feat(http): add request interceptor to pre-emptive HTTP Basic authentication

author: Thomas <> 2023-02-06 15:04:35 +0100
committer: Thomas <> 2023-02-06 15:04:35 +0100
commit: a0320b9505073357bbd085e5ee4a4894ecd1e9f3 (patch)
tree: 55429e6ce293be9f719498c568b5007c18985d53 /eaaf_core_utils/src/main
parent: b1c89dad26ec39270de561657f1200980ec301da (diff)
download: EAAF-Components-a0320b9505073357bbd085e5ee4a4894ecd1e9f3.tar.gz
EAAF-Components-a0320b9505073357bbd085e5ee4a4894ecd1e9f3.tar.bz2
EAAF-Components-a0320b9505073357bbd085e5ee4a4894ecd1e9f3.zip
3 files changed, 66 insertions, 0 deletions
diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpClientConfiguration.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpClientConfiguration.java
index 40d22205..5e873fe8 100644
--- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpClientConfiguration.java
+++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpClientConfiguration.java
@@ -46,6 +46,9 @@ public class HttpClientConfiguration {
   boolean disableHostnameValidation = false;
 
   @Setter
+  boolean enablePreEmptiveHttpBasicAuth = true;
+  
+  @Setter
   boolean disableTlsHostCertificateValidation = false;
 
 
diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpClientFactory.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpClientFactory.java
index 784dbe0e..ac5905ac 100644
--- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpClientFactory.java
+++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpClientFactory.java
@@ -49,6 +49,7 @@ import at.gv.egiz.eaaf.core.exceptions.EaafException;
 import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory;
 import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration.KeyStoreType;
 import at.gv.egiz.eaaf.core.impl.data.Pair;
+import at.gv.egiz.eaaf.core.impl.http.interceptor.PreemptiveAuthInterceptor;
 import lombok.extern.slf4j.Slf4j;
 
 @Slf4j
@@ -305,6 +306,13 @@ public class HttpClientFactory implements IHttpClientFactory {
       log.info("Basic http authentication was injected with username: {}",
           httpClientConfig.getUsername());
 
+      if (httpClientConfig.isEnablePreEmptiveHttpBasicAuth()) {
+        log.info("Inject pre-emptive HTTP Basic-Auth interceptor for client: {}", 
+            httpClientConfig.getFriendlyName());
+        builder.addInterceptorFirst(new PreemptiveAuthInterceptor());
+        
+      }
+      
     } else {
       log.trace("Injection of Http Basic authentication was skipped");
 
diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/interceptor/PreemptiveAuthInterceptor.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/interceptor/PreemptiveAuthInterceptor.java
new file mode 100644
index 00000000..5edc8cac
--- /dev/null
+++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/interceptor/PreemptiveAuthInterceptor.java
@@ -0,0 +1,55 @@
+package at.gv.egiz.eaaf.core.impl.http.interceptor;
+
+import java.io.IOException;
+
+import org.apache.http.HttpException;
+import org.apache.http.HttpHost;
+import org.apache.http.HttpRequest;
+import org.apache.http.HttpRequestInterceptor;
+import org.apache.http.auth.AuthScope;
+import org.apache.http.auth.AuthState;
+import org.apache.http.auth.Credentials;
+import org.apache.http.client.CredentialsProvider;
+import org.apache.http.client.protocol.HttpClientContext;
+import org.apache.http.impl.auth.BasicScheme;
+import org.apache.http.protocol.HttpContext;
+import org.apache.http.protocol.HttpCoreContext;
+
+import lombok.extern.slf4j.Slf4j;
+
+/**
+ * Intercepter for Apache HTTP client to pre-emptive Basic authentication.
+ * 
+ * @author tlenz
+ *
+ */
+@Slf4j
+public class PreemptiveAuthInterceptor implements HttpRequestInterceptor {
+
+  @Override
+  public void process(HttpRequest request, HttpContext context) throws HttpException, IOException {
+    final AuthState authState = (AuthState) context.getAttribute(HttpClientContext.TARGET_AUTH_STATE);
+
+    // If no auth scheme available yet, try to initialize it
+    // preemptively
+    if (authState.getAuthScheme() == null) {
+      final CredentialsProvider credentialsProvider = 
+          (CredentialsProvider) context.getAttribute(HttpClientContext.CREDS_PROVIDER);
+      final HttpHost targetHost = (HttpHost) context.getAttribute(HttpCoreContext.HTTP_TARGET_HOST);
+      
+      final Credentials credentials = credentialsProvider.getCredentials(
+          new AuthScope(targetHost.getHostName(), targetHost.getPort()));
+      if (credentials == null) {
+        log.warn("Find HTTP credential-provider but not credential matches. "
+            + "Use it as it is and looking what happend");
+        
+      } else {
+        log.trace("Updating HTTP basic-auth state to pre-emptive credentials ... ");
+        authState.update(new BasicScheme(), credentials);
+                
+      }     
+    }
+
+  }
+
+}
author	Thomas <>	2023-02-06 15:04:35 +0100
committer	Thomas <>	2023-02-06 15:04:35 +0100
commit	a0320b9505073357bbd085e5ee4a4894ecd1e9f3 (patch)
tree	55429e6ce293be9f719498c568b5007c18985d53 /eaaf_core_utils/src/main
parent	b1c89dad26ec39270de561657f1200980ec301da (diff)
download	EAAF-Components-a0320b9505073357bbd085e5ee4a4894ecd1e9f3.tar.gz EAAF-Components-a0320b9505073357bbd085e5ee4a4894ecd1e9f3.tar.bz2 EAAF-Components-a0320b9505073357bbd085e5ee4a4894ecd1e9f3.zip