001/* 002 * Licensed to the Apache Software Foundation (ASF) under one 003 * or more contributor license agreements. See the NOTICE file 004 * distributed with this work for additional information 005 * regarding copyright ownership. The ASF licenses this file 006 * to you under the Apache License, Version 2.0 (the 007 * "License"); you may not use this file except in compliance 008 * with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, 013 * software distributed under the License is distributed on an 014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 015 * KIND, either express or implied. See the License for the 016 * specific language governing permissions and limitations 017 * under the License. 018 */ 019package org.eclipse.aether.internal.test.util.http; 020 021import javax.servlet.ServletException; 022import javax.servlet.http.HttpServletRequest; 023import javax.servlet.http.HttpServletResponse; 024 025import java.io.File; 026import java.io.FileInputStream; 027import java.io.FileOutputStream; 028import java.io.IOException; 029import java.io.OutputStream; 030import java.net.URI; 031import java.nio.charset.StandardCharsets; 032import java.util.ArrayList; 033import java.util.Base64; 034import java.util.Collections; 035import java.util.Enumeration; 036import java.util.List; 037import java.util.Map; 038import java.util.TreeMap; 039import java.util.concurrent.atomic.AtomicInteger; 040import java.util.regex.Matcher; 041import java.util.regex.Pattern; 042 043import com.google.gson.Gson; 044import org.eclipse.aether.internal.impl.checksum.Sha1ChecksumAlgorithmFactory; 045import org.eclipse.aether.spi.connector.checksum.ChecksumAlgorithmHelper; 046import org.eclipse.aether.spi.connector.transport.http.RFC9457.RFC9457Payload; 047import org.eclipse.jetty.alpn.server.ALPNServerConnectionFactory; 048import org.eclipse.jetty.http.HttpHeader; 049import org.eclipse.jetty.http.HttpMethod; 050import org.eclipse.jetty.http2.server.HTTP2ServerConnectionFactory; 051import org.eclipse.jetty.server.HttpConfiguration; 052import org.eclipse.jetty.server.HttpConnectionFactory; 053import org.eclipse.jetty.server.Request; 054import org.eclipse.jetty.server.Response; 055import org.eclipse.jetty.server.SecureRequestCustomizer; 056import org.eclipse.jetty.server.Server; 057import org.eclipse.jetty.server.ServerConnector; 058import org.eclipse.jetty.server.SslConnectionFactory; 059import org.eclipse.jetty.server.handler.AbstractHandler; 060import org.eclipse.jetty.server.handler.HandlerList; 061import org.eclipse.jetty.util.IO; 062import org.eclipse.jetty.util.URIUtil; 063import org.eclipse.jetty.util.ssl.SslContextFactory; 064import org.slf4j.Logger; 065import org.slf4j.LoggerFactory; 066 067public class HttpServer { 068 069 public static class LogEntry { 070 071 private final String method; 072 073 private final String path; 074 075 private final Map<String, String> headers; 076 077 public LogEntry(String method, String path, Map<String, String> headers) { 078 this.method = method; 079 this.path = path; 080 this.headers = headers; 081 } 082 083 public String getMethod() { 084 return method; 085 } 086 087 public String getPath() { 088 return path; 089 } 090 091 public Map<String, String> getHeaders() { 092 return headers; 093 } 094 095 @Override 096 public String toString() { 097 return method + " " + path; 098 } 099 } 100 101 public enum ExpectContinue { 102 FAIL, 103 PROPER, 104 BROKEN 105 } 106 107 public enum ChecksumHeader { 108 NEXUS, 109 XCHECKSUM 110 } 111 112 private static final Logger LOGGER = LoggerFactory.getLogger(HttpServer.class); 113 114 private File repoDir; 115 116 private boolean rangeSupport = true; 117 118 private boolean webDav; 119 120 private ExpectContinue expectContinue = ExpectContinue.PROPER; 121 122 private ChecksumHeader checksumHeader; 123 124 private Server server; 125 126 private ServerConnector httpConnector; 127 128 private ServerConnector httpsConnector; 129 130 private String username; 131 132 private String password; 133 134 private String proxyUsername; 135 136 