1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.eclipse.aether.transport.http;
20
21 import javax.servlet.http.HttpServletRequest;
22 import javax.servlet.http.HttpServletResponse;
23
24 import java.io.File;
25 import java.io.FileInputStream;
26 import java.io.FileOutputStream;
27 import java.io.IOException;
28 import java.util.ArrayList;
29 import java.util.Collections;
30 import java.util.Enumeration;
31 import java.util.List;
32 import java.util.Map;
33 import java.util.TreeMap;
34 import java.util.concurrent.atomic.AtomicInteger;
35 import java.util.regex.Matcher;
36 import java.util.regex.Pattern;
37
38 import org.eclipse.aether.util.ChecksumUtils;
39 import org.eclipse.jetty.http.HttpHeader;
40 import org.eclipse.jetty.http.HttpMethod;
41 import org.eclipse.jetty.server.Request;
42 import org.eclipse.jetty.server.Response;
43 import org.eclipse.jetty.server.Server;
44 import org.eclipse.jetty.server.ServerConnector;
45 import org.eclipse.jetty.server.handler.AbstractHandler;
46 import org.eclipse.jetty.server.handler.HandlerList;
47 import org.eclipse.jetty.util.B64Code;
48 import org.eclipse.jetty.util.IO;
49 import org.eclipse.jetty.util.StringUtil;
50 import org.eclipse.jetty.util.URIUtil;
51 import org.eclipse.jetty.util.ssl.SslContextFactory;
52 import org.slf4j.Logger;
53 import org.slf4j.LoggerFactory;
54
55 @SuppressWarnings("checkstyle:VisibilityModifier")
56 public class HttpServer {
57
58 public static class LogEntry {
59
60 public final String method;
61
62 public final String path;
63
64 public final Map<String, String> headers;
65
66 public LogEntry(String method, String path, Map<String, String> headers) {
67 this.method = method;
68 this.path = path;
69 this.headers = headers;
70 }
71
72 @Override
73 public String toString() {
74 return method + " " + path;
75 }
76 }
77
78 public enum ExpectContinue {
79 FAIL,
80 PROPER,
81 BROKEN
82 }
83
84 public enum ChecksumHeader {
85 NEXUS,
86 XCHECKSUM
87 }
88
89 private static final Logger LOGGER = LoggerFactory.getLogger(HttpServer.class);
90
91 private static final Pattern SIMPLE_RANGE = Pattern.compile("bytes=([0-9])+-");
92
93 private File repoDir;
94
95 private boolean rangeSupport = true;
96
97 private boolean webDav;
98
99 private ExpectContinue expectContinue = ExpectContinue.PROPER;
100
101 private ChecksumHeader checksumHeader;
102
103 private Server server;
104
105 private ServerConnector httpConnector;
106
107 private ServerConnector httpsConnector;
108
109 private String username;
110
111 private String password;
112
113 private String proxyUsername;
114
115 private String proxyPassword;
116
117 private final AtomicInteger connectionsToClose = new AtomicInteger(0);
118
119 private List<LogEntry> logEntries = Collections.synchronizedList(new ArrayList<>());
120
121 public String getHost() {
122 return "localhost";
123 }
124
125 public int getHttpPort() {
126 return httpConnector != null ? httpConnector.getLocalPort() : -1;
127 }
128
129 public int getHttpsPort() {
130 return httpsConnector != null ? httpsConnector.getLocalPort() : -1;
131 }
132
133 public String getHttpUrl() {
134 return "http://" + getHost() + ":" + getHttpPort();
135 }
136
137 public String getHttpsUrl() {
138 return "https://" + getHost() + ":" + getHttpsPort();
139 }
140
141 public HttpServer addSslConnector() {
142 return addSslConnector(true);
143 }
144
145 public HttpServer addSelfSignedSslConnector() {
146 return addSslConnector(false);
147 }
148
149 private HttpServer addSslConnector(boolean needClientAuth) {
150 if (httpsConnector == null) {
151 SslContextFactory.Server ssl = new SslContextFactory.Server();
152 if (needClientAuth) {
153 ssl.setNeedClientAuth(true);
154 ssl.setKeyStorePath(new File("src/test/resources/ssl/server-store").getAbsolutePath());
