/// <exception cref="Apache.Http.HttpException"></exception> public virtual HttpRoute DetermineRoute(HttpHost host, IHttpRequest request, HttpContext context) { Args.NotNull(host, "Target host"); Args.NotNull(request, "Request"); HttpClientContext clientContext = ((HttpClientContext)HttpClientContext.Adapt(context )); RequestConfig config = clientContext.GetRequestConfig(); IPAddress local = config.GetLocalAddress(); HttpHost proxy = config.GetProxy(); if (proxy == null) { proxy = DetermineProxy(host, request, context); } HttpHost target; if (host.GetPort() <= 0) { try { target = new HttpHost(host.GetHostName(), this.schemePortResolver.Resolve(host), host.GetSchemeName()); } catch (UnsupportedSchemeException ex) { throw new HttpException(ex.Message); } } else { target = host; } bool secure = Sharpen.Runtime.EqualsIgnoreCase(target.GetSchemeName(), "https"); if (proxy == null) { return(new HttpRoute(target, local, secure)); } else { return(new HttpRoute(target, local, proxy, secure)); } }
private bool NeedAuthentication(AuthState targetAuthState, AuthState proxyAuthState , HttpRoute route, HttpResponse response, HttpClientContext context) { RequestConfig config = context.GetRequestConfig(); if (config.IsAuthenticationEnabled()) { HttpHost target = context.GetTargetHost(); if (target == null) { target = route.GetTargetHost(); } if (target.GetPort() < 0) { target = new HttpHost(target.GetHostName(), route.GetTargetHost().GetPort(), target .GetSchemeName()); } if (this.authenticator.IsAuthenticationRequested(target, response, this.targetAuthStrategy , targetAuthState, context)) { return(this.authenticator.HandleAuthChallenge(target, response, this.targetAuthStrategy , targetAuthState, context)); } HttpHost proxy = route.GetProxyHost(); if (this.authenticator.IsAuthenticationRequested(proxy, response, this.proxyAuthStrategy , proxyAuthState, context)) { // if proxy is not set use target host instead if (proxy == null) { proxy = route.GetTargetHost(); } return(this.authenticator.HandleAuthChallenge(proxy, response, this.proxyAuthStrategy , proxyAuthState, context)); } } return(false); }
/// <exception cref="Apache.Http.Auth.MalformedChallengeException"></exception> public virtual Queue <AuthOption> Select(IDictionary <string, Header> challenges, HttpHost authhost, HttpResponse response, HttpContext context) { Args.NotNull(challenges, "Map of auth challenges"); Args.NotNull(authhost, "Host"); Args.NotNull(response, "HTTP response"); Args.NotNull(context, "HTTP context"); HttpClientContext clientContext = ((HttpClientContext)HttpClientContext.Adapt(context )); Queue <AuthOption> options = new List <AuthOption>(); Lookup <AuthSchemeProvider> registry = clientContext.GetAuthSchemeRegistry(); if (registry == null) { this.log.Debug("Auth scheme registry not set in the context"); return(options); } CredentialsProvider credsProvider = clientContext.GetCredentialsProvider(); if (credsProvider == null) { this.log.Debug("Credentials provider not set in the context"); return(options); } RequestConfig config = clientContext.GetRequestConfig(); ICollection <string> authPrefs = GetPreferredAuthSchemes(config); if (authPrefs == null) { authPrefs = DefaultSchemePriority; } if (this.log.IsDebugEnabled()) { this.log.Debug("Authentication schemes in the order of preference: " + authPrefs); } foreach (string id in authPrefs) { Header challenge = challenges.Get(id.ToLower(CultureInfo.InvariantCulture)); if (challenge != null) { AuthSchemeProvider authSchemeProvider = registry.Lookup(id); if (authSchemeProvider == null) { if (this.log.IsWarnEnabled()) { this.log.Warn("Authentication scheme " + id + " not supported"); } // Try again continue; } AuthScheme authScheme = authSchemeProvider.Create(context); authScheme.ProcessChallenge(challenge); AuthScope authScope = new AuthScope(authhost.GetHostName(), authhost.GetPort(), authScheme .GetRealm(), authScheme.GetSchemeName()); Credentials credentials = credsProvider.GetCredentials(authScope); if (credentials != null) { options.AddItem(new AuthOption(authScheme, credentials)); } } else { if (this.log.IsDebugEnabled()) { this.log.Debug("Challenge for " + id + " authentication scheme not available"); } } } // Try again return(options); }
