SystemDefaultCredentialsProvider.java

/*
 * ====================================================================
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements.  See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership.  The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License.  You may obtain a copy of the License at
 *
 *   http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied.  See the License for the
 * specific language governing permissions and limitations
 * under the License.
 * ====================================================================
 *
 * This software consists of voluntary contributions made by many
 * individuals on behalf of the Apache Software Foundation.  For more
 * information on the Apache Software Foundation, please see
 * <http://www.apache.org/>.
 *
 */
package org.apache.hc.client5.http.impl.auth;

import java.net.Authenticator;
import java.net.MalformedURLException;
import java.net.PasswordAuthentication;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;

import org.apache.hc.client5.http.auth.AuthScope;
import org.apache.hc.client5.http.auth.Credentials;
import org.apache.hc.client5.http.auth.CredentialsStore;
import org.apache.hc.client5.http.auth.UsernamePasswordCredentials;
import org.apache.hc.client5.http.protocol.HttpClientContext;
import org.apache.hc.core5.annotation.Contract;
import org.apache.hc.core5.annotation.ThreadingBehavior;
import org.apache.hc.core5.http.HttpRequest;
import org.apache.hc.core5.http.URIScheme;
import org.apache.hc.core5.http.protocol.HttpContext;
import org.apache.hc.core5.util.Args;

/**
 * Implementation of {@link CredentialsStore} backed by standard
 * JRE {@link Authenticator}.
 *
 * @since 4.3
 */
@Contract(threading = ThreadingBehavior.SAFE)
@SuppressWarnings("deprecation")
public class SystemDefaultCredentialsProvider implements CredentialsStore {

    private final BasicCredentialsProvider internal;

    /**
     * Default constructor.
     */
    public SystemDefaultCredentialsProvider() {
        super();
        this.internal = new BasicCredentialsProvider();
    }

    @Override
    public void setCredentials(final AuthScope authScope, final Credentials credentials) {
        internal.setCredentials(authScope, credentials);
    }

    private static PasswordAuthentication getSystemCreds(
            final String protocol,
            final AuthScope authScope,
            final Authenticator.RequestorType requestorType,
            final HttpClientContext context) {
        final HttpRequest request = context != null ? context.getRequest() : null;
        URL targetHostURL;
        try {
            final URI uri = request != null ? request.getUri() : null;
            targetHostURL = uri != null ? uri.toURL() : null;
        } catch (final URISyntaxException | MalformedURLException ignore) {
            targetHostURL = null;
        }
        // use null addr, because the authentication fails if it does not exactly match the expected realm's host
        return Authenticator.requestPasswordAuthentication(
                authScope.getHost(),
                null,
                authScope.getPort(),
                protocol,
                authScope.getRealm(),
                authScope.getSchemeName(),
                targetHostURL,
                requestorType);
    }

    @Override
    public Credentials getCredentials(final AuthScope authScope, final HttpContext context) {
        Args.notNull(authScope, "Auth scope");
        final Credentials localcreds = internal.getCredentials(authScope, context);
        if (localcreds != null) {
            return localcreds;
        }
        final String host = authScope.getHost();
        if (host != null) {
            final HttpClientContext clientContext = context != null ? HttpClientContext.cast(context) : null;
            final String protocol = authScope.getProtocol() != null ? authScope.getProtocol() : (authScope.getPort() == 443 ? URIScheme.HTTPS.id : URIScheme.HTTP.id);
            final PasswordAuthentication serverCreds = getSystemCreds(protocol, authScope, Authenticator.RequestorType.SERVER, clientContext);
            if (serverCreds != null) {
                return new UsernamePasswordCredentials(serverCreds.getUserName(), serverCreds.getPassword());
            }
            final PasswordAuthentication proxyCreds = getSystemCreds(protocol, authScope, Authenticator.RequestorType.PROXY, clientContext);
            if (proxyCreds != null) {
                return new UsernamePasswordCredentials(proxyCreds.getUserName(), proxyCreds.getPassword());
            }
        }
        return null;
    }

    @Override
    public void clear() {
        internal.clear();
    }

}