1
/*
2
 * Copyright (c) 2006, 2020, Oracle and/or its affiliates. All rights reserved.
3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4
 *
5
 * This code is free software; you can redistribute it and/or modify it
6
 * under the terms of the GNU General Public License version 2 only, as
7
 * published by the Free Software Foundation.
8
 *
9
 * This code is distributed in the hope that it will be useful, but WITHOUT
10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12
 * version 2 for more details (a copy is included in the LICENSE file that
13
 * accompanied this code).
14
 *
15
 * You should have received a copy of the GNU General Public License version
16
 * 2 along with this work; if not, write to the Free Software Foundation,
17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18
 *
19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20
 * or visit www.oracle.com if you need additional information or have any
21
 * questions.
22
 */
23

24
/**
25
 * @test
26
 * @bug 6393710
27
 * @library /test/lib
28
 * @summary  Non authenticated call followed by authenticated call never returns
29
 * @run main B6393710
30
 * @run main/othervm -Djava.net.preferIPv6Addresses=true B6393710
31
 */
32

33
import com.sun.net.httpserver.*;
34

35
import java.util.*;
36
import java.util.concurrent.*;
37
import java.io.*;
38
import java.net.*;
39

40
import jdk.test.lib.Utils;
41

42
/*
43
 * Test checks for following bug(s) when a POST containing a request body
44
 * needs to be authenticated
45
 *
46
 * 1) we were not reading the request body
47
 *
48
 * 2) we were not re-enabling the interestops for the socket channel
49
 */
50

51
public class B6393710 {
52

53
    static String CRLF = "\r\n";
54

55
    /* Two post requests containing data. The second one
56
     * has the expected authorization credentials
57
     */
58
    static String cmd =
59
        "POST /test/foo HTTP/1.1"+CRLF+
60
        "Content-Length: 22"+CRLF+
61
        "Pragma: no-cache"+CRLF+
62
        "Cache-Control: no-cache"+CRLF+ CRLF+
63
        "<item desc=\"excuse\" />"+
64
        "POST /test/foo HTTP/1.1"+CRLF+
65
        "Content-Length: 22"+CRLF+
66
        "Pragma: no-cache"+CRLF+
67
        "Authorization: Basic ZnJlZDpmcmVkcGFzc3dvcmQ="+CRLF+
68
        "Cache-Control: no-cache"+CRLF+ CRLF+
69
        "<item desc=\"excuse\" />";
70

71
    public static void main (String[] args) throws Exception {
72
        Handler handler = new Handler();
73
        InetAddress loopback = InetAddress.getLoopbackAddress();
74
        InetSocketAddress addr = new InetSocketAddress (loopback, 0);
75
        HttpServer server = HttpServer.create (addr, 0);
76
        HttpContext ctx = server.createContext ("/test", handler);
77
        ctx.setAuthenticator (new BasicAuthenticator ("test") {
78
            public boolean checkCredentials (String user, String pass) {
79
                return user.equals ("fred") && pass.equals("fredpassword");
80
            }
81
        });
82

83
        server.start ();
84

85
        Socket s = new Socket (loopback, server.getAddress().getPort());
86
        s.setSoTimeout ((int) Utils.adjustTimeout(5000));
87

88
        OutputStream os = s.getOutputStream();
89
        os.write (cmd.getBytes());
90
        InputStream is = s.getInputStream ();
91
        try {
92
            ok = readAndCheck (is, "401 Unauthorized") &&
93
                 readAndCheck (is, "200 OK");
94
        } catch (SocketTimeoutException e) {
95
            System.out.println ("Did not received expected data");
96
            ok = false;
97
        } finally {
98
            s.close();
99
            server.stop(2);
100
        }
101

102
        if (requests != 1) {
103
            throw new RuntimeException ("server handler did not receive the request");
104
        }
105
        if (!ok) {
106
            throw new RuntimeException ("did not get 200 OK");
107
        }
108
        System.out.println ("OK");
109
    }
110

111
    /* check for expected string and return true if found in stream */
112

113
    static boolean readAndCheck (InputStream is, String expected) throws IOException {
114
        int c;
115
        int count = 0;
116
        int expLen = expected.length();
117
        expected = expected.toLowerCase();
118

119
        while ((c=is.read()) != -1) {
120
            c = Character.toLowerCase (c);
121
            if (c == expected.charAt (count)) {
122
                count ++;
123
                if (count == expLen) {
124
                    return true;
125
                }
126
            } else {
127
                count = 0;
128
            }
129
        }
130
        return false;
131
    }
132

133
    public static volatile boolean ok = false;
134
    static volatile int requests = 0;
135

136
    static class Handler implements HttpHandler {
137
        int invocation = 1;
138
        public void handle (HttpExchange t)
139
            throws IOException
140
        {
141
            int count = 0;
142
            InputStream is = t.getRequestBody();
143
            Headers map = t.getRequestHeaders();
144
            Headers rmap = t.getResponseHeaders();
145
            while (is.read () != -1) {
146
                count ++;
147
            }
148
            if (count != 22) {
149
                System.out.println ("Handler expected 22. got " + count);
150
                ok = false;
151
            }
152
            is.close();
153
            t.sendResponseHeaders (200, -1);
154
            t.close();
155
            requests ++;
156
        }
157
    }
158
}
159

160