HTTP 1 parser, CONNECT host:port fix, HTTP2 support tests

Signed-off-by: Jorge Bescos Gascon <[email protected]>
helidon-io · Aug 7, 2023 · 0b972bb · 0b972bb
1 parent d4636ac
commit 0b972bb
Show file tree

Hide file tree

Showing 12 changed files with 612 additions and 133 deletions.
diff --git a/common/http/src/main/java/io/helidon/common/http/HeaderEnum.java b/common/http/src/main/java/io/helidon/common/http/HeaderEnum.java
@@ -77,6 +77,7 @@ enum HeaderEnum implements Http.HeaderName {
     LINK("Link"),
     LOCATION("Location"),
     PRAGMA("Pragma"),
+    PROXY_CONNECTION("Proxy-Connection"),
     PUBLIC_KEY_PINS("Public-Key-Pins"),
     RETRY_AFTER("Retry-After"),
     SERVER("Server"),

diff --git a/common/http/src/main/java/io/helidon/common/http/Http.java b/common/http/src/main/java/io/helidon/common/http/Http.java
@@ -1332,6 +1332,13 @@ public static final class Header {
          * Implementation-specific fields that may have various effects anywhere along the request-response chain.
          */
         public static final HeaderName PRAGMA = HeaderEnum.PRAGMA;
+        /**
+         * The {@code Proxy-Connection} header name.
+         * Implemented as a misunderstanding of the HTTP specifications. Common because of mistakes in
+         * implementations of early HTTP versions. Has exactly the same functionality as standard
+         * Connection field. Must not be used with HTTP/2.
+         */
+        public static final HeaderName PROXY_CONNECTION = HeaderEnum.PROXY_CONNECTION;
         /**
          * The {@code Public-Key-Pins} header name.
          * HTTP Public Key Pinning, announces hash of website's authentic TLS certificate.

diff --git a/nima/tests/integration/webclient/webclient/pom.xml b/nima/tests/integration/webclient/webclient/pom.xml
@@ -32,6 +32,10 @@
             <groupId>io.helidon.nima.webclient</groupId>
             <artifactId>helidon-nima-webclient</artifactId>
         </dependency>
+        <dependency>
+            <groupId>io.helidon.nima.http2</groupId>
+            <artifactId>helidon-nima-http2-webclient</artifactId>
+        </dependency>
         <dependency>
             <groupId>io.helidon.nima.webserver</groupId>
             <artifactId>helidon-nima-webserver</artifactId>

