Repository: tomee Updated Branches: refs/heads/master 99816340f -> baec720d4
TOMEE-1975 removing authorization from the url when using openejb-client with a token Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/baec720d Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/baec720d Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/baec720d Branch: refs/heads/master Commit: baec720d47258be189c892633e7f9b3cf69657af Parents: 9981634 Author: rmannibucau <[email protected]> Authored: Tue Nov 22 19:03:12 2016 +0100 Committer: rmannibucau <[email protected]> Committed: Tue Nov 22 19:03:12 2016 +0100 ---------------------------------------------------------------------- .../openejb/client/HttpConnectionFactory.java | 21 +++++++++++++++++--- .../openejb/client/HttpConnectionTest.java | 4 ++++ 2 files changed, 22 insertions(+), 3 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/tomee/blob/baec720d/server/openejb-client/src/main/java/org/apache/openejb/client/HttpConnectionFactory.java ---------------------------------------------------------------------- diff --git a/server/openejb-client/src/main/java/org/apache/openejb/client/HttpConnectionFactory.java b/server/openejb-client/src/main/java/org/apache/openejb/client/HttpConnectionFactory.java index 7344864..f8f8ac4 100644 --- a/server/openejb-client/src/main/java/org/apache/openejb/client/HttpConnectionFactory.java +++ b/server/openejb-client/src/main/java/org/apache/openejb/client/HttpConnectionFactory.java @@ -74,7 +74,10 @@ public class HttpConnectionFactory implements ConnectionFactory { throw new IllegalArgumentException("Invalid uri " + uri.toString(), e); } - httpURLConnection = (HttpURLConnection) url.openConnection(); + final String authorization = params.get("authorization"); + + httpURLConnection = (HttpURLConnection) (authorization == null ? + url : new URL(stripQuery(url.toExternalForm(), "authorization"))).openConnection(); httpURLConnection.setDoOutput(true); final int timeout; @@ -89,8 +92,8 @@ public class HttpConnectionFactory implements ConnectionFactory { if (params.containsKey("readTimeout")) { httpURLConnection.setReadTimeout(Integer.parseInt(params.get("readTimeout"))); } - if (params.containsKey("authorization")) { - httpURLConnection.setRequestProperty("Authorization", params.get("authorization")); + if (authorization != null) { + httpURLConnection.setRequestProperty("Authorization", authorization); } if (params.containsKey("sslKeyStore") || params.containsKey("sslTrustStore")) { @@ -117,6 +120,18 @@ public class HttpConnectionFactory implements ConnectionFactory { } } + private String stripQuery(final String url, final String param) { + String result = url; + do { + final int h = result.indexOf(param + '='); + final int end = result.indexOf('&', h); + if (h <= 0) { + return result; + } + result = result.substring(0, h - 1) + (end < 0 ? "" : result.substring(end + 1, result.length())); + } while (true); + } + @Override public void discard() { try { http://git-wip-us.apache.org/repos/asf/tomee/blob/baec720d/server/openejb-client/src/test/java/org/apache/openejb/client/HttpConnectionTest.java ---------------------------------------------------------------------- diff --git a/server/openejb-client/src/test/java/org/apache/openejb/client/HttpConnectionTest.java b/server/openejb-client/src/test/java/org/apache/openejb/client/HttpConnectionTest.java index a37d8d3..1f6717e 100644 --- a/server/openejb-client/src/test/java/org/apache/openejb/client/HttpConnectionTest.java +++ b/server/openejb-client/src/test/java/org/apache/openejb/client/HttpConnectionTest.java @@ -48,6 +48,10 @@ public class HttpConnectionTest { final OutputStream responseBody = exchange.getResponseBody(); responseBody.write("secure page".getBytes()); + final String query = exchange.getRequestURI().getQuery(); + if (query != null) { + responseBody.write(query.getBytes()); + } final String authorization = exchange.getRequestHeaders().getFirst("Authorization"); if (authorization != null) { responseBody.write(authorization.getBytes("UTF-8"));
