Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
PojavLauncherTeam
GitHub Repository: PojavLauncherTeam/mobile
 Path: blob/master/test/jdk/sun/net/www/protocol/http/DigestTest.java
41159 views
1
/*

2
 * Copyright (c) 2001, 2021, Oracle and/or its affiliates. All rights reserved.

3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

4
 *

5
 * This code is free software; you can redistribute it and/or modify it

6
 * under the terms of the GNU General Public License version 2 only, as

7
 * published by the Free Software Foundation.

8
 *

9
 * This code is distributed in the hope that it will be useful, but WITHOUT

10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

12
 * version 2 for more details (a copy is included in the LICENSE file that

13
 * accompanied this code).

14
 *

15
 * You should have received a copy of the GNU General Public License version

16
 * 2 along with this work; if not, write to the Free Software Foundation,

17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

18
 *

19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

20
 * or visit www.oracle.com if you need additional information or have any

21
 * questions.

22
 */

23


24
/**

25
 * @test

26
 * @bug 4432213

27
 * @modules java.base/sun.net.www

28
 * @run main/othervm -Dhttp.auth.digest.validateServer=true DigestTest

29
 * @run main/othervm -Djava.net.preferIPv6Addresses=true

30
 *                   -Dhttp.auth.digest.validateServer=true DigestTest

31
 * @run main/othervm -Dhttp.auth.digest.validateServer=true

32
                     -Dtest.succeed=true DigestTest

33
 * @run main/othervm -Djava.net.preferIPv6Addresses=true

34
 *                   -Dhttp.auth.digest.validateServer=true

35
                     -Dtest.succeed=true DigestTest

36
 * @summary  Need to support Digest Authentication for Proxies

37
 */

38


39
import java.io.*;

40
import java.util.*;

41
import java.net.*;

42
import java.security.*;

43
import sun.net.www.*;

44


45
/* This is one simple test of the RFC2617 digest authentication behavior

46
 * It specifically tests that the client correctly checks the returned

47
 * Authentication-Info header field from the server and throws an exception

48
 * if the password is wrong

49
 */

50


51
class DigestServer extends Thread {

52


53
    ServerSocket s;

54
    Socket   s1;

55
    InputStream  is;

56
    OutputStream os;

57
    int port;

58


59
    String reply1 = "HTTP/1.1 401 Unauthorized\r\n"+

60
        "WWW-Authenticate: Digest realm=\""+realm+"\" domain=/ "+

61
        "nonce=\""+nonce+"\" qop=\"auth\"\r\n\r\n";

62


63
    String reply2 = "HTTP/1.1 200 OK\r\n" +

64
        "Date: Mon, 15 Jan 2001 12:18:21 GMT\r\n" +

65
        "Server: Apache/1.3.14 (Unix)\r\n" +

66
        "Content-Type: text/html; charset=iso-8859-1\r\n" +

67
        "Transfer-encoding: chunked\r\n";

68
    String body =

69
        "B\r\nHelloWorld1\r\n"+

70
        "B\r\nHelloWorld2\r\n"+

71
        "B\r\nHelloWorld3\r\n"+

72
        "B\r\nHelloWorld4\r\n"+

73
        "B\r\nHelloWorld5\r\n"+

74
        "0\r\n\r\n";

75
    String authInfo =

76
        "Authentication-Info: ";

77


78
    DigestServer (ServerSocket y) {

79
        s = y;

80
        port = s.getLocalPort();

81
    }

82


83
    public void run () {

84
        try {

85
                s1 = s.accept ();

86
                is = s1.getInputStream ();

87
                os = s1.getOutputStream ();

88
                is.read ();

89
                os.write (reply1.getBytes());

90
                Thread.sleep (2000);

91
                s1.close ();

92


93
                s1 = s.accept ();

94
                is = s1.getInputStream ();

95
                os = s1.getOutputStream ();

96
                //is.read ();

97
                // need to get the cnonce out of the response

98
                MessageHeader header = new MessageHeader (is);

99
                String raw = header.findValue ("Authorization");

100
                HeaderParser parser = new HeaderParser (raw);

101
                String cnonce = parser.findValue ("cnonce");

102
                String cnstring = parser.findValue ("nc");

103


104
                String reply = reply2 + authInfo + getAuthorization (uri, "GET", cnonce, cnstring) +"\r\n" + body;

105
                os.write (reply.getBytes());

106
                Thread.sleep (2000);

107
                s1.close ();

108
        } catch (Exception e) {

109
            System.out.println (e);

110
            e.printStackTrace();

111
        } finally {

112
            try { s.close(); } catch (IOException unused) {}

113
        }

114
    }

115


116
    static char[] passwd = "password".toCharArray();

117
    static String username = "user";