/// <exception cref="System.IO.IOException"></exception> /// <exception cref="Apache.Http.HttpException"></exception> public virtual CloseableHttpResponse Execute(HttpRoute route, HttpRequestWrapper request, HttpClientContext context, HttpExecutionAware execAware) { Args.NotNull(route, "HTTP route"); Args.NotNull(request, "HTTP request"); Args.NotNull(context, "HTTP context"); ConnectionRequest connRequest = connManager.RequestConnection(route, null); if (execAware != null) { if (execAware.IsAborted()) { connRequest.Cancel(); throw new RequestAbortedException("Request aborted"); } else { execAware.SetCancellable(connRequest); } } RequestConfig config = context.GetRequestConfig(); HttpClientConnection managedConn; try { int timeout = config.GetConnectionRequestTimeout(); managedConn = connRequest.Get(timeout > 0 ? timeout : 0, TimeUnit.Milliseconds); } catch (Exception interrupted) { Sharpen.Thread.CurrentThread().Interrupt(); throw new RequestAbortedException("Request aborted", interrupted); } catch (ExecutionException ex) { Exception cause = ex.InnerException; if (cause == null) { cause = ex; } throw new RequestAbortedException("Request execution failed", cause); } ConnectionHolder releaseTrigger = new ConnectionHolder(log, connManager, managedConn ); try { if (execAware != null) { if (execAware.IsAborted()) { releaseTrigger.Close(); throw new RequestAbortedException("Request aborted"); } else { execAware.SetCancellable(releaseTrigger); } } if (!managedConn.IsOpen()) { int timeout = config.GetConnectTimeout(); this.connManager.Connect(managedConn, route, timeout > 0 ? timeout : 0, context); this.connManager.RouteComplete(managedConn, route, context); } int timeout_1 = config.GetSocketTimeout(); if (timeout_1 >= 0) { managedConn.SetSocketTimeout(timeout_1); } HttpHost target = null; IHttpRequest original = request.GetOriginal(); if (original is IHttpUriRequest) { URI uri = ((IHttpUriRequest)original).GetURI(); if (uri.IsAbsolute()) { target = new HttpHost(uri.GetHost(), uri.GetPort(), uri.GetScheme()); } } if (target == null) { target = route.GetTargetHost(); } context.SetAttribute(HttpClientContext.HttpTargetHost, target); context.SetAttribute(HttpClientContext.HttpRequest, request); context.SetAttribute(HttpClientContext.HttpConnection, managedConn); context.SetAttribute(HttpClientContext.HttpRoute, route); httpProcessor.Process(request, context); HttpResponse response = requestExecutor.Execute(request, managedConn, context); httpProcessor.Process(response, context); // The connection is in or can be brought to a re-usable state. if (reuseStrategy.KeepAlive(response, context)) { // Set the idle duration of this connection long duration = keepAliveStrategy.GetKeepAliveDuration(response, context); releaseTrigger.SetValidFor(duration, TimeUnit.Milliseconds); releaseTrigger.MarkReusable(); } else { releaseTrigger.MarkNonReusable(); } // check for entity, release connection if possible HttpEntity entity = response.GetEntity(); if (entity == null || !entity.IsStreaming()) { // connection not needed and (assumed to be) in re-usable state releaseTrigger.ReleaseConnection(); return(Proxies.EnhanceResponse(response, null)); } else { return(Proxies.EnhanceResponse(response, releaseTrigger)); } } catch (ConnectionShutdownException ex) { ThreadInterruptedException ioex = new ThreadInterruptedException("Connection has been shut down" ); Sharpen.Extensions.InitCause(ioex, ex); throw ioex; } catch (HttpException ex) { releaseTrigger.AbortConnection(); throw; } catch (IOException ex) { releaseTrigger.AbortConnection(); throw; } catch (RuntimeException ex) { releaseTrigger.AbortConnection(); throw; } }
