private class BasicBASE64Encoder extends BASE64Encoder {
- @Override
- protected int bytesPerLine() {
- return (10000);
- }
- }
}
---------------------------------NegotiateAuthentication--------------------------------
@@ -30,8 +30,9 @@ import java.net.Authenticator.RequestorT
import java.net.Authenticator.RequestorType;
import java.util.HashMap;
import sun.net.www.HeaderParser;
-import sun.misc.BASE64Decoder;
-import sun.misc.BASE64Encoder;
+import java.util.Base64;
+import java.util.Base64.Decoder;
+import java.util.Base64.Encoder;
import static sun.net.www.protocol.http.AuthScheme.NEGOTIATE;
import static sun.net.www.protocol.http.AuthScheme.KERBEROS;
@@ -151,9 +152,10 @@ class NegotiateAuthentication extends Au
byte[] incoming = null;
String[] parts = raw.split("\\s+");
if (parts.length > 1) {
- incoming = new BASE64Decoder().decodeBuffer(parts[1]);
+ incoming = Base64.getDecoder().decode(parts[1]);
}
- response = hci.scheme + " " + new B64Encoder().encode(
+ response = hci.scheme + " "
+ + Base64.getEncoder().encodeToString(
incoming==null?firstToken():nextToken(incoming));
conn.setAuthenticationProperty(getHeaderName(), response);
@@ -201,11 +203,6 @@ class NegotiateAuthentication extends Au
return negotiator.nextToken(token);
}
- class B64Encoder extends BASE64Encoder {
- protected int bytesPerLine () {
- return 100000; // as big as it can be, maybe INT_MAX
- }
- }
// MS will send a final WWW-Authenticate even if the status is already
// 200 OK. The token can be fed into initSecContext() again to determine