diff --git a/...ebclient/src/test/java/io/helidon/nima/tests/integration/webclient/AuthHttpProxyTest.java b/...ebclient/src/test/java/io/helidon/nima/tests/integration/webclient/AuthHttpProxyTest.java
@@ -0,0 +1,127 @@
+/*
+ * Copyright (c) 2023 Oracle and/or its affiliates.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.helidon.nima.tests.integration.webclient;
+
+import static io.helidon.common.http.Http.Method.GET;
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.junit.jupiter.api.Assertions.fail;
+
+import io.helidon.common.http.Http;
+import io.helidon.nima.http2.webclient.Http2Client;
+import io.helidon.nima.testing.junit5.webserver.ServerTest;
+import io.helidon.nima.testing.junit5.webserver.SetUpRoute;
+import io.helidon.nima.webclient.api.HttpClient;
+import io.helidon.nima.webclient.api.HttpClientResponse;
+import io.helidon.nima.webclient.api.Proxy;
+import io.helidon.nima.webclient.api.Proxy.ProxyType;
+import io.helidon.nima.webclient.http1.Http1Client;
+import io.helidon.nima.webserver.WebServer;
+import io.helidon.nima.webserver.http.HttpRouting;
+
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+
+@ServerTest
+public class AuthHttpProxyTest {
+
+    private static final String PROXY_HOST = "localhost";
+    private static final String USER = "user";
+    private static final String PASSWORD = "password";
+    private int proxyPort;
+    private HttpProxy httpProxy;
+
+    private final HttpClient<?> clientHttp1;
+    private final HttpClient<?> clientHttp2;
+
+    @SetUpRoute
+    static void routing(HttpRouting.Builder router) {
+        router.route(GET, "/get", Routes::get);
+    }
+
+    @BeforeEach
+    public void before() {
+        httpProxy = new HttpProxy(0, USER, PASSWORD);
+        httpProxy.start();
+        proxyPort = httpProxy.connectedPort();
+        assertThat(httpProxy.counter(), is(0));
+    }
+
+    @AfterEach
+    public void after() {
+        httpProxy.stop();
+    }
+
+    AuthHttpProxyTest(WebServer server) {
+        String uri = "http://localhost:" + server.port();
+        this.clientHttp1 = Http1Client.builder().baseUri(uri).build();
+        this.clientHttp2 = Http2Client.builder().baseUri(uri).build();
+    }
+
+    @Test
+    void testUserPasswordCorrect1() {
+        Proxy proxy = Proxy.builder().type(ProxyType.HTTP).host(PROXY_HOST)
+                .username(USER).password(PASSWORD.toCharArray()).port(proxyPort).build();
+        successVerify(proxy, clientHttp1);
+    }
+
+    @Test
+    void testUserPasswordCorrect2() {
+        Proxy proxy = Proxy.builder().type(ProxyType.HTTP).host(PROXY_HOST)
+                .username(USER).password(PASSWORD.toCharArray()).port(proxyPort).build();
+        successVerify(proxy, clientHttp2);
+    }
+
+    @Test
+    void testUserPasswordNotCorrect1() {
+        Proxy proxy = Proxy.builder().type(ProxyType.HTTP).host(PROXY_HOST)
+                .username(USER).password("wrong".toCharArray()).port(proxyPort).build();
+        failVerify(proxy, clientHttp1);
+    }
+
+    @Test
+    void testUserPasswordNotCorrect2() {
+        Proxy proxy = Proxy.builder().type(ProxyType.HTTP).host(PROXY_HOST)
+                .username(USER).password("wrong".toCharArray()).port(proxyPort).build();
+        failVerify(proxy, clientHttp2);
+    }
+
+    private void successVerify(Proxy proxy, HttpClient<?> client) {
+        try (HttpClientResponse response = client.get("/get").proxy(proxy).request()) {
+            assertThat(response.status(), is(Http.Status.OK_200));
+            String entity = response.entity().as(String.class);
+            assertThat(entity, is("Hello"));
+        }
+        assertThat(httpProxy.counter(), is(1));
+    }
+
+    private void failVerify(Proxy proxy, HttpClient<?> client) {
+        try (HttpClientResponse response = client.get("/get").proxy(proxy).request()) {
+            fail("Expected exception");
+        } catch (IllegalStateException e) {
+            assertThat(e.getMessage(), is("Proxy sent wrong HTTP response code: 401 Unauthorized"));
+        }
+        assertThat(httpProxy.counter(), is(1));
+    }
+
+    private static class Routes {
+        private static String get() {
+            return "Hello";
+        }
+    }
+}
diff --git a/...bclient/src/test/java/io/helidon/nima/tests/integration/webclient/AuthHttpsProxyTest.java b/...bclient/src/test/java/io/helidon/nima/tests/integration/webclient/AuthHttpsProxyTest.java
@@ -0,0 +1,155 @@
+/*
+ * Copyright (c) 2023 Oracle and/or its affiliates.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.helidon.nima.tests.integration.webclient;
+
+import static io.helidon.common.http.Http.Method.GET;
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.junit.jupiter.api.Assertions.fail;
+