private String proxyPassword; 137 138 private final AtomicInteger connectionsToClose = new AtomicInteger(0); 139 140 private final AtomicInteger serverErrorsBeforeWorks = new AtomicInteger(0); 141 142 private final List<LogEntry> logEntries = Collections.synchronizedList(new ArrayList<>()); 143 144 public String getHost() { 145 return "localhost"; 146 } 147 148 public int getHttpPort() { 149 return httpConnector != null ? httpConnector.getLocalPort() : -1; 150 } 151 152 public int getHttpsPort() { 153 return httpsConnector != null ? httpsConnector.getLocalPort() : -1; 154 } 155 156 public String getHttpUrl() { 157 return "http://" + getHost() + ":" + getHttpPort(); 158 } 159 160 public String getHttpsUrl() { 161 return "https://" + getHost() + ":" + getHttpsPort(); 162 } 163 164 public HttpServer addSslConnector() { 165 return addSslConnector(true, true); 166 } 167 168 public HttpServer addSelfSignedSslConnector() { 169 return addSslConnector(false, true); 170 } 171 172 public HttpServer addSelfSignedSslConnectorHttp2Only() { 173 return addSslConnector(false, false); 174 } 175 176 private HttpServer addSslConnector(boolean needClientAuth, boolean needHttp11) { 177 if (httpsConnector == null) { 178 SslContextFactory.Server ssl = new SslContextFactory.Server(); 179 ssl.setNeedClientAuth(needClientAuth); 180 if (!needClientAuth) { 181 ssl.setKeyStorePath(HttpTransporterTest.KEY_STORE_SELF_SIGNED_PATH 182 .toAbsolutePath() 183 .toString()); 184 ssl.setKeyStorePassword("server-pwd"); 185 ssl.setSniRequired(false); 186 } else { 187 ssl.setKeyStorePath( 188 HttpTransporterTest.KEY_STORE_PATH.toAbsolutePath().toString()); 189 ssl.setKeyStorePassword("server-pwd"); 190 ssl.setTrustStorePath( 191 HttpTransporterTest.TRUST_STORE_PATH.toAbsolutePath().toString()); 192 ssl.setTrustStorePassword("client-pwd"); 193 ssl.setSniRequired(false); 194 } 195 196 HttpConfiguration httpsConfig = new HttpConfiguration(); 197 SecureRequestCustomizer customizer = new SecureRequestCustomizer(); 198 customizer.setSniHostCheck(false); 199 httpsConfig.addCustomizer(customizer); 200 201 HttpConnectionFactory http1 = null; 202 if (needHttp11) { 203 http1 = new HttpConnectionFactory(httpsConfig); 204 } 205 206 HTTP2ServerConnectionFactory http2 = new HTTP2ServerConnectionFactory(httpsConfig); 207 208 ALPNServerConnectionFactory alpn = new ALPNServerConnectionFactory(); 209 alpn.setDefaultProtocol(http1 != null ? http1.getProtocol() : http2.getProtocol()); 210 211 SslConnectionFactory tls = new SslConnectionFactory(ssl, alpn.getProtocol()); 212 if (http1 != null) { 213 httpsConnector = new ServerConnector(server, tls, alpn, http2, http1); 214 } else { 215 httpsConnector = new ServerConnector(server, tls, alpn, http2); 216 } 217 server.addConnector(httpsConnector); 218 try { 219 httpsConnector.start(); 220 } catch (Exception e) { 221 throw new IllegalStateException(e); 222 } 223 } 224 return this; 225 } 226 227 public List<LogEntry> getLogEntries() { 228 return logEntries; 229 } 230 231 public HttpServer setRepoDir(File repoDir) { 232 this.repoDir = repoDir; 233 return this; 234 } 235 236 public HttpServer setRangeSupport(boolean rangeSupport) { 237 this.rangeSupport = rangeSupport; 238 return this; 239 } 240 241 public HttpServer setWebDav(boolean webDav) { 242 this.webDav = webDav; 243 return this; 244 } 245 246 public HttpServer setExpectSupport(ExpectContinue expectContinue) { 247 this.expectContinue = expectContinue; 248 return this; 249 } 250 251 public HttpServer setChecksumHeader(ChecksumHeader checksumHeader) { 252 this.checksumHeader = checksumHeader; 253 return this; 254 } 255 256 public HttpServer setAuthentication(String username, String password) { 257 this.username = username; 258 this.password = password; 259 return this; 260 } 261 262 public HttpServer setProxyAuthentication(String username, String password) { 263 proxyUsername = username; 264 proxyPassword = password; 265 return this; 266 } 267 268 public HttpServer setConnectionsToClose(int connectionsToClose) { 269 this.connectionsToClose.set(connectionsToClose); 