keycloak-uncached

KEYCLOAK-3016: BasicAuthRequestAuthenticator now consumes …

5/18/2016 4:22:56 AM

HttpEntity also on errors.

Thomas Raehalme

Commit: 52c3066

Tree: f0bb0e9

Parents: 10e9cc4

Changes

adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BasicAuthRequestAuthenticator.java 2(+2 -0)

testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/AdapterTest.java 5(+5 -0)

testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/AdapterTestStrategy.java 24(+24 -0)

testsuite/integration/src/test/resources/log4j.properties 5(+4 -1)

Details

adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BasicAuthRequestAuthenticator.java 2(+2 -0)

diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BasicAuthRequestAuthenticator.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BasicAuthRequestAuthenticator.java
index 81d4688..6560796 100755
--- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BasicAuthRequestAuthenticator.java
+++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BasicAuthRequestAuthenticator.java
@@ -24,6 +24,7 @@ import org.apache.http.client.HttpClient;
 import org.apache.http.client.entity.UrlEncodedFormEntity;
 import org.apache.http.client.methods.HttpPost;
 import org.apache.http.message.BasicNameValuePair;
+import org.apache.http.util.EntityUtils;
 import org.jboss.logging.Logger;
 import org.keycloak.OAuth2Constants;
 import org.keycloak.adapters.authentication.ClientCredentialsProviderUtils;
@@ -104,6 +105,7 @@ public class BasicAuthRequestAuthenticator extends BearerTokenRequestAuthenticat
         int status = response.getStatusLine().getStatusCode();
         HttpEntity entity = response.getEntity();
         if (status != 200) {
+            EntityUtils.consumeQuietly(entity);
             throw new java.io.IOException("Bad status: " + status);
         }
         if (entity == null) {

testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/AdapterTest.java 5(+5 -0)

diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/AdapterTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/AdapterTest.java
index aef3c20..15b48fa 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/AdapterTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/AdapterTest.java
@@ -144,6 +144,11 @@ public class AdapterTest {
         testStrategy.testNullBearerTokenCustomErrorPage();
     }
 
+    @Test
+    public void testBasicAuthErrorHandling() throws Exception {
+        testStrategy.testBasicAuthErrorHandling();
+    }
+
     /**
      * KEYCLOAK-518
      * @throws Exception

testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/AdapterTestStrategy.java 24(+24 -0)

diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/AdapterTestStrategy.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/AdapterTestStrategy.java
index c6ac319..c5790dc 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/AdapterTestStrategy.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/AdapterTestStrategy.java
@@ -16,6 +16,7 @@
  */
 package org.keycloak.testsuite.adapter;
 
+import org.apache.http.conn.params.ConnManagerParams;
 import org.junit.Assert;
 import org.junit.rules.ExternalResource;
 import org.keycloak.OAuth2Constants;
@@ -429,6 +430,29 @@ public class AdapterTestStrategy extends ExternalResource {
     }
 
     /**
+     * KEYCLOAK-3016
+     * @throws Exception
+     */
+    public void testBasicAuthErrorHandling() throws Exception {
+        Client client = ClientBuilder.newClient();
+        WebTarget target = client.target(APP_SERVER_BASE_URL + "/customer-db/");
+        Response response = target.request().get();
+        Assert.assertEquals(401, response.getStatus());
+        response.close();
+
+        // The number of iterations should be HttpClient's connection pool size + 1.
+        final int LIMIT = ConnManagerParams.DEFAULT_MAX_TOTAL_CONNECTIONS + 1;
+        for (int i = 0; i < LIMIT; i++) {
+            System.out.println("Testing Basic Auth with bad credentials " + i);
+            response = target.request().header(HttpHeaders.AUTHORIZATION, "Basic dXNlcm5hbWU6cGFzc3dvcmQ=").get();
+            Assert.assertEquals(401, response.getStatus());
+            response.close();
+        }
+
+        client.close();
+    }
+
+    /**
      * KEYCLOAK-518
      * @throws Exception
      */

testsuite/integration/src/test/resources/log4j.properties 5(+4 -1)

diff --git a/testsuite/integration/src/test/resources/log4j.properties b/testsuite/integration/src/test/resources/log4j.properties
index f5b3e24..f093692 100755
--- a/testsuite/integration/src/test/resources/log4j.properties
+++ b/testsuite/integration/src/test/resources/log4j.properties
@@ -67,4 +67,7 @@ log4j.logger.org.hibernate=off
 log4j.logger.org.jboss.resteasy=warn
 log4j.logger.org.apache.directory.api=warn
 log4j.logger.org.apache.directory.server.core=warn
-log4j.logger.org.apache.directory.server.ldap.LdapProtocolHandler=error
\ No newline at end of file
+log4j.logger.org.apache.directory.server.ldap.LdapProtocolHandler=error
+
+# Enable to view HttpClient connection pool activity
+#log4j.logger.org.apache.http.impl.conn=debug
\ No newline at end of file