From: Mathieu Date: Sat, 3 Dec 2022 08:07:14 +0000 (+0100) Subject: Support multiple authenticate headers X-Git-Tag: v2.3.14~7 X-Git-Url: https://git.argeo.org/?p=lgpl%2Fargeo-commons.git;a=commitdiff_plain;h=b62b143dd3589245f088fb260d6d14edf7a87867 Support multiple authenticate headers --- diff --git a/org.argeo.cms.ee/src/org/argeo/cms/servlet/ServletHttpResponse.java b/org.argeo.cms.ee/src/org/argeo/cms/servlet/ServletHttpResponse.java index de47365ca..0c600e54b 100644 --- a/org.argeo.cms.ee/src/org/argeo/cms/servlet/ServletHttpResponse.java +++ b/org.argeo.cms.ee/src/org/argeo/cms/servlet/ServletHttpResponse.java @@ -15,8 +15,13 @@ public class ServletHttpResponse implements RemoteAuthResponse { } @Override - public void setHeader(String keys, String value) { - response.setHeader(keys, value); + public void setHeader(String headerName, String value) { + response.setHeader(headerName, value); + } + + @Override + public void addHeader(String headerName, String value) { + response.addHeader(headerName, value); } } diff --git a/org.argeo.cms.ee/src/org/argeo/cms/websocket/server/WebSocketHandshakeResponse.java b/org.argeo.cms.ee/src/org/argeo/cms/websocket/server/WebSocketHandshakeResponse.java index 3a978c8ae..b003c6372 100644 --- a/org.argeo.cms.ee/src/org/argeo/cms/websocket/server/WebSocketHandshakeResponse.java +++ b/org.argeo.cms.ee/src/org/argeo/cms/websocket/server/WebSocketHandshakeResponse.java @@ -1,6 +1,8 @@ package org.argeo.cms.websocket.server; +import java.util.ArrayList; import java.util.Collections; +import java.util.List; import javax.websocket.HandshakeResponse; @@ -14,9 +16,14 @@ public class WebSocketHandshakeResponse implements RemoteAuthResponse { } @Override - public void setHeader(String key, String value) { - handshakeResponse.getHeaders().put(key, Collections.singletonList(value)); + public void setHeader(String headerName, String value) { + handshakeResponse.getHeaders().put(headerName, Collections.singletonList(value)); + } + @Override + public void addHeader(String headerName, String value) { + List values = handshakeResponse.getHeaders().getOrDefault(headerName, new ArrayList<>()); + values.add(value); } } diff --git a/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthResponse.java b/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthResponse.java index f91b6c5de..b815b49d1 100644 --- a/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthResponse.java +++ b/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthResponse.java @@ -2,6 +2,9 @@ package org.argeo.cms.auth; /** Transitional interface to decouple from the Servlet API. */ public interface RemoteAuthResponse { - void setHeader(String keys, String value); + /** Set this header to a single value, possibly removing previous values. */ + void setHeader(String headerName, String value); + /** Add a value to this header. */ + void addHeader(String headerName, String value); } diff --git a/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthUtils.java b/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthUtils.java index 4a8f18fcd..3c436ba1f 100644 --- a/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthUtils.java +++ b/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthUtils.java @@ -161,11 +161,15 @@ public class RemoteAuthUtils { // response.setHeader(HttpUtils.HEADER_WWW_AUTHENTICATE, "basic // realm=\"" + httpAuthRealm + "\""); - if (hasAcceptorCredentials() && !forceBasic && !negotiateFailed)// SPNEGO - remoteAuthResponse.setHeader(HttpHeader.WWW_AUTHENTICATE.getHeaderName(), HttpHeader.NEGOTIATE); - else + if (hasAcceptorCredentials() && !forceBasic && !negotiateFailed) {// SPNEGO + remoteAuthResponse.addHeader(HttpHeader.WWW_AUTHENTICATE.getHeaderName(), HttpHeader.NEGOTIATE); + // TODO make it configurable ? + remoteAuthResponse.addHeader(HttpHeader.WWW_AUTHENTICATE.getHeaderName(), + HttpHeader.BASIC + " " + HttpHeader.REALM + "=\"" + realm + "\""); + } else { remoteAuthResponse.setHeader(HttpHeader.WWW_AUTHENTICATE.getHeaderName(), HttpHeader.BASIC + " " + HttpHeader.REALM + "=\"" + realm + "\""); + } // response.setDateHeader("Date", System.currentTimeMillis()); // response.setDateHeader("Expires", System.currentTimeMillis() + (24 * diff --git a/org.argeo.cms/src/org/argeo/cms/internal/http/RemoteAuthHttpExchange.java b/org.argeo.cms/src/org/argeo/cms/internal/http/RemoteAuthHttpExchange.java index 00f2b8fe1..b7e670c79 100644 --- a/org.argeo.cms/src/org/argeo/cms/internal/http/RemoteAuthHttpExchange.java +++ b/org.argeo.cms/src/org/argeo/cms/internal/http/RemoteAuthHttpExchange.java @@ -1,5 +1,6 @@ package org.argeo.cms.internal.http; +import java.util.ArrayList; import java.util.Collections; import java.util.List; import java.util.Locale; @@ -22,8 +23,14 @@ public class RemoteAuthHttpExchange implements RemoteAuthRequest, RemoteAuthResp } @Override - public void setHeader(String keys, String value) { - httpExchange.getResponseHeaders().put(keys, Collections.singletonList(value)); + public void setHeader(String headerName, String value) { + httpExchange.getResponseHeaders().put(headerName, Collections.singletonList(value)); + } + + @Override + public void addHeader(String headerName, String value) { + List values = httpExchange.getResponseHeaders().getOrDefault(headerName, new ArrayList<>()); + values.add(value); } @Override