270 return this; 271 } 272 273 public HttpServer setServerErrorsBeforeWorks(int serverErrorsBeforeWorks) { 274 this.serverErrorsBeforeWorks.set(serverErrorsBeforeWorks); 275 return this; 276 } 277 278 public HttpServer start() throws Exception { 279 if (server != null) { 280 return this; 281 } 282 283 HandlerList handlers = new HandlerList(); 284 handlers.addHandler(new ConnectionClosingHandler()); 285 handlers.addHandler(new ServerErrorHandler()); 286 handlers.addHandler(new LogHandler()); 287 handlers.addHandler(new ProxyAuthHandler()); 288 handlers.addHandler(new AuthHandler()); 289 handlers.addHandler(new RedirectHandler()); 290 handlers.addHandler(new RepoHandler()); 291 handlers.addHandler(new RFC9457Handler()); 292 293 server = new Server(); 294 httpConnector = new ServerConnector(server); 295 server.addConnector(httpConnector); 296 server.setHandler(handlers); 297 server.start(); 298 299 return this; 300 } 301 302 public void stop() throws Exception { 303 if (server != null) { 304 server.stop(); 305 server = null; 306 httpConnector = null; 307 httpsConnector = null; 308 } 309 } 310 311 private class ConnectionClosingHandler extends AbstractHandler { 312 @Override 313 public void handle(String target, Request req, HttpServletRequest request, HttpServletResponse response) { 314 if (connectionsToClose.getAndDecrement() > 0) { 315 Response jettyResponse = (Response) response; 316 jettyResponse.getHttpChannel().getConnection().close(); 317 } 318 } 319 } 320 321 private class ServerErrorHandler extends AbstractHandler { 322 @Override 323 public void handle(String target, Request req, HttpServletRequest request, HttpServletResponse response) 324 throws IOException { 325 if (serverErrorsBeforeWorks.getAndDecrement() > 0) { 326 response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); 327 writeResponseBodyMessage(response, "Oops, come back later!"); 328 } 329 } 330 } 331 332 private class LogHandler extends AbstractHandler { 333 @Override 334 public void handle(String target, Request req, HttpServletRequest request, HttpServletResponse response) { 335 LOGGER.info( 336 "{} {}{}", 337 req.getMethod(), 338 req.getRequestURL(), 339 req.getQueryString() != null ? "?" + req.getQueryString() : ""); 340 341 Map<String, String> headers = new TreeMap<>(String.CASE_INSENSITIVE_ORDER); 342 for (Enumeration<String> en = req.getHeaderNames(); en.hasMoreElements(); ) { 343 String name = en.nextElement(); 344 StringBuilder buffer = new StringBuilder(128); 345 for (Enumeration<String> ien = req.getHeaders(name); ien.hasMoreElements(); ) { 346 if (buffer.length() > 0) { 347 buffer.append(", "); 348 } 349 buffer.append(ien.nextElement()); 350 } 351 headers.put(name, buffer.toString()); 352 } 353 logEntries.add(new LogEntry(req.getMethod(), req.getOriginalURI(), Collections.unmodifiableMap(headers))); 354 } 355 } 356 357 private static final Pattern SIMPLE_RANGE = Pattern.compile("bytes=([0-9])+-"); 358 359 private class RepoHandler extends AbstractHandler { 360 @Override 361 public void handle(String target, Request req, HttpServletRequest request, HttpServletResponse response) 362 throws IOException { 363 String path = req.getPathInfo().substring(1); 364 365 if (!path.startsWith("repo/")) { 366 return; 367 } 368 req.setHandled(true); 369 370 if (ExpectContinue.FAIL.equals(expectContinue) && request.getHeader(HttpHeader.EXPECT.asString()) != null) { 371 response.setStatus(HttpServletResponse.SC_EXPECTATION_FAILED); 372 writeResponseBodyMessage(response, "Expectation was set to fail"); 373 return; 374 } 375 376 File file = new File(repoDir, path.substring(5)); 377 if (HttpMethod.GET.is(req.getMethod()) || HttpMethod.HEAD.is(req.getMethod())) { 378 if (!file.isFile() || path.endsWith(URIUtil.SLASH)) { 379 response.setStatus(HttpServletResponse.SC_NOT_FOUND); 380 writeResponseBodyMessage(response, "Not found"); 381 return; 382 } 383 long ifUnmodifiedSince = request.getDateHeader(HttpHeader.IF_UNMODIFIED_SINCE.asString()); 384 if (ifUnmodifiedSince != -1L && file.lastModified() > ifUnmodifiedSince) { 