+import io.helidon.common.configurable.Resource;
+import io.helidon.common.http.Http;
+import io.helidon.common.pki.Keys;
+import io.helidon.nima.common.tls.Tls;
+import io.helidon.nima.http2.webclient.Http2Client;
+import io.helidon.nima.testing.junit5.webserver.ServerTest;
+import io.helidon.nima.testing.junit5.webserver.SetUpRoute;
+import io.helidon.nima.testing.junit5.webserver.SetUpServer;
+import io.helidon.nima.webclient.api.HttpClient;
+import io.helidon.nima.webclient.api.HttpClientResponse;
+import io.helidon.nima.webclient.api.Proxy;
+import io.helidon.nima.webclient.api.Proxy.ProxyType;
+import io.helidon.nima.webclient.http1.Http1Client;
+import io.helidon.nima.webserver.WebServer;
+import io.helidon.nima.webserver.WebServerConfig.Builder;
+import io.helidon.nima.webserver.http.HttpRouting;
+
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+
+@ServerTest
+public class AuthHttpsProxyTest {
+
+    private static final String PROXY_HOST = "localhost";
+    private static final String USER = "user";
+    private static final String PASSWORD = "password";
+    private int proxyPort;
+    private HttpProxy httpProxy;
+
+    private final HttpClient<?> clientHttp1;
+    private final HttpClient<?> clientHttp2;
+
+    @SetUpRoute
+    static void routing(HttpRouting.Builder router) {
+        router.route(GET, "/get", Routes::get);
+    }
+
+    @SetUpServer
+    static void server(Builder builder) {
+        Keys privateKeyConfig = Keys.builder()
+                .keystore(keystore -> keystore
+                        .keystore(Resource.create("server.p12"))
+                        .passphrase("password"))
+                .build();
+
+        Tls tls = Tls.builder()
+                .privateKey(privateKeyConfig.privateKey().get())
+                .privateKeyCertChain(privateKeyConfig.certChain())
+                .trustAll(true)
+                .endpointIdentificationAlgorithm(Tls.ENDPOINT_IDENTIFICATION_NONE)
+                .build();
+
+        builder.tls(tls);
+    }
+
+    @BeforeEach
+    public void before() {
+        httpProxy = new HttpProxy(0, USER, PASSWORD);
+        httpProxy.start();
+        proxyPort = httpProxy.connectedPort();
+        assertThat(httpProxy.counter(), is(0));
+    }
+
+    @AfterEach
+    public void after() {
+        httpProxy.stop();
+    }
+
+    AuthHttpsProxyTest(WebServer server) {
+        int port = server.port();
+
+        Tls tls = Tls.builder()
+                .trustAll(true)
+                .endpointIdentificationAlgorithm(Tls.ENDPOINT_IDENTIFICATION_NONE)
+                .build();
+
+        this.clientHttp1 = Http1Client.builder().baseUri("https://localhost:" + port).tls(tls).build();
+        this.clientHttp2 = Http2Client.builder().baseUri("https://localhost:" + port).tls(tls).build();
+    }
+
+    @Test
+    void testUserPasswordCorrect1() {
+        Proxy proxy = Proxy.builder().type(ProxyType.HTTP).host(PROXY_HOST)
+                .username(USER).password(PASSWORD.toCharArray()).port(proxyPort).build();
+        successVerify(proxy, clientHttp1);
+    }
+
+    @Test
+    void testUserPasswordCorrect2() {
+        Proxy proxy = Proxy.builder().type(ProxyType.HTTP).host(PROXY_HOST)
+                .username(USER).password(PASSWORD.toCharArray()).port(proxyPort).build();
+        successVerify(proxy, clientHttp2);
+    }
+
+    @Test
+    void testUserPasswordNotCorrect1() {
+        Proxy proxy = Proxy.builder().type(ProxyType.HTTP).host(PROXY_HOST)
+                .username(USER).password("wrong".toCharArray()).port(proxyPort).build();
+        failVerify(proxy, clientHttp1);
+    }
+
+    @Test
+    void testUserPasswordNotCorrect2() {
+        Proxy proxy = Proxy.builder().type(ProxyType.HTTP).host(PROXY_HOST)
+                .username(USER).password("wrong".toCharArray()).port(proxyPort).build();
+        failVerify(proxy, clientHttp2);
+    }
+
+    private void failVerify(Proxy proxy, HttpClient<?> client) {
+        try (HttpClientResponse response = client.get("/get").proxy(proxy).request()) {
+            fail("Expected exception");
+        } catch (IllegalStateException e) {
+            assertThat(e.getMessage(), is("Proxy sent wrong HTTP response code: 401 Unauthorized"));
+        }
+        assertThat(httpProxy.counter(), is(1));
+    }
+
+    private void successVerify(Proxy proxy, HttpClient<?> client) {
+        try (HttpClientResponse response = client.get("/get").proxy(proxy).request()) {
+            assertThat(response.status(), is(Http.Status.OK_200));
+            String entity = response.entity().as(String.class);
+            assertThat(entity, is("Hello"));
+        }
+    }
+
+    private static class Routes {
+        private static String get() {
+            return "Hello";
+        }
+    }
+}