View Javadoc
1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements.  See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership.  The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License.  You may obtain a copy of the License at
9    *
10   *   http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied.  See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.eclipse.aether.transport.apache;
20  
21  import java.io.IOException;
22  import java.io.InputStream;
23  import java.io.InterruptedIOException;
24  import java.io.OutputStream;
25  import java.io.UncheckedIOException;
26  import java.net.URI;
27  import java.net.URISyntaxException;
28  import java.nio.charset.Charset;
29  import java.nio.file.Files;
30  import java.nio.file.Path;
31  import java.nio.file.StandardCopyOption;
32  import java.util.Date;
33  import java.util.List;
34  import java.util.Map;
35  import java.util.Set;
36  import java.util.concurrent.ConcurrentHashMap;
37  import java.util.function.Function;
38  import java.util.regex.Matcher;
39  
40  import org.apache.http.Header;
41  import org.apache.http.HttpEntity;
42  import org.apache.http.HttpEntityEnclosingRequest;
43  import org.apache.http.HttpHeaders;
44  import org.apache.http.HttpHost;
45  import org.apache.http.HttpResponse;
46  import org.apache.http.HttpStatus;
47  import org.apache.http.auth.AuthScheme;
48  import org.apache.http.auth.AuthSchemeProvider;
49  import org.apache.http.auth.AuthScope;
50  import org.apache.http.client.AuthCache;
51  import org.apache.http.client.CredentialsProvider;
52  import org.apache.http.client.HttpRequestRetryHandler;
53  import org.apache.http.client.HttpResponseException;
54  import org.apache.http.client.ServiceUnavailableRetryStrategy;
55  import org.apache.http.client.config.AuthSchemes;
56  import org.apache.http.client.config.CookieSpecs;
57  import org.apache.http.client.config.RequestConfig;
58  import org.apache.http.client.methods.CloseableHttpResponse;
59  import org.apache.http.client.methods.HttpGet;
60  import org.apache.http.client.methods.HttpHead;
61  import org.apache.http.client.methods.HttpOptions;
62  import org.apache.http.client.methods.HttpPut;
63  import org.apache.http.client.methods.HttpUriRequest;
64  import org.apache.http.client.utils.DateUtils;
65  import org.apache.http.client.utils.URIUtils;
66  import org.apache.http.config.Registry;
67  import org.apache.http.config.RegistryBuilder;
68  import org.apache.http.config.SocketConfig;
69  import org.apache.http.entity.AbstractHttpEntity;
70  import org.apache.http.entity.ByteArrayEntity;
71  import