385 response.setStatus(HttpServletResponse.SC_PRECONDITION_FAILED); 386 writeResponseBodyMessage(response, "Precondition failed"); 387 return; 388 } 389 long offset = 0L; 390 String range = request.getHeader(HttpHeader.RANGE.asString()); 391 if (range != null && rangeSupport) { 392 Matcher m = SIMPLE_RANGE.matcher(range); 393 if (m.matches()) { 394 offset = Long.parseLong(m.group(1)); 395 if (offset >= file.length()) { 396 response.setStatus(HttpServletResponse.SC_REQUESTED_RANGE_NOT_SATISFIABLE); 397 writeResponseBodyMessage(response, "Range not satisfiable"); 398 return; 399 } 400 } 401 String encoding = request.getHeader(HttpHeader.ACCEPT_ENCODING.asString()); 402 if ((encoding != null && !"identity".equals(encoding)) || ifUnmodifiedSince == -1L) { 403 response.setStatus(HttpServletResponse.SC_BAD_REQUEST); 404 return; 405 } 406 } 407 response.setStatus((offset > 0L) ? HttpServletResponse.SC_PARTIAL_CONTENT : HttpServletResponse.SC_OK); 408 response.setDateHeader(HttpHeader.LAST_MODIFIED.asString(), file.lastModified()); 409 response.setHeader(HttpHeader.CONTENT_LENGTH.asString(), Long.toString(file.length() - offset)); 410 if (offset > 0L) { 411 response.setHeader( 412 HttpHeader.CONTENT_RANGE.asString(), 413 "bytes " + offset + "-" + (file.length() - 1L) + "/" + file.length()); 414 } 415 if (checksumHeader != null) { 416 Map<String, String> checksums = ChecksumAlgorithmHelper.calculate( 417 file, Collections.singletonList(new Sha1ChecksumAlgorithmFactory())); 418 if (checksumHeader == ChecksumHeader.NEXUS) { 419 response.setHeader(HttpHeader.ETAG.asString(), "{SHA1{" + checksums.get("SHA-1") + "}}"); 420 } else if (checksumHeader == ChecksumHeader.XCHECKSUM) { 421 response.setHeader("x-checksum-sha1", checksums.get(Sha1ChecksumAlgorithmFactory.NAME)); 422 } 423 } 424 if (HttpMethod.HEAD.is(req.getMethod())) { 425 return; 426 } 427 try (FileInputStream is = new FileInputStream(file)) { 428 if (offset > 0L) { 429 long skipped = is.skip(offset); 430 while (skipped < offset && is.read() >= 0) { 431 skipped++; 432 } 433 } 434 IO.copy(is, response.getOutputStream()); 435 } 436 } else if (HttpMethod.PUT.is(req.getMethod())) { 437 if (!webDav) { 438 file.getParentFile().mkdirs(); 439 } 440 if (file.getParentFile().exists()) { 441 try { 442 FileOutputStream os = null; 443 try { 444 os = new FileOutputStream(file); 445 IO.copy(request.getInputStream(), os); 446 os.close(); 447 os = null; 448 } finally { 449 try { 450 if (os != null) { 451 os.close(); 452 } 453 } catch (final IOException e) { 454 // Suppressed due to an exception already thrown in the try block. 455 } 456 } 457 } catch (IOException e) { 458 file.delete(); 459 throw e; 460 } 461 response.setStatus(HttpServletResponse.SC_NO_CONTENT); 462 } else { 463 response.setStatus(HttpServletResponse.SC_FORBIDDEN); 464 } 465 } else if (HttpMethod.OPTIONS.is(req.getMethod())) { 466 if (webDav) { 467 response.setHeader("DAV", "1,2"); 468 } 469 response.setHeader(HttpHeader.ALLOW.asString(), "GET, PUT, HEAD, OPTIONS"); 470 response.setStatus(HttpServletResponse.SC_OK); 471 } else if (webDav && "MKCOL".equals(req.getMethod())) { 472 if (file.exists()) { 473 response.setStatus(HttpServletResponse.SC_METHOD_NOT_ALLOWED); 474 } else if (file.mkdir()) { 475 response.setStatus(HttpServletResponse.SC_CREATED); 476 } else { 477 response.setStatus(HttpServletResponse.SC_CONFLICT); 478 } 479 } else { 480 response.setStatus(HttpServletResponse.SC_METHOD_NOT_ALLOWED); 481 } 482 } 483 } 484 485 private void writeResponseBodyMessage(HttpServletResponse response, String message) throws IOException { 486 try (OutputStream outputStream = response.getOutputStream()) { 487 outputStream.write(message.getBytes(StandardCharsets.UTF_8)); 488 } 489 } 490 491 private class RFC9457Handler extends AbstractHandler { 492 @Override 493 public void handle( 494 final String target, 495 final Request req, 496 final HttpServletRequest request, 497 final HttpServletResponse response) 498 throws IOException, ServletException { 499 String path = req.getPathInfo().substring(1); 500 