[GitHub] httpcomponents-client pull request #123: Better handling of http(s).proxyUse...

Wed, 12 Dec 2018 14:04:06 -0800 

Github user jborgland commented on a diff in the pull request:

    
https://github.com/apache/httpcomponents-client/pull/123#discussion_r241202086
  
    --- Diff: 
httpclient/src/main/java/org/apache/http/impl/client/SystemDefaultCredentialsProvider.java
 ---
    @@ -116,25 +116,16 @@ public Credentials getCredentials(final AuthScope 
authscope) {
                 if (systemcreds == null) {
                     systemcreds = getSystemCreds(protocol, authscope, 
Authenticator.RequestorType.PROXY);
                 }
    -            if (systemcreds == null) {
    -                final String proxyHost = System.getProperty(protocol + 
".proxyHost");
    -                if (proxyHost != null) {
    -                    final String proxyPort = System.getProperty(protocol + 
".proxyPort");
    -                    if (proxyPort != null) {
    -                        try {
    -                            final AuthScope systemScope = new 
AuthScope(proxyHost, Integer.parseInt(proxyPort));
    -                            if (authscope.match(systemScope) >= 0) {
    -                                final String proxyUser = 
System.getProperty(protocol + ".proxyUser");
    -                                if (proxyUser != null) {
    -                                    final String proxyPassword = 
System.getProperty(protocol + ".proxyPassword");
    -                                    systemcreds = new 
PasswordAuthentication(proxyUser, proxyPassword != null ? 
proxyPassword.toCharArray() : new char[] {});
    -                                }
    -                            }
    -                        } catch (final NumberFormatException ex) {
    -                        }
    -                    }
    -                }
    -            }
    +                   if (systemcreds == null) {
    +                           // Look for values given using 
http.proxyUser/http.proxyPassword or
    +                           // https.proxyUser/https.proxyPassword. We 
cannot simply use the protocol from
    +                           // the origin since a proxy retrieved from 
https.proxyHost/https.proxyPort will
    +                           // still use http as protocol
    +                           systemcreds = getProxyCredentials("http", 
authscope);
    +                           if (systemcreds == null) {
    +                                   systemcreds = 
getProxyCredentials("https", authscope);
    +                           }
    --- End diff --
    
    You mean to only do it if `protocol` is `http`? Sure. 
    
    One could imagine other completely different types of fixes as well. I 
tried to make a fix that was completely local to the 
SystemDefaultCredentialsProvider but when it's called (from 
AuthenticationStrategyImpl) there's more information available - like the fact 
that it is in fact a proxy that we're connecting to, and the HTTP status code 
(one could for example decide to use these system properties as the primary 
source if the status code is 407).


---

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to