//end of switch /// <exception cref="Apache.Http.ProtocolException"></exception> public virtual URI GetLocationURI(IHttpRequest request, HttpResponse response, HttpContext context) { Args.NotNull(request, "HTTP request"); Args.NotNull(response, "HTTP response"); Args.NotNull(context, "HTTP context"); HttpClientContext clientContext = ((HttpClientContext)HttpClientContext.Adapt(context )); //get the location header to find out where to redirect to Header locationHeader = response.GetFirstHeader("location"); if (locationHeader == null) { // got a redirect response, but no location header throw new ProtocolException("Received redirect response " + response.GetStatusLine () + " but no location header"); } string location = locationHeader.GetValue(); if (this.log.IsDebugEnabled()) { this.log.Debug("Redirect requested to location '" + location + "'"); } RequestConfig config = clientContext.GetRequestConfig(); URI uri = CreateLocationURI(location); // rfc2616 demands the location value be a complete URI // Location = "Location" ":" absoluteURI try { if (!uri.IsAbsolute()) { if (!config.IsRelativeRedirectsAllowed()) { throw new ProtocolException("Relative redirect location '" + uri + "' not allowed" ); } // Adjust location URI HttpHost target = clientContext.GetTargetHost(); Asserts.NotNull(target, "Target host"); URI requestURI = new URI(request.GetRequestLine().GetUri()); URI absoluteRequestURI = URIUtils.RewriteURI(requestURI, target, false); uri = URIUtils.Resolve(absoluteRequestURI, uri); } } catch (URISyntaxException ex) { throw new ProtocolException(ex.Message, ex); } RedirectLocations redirectLocations = (RedirectLocations)clientContext.GetAttribute (HttpClientContext.RedirectLocations); if (redirectLocations == null) { redirectLocations = new RedirectLocations(); context.SetAttribute(HttpClientContext.RedirectLocations, redirectLocations); } if (!config.IsCircularRedirectsAllowed()) { if (redirectLocations.Contains(uri)) { throw new CircularRedirectException("Circular redirect to '" + uri + "'"); } } redirectLocations.Add(uri); return(uri); }
/// <exception cref="System.IO.IOException"></exception> /// <exception cref="Apache.Http.HttpException"></exception> public virtual CloseableHttpResponse Execute(HttpRoute route, HttpRequestWrapper request, HttpClientContext context, HttpExecutionAware execAware) { Args.NotNull(route, "HTTP route"); Args.NotNull(request, "HTTP request"); Args.NotNull(context, "HTTP context"); IList <URI> redirectLocations = context.GetRedirectLocations(); if (redirectLocations != null) { redirectLocations.Clear(); } RequestConfig config = context.GetRequestConfig(); int maxRedirects = config.GetMaxRedirects() > 0 ? config.GetMaxRedirects() : 50; HttpRoute currentRoute = route; HttpRequestWrapper currentRequest = request; for (int redirectCount = 0; ;) { CloseableHttpResponse response = requestExecutor.Execute(currentRoute, currentRequest , context, execAware); try { if (config.IsRedirectsEnabled() && this.redirectStrategy.IsRedirected(currentRequest , response, context)) { if (redirectCount >= maxRedirects) { throw new RedirectException("Maximum redirects (" + maxRedirects + ") exceeded"); } redirectCount++; IHttpRequest redirect = this.redirectStrategy.GetRedirect(currentRequest, response , context); if (!redirect.HeaderIterator().HasNext()) { IHttpRequest original = request.GetOriginal(); redirect.SetHeaders(original.GetAllHeaders()); } currentRequest = HttpRequestWrapper.Wrap(redirect); if (currentRequest is HttpEntityEnclosingRequest) { Proxies.EnhanceEntity((HttpEntityEnclosingRequest)currentRequest); } URI uri = currentRequest.GetURI(); HttpHost newTarget = URIUtils.ExtractHost(uri); if (newTarget == null) { throw new ProtocolException("Redirect URI does not specify a valid host name: " + uri); } // Reset virtual host and auth states if redirecting to another host if (!currentRoute.GetTargetHost().Equals(newTarget)) { AuthState targetAuthState = context.GetTargetAuthState(); if (targetAuthState != null) { this.log.Debug("Resetting target auth state"); targetAuthState.Reset(); } AuthState proxyAuthState = context.GetProxyAuthState(); if (proxyAuthState != null) { AuthScheme authScheme = proxyAuthState.GetAuthScheme(); if (authScheme != null && authScheme.IsConnectionBased()) { this.log.Debug("Resetting proxy auth state"); proxyAuthState.Reset(); } } } currentRoute = this.routePlanner.DetermineRoute(newTarget, currentRequest, context ); if (this.log.IsDebugEnabled()) { this.log.Debug("Redirecting to '" + uri + "' via " + currentRoute); } EntityUtils.Consume(response.GetEntity()); response.Close(); } else { return(response); } } catch (RuntimeException ex) { response.Close(); throw; } catch (IOException ex) { response.Close(); throw; } catch (HttpException ex) { // Protocol exception related to a direct. // The underlying connection may still be salvaged. try { EntityUtils.Consume(response.GetEntity()); } catch (IOException ioex) { this.log.Debug("I/O error while releasing connection", ioex); } finally { response.Close(); } throw; } } }
/// <summary>Creates a tunnel to the target server.</summary> /// <remarks> /// Creates a tunnel to the target server. /// The connection must be established to the (last) proxy. /// A CONNECT request for tunnelling through the proxy will /// be created and sent, the response received and checked. /// This method does <i>not</i> update the connection with /// information about the tunnel, that is left to the caller. /// </remarks> /// <exception cref="Apache.Http.HttpException"></exception> /// <exception cref="System.IO.IOException"></exception> private bool CreateTunnelToTarget(AuthState proxyAuthState, HttpClientConnection managedConn, HttpRoute route, IHttpRequest request, HttpClientContext context) { RequestConfig config = context.GetRequestConfig(); int timeout = config.GetConnectTimeout(); HttpHost target = route.GetTargetHost(); HttpHost proxy = route.GetProxyHost(); HttpResponse response; string authority = target.ToHostString(); IHttpRequest connect = new BasicHttpRequest("CONNECT", authority, request.GetProtocolVersion ()); this.requestExecutor.PreProcess(connect, this.proxyHttpProcessor, context); for (; ;) { if (!managedConn.IsOpen()) { this.connManager.Connect(managedConn, route, timeout > 0 ? timeout : 0, context); } connect.RemoveHeaders(AUTH.ProxyAuthResp); this.authenticator.GenerateAuthResponse(connect, proxyAuthState, context); response = this.requestExecutor.Execute(connect, managedConn, context); int status = response.GetStatusLine().GetStatusCode(); if (status < 200) { throw new HttpException("Unexpected response to CONNECT request: " + response.GetStatusLine ()); } if (config.IsAuthenticationEnabled()) { if (this.authenticator.IsAuthenticationRequested(proxy, response, this.proxyAuthStrategy , proxyAuthState, context)) { if (this.authenticator.HandleAuthChallenge(proxy, response, this.proxyAuthStrategy , proxyAuthState, context)) { // Retry request if (this.reuseStrategy.KeepAlive(response, context)) { this.log.Debug("Connection kept alive"); // Consume response content HttpEntity entity = response.GetEntity(); EntityUtils.Consume(entity); } else { managedConn.Close(); } } else { break; } } else { break; } } } int status_1 = response.GetStatusLine().GetStatusCode(); if (status_1 > 299) { // Buffer response content HttpEntity entity = response.GetEntity(); if (entity != null) { response.SetEntity(new BufferedHttpEntity(entity)); } managedConn.Close(); throw new TunnelRefusedException("CONNECT refused by proxy: " + response.GetStatusLine (), response); } // How to decide on security of the tunnelled connection? // The socket factory knows only about the segment to the proxy. // Even if that is secure, the hop to the target may be insecure. // Leave it to derived classes, consider insecure by default here. return(false); }