501 if (!path.startsWith("rfc9457/")) { 502 return; 503 } 504 req.setHandled(true); 505 506 if (HttpMethod.GET.is(req.getMethod())) { 507 response.setStatus(HttpServletResponse.SC_FORBIDDEN); 508 response.setHeader(HttpHeader.CONTENT_TYPE.asString(), "application/problem+json"); 509 RFC9457Payload rfc9457Payload; 510 if (path.endsWith("missing_fields.txt")) { 511 rfc9457Payload = new RFC9457Payload(null, null, null, null, null); 512 } else { 513 rfc9457Payload = new RFC9457Payload( 514 URI.create("https://example.com/probs/out-of-credit"), 515 HttpServletResponse.SC_FORBIDDEN, 516 "You do not have enough credit.", 517 "Your current balance is 30, but that costs 50.", 518 URI.create("/account/12345/msgs/abc")); 519 } 520 writeResponseBodyMessage(response, buildRFC9457Message(rfc9457Payload)); 521 } 522 } 523 } 524 525 private String buildRFC9457Message(RFC9457Payload payload) { 526 return new Gson().toJson(payload, RFC9457Payload.class); 527 } 528 529 private class RedirectHandler extends AbstractHandler { 530 @Override 531 public void handle(String target, Request req, HttpServletRequest request, HttpServletResponse response) { 532 String path = req.getPathInfo(); 533 if (!path.startsWith("/redirect/")) { 534 return; 535 } 536 req.setHandled(true); 537 StringBuilder location = new StringBuilder(128); 538 String scheme = req.getParameter("scheme"); 539 location.append(scheme != null ? scheme : req.getScheme()); 540 location.append("://"); 541 location.append(req.getServerName()); 542 location.append(":"); 543 if ("http".equalsIgnoreCase(scheme)) { 544 location.append(getHttpPort()); 545 } else if ("https".equalsIgnoreCase(scheme)) { 546 location.append(getHttpsPort()); 547 } else { 548 location.append(req.getServerPort()); 549 } 550 location.append("/repo").append(path.substring(9)); 551 response.setStatus(HttpServletResponse.SC_MOVED_PERMANENTLY); 552 response.setHeader(HttpHeader.LOCATION.asString(), location.toString()); 553 } 554 } 555 556 private class AuthHandler extends AbstractHandler { 557 @Override 558 public void handle(String target, Request req, HttpServletRequest request, HttpServletResponse response) 559 throws IOException { 560 if (ExpectContinue.BROKEN.equals(expectContinue) 561 && "100-continue".equalsIgnoreCase(request.getHeader(HttpHeader.EXPECT.asString()))) { 562 request.getInputStream(); 563 } 564 565 if (username != null && password != null) { 566 if (checkBasicAuth(request.getHeader(HttpHeader.AUTHORIZATION.asString()), username, password)) { 567 return; 568 } 569 req.setHandled(true); 570 response.setHeader(HttpHeader.WWW_AUTHENTICATE.asString(), "basic realm=\"Test-Realm\""); 571 response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); 572 } 573 } 574 } 575 576 private class ProxyAuthHandler extends AbstractHandler { 577 @Override 578 public void handle(String target, Request req, HttpServletRequest request, HttpServletResponse response) { 579 if (proxyUsername != null && proxyPassword != null) { 580 if (checkBasicAuth( 581 request.getHeader(HttpHeader.PROXY_AUTHORIZATION.asString()), proxyUsername, proxyPassword)) { 582 return; 583 } 584 req.setHandled(true); 585 response.setHeader(HttpHeader.PROXY_AUTHENTICATE.asString(), "basic realm=\"Test-Realm\""); 586 response.setStatus(HttpServletResponse.SC_PROXY_AUTHENTICATION_REQUIRED); 587 } 588 } 589 } 590 591 static boolean checkBasicAuth(String credentials, String username, String password) { 592 if (credentials != null) { 593 int space = credentials.indexOf(' '); 594 if (space > 0) { 595 String method = credentials.substring(0, space); 596 if ("basic".equalsIgnoreCase(method)) { 597 credentials = credentials.substring(space + 1); 598 credentials = new String(Base64.getDecoder().decode(credentials), StandardCharsets.ISO_8859_1); 599 int i = credentials.indexOf(':'); 600 if (i > 0) { 601 String user = credentials.substring(0, i); 602 String pass = credentials.substring(i + 1); 603 if (username.equals(user) && password.equals(pass)) { 604 return true; 605 } 606 } 607 } 608 } 609 } 610 return false; 611 } 612}