SONAR-9155 Fix HTTPS proxy authentication

author: Julien HENRY <julien.henry@sonarsource.com> 2017-04-21 16:40:57 +0200
committer: Julien HENRY <henryju@yahoo.fr> 2017-04-24 09:43:34 +0200
commit: a1e24b5dc9b1ab138e584e9ef4faeec8f6cb6701 (patch)
tree: cfabe1de0e87b1257d11612ba3cdbbef3f5ff005 /sonar-ws
parent: f1eda9d89e4d6a09acd3ff6b382e1fe21b39e068 (diff)
download: sonarqube-a1e24b5dc9b1ab138e584e9ef4faeec8f6cb6701.tar.gz
sonarqube-a1e24b5dc9b1ab138e584e9ef4faeec8f6cb6701.zip
3 files changed, 24 insertions, 10 deletions
diff --git a/sonar-ws/src/main/java/org/sonarqube/ws/client/OkHttpClientBuilder.java b/sonar-ws/src/main/java/org/sonarqube/ws/client/OkHttpClientBuilder.java
index 2f4ff65767e..77ad1552be4 100644
--- a/sonar-ws/src/main/java/org/sonarqube/ws/client/OkHttpClientBuilder.java
+++ b/sonar-ws/src/main/java/org/sonarqube/ws/client/OkHttpClientBuilder.java
@@ -21,6 +21,7 @@ package org.sonarqube.ws.client;
 
 import java.io.FileInputStream;
 import java.io.IOException;
+import java.net.HttpURLConnection;
 import java.net.Proxy;
 import java.security.GeneralSecurityException;
 import java.security.KeyStore;
@@ -156,7 +157,16 @@ public class OkHttpClientBuilder {
     if (readTimeoutMs >= 0) {
       builder.readTimeout(readTimeoutMs, TimeUnit.MILLISECONDS);
     }
-    builder.addInterceptor(this::completeHeaders);
+    builder.addNetworkInterceptor(this::addUserAgent);
+    if (proxyLogin != null) {
+      builder.proxyAuthenticator((route, response) -> {
+        if (HttpURLConnection.HTTP_PROXY_AUTH == response.code()) {
+          String credential = Credentials.basic(proxyLogin, nullToEmpty(proxyPassword));
+          return response.request().newBuilder().header("Proxy-Authorization", credential).build();
+        }
+        return null;
+      });
+    }
 
     ConnectionSpec tls = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
       .allEnabledTlsVersions()
@@ -172,14 +182,11 @@ public class OkHttpClientBuilder {
     return builder.build();
   }
 
-  private Response completeHeaders(Interceptor.Chain chain) throws IOException {
+  private Response addUserAgent(Interceptor.Chain chain) throws IOException {
     Request.Builder newRequest = chain.request().newBuilder();
     if (userAgent != null) {
       newRequest.header("User-Agent", userAgent);
     }
-    if (proxyLogin != null) {
-      newRequest.header("Proxy-Authorization", Credentials.basic(proxyLogin, nullToEmpty(proxyPassword)));
-    }
     return chain.proceed(newRequest.build());
   }
 
diff --git a/sonar-ws/src/test/java/org/sonarqube/ws/client/HttpConnectorTest.java b/sonar-ws/src/test/java/org/sonarqube/ws/client/HttpConnectorTest.java
index a0a4ef98698..ba6e9d4dc43 100644
--- a/sonar-ws/src/test/java/org/sonarqube/ws/client/HttpConnectorTest.java
+++ b/sonar-ws/src/test/java/org/sonarqube/ws/client/HttpConnectorTest.java
@@ -20,6 +20,8 @@
 package org.sonarqube.ws.client;
 
 import java.io.File;
+import java.net.InetSocketAddress;
+import java.net.Proxy;
 import java.util.List;
 import javax.net.ssl.SSLSocketFactory;
 import okhttp3.ConnectionSpec;
@@ -138,16 +140,22 @@ public class HttpConnectorTest {
 
   @Test
   public void use_proxy_authentication() throws Exception {
-    answerHelloWorld();
+    MockWebServer proxy = new MockWebServer();
+    proxy.start();
     underTest = HttpConnector.newBuilder()
       .url(serverUrl)
+      .proxy(new Proxy(Proxy.Type.HTTP, new InetSocketAddress(proxy.getHostName(), proxy.getPort())))
       .proxyCredentials("theProxyLogin", "theProxyPassword")
       .build();
 
     GetRequest request = new GetRequest("api/issues/search");
+    proxy.enqueue(new MockResponse().setResponseCode(407));
+    proxy.enqueue(new MockResponse().setBody("OK!"));
     underTest.call(request);
 
-    RecordedRequest recordedRequest = server.takeRequest();
+    RecordedRequest recordedRequest = proxy.takeRequest();
+    assertThat(recordedRequest.getHeader("Proxy-Authorization")).isNull();
+    recordedRequest = proxy.takeRequest();
     assertThat(recordedRequest.getHeader("Proxy-Authorization")).isEqualTo(basic("theProxyLogin", "theProxyPassword"));
   }
 
diff --git a/sonar-ws/src/test/java/org/sonarqube/ws/client/OkHttpClientBuilderTest.java b/sonar-ws/src/test/java/org/sonarqube/ws/client/OkHttpClientBuilderTest.java
index e7282314581..60698db9ead 100644
--- a/sonar-ws/src/test/java/org/sonarqube/ws/client/OkHttpClientBuilderTest.java
+++ b/sonar-ws/src/test/java/org/sonarqube/ws/client/OkHttpClientBuilderTest.java
@@ -19,6 +19,7 @@
  */
 package org.sonarqube.ws.client;
 
+import javax.net.ssl.SSLSocketFactory;
 import okhttp3.OkHttpClient;
 import org.junit.Rule;
 import org.junit.Test;
@@ -27,8 +28,6 @@ import org.junit.rules.ExpectedException;
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.mockito.Mockito.mock;
 
-import javax.net.ssl.SSLSocketFactory;
-
 public class OkHttpClientBuilderTest {
 
   @Rule
@@ -41,7 +40,7 @@ public class OkHttpClientBuilderTest {
     OkHttpClient okHttpClient = underTest.build();
 
     assertThat(okHttpClient.proxy()).isNull();
-    assertThat(okHttpClient.interceptors()).hasSize(1);
+    assertThat(okHttpClient.networkInterceptors()).hasSize(1);
     assertThat(okHttpClient.sslSocketFactory()).isNotNull();
   }
author	Julien HENRY <julien.henry@sonarsource.com>	2017-04-21 16:40:57 +0200
committer	Julien HENRY <henryju@yahoo.fr>	2017-04-24 09:43:34 +0200
commit	a1e24b5dc9b1ab138e584e9ef4faeec8f6cb6701 (patch)
tree	cfabe1de0e87b1257d11612ba3cdbbef3f5ff005 /sonar-ws
parent	f1eda9d89e4d6a09acd3ff6b382e1fe21b39e068 (diff)
download	sonarqube-a1e24b5dc9b1ab138e584e9ef4faeec8f6cb6701.tar.gz sonarqube-a1e24b5dc9b1ab138e584e9ef4faeec8f6cb6701.zip