155 ssl.setKeyStorePassword("server-pwd");
156 ssl.setTrustStorePath(new File("src/test/resources/ssl/client-store").getAbsolutePath());
157 ssl.setTrustStorePassword("client-pwd");
158 } else {
159 ssl.setNeedClientAuth(false);
160 ssl.setKeyStorePath(new File("src/test/resources/ssl/server-store-selfsigned").getAbsolutePath());
161 ssl.setKeyStorePassword("server-pwd");
162 }
163 httpsConnector = new ServerConnector(server, ssl);
164 server.addConnector(httpsConnector);
165 try {
166 httpsConnector.start();
167 } catch (Exception e) {
168 throw new IllegalStateException(e);
169 }
170 }
171 return this;
172 }
173
174 public List<LogEntry> getLogEntries() {
175 return logEntries;
176 }
177
178 public HttpServer setRepoDir(File repoDir) {
179 this.repoDir = repoDir;
180 return this;
181 }
182
183 public HttpServer setRangeSupport(boolean rangeSupport) {
184 this.rangeSupport = rangeSupport;
185 return this;
186 }
187
188 public HttpServer setWebDav(boolean webDav) {
189 this.webDav = webDav;
190 return this;
191 }
192
193 public HttpServer setExpectSupport(ExpectContinue expectContinue) {
194 this.expectContinue = expectContinue;
195 return this;
196 }
197
198 public HttpServer setChecksumHeader(ChecksumHeader checksumHeader) {
199 this.checksumHeader = checksumHeader;
200 return this;
201 }
202
203 public HttpServer setAuthentication(String username, String password) {
204 this.username = username;
205 this.password = password;
206 return this;
207 }
208
209 public HttpServer setProxyAuthentication(String username, String password) {
210 proxyUsername = username;
211 proxyPassword = password;
212 return this;
213 }
214
215 public HttpServer setConnectionsToClose(int connectionsToClose) {
216 this.connectionsToClose.set(connectionsToClose);
217 return this;
218 }
219
220 public HttpServer start() throws Exception {
221 if (server != null) {
222 return this;
223 }
224
225 HandlerList handlers = new HandlerList();
226 handlers.addHandler(new ConnectionClosingHandler());
227 handlers.addHandler(new LogHandler());
228 handlers.addHandler(new ProxyAuthHandler());
229 handlers.addHandler(new AuthHandler());
230 handlers.addHandler(new RedirectHandler());
231 handlers.addHandler(new RepoHandler());
232
233 server = new Server();
234 httpConnector = new ServerConnector(server);
235 server.addConnector(httpConnector);
236 server.setHandler(handlers);
237 server.start();
238
239 return this;
240 }
241
242 public void stop() throws Exception {
243 if (server != null) {
244 server.stop();
245 server = null;
246 httpConnector = null;
247 httpsConnector = null;
248 }
249 }
250
251 private class ConnectionClosingHandler extends AbstractHandler {
252 public void handle(String target, Request req, HttpServletRequest request, HttpServletResponse response) {
253 if (connectionsToClose.getAndDecrement() > 0) {
254 Response jettyResponse = (Response) response;
255 jettyResponse.getHttpChannel().getConnection().close();
256 }
257 }
258 }
259
260 private class LogHandler extends AbstractHandler {
261
262 public void handle(String target, Request req, HttpServletRequest request, HttpServletResponse response) {
263 LOGGER.info(
264 "{} {}{}",
265 req.getMethod(),
266 req.getRequestURL(),
267 req.getQueryString() != null ? "?" + req.getQueryString() : "");
268
269 Map<String, String> headers = new TreeMap<>(String.CASE_INSENSITIVE_ORDER);
270 for (Enumeration<String> en = req.getHeaderNames(); en.hasMoreElements(); ) {
271 String name = en.nextElement();
272 StringBuilder buffer = new StringBuilder(128);
273 for (Enumeration<String> ien = req.getHeaders(name); ien.hasMoreElements(); ) {
274 if (buffer.length() > 0) {
275 buffer.append(", ");
276 }
277 buffer.append(ien.nextElement());
278 }
279 headers.put(name, buffer.toString());