/// <summary>Establishes the target route.</summary> /// <remarks>Establishes the target route.</remarks> /// <exception cref="Apache.Http.HttpException"></exception> /// <exception cref="System.IO.IOException"></exception> internal virtual void EstablishRoute(AuthState proxyAuthState, HttpClientConnection managedConn, HttpRoute route, IHttpRequest request, HttpClientContext context) { RequestConfig config = context.GetRequestConfig(); int timeout = config.GetConnectTimeout(); RouteTracker tracker = new RouteTracker(route); int step; do { HttpRoute fact = tracker.ToRoute(); step = this.routeDirector.NextStep(route, fact); switch (step) { case HttpRouteDirector.ConnectTarget: { this.connManager.Connect(managedConn, route, timeout > 0 ? timeout : 0, context); tracker.ConnectTarget(route.IsSecure()); break; } case HttpRouteDirector.ConnectProxy: { this.connManager.Connect(managedConn, route, timeout > 0 ? timeout : 0, context); HttpHost proxy = route.GetProxyHost(); tracker.ConnectProxy(proxy, false); break; } case HttpRouteDirector.TunnelTarget: { bool secure = CreateTunnelToTarget(proxyAuthState, managedConn, route, request, context ); this.log.Debug("Tunnel to target created."); tracker.TunnelTarget(secure); break; } case HttpRouteDirector.TunnelProxy: { // The most simple example for this case is a proxy chain // of two proxies, where P1 must be tunnelled to P2. // route: Source -> P1 -> P2 -> Target (3 hops) // fact: Source -> P1 -> Target (2 hops) int hop = fact.GetHopCount() - 1; // the hop to establish bool secure = CreateTunnelToProxy(route, hop, context); this.log.Debug("Tunnel to proxy created."); tracker.TunnelProxy(route.GetHopTarget(hop), secure); break; } case HttpRouteDirector.LayerProtocol: { this.connManager.Upgrade(managedConn, route, context); tracker.LayerProtocol(route.IsSecure()); break; } case HttpRouteDirector.Unreachable: { throw new HttpException("Unable to establish route: " + "planned = " + route + "; current = " + fact); } case HttpRouteDirector.Complete: { this.connManager.RouteComplete(managedConn, route, context); break; } default: { throw new InvalidOperationException("Unknown step indicator " + step + " from RouteDirector." ); } } }while (step > HttpRouteDirector.Complete); }
/// <exception cref="System.IO.IOException"></exception> /// <exception cref="Apache.Http.HttpException"></exception> public virtual CloseableHttpResponse Execute(HttpRoute route, HttpRequestWrapper request, HttpClientContext context, HttpExecutionAware execAware) { Args.NotNull(route, "HTTP route"); Args.NotNull(request, "HTTP request"); Args.NotNull(context, "HTTP context"); AuthState targetAuthState = context.GetTargetAuthState(); if (targetAuthState == null) { targetAuthState = new AuthState(); context.SetAttribute(HttpClientContext.TargetAuthState, targetAuthState); } AuthState proxyAuthState = context.GetProxyAuthState(); if (proxyAuthState == null) { proxyAuthState = new AuthState(); context.SetAttribute(HttpClientContext.ProxyAuthState, proxyAuthState); } if (request is HttpEntityEnclosingRequest) { Proxies.EnhanceEntity((HttpEntityEnclosingRequest)request); } object userToken = context.GetUserToken(); ConnectionRequest connRequest = connManager.RequestConnection(route, userToken); if (execAware != null) { if (execAware.IsAborted()) { connRequest.Cancel(); throw new RequestAbortedException("Request aborted"); } else { execAware.SetCancellable(connRequest); } } RequestConfig config = context.GetRequestConfig(); HttpClientConnection managedConn; try { int timeout = config.GetConnectionRequestTimeout(); managedConn = connRequest.Get(timeout > 0 ? timeout : 0, TimeUnit.Milliseconds); } catch (Exception interrupted) { Sharpen.Thread.CurrentThread().Interrupt(); throw new RequestAbortedException("Request aborted", interrupted); } catch (ExecutionException ex) { Exception cause = ex.InnerException; if (cause == null) { cause = ex; } throw new RequestAbortedException("Request execution failed", cause); } context.SetAttribute(HttpClientContext.HttpConnection, managedConn); if (config.IsStaleConnectionCheckEnabled()) { // validate connection if (managedConn.IsOpen()) { this.log.Debug("Stale connection check"); if (managedConn.IsStale()) { this.log.Debug("Stale connection detected"); managedConn.Close(); } } } ConnectionHolder connHolder = new ConnectionHolder(this.log, this.connManager, managedConn ); try { if (execAware != null) { execAware.SetCancellable(connHolder); } HttpResponse