Use Proxy-Authorization instead of Authorization for proxy authentication

Motivation:

When authenticating with a proxy server, HttpProxyHandler should use the
'Proxy-Authorization' header rather than the 'Authorization' header.

Modifications:

- Use 'Proxy-Authorization' header

Result:

Can connect to an HTTP proxy server
This commit is contained in:
Trustin Lee 2014-11-20 20:39:18 +09:00
parent d7f5353fe8
commit 22c8ee7d16
2 changed files with 11 additions and 7 deletions

View File

@ -68,7 +68,7 @@ public final class HttpProxyHandler extends ProxyHandler {
ByteBuf authz = Unpooled.copiedBuffer(username + ':' + password, CharsetUtil.UTF_8);
ByteBuf authzBase64 = Base64.encode(authz, false);
authorization = new AsciiString(authzBase64.toString(CharsetUtil.US_ASCII));
authorization = new AsciiString("Basic " + authzBase64.toString(CharsetUtil.US_ASCII));
authz.release();
authzBase64.release();
@ -131,7 +131,7 @@ public final class HttpProxyHandler extends ProxyHandler {
}
if (authorization != null) {
req.headers().set(HttpHeaderNames.AUTHORIZATION, authorization);
req.headers().set(HttpHeaderNames.PROXY_AUTHORIZATION, authorization);
}
return req;

View File

@ -35,6 +35,7 @@ import io.netty.handler.codec.http.HttpResponseStatus;
import io.netty.handler.codec.http.HttpServerCodec;
import io.netty.handler.codec.http.HttpVersion;
import io.netty.util.CharsetUtil;
import io.netty.util.internal.StringUtil;
import java.net.InetSocketAddress;
import java.net.SocketAddress;
@ -86,15 +87,18 @@ final class HttpProxyServer extends ProxyServer {
boolean authzSuccess = false;
if (username != null) {
CharSequence authz = req.headers().get(HttpHeaderNames.AUTHORIZATION);
CharSequence authz = req.headers().get(HttpHeaderNames.PROXY_AUTHORIZATION);
if (authz != null) {
ByteBuf authzBuf64 = Unpooled.copiedBuffer(authz, CharsetUtil.US_ASCII);
String[] authzParts = StringUtil.split(authz.toString(), ' ', 2);
ByteBuf authzBuf64 = Unpooled.copiedBuffer(authzParts[1], CharsetUtil.US_ASCII);
ByteBuf authzBuf = Base64.decode(authzBuf64);
authz = authzBuf.toString(CharsetUtil.US_ASCII);
String expectedAuthz = username + ':' + password;
authzSuccess = "Basic".equals(authzParts[0]) &&
expectedAuthz.equals(authzBuf.toString(CharsetUtil.US_ASCII));
authzBuf64.release();
authzBuf.release();
String expectedAuthz = username + ':' + password;
authzSuccess = expectedAuthz.equals(authz);
}
} else {
authzSuccess = true;