hc-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From micha...@apache.org
Subject svn commit: r1696585 - in /httpcomponents/httpclient/trunk/httpclient/src: main/java/org/apache/http/auth/ main/java/org/apache/http/impl/execchain/ test/java/org/apache/http/auth/ test/java/org/apache/http/impl/auth/ test/java/org/apache/http/impl/exe...
Date Wed, 19 Aug 2015 13:29:56 GMT
Author: michaelo
Date: Wed Aug 19 13:29:56 2015
New Revision: 1696585

URL: http://svn.apache.org/r1696585
Log:
HTTPCLIENT-1106: Use character arrays for passwords in Credentials objects, not Strings

Remove leftovers of contructors and tests accepting passwords as strings

Modified:
    httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/auth/NTCredentials.java
    httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/auth/UsernamePasswordCredentials.java
    httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/execchain/ProtocolExec.java
    httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/auth/TestCredentials.java
    httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/auth/TestHttpAuthenticator.java
    httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/execchain/TestMainClientExec.java

Modified: httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/auth/NTCredentials.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/auth/NTCredentials.java?rev=1696585&r1=1696584&r2=1696585&view=diff
==============================================================================
--- httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/auth/NTCredentials.java
(original)
+++ httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/auth/NTCredentials.java
Wed Aug 19 13:29:56 2015
@@ -58,41 +58,9 @@ public class NTCredentials implements Cr
     private final String netbiosDomain;
 
     /**
-     * The constructor with the fully qualified username and password combined
-     * string argument.
-     *
-     * @param usernamePassword the domain/username:password formed string
-     */
-    public NTCredentials(final String usernamePassword) {
-        super();
-        Args.notNull(usernamePassword, "Username:password string");
-        final String username;
-        final int atColon = usernamePassword.indexOf(':');
-        if (atColon >= 0) {
-            username = usernamePassword.substring(0, atColon);
-            this.password = usernamePassword.substring(atColon + 1).toCharArray();
-        } else {
-            username = usernamePassword;
-            this.password = null;
-        }
-        final int atSlash = username.indexOf('/');
-        if (atSlash >= 0) {
-            this.principal = new NTUserPrincipal(
-                    username.substring(0, atSlash).toUpperCase(Locale.ROOT),
-                    username.substring(atSlash + 1));
-        } else {
-            this.principal = new NTUserPrincipal(
-                    null,
-                    username.substring(atSlash + 1));
-        }
-        this.workstation = null;
-        this.netbiosDomain = null;
-    }
-
-    /**
      * Constructor.
      * @param userName The user name.  This should not include the domain to authenticate
with.
-     * For example: "user" is correct whereas "DOMAIN\\user" is not.
+     * For example: "user" is correct whereas "DOMAIN\user" is not.
      * @param password The password.
      * @param workstation The workstation the authentication request is originating from.
      * Essentially, the computer name for this machine.
@@ -109,7 +77,7 @@ public class NTCredentials implements Cr
     /**
      * Constructor.
      * @param userName The user name.  This should not include the domain to authenticate
with.
-     * For example: "user" is correct whereas "DOMAIN\\user" is not.
+     * For example: "user" is correct whereas "DOMAIN\user" is not.
      * @param password The password.
      * @param workstation The netbios workstation name that the authentication request is
originating from.
      * Essentially, the computer name for this machine.

Modified: httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/auth/UsernamePasswordCredentials.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/auth/UsernamePasswordCredentials.java?rev=1696585&r1=1696584&r2=1696585&view=diff
==============================================================================
--- httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/auth/UsernamePasswordCredentials.java
(original)
+++ httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/auth/UsernamePasswordCredentials.java
Wed Aug 19 13:29:56 2015
@@ -48,26 +48,6 @@ public class UsernamePasswordCredentials
     private final char[] password;
 
     /**
-     * The constructor with the username and password combined string argument.
-     *
-     * @param usernamePassword the username:password formed string
-     * @see #toString
-     */
-    public UsernamePasswordCredentials(final String usernamePassword) {
-        super();
-        Args.notNull(usernamePassword, "Username:password string");
-        final int atColon = usernamePassword.indexOf(':');
-        if (atColon >= 0) {
-            this.principal = new BasicUserPrincipal(usernamePassword.substring(0, atColon));
-            this.password = usernamePassword.substring(atColon + 1).toCharArray();
-        } else {
-            this.principal = new BasicUserPrincipal(usernamePassword);
-            this.password = null;
-        }
-    }
-
-
-    /**
      * The constructor with the username and password arguments.
      *
      * @param userName the user name