response; for (int execCount = 1; ; execCount++) { if (execCount > 1 && !Proxies.IsRepeatable(request)) { throw new NonRepeatableRequestException("Cannot retry request " + "with a non-repeatable request entity." ); } if (execAware != null && execAware.IsAborted()) { throw new RequestAbortedException("Request aborted"); } if (!managedConn.IsOpen()) { this.log.Debug("Opening connection " + route); try { EstablishRoute(proxyAuthState, managedConn, route, request, context); } catch (TunnelRefusedException ex) { if (this.log.IsDebugEnabled()) { this.log.Debug(ex.Message); } response = ex.GetResponse(); break; } } int timeout = config.GetSocketTimeout(); if (timeout >= 0) { managedConn.SetSocketTimeout(timeout); } if (execAware != null && execAware.IsAborted()) { throw new RequestAbortedException("Request aborted"); } if (this.log.IsDebugEnabled()) { this.log.Debug("Executing request " + request.GetRequestLine()); } if (!request.ContainsHeader(AUTH.WwwAuthResp)) { if (this.log.IsDebugEnabled()) { this.log.Debug("Target auth state: " + targetAuthState.GetState()); } this.authenticator.GenerateAuthResponse(request, targetAuthState, context); } if (!request.ContainsHeader(AUTH.ProxyAuthResp) && !route.IsTunnelled()) { if (this.log.IsDebugEnabled()) { this.log.Debug("Proxy auth state: " + proxyAuthState.GetState()); } this.authenticator.GenerateAuthResponse(request, proxyAuthState, context); } response = requestExecutor.Execute(request, managedConn, context); // The connection is in or can be brought to a re-usable state. if (reuseStrategy.KeepAlive(response, context)) { // Set the idle duration of this connection long duration = keepAliveStrategy.GetKeepAliveDuration(response, context); if (this.log.IsDebugEnabled()) { string s; if (duration > 0) { s = "for " + duration + " " + TimeUnit.Milliseconds; } else { s = "indefinitely"; } this.log.Debug("Connection can be kept alive " + s); } connHolder.SetValidFor(duration, TimeUnit.Milliseconds); connHolder.MarkReusable(); } else { connHolder.MarkNonReusable(); } if (NeedAuthentication(targetAuthState, proxyAuthState, route, response, context)) { // Make sure the response body is fully consumed, if present HttpEntity entity = response.GetEntity(); if (connHolder.IsReusable()) { EntityUtils.Consume(entity); } else { managedConn.Close(); if (proxyAuthState.GetState() == AuthProtocolState.Success && proxyAuthState.GetAuthScheme () != null && proxyAuthState.GetAuthScheme().IsConnectionBased()) { this.log.Debug("Resetting proxy auth state"); proxyAuthState.Reset(); } if (targetAuthState.GetState() == AuthProtocolState.Success && targetAuthState.GetAuthScheme () != null && targetAuthState.GetAuthScheme().IsConnectionBased()) { this.log.Debug("Resetting target auth state"); targetAuthState.Reset(); } } // discard previous auth headers IHttpRequest original = request.GetOriginal(); if (!original.ContainsHeader(AUTH.WwwAuthResp)) { request.RemoveHeaders(AUTH.WwwAuthResp); } if (!original.ContainsHeader(AUTH.ProxyAuthResp)) { request.RemoveHeaders(AUTH.ProxyAuthResp); } } else { break; } } if (userToken == null) { userToken = userTokenHandler.GetUserToken(context); context.SetAttribute(HttpClientContext.UserToken, userToken); } if (userToken != null) { connHolder.SetState(userToken); } // check for entity, release connection if possible HttpEntity entity_1 = response.GetEntity(); if (entity_1 == null || !entity_1.IsStreaming()) { // connection not needed and (assumed to be) in re-usable state connHolder.ReleaseConnection(); return(Proxies.EnhanceResponse(response, null)); } else { return(Proxies.EnhanceResponse(response, connHolder)); } } catch (ConnectionShutdownException ex) { ThreadInterruptedException ioex = new ThreadInterruptedException("Connection has been shut down" ); Sharpen.Extensions.InitCause(ioex, ex); throw ioex; } catch (HttpException ex) { connHolder.AbortConnection(); throw; } catch (IOException ex) { connHolder.AbortConnection(); throw; } catch (RuntimeException ex) { connHolder.AbortConnection(); throw; } }