280 }
281 logEntries.add(new LogEntry(req.getMethod(), req.getPathInfo(), Collections.unmodifiableMap(headers)));
282 }
283 }
284
285 private class RepoHandler extends AbstractHandler {
286
287 public void handle(String target, Request req, HttpServletRequest request, HttpServletResponse response)
288 throws IOException {
289 String path = req.getPathInfo().substring(1);
290
291 if (!path.startsWith("repo/")) {
292 return;
293 }
294 req.setHandled(true);
295
296 if (ExpectContinue.FAIL.equals(expectContinue) && request.getHeader(HttpHeader.EXPECT.asString()) != null) {
297 response.setStatus(HttpServletResponse.SC_EXPECTATION_FAILED);
298 return;
299 }
300
301 File file = new File(repoDir, path.substring(5));
302 if (HttpMethod.GET.is(req.getMethod()) || HttpMethod.HEAD.is(req.getMethod())) {
303 if (!file.isFile() || path.endsWith(URIUtil.SLASH)) {
304 response.setStatus(HttpServletResponse.SC_NOT_FOUND);
305 return;
306 }
307 long ifUnmodifiedSince = request.getDateHeader(HttpHeader.IF_UNMODIFIED_SINCE.asString());
308 if (ifUnmodifiedSince != -1L && file.lastModified() > ifUnmodifiedSince) {
309 response.setStatus(HttpServletResponse.SC_PRECONDITION_FAILED);
310 return;
311 }
312 long offset = 0L;
313 String range = request.getHeader(HttpHeader.RANGE.asString());
314 if (range != null && rangeSupport) {
315 Matcher m = SIMPLE_RANGE.matcher(range);
316 if (m.matches()) {
317 offset = Long.parseLong(m.group(1));
318 if (offset >= file.length()) {
319 response.setStatus(HttpServletResponse.SC_REQUESTED_RANGE_NOT_SATISFIABLE);
320 return;
321 }
322 }
323 String encoding = request.getHeader(HttpHeader.ACCEPT_ENCODING.asString());
324 if ((encoding != null && !"identity".equals(encoding)) || ifUnmodifiedSince == -1L) {
325 response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
326 return;
327 }
328 }
329 response.setStatus((offset > 0L) ? HttpServletResponse.SC_PARTIAL_CONTENT : HttpServletResponse.SC_OK);
330 response.setDateHeader(HttpHeader.LAST_MODIFIED.asString(), file.lastModified());
331 response.setHeader(HttpHeader.CONTENT_LENGTH.asString(), Long.toString(file.length() - offset));
332 if (offset > 0L) {
333 response.setHeader(
334 HttpHeader.CONTENT_RANGE.asString(),
335 "bytes " + offset + "-" + (file.length() - 1L) + "/" + file.length());
336 }
337 if (checksumHeader != null) {
338 Map<String, Object> checksums = ChecksumUtils.calc(file, Collections.singleton("SHA-1"));
339 if (checksumHeader == ChecksumHeader.NEXUS) {
340 response.setHeader(HttpHeader.ETAG.asString(), "{SHA1{" + checksums.get("SHA-1") + "}}");
341 } else if (checksumHeader == ChecksumHeader.XCHECKSUM) {
342 response.setHeader(
343 "x-checksum-sha1", checksums.get("SHA-1").toString());
344 }
345 }
346 if (HttpMethod.HEAD.is(req.getMethod())) {
347 return;
348 }
349 FileInputStream is = null;
350 try {
351 is = new FileInputStream(file);
352 if (offset > 0L) {
353 long skipped = is.skip(offset);
354 while (skipped < offset && is.read() >= 0) {
355 skipped++;
356 }
357 }
358 IO.copy(is, response.getOutputStream());
359 is.close();
360 is = null;
361 } finally {
362 try {
363 if (is != null) {
364 is.close();
365 }
366 } catch (final IOException e) {
367
368 }
369 }
370 } else if (HttpMethod.PUT.is(req.getMethod())) {
371 if (!webDav) {
372 file.getParentFile().mkdirs();
373 }
374 if (file.getParentFile().exists()) {
375 try {
376 FileOutputStream os = null;
377 try {
378 os = new FileOutputStream(file);
379 IO.copy(request.getInputStream(), os);
380 os.close();
381 os = null;
382 } finally {
383 try {
384 if (os != null) {
385 os.close();
386 }
387 } catch (final IOException e) {
388
389 }
390 }
391 } catch (IOException e) {
392 file.delete();
393 throw e;
394 }
395 response.setStatus(HttpServletResponse.SC_NO_CONTENT);
396 } else {
