mirrors
/
jgit
mirror of https://github.com/eclipse/jgit.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 204 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8008 Commits
49 Branches
Tree: 2171f868d9
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '2171f868d9'
${ noResults }
jgit/org.eclipse.jgit.ssh.apache/src/org/eclipse/jgit/internal/transport/sshd/proxy/HttpParser.java

HttpParser.java 8.2KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270 
  1. /*

  2.  * Copyright (C) 2018, Thomas Wolf <thomas.wolf@paranor.ch> and others

  3.  *

  4.  * This program and the accompanying materials are made available under the

  5.  * terms of the Eclipse Distribution License v. 1.0 which is available at

  6.  * https://www.eclipse.org/org/documents/edl-v10.php.

  7.  *

  8.  * SPDX-License-Identifier: BSD-3-Clause

  9.  */

  10. package org.eclipse.jgit.internal.transport.sshd.proxy;

  11. 

  12. import java.util.ArrayList;

  13. import java.util.Iterator;

  14. import java.util.List;

  15. 

  16. import org.eclipse.jgit.util.HttpSupport;

  17. 

  18. /**

  19.  * A basic parser for HTTP response headers. Handles status lines and

  20.  * authentication headers (WWW-Authenticate, Proxy-Authenticate).

  21.  *

  22.  * @see <a href="https://tools.ietf.org/html/rfc7230">RFC 7230</a>

  23.  * @see <a href="https://tools.ietf.org/html/rfc7235">RFC 7235</a>

  24.  */

  25. public final class HttpParser {

  26. 

  27. 	/**

  28. 	 * An exception indicating some problem parsing HTPP headers.

  29. 	 */

  30. 	public static class ParseException extends Exception {

  31. 

  32. 		private static final long serialVersionUID = -1634090143702048640L;

  33. 

  34. 	}

  35. 

  36. 	private HttpParser() {

  37. 		// No instantiation

  38. 	}

  39. 

  40. 	/**

  41. 	 * Parse a HTTP response status line.

  42. 	 *

  43. 	 * @param line

  44. 	 *            to parse

  45. 	 * @return the {@link StatusLine}

  46. 	 * @throws ParseException

  47. 	 *             if the line cannot be parsed or has the wrong HTTP version

  48. 	 */

  49. 	public static StatusLine parseStatusLine(String line)

  50. 			throws ParseException {

  51. 		// Format is HTTP/<version> Code Reason

  52. 		int firstBlank = line.indexOf(' ');

  53. 		if (firstBlank < 0) {

  54. 			throw new ParseException();

  55. 		}

  56. 		int secondBlank = line.indexOf(' ', firstBlank + 1);

  57. 		if (secondBlank < 0) {

  58. 			// Accept the line even if the (according to RFC 2616 mandatory)

  59. 			// reason is missing.

  60. 			secondBlank = line.length();

  61. 		}

  62. 		int resultCode;

  63. 		try {

  64. 			resultCode = Integer.parseUnsignedInt(

  65. 					line.substring(firstBlank + 1, secondBlank));

  66. 		} catch (NumberFormatException e) {

  67. 			throw new ParseException();

  68. 		}

  69. 		// Again, accept even if the reason is missing

  70. 		String reason = ""; //$NON-NLS-1$

  71. 		if (secondBlank < line.length()) {

  72. 			reason = line.substring(secondBlank + 1);

  73. 		}

  74. 		return new StatusLine(line.substring(0, firstBlank), resultCode,

  75. 				reason);

  76. 	}

  77. 

  78. 	/**

  79. 	 * Extract the authentication headers from the header lines. It is assumed

  80. 	 * that the first element in {@code reply} is the raw status line as

  81. 	 * received from the server. It is skipped. Line processing stops on the

  82. 	 * first empty line thereafter.

  83. 	 *

  84. 	 * @param reply

  85. 	 *            The complete (header) lines of the HTTP response

  86. 	 * @param authenticationHeader

  87. 	 *            to look for (including the terminating ':'!)

  88. 	 * @return a list of {@link AuthenticationChallenge}s found.

  89. 	 */

  90. 	public static List<AuthenticationChallenge> getAuthenticationHeaders(

  91. 			List<String> reply, String authenticationHeader) {

  92. 		List<AuthenticationChallenge> challenges = new ArrayList<>();

  93. 		Iterator<String> lines = reply.iterator();

  94. 		// We know we have at least one line. Skip the response line.

  95. 		lines.next();

  96. 		StringBuilder value = null;

  97. 		while (lines.hasNext()) {

  98. 			String line = lines.next();

  99. 			if (line.isEmpty()) {

  100. 				break;

  101. 			}

  102. 			if (Character.isWhitespace(line.charAt(0))) {

  103. 				// Continuation line.

  104. 				if (value == null) {

  105. 					// Skip if we have no current value

  106. 					continue;

  107. 				}

  108. 				// Skip leading whitespace

  109. 				int i = skipWhiteSpace(line, 1);

  110. 				value.append(' ').append(line, i, line.length());

  111. 				continue;

  112. 			}

  113. 			if (value != null) {

  114. 				parseChallenges(challenges, value.toString());

  115. 				value = null;

  116. 			}

  117. 			int firstColon = line.indexOf(':');

  118. 			if (firstColon > 0 && authenticationHeader

  119. 					.equalsIgnoreCase(line.substring(0, firstColon + 1))) {

  120. 				value = new StringBuilder(line.substring(firstColon + 1));

  121. 			}

  122. 		}

  123. 		if (value != null) {

  124. 			parseChallenges(challenges, value.toString());

  125. 		}

  126. 		return challenges;

  127. 	}

  128. 