Modified: httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/execchain/ProtocolExec.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/execchain/ProtocolExec.java?rev=1696585&r1=1696584&r2=1696585&view=diff
==============================================================================
--- httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/execchain/ProtocolExec.java
(original)
+++ httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/impl/execchain/ProtocolExec.java
Wed Aug 19 13:29:56 2015
@@ -144,9 +144,19 @@ public class ProtocolExec implements Cli
             if (userinfo != null) {
                 final CredentialsProvider credsProvider = context.getCredentialsProvider();
                 if (credsProvider instanceof CredentialsStore) {
+                    final int atColon = userinfo.indexOf(':');
+                    final String userName;
+                    final char[] password;
+                    if (atColon >= 0) {
+                        userName = userinfo.substring(0, atColon);
+                        password = userinfo.substring(atColon + 1).toCharArray();
+                    } else {
+                        userName = userinfo.substring(0, atColon);
+                        password = null;
+                    }
                     ((CredentialsStore) credsProvider).setCredentials(
                             new AuthScope(target),
-                            new UsernamePasswordCredentials(userinfo));
+                            new UsernamePasswordCredentials(userName, password));
                 }
             }
         }

Modified: httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/auth/TestCredentials.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/auth/TestCredentials.java?rev=1696585&r1=1696584&r2=1696585&view=diff
==============================================================================
--- httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/auth/TestCredentials.java
(original)
+++ httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/auth/TestCredentials.java
Wed Aug 19 13:29:56 2015
@@ -47,19 +47,12 @@ public class TestCredentials {
         Assert.assertArrayEquals("pwd".toCharArray(), creds1.getPassword());
         Assert.assertEquals("[principal: name]", creds1.toString());
         final UsernamePasswordCredentials creds2 = new UsernamePasswordCredentials(
-                "name:pwd");
+            "name", null);
         Assert.assertEquals("name", creds2.getUserName());
         Assert.assertEquals(new BasicUserPrincipal("name"),
                 creds2.getUserPrincipal());
-        Assert.assertArrayEquals("pwd".toCharArray(), creds2.getPassword());
+        Assert.assertEquals(null, creds2.getPassword());
         Assert.assertEquals("[principal: name]", creds2.toString());
-        final UsernamePasswordCredentials creds3 = new UsernamePasswordCredentials(
-            "name");
-        Assert.assertEquals("name", creds3.getUserName());
-        Assert.assertEquals(new BasicUserPrincipal("name"),
-                creds3.getUserPrincipal());
-        Assert.assertEquals(null, creds3.getPassword());
-        Assert.assertEquals("[principal: name]", creds3.toString());
     }
 
     @Test
@@ -80,30 +73,6 @@ public class TestCredentials {
         Assert.assertEquals(null, creds2.getPassword());
         Assert.assertEquals("[principal: name][workstation: null][netbiosDomain: null]",
                 creds2.toString());
-        final NTCredentials creds3 = new NTCredentials(
-                "domain/name:pwd");
-        Assert.assertEquals("name", creds3.getUserName());
-        Assert.assertEquals(new NTUserPrincipal("DOMAIN", "name"),
-                creds3.getUserPrincipal());
-        Assert.assertArrayEquals("pwd".toCharArray(), creds3.getPassword());
-        Assert.assertEquals("[principal: DOMAIN\\name][workstation: null][netbiosDomain:
null]",
-                creds3.toString());
-        final NTCredentials creds4 = new NTCredentials(
-            "domain/name");
-        Assert.assertEquals("name", creds4.getUserName());
-        Assert.assertEquals(new NTUserPrincipal("DOMAIN", "name"),
-                creds4.getUserPrincipal());
-        Assert.assertEquals(null, creds4.getPassword());
-        Assert.assertEquals("[principal: DOMAIN\\name][workstation: null][netbiosDomain:
null]",
-                creds4.toString());
-        final NTCredentials creds5 = new NTCredentials(
-            "name");
-        Assert.assertEquals("name", creds5.getUserName());
-        Assert.assertEquals(new NTUserPrincipal(null, "name"),
-                creds5.getUserPrincipal());
-        Assert.assertEquals(null, creds5.getPassword());
-        Assert.assertEquals("[principal: name][workstation: null][netbiosDomain: null]",
-                creds5.toString());
     }
 
     @Test

Modified: httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/auth/TestHttpAuthenticator.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/auth/TestHttpAuthenticator.java?rev=1696585&r1=1696584&r2=1696585&view=diff
==============================================================================
--- httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/auth/TestHttpAuthenticator.java
(original)
+++ httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/auth/TestHttpAuthenticator.java
Wed Aug 19 13:29:56 2015
@@ -159,7 +159,7 @@ public class TestHttpAuthenticator {
         response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, "Digest realm=\"realm1\",
nonce=\"1234\""));
         response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, "whatever realm=\"realm1\",
stuff=\"1234\""));
 
-        final Credentials credentials = new UsernamePasswordCredentials("user:pass");
+        final Credentials credentials = new UsernamePasswordCredentials("user", "pass".toCharArray());
         Mockito.when(this.credentialsProvider.getCredentials(Mockito.<AuthScope>any())).thenReturn(credentials);
 
         final DefaultAuthenticationStrategy authStrategy = new DefaultAuthenticationStrategy();
@@ -186,7 +186,7 @@ public class TestHttpAuthenticator {
         response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, "Basic realm=\"test\""));
         response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, "Digest realm=\"realm1\",
nonce=\"1234\""));
 