397 response.setStatus(HttpServletResponse.SC_FORBIDDEN);
398 }
399 } else if (HttpMethod.OPTIONS.is(req.getMethod())) {
400 if (webDav) {
401 response.setHeader("DAV", "1,2");
402 }
403 response.setHeader(HttpHeader.ALLOW.asString(), "GET, PUT, HEAD, OPTIONS");
404 response.setStatus(HttpServletResponse.SC_OK);
405 } else if (webDav && "MKCOL".equals(req.getMethod())) {
406 if (file.exists()) {
407 response.setStatus(HttpServletResponse.SC_METHOD_NOT_ALLOWED);
408 } else if (file.mkdir()) {
409 response.setStatus(HttpServletResponse.SC_CREATED);
410 } else {
411 response.setStatus(HttpServletResponse.SC_CONFLICT);
412 }
413 } else {
414 response.setStatus(HttpServletResponse.SC_METHOD_NOT_ALLOWED);
415 }
416 }
417 }
418
419 private class RedirectHandler extends AbstractHandler {
420
421 public void handle(String target, Request req, HttpServletRequest request, HttpServletResponse response) {
422 String path = req.getPathInfo();
423 if (!path.startsWith("/redirect/")) {
424 return;
425 }
426 req.setHandled(true);
427 StringBuilder location = new StringBuilder(128);
428 String scheme = req.getParameter("scheme");
429 location.append(scheme != null ? scheme : req.getScheme());
430 location.append("://");
431 location.append(req.getServerName());
432 location.append(":");
433 if ("http".equalsIgnoreCase(scheme)) {
434 location.append(getHttpPort());
435 } else if ("https".equalsIgnoreCase(scheme)) {
436 location.append(getHttpsPort());
437 } else {
438 location.append(req.getServerPort());
439 }
440 location.append("/repo").append(path.substring(9));
441 response.setStatus(HttpServletResponse.SC_MOVED_PERMANENTLY);
442 response.setHeader(HttpHeader.LOCATION.asString(), location.toString());
443 }
444 }
445
446 private class AuthHandler extends AbstractHandler {
447
448 public void handle(String target, Request req, HttpServletRequest request, HttpServletResponse response)
449 throws IOException {
450 if (ExpectContinue.BROKEN.equals(expectContinue)
451 && "100-continue".equalsIgnoreCase(request.getHeader(HttpHeader.EXPECT.asString()))) {
452 request.getInputStream();
453 }
454
455 if (username != null && password != null) {
456 if (checkBasicAuth(request.getHeader(HttpHeader.AUTHORIZATION.asString()), username, password)) {
457 return;
458 }
459 req.setHandled(true);
460 response.setHeader(HttpHeader.WWW_AUTHENTICATE.asString(), "basic realm=\"Test-Realm\"");
461 response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
462 }
463 }
464 }
465
466 private class ProxyAuthHandler extends AbstractHandler {
467
468 public void handle(String target, Request req, HttpServletRequest request, HttpServletResponse response) {
469 if (proxyUsername != null && proxyPassword != null) {
470 if (checkBasicAuth(
471 request.getHeader(HttpHeader.PROXY_AUTHORIZATION.asString()), proxyUsername, proxyPassword)) {
472 return;
473 }
474 req.setHandled(true);
475 response.setHeader(HttpHeader.PROXY_AUTHENTICATE.asString(), "basic realm=\"Test-Realm\"");
476 response.setStatus(HttpServletResponse.SC_PROXY_AUTHENTICATION_REQUIRED);
477 }
478 }
479 }
480
481 static boolean checkBasicAuth(String credentials, String username, String password) {
482 if (credentials != null) {
483 int space = credentials.indexOf(' ');
484 if (space > 0) {
485 String method = credentials.substring(0, space);
486 if ("basic".equalsIgnoreCase(method)) {
487 credentials = credentials.substring(space + 1);
488 credentials = B64Code.decode(credentials, StringUtil.__ISO_8859_1);
489 int i = credentials.indexOf(':');
490 if (i > 0) {
491 String user = credentials.substring(0, i);
492 String pass = credentials.substring(i + 1);
493 if (username.equals(user) && password.equals(pass)) {
494 return true;
495 }
496 }
497 }
498 }
499 }
500 return false;
501 }
502 }