118
    static String nonce = "abcdefghijklmnopqrstuvwxyz";

119
    static String realm = "wallyworld";

120
    static String uri = "/foo.html";

121


122
    private String getAuthorization (String uri, String method, String cnonce, String cnstring) {

123
        String response;

124


125
        try {

126
            response = computeDigest(false, username,passwd,realm,

127
                                        method, uri, nonce, cnonce, cnstring);

128
        } catch (NoSuchAlgorithmException ex) {

129
            return null;

130
        }

131


132
        String value = "Digest"

133
                        + " qop=auth\""

134
                        + "\", cnonce=\"" + cnonce

135
                        + "\", rspauth=\"" + response

136
                        + "\", nc=\"" + cnstring + "\"";

137
        return (value+ "\r\n");

138
    }

139


140
    private String computeDigest(

141
                        boolean isRequest, String userName, char[] password,

142
                        String realm, String connMethod,

143
                        String requestURI, String nonceString,

144
                        String cnonce, String ncValue

145
                    ) throws NoSuchAlgorithmException

146
    {

147


148
        String A1, HashA1;

149


150
        MessageDigest md = MessageDigest.getInstance("MD5");

151


152
        {

153
            A1 = userName + ":" + realm + ":";

154
            HashA1 = encode(A1, password, md);

155
        }

156


157
        String A2;

158
        if (isRequest) {

159
            A2 = connMethod + ":" + requestURI;

160
        } else {

161
            A2 = ":" + requestURI;

162
        }

163
        String HashA2 = encode(A2, null, md);

164
        String combo, finalHash;

165


166
        { /* RRC2617 when qop=auth */

167
            combo = HashA1+ ":" + nonceString + ":" + ncValue + ":" +

168
                        cnonce + ":auth:" +HashA2;

169


170
        }

171
        finalHash = encode(combo, null, md);

172
        return finalHash;

173
    }

174


175
    private String encode(String src, char[] passwd, MessageDigest md) {

176
        md.update(src.getBytes());

177
        if (passwd != null) {

178
            byte[] passwdBytes = new byte[passwd.length];

179
            for (int i=0; i<passwd.length; i++)

180
                passwdBytes[i] = (byte)passwd[i];

181
            md.update(passwdBytes);

182
            Arrays.fill(passwdBytes, (byte)0x00);

183
        }

184
        byte[] digest = md.digest();

185
        return HexFormat.of().formatHex(digest);

186
    }

187


188
}

189


190
public class DigestTest {

191


192
    static final boolean SUCCEED =

193
        Boolean.parseBoolean(System.getProperty("test.succeed", "false"));

194


195
    static class MyAuthenticator extends Authenticator {

196
        public MyAuthenticator () {

197
            super ();

198
        }

199


200
        public PasswordAuthentication getPasswordAuthentication ()

201
        {

202
            char[] passwd = SUCCEED ? DigestServer.passwd.clone()

203
                                      : "Wrongpassword".toCharArray();

204
            return new PasswordAuthentication("user", passwd);

205
        }

206
    }

207


208


209
    public static void main(String[] args) throws Exception {

210
        int port;

211
        DigestServer server;

212
        ServerSocket sock;

213


214
        InetAddress loopback = InetAddress.getLoopbackAddress();

215
        try {

216
            sock = new ServerSocket();

217
            sock.bind(new InetSocketAddress(loopback, 0));

218
            port = sock.getLocalPort();

219
        }

220
        catch (Exception e) {

221
            System.out.println ("Exception: " + e);

222
            throw e;

223
        }

224


225
        server = new DigestServer(sock);

226
        server.start ();

227
        boolean passed = false;

228
        ProtocolException exception = null;

229


230
        try  {

231
            Authenticator.setDefault (new MyAuthenticator ());

232
            String address = loopback.getHostAddress();

233
            if (address.indexOf(':') > -1)  address = "[" + address + "]";

234
            String s = "http://" + address + ":" + port + DigestServer.uri;

235
            URL url = new URL(s);

236
            java.net.URLConnection conURL =  url.openConnection(Proxy.NO_PROXY);

237


238
            InputStream in = conURL.getInputStream();

239
            while (in.read () != -1) {}

240
            in.close ();

241
            if (SUCCEED) passed = true;

242
        } catch(ProtocolException e) {

243
            exception = e;

244
            if (!SUCCEED) passed = true;

245
        }

246


247
        if (!passed) {

248
            if (!SUCCEED) {

249
                throw new RuntimeException("Expected a ProtocolException from wrong password");

250
            } else {

251
                assert exception != null;

252
                throw new RuntimeException("Unexpected ProtocolException from correct password: "

253
                                            + exception, exception);

254
            }

255
        }

256
    }

257
}

258


259