From b72e27e9eed7c20c6cc5064481cd0e7859b14873 Mon Sep 17 00:00:00 2001 From: Pasin Suriyentrakorn Date: Mon, 22 Oct 2018 14:04:13 -0700 Subject: [PATCH] Fix BasicAuth header not getting sent when SG GUEST is enabled Sent the Basic Auth header without wating for challenge. #1766 --- .../internal/replicator/CBLWebSocket.java | 60 +++++-------------- 1 file changed, 16 insertions(+), 44 deletions(-) diff --git a/shared/src/main/java/com/couchbase/lite/internal/replicator/CBLWebSocket.java b/shared/src/main/java/com/couchbase/lite/internal/replicator/CBLWebSocket.java index cfaaa48ff..574692198 100644 --- a/shared/src/main/java/com/couchbase/lite/internal/replicator/CBLWebSocket.java +++ b/shared/src/main/java/com/couchbase/lite/internal/replicator/CBLWebSocket.java @@ -252,56 +252,12 @@ private OkHttpClient setupOkHttpClient() throws GeneralSecurityException { // redirection builder.followRedirects(true).followSslRedirects(true); - // authenticator - Authenticator authenticator = setupAuthenticator(); - if (authenticator != null) - builder.authenticator(authenticator); - // trusted certificate (pinned certificate) setupTrustedCertificate(builder); return builder.build(); } - private Authenticator setupAuthenticator() { - if (options != null && options.containsKey(kC4ReplicatorOptionAuthentication)) { - Map auth = (Map) options.get(kC4ReplicatorOptionAuthentication); - if (auth != null) { - final String username = (String) auth.get(kC4ReplicatorAuthUserName); - final String password = (String) auth.get(kC4ReplicatorAuthPassword); - if (username != null && password != null) { - return new Authenticator() { - @Override - public Request authenticate(Route route, Response response) throws IOException { - // http://www.ietf.org/rfc/rfc2617.txt - Log.v(TAG, "Authenticating for response: " + response); - // If failed 3 times, give up. - if (responseCount(response) >= 3) - return null; - - List challenges = response.challenges(); - Log.v(TAG, "Challenges: " + challenges); - if (challenges != null) { - for (Challenge challenge : challenges) { - if (challenge.scheme().equals("Basic")) { - String credential = Credentials.basic(username, password); - return response.request().newBuilder().header("Authorization", credential).build(); - } - // NOTE: Not implemented Digest authentication - // https://github.com/rburgst/okhttp-digest - //else if(challenge.scheme().equals("Digest")){ - //} - } - } - return null; - } - }; - } - } - } - return null; - } - private void setupTrustedCertificate(OkHttpClient.Builder builder) throws GeneralSecurityException { if (options != null && options.containsKey(kC4ReplicatorOptionPinnedServerCert)) { byte[] pin = (byte[]) options.get(kC4ReplicatorOptionPinnedServerCert); @@ -357,6 +313,9 @@ private Request newRequest() { String cookieString = (String) options.get(kC4ReplicatorOptionCookies); if (cookieString != null) builder.addHeader("Cookie", cookieString); + + // Basic Auth: + setupAuthHeader(builder); } // Configure WebSocket related headers: @@ -368,6 +327,19 @@ private Request newRequest() { return builder.build(); } + private void setupAuthHeader(Request.Builder builder) { + if (options != null && options.containsKey(kC4ReplicatorOptionAuthentication)) { + Map auth = (Map) options.get(kC4ReplicatorOptionAuthentication); + final String type = (String) auth.get(kC4ReplicatorAuthType); + final String username = (String) auth.get(kC4ReplicatorAuthUserName); + final String password = (String) auth.get(kC4ReplicatorAuthPassword); + if (kC4AuthTypeBasic.equals(type) && username != null && password != null) { + String credential = Credentials.basic(username, password); + builder.header("Authorization", credential); + } + } + } + private void receivedHTTPResponse(Response response) { int httpStatus = response.code(); Log.v(TAG, "receivedHTTPResponse() httpStatus -> " + httpStatus);