  129. 	private static void parseChallenges(

  130. 			List<AuthenticationChallenge> challenges,

  131. 			String header) {

  132. 		// Comma-separated list of challenges, each itself a scheme name

  133. 		// followed optionally by either: a comma-separated list of key=value

  134. 		// pairs, where the value may be a quoted string with backslash escapes,

  135. 		// or a single token value, which itself may end in zero or more '='

  136. 		// characters. Ugh.

  137. 		int length = header.length();

  138. 		for (int i = 0; i < length;) {

  139. 			int start = skipWhiteSpace(header, i);

  140. 			int end = HttpSupport.scanToken(header, start);

  141. 			if (end <= start) {

  142. 				break;

  143. 			}

  144. 			AuthenticationChallenge challenge = new AuthenticationChallenge(

  145. 					header.substring(start, end));

  146. 			challenges.add(challenge);

  147. 			i = parseChallenge(challenge, header, end);

  148. 		}

  149. 	}

  150. 

  151. 	private static int parseChallenge(AuthenticationChallenge challenge,

  152. 			String header, int from) {

  153. 		int length = header.length();

  154. 		boolean first = true;

  155. 		for (int start = from; start <= length; first = false) {

  156. 			// Now we have either a single token, which may end in zero or more

  157. 			// equal signs, or a comma-separated list of key=value pairs (with

  158. 			// optional legacy whitespace around the equals sign), where the

  159. 			// value can be either a token or a quoted string.

  160. 			start = skipWhiteSpace(header, start);

  161. 			int end = HttpSupport.scanToken(header, start);

  162. 			if (end == start) {

  163. 				// Nothing found. Either at end or on a comma.

  164. 				if (start < header.length() && header.charAt(start) == ',') {

  165. 					return start + 1;

  166. 				}

  167. 				return start;

  168. 			}

  169. 			int next = skipWhiteSpace(header, end);

  170. 			// Comma, or equals sign, or end of string

  171. 			if (next >= length || header.charAt(next) != '=') {

  172. 				if (first) {

  173. 					// It must be a token

  174. 					challenge.setToken(header.substring(start, end));

  175. 					if (next < length && header.charAt(next) == ',') {

  176. 						next++;

  177. 					}

  178. 					return next;

  179. 				}

  180. 				// This token must be the name of the next authentication

  181. 				// scheme.

  182. 				return start;

  183. 			}

  184. 			int nextStart = skipWhiteSpace(header, next + 1);

  185. 			if (nextStart >= length) {

  186. 				if (next == end) {

  187. 					// '=' immediately after the key, no value: key must be the

  188. 					// token, and the equals sign is part of the token

  189. 					challenge.setToken(header.substring(start, end + 1));

  190. 				} else {

  191. 					// Key without value...

  192. 					challenge.addArgument(header.substring(start, end), null);

  193. 				}

  194. 				return nextStart;

  195. 			}

  196. 			if (nextStart == end + 1 && header.charAt(nextStart) == '=') {

  197. 				// More than one equals sign: must be the single token.

  198. 				end = nextStart + 1;

  199. 				while (end < length && header.charAt(end) == '=') {

  200. 					end++;

  201. 				}

  202. 				challenge.setToken(header.substring(start, end));

  203. 				end = skipWhiteSpace(header, end);

  204. 				if (end < length && header.charAt(end) == ',') {

  205. 					end++;

  206. 				}

  207. 				return end;

  208. 			}

  209. 			if (header.charAt(nextStart) == ',') {

  210. 				if (next == end) {

  211. 					// '=' immediately after the key, no value: key must be the

  212. 					// token, and the equals sign is part of the token

  213. 					challenge.setToken(header.substring(start, end + 1));

  214. 					return nextStart + 1;

  215. 				}

  216. 				// Key without value...

  217. 				challenge.addArgument(header.substring(start, end), null);

  218. 				start = nextStart + 1;

  219. 			} else {

  220. 				if (header.charAt(nextStart) == '"') {

  221. 					int[] nextEnd = { nextStart + 1 };

  222. 					String value = scanQuotedString(header, nextStart + 1,

  223. 							nextEnd);

  224. 					challenge.addArgument(header.substring(start, end), value);

  225. 					start = nextEnd[0];

  226. 				} else {

  227. 					int nextEnd = HttpSupport.scanToken(header, nextStart);

  228. 					challenge.addArgument(header.substring(start, end),

  229. 							header.substring(nextStart, nextEnd));

  230. 					start = nextEnd;

  231. 				}

  232. 				start = skipWhiteSpace(header, start);

  233. 				if (start < length && header.charAt(start) == ',') {

  234. 					start++;

  235. 				}

  236. 			}

  237. 		}

  238. 		return length;

  239. 	}

  240. 

  241. 	private static int skipWhiteSpace(String header, int i) {

  242. 		int length = header.length();

  243. 		while (i < length && Character.isWhitespace(header.charAt(i))) {

  244. 			i++;

  245. 		}

  246. 		return i;

  247. 	}

  248. 

  249. 	private static String scanQuotedString(String header, int from, int[] to) {

  250. 		StringBuilder result = new StringBuilder();

  251. 		int length = header.length();

  252. 		boolean quoted = false;

  253. 		int i = from;

  254. 		while (i < length) {

  255. 			char c = header.charAt(i++);

  256. 			if (quoted) {

  257. 				result.append(c);

  258. 				quoted = false;

  259. 			} else if (c == '\\') {

  260. 				quoted = true;

  261. 			} else if (c == '"') {

  262. 				break;

  263. 			} else {

  264. 				result.append(c);

  265. 			}

  266. 		}

  267. 		to[0] = i;

  268. 		return result.toString();

  269. 	}

  270. }