-        final Credentials credentials = new UsernamePasswordCredentials("user:pass");
+        final Credentials credentials = new UsernamePasswordCredentials("user", "pass".toCharArray());
         Mockito.when(this.credentialsProvider.getCredentials(new AuthScope(host, "test",
"basic"))).thenReturn(credentials);
 
         final DefaultAuthenticationStrategy authStrategy = new DefaultAuthenticationStrategy();
@@ -321,7 +321,7 @@ public class TestHttpAuthenticator {
         response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, "Digest realm=\"realm1\",
nonce=\"1234\""));
         response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, "whatever realm=\"realm1\",
stuff=\"1234\""));
 
-        final Credentials credentials = new UsernamePasswordCredentials("user:pass");
+        final Credentials credentials = new UsernamePasswordCredentials("user", "pass".toCharArray());
         Mockito.when(this.credentialsProvider.getCredentials(new AuthScope(host, "realm1",
"digest"))).thenReturn(credentials);
 
         final DefaultAuthenticationStrategy authStrategy = new DefaultAuthenticationStrategy();

Modified: httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/execchain/TestMainClientExec.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/execchain/TestMainClientExec.java?rev=1696585&r1=1696584&r2=1696585&view=diff
==============================================================================
--- httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/execchain/TestMainClientExec.java
(original)
+++ httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/impl/execchain/TestMainClientExec.java
Wed Aug 19 13:29:56 2015
@@ -394,7 +394,7 @@ public class TestMainClientExec {
                 .build());
 
         final BasicCredentialsProvider credentialsProvider = new BasicCredentialsProvider();
-        credentialsProvider.setCredentials(new AuthScope(target), new UsernamePasswordCredentials("user:pass"));
+        credentialsProvider.setCredentials(new AuthScope(target), new UsernamePasswordCredentials("user",
"pass".toCharArray()));
         context.setCredentialsProvider(credentialsProvider);
 
         Mockito.when(managedConn.isOpen()).thenReturn(Boolean.TRUE);
@@ -445,7 +445,7 @@ public class TestMainClientExec {
         context.setAuthExchange(proxy, proxyAuthExchange);
 
         final BasicCredentialsProvider credentialsProvider = new BasicCredentialsProvider();
-        credentialsProvider.setCredentials(new AuthScope(target), new UsernamePasswordCredentials("user:pass"));
+        credentialsProvider.setCredentials(new AuthScope(target), new UsernamePasswordCredentials("user",
"pass".toCharArray()));
         context.setCredentialsProvider(credentialsProvider);
 
         Mockito.when(managedConn.isOpen()).thenReturn(Boolean.TRUE);
@@ -493,7 +493,7 @@ public class TestMainClientExec {
                 .build());
 
         final BasicCredentialsProvider credentialsProvider = new BasicCredentialsProvider();
-        credentialsProvider.setCredentials(new AuthScope(target), new UsernamePasswordCredentials("user:pass"));
+        credentialsProvider.setCredentials(new AuthScope(target), new UsernamePasswordCredentials("user",
"pass".toCharArray()));
         context.setCredentialsProvider(credentialsProvider);
 
         Mockito.when(managedConn.isOpen()).thenReturn(Boolean.TRUE);
@@ -715,7 +715,7 @@ public class TestMainClientExec {
         final HttpResponse response2 = new BasicHttpResponse(HttpVersion.HTTP_1_1, 200, "OK");
 
         final BasicCredentialsProvider credentialsProvider = new BasicCredentialsProvider();
-        credentialsProvider.setCredentials(new AuthScope(proxy), new UsernamePasswordCredentials("user:pass"));
+        credentialsProvider.setCredentials(new AuthScope(proxy), new UsernamePasswordCredentials("user",
"pass".toCharArray()));
         context.setCredentialsProvider(credentialsProvider);
 
         Mockito.when(managedConn.isOpen()).thenReturn(Boolean.TRUE);
@@ -753,7 +753,7 @@ public class TestMainClientExec {
         final HttpResponse response2 = new BasicHttpResponse(HttpVersion.HTTP_1_1, 200, "OK");
 
         final BasicCredentialsProvider credentialsProvider = new BasicCredentialsProvider();
-        credentialsProvider.setCredentials(new AuthScope(proxy), new UsernamePasswordCredentials("user:pass"));
+        credentialsProvider.setCredentials(new AuthScope(proxy), new UsernamePasswordCredentials("user",
"pass".toCharArray()));
         context.setCredentialsProvider(credentialsProvider);
 
         Mockito.when(managedConn.isOpen()).thenReturn(Boolean.TRUE);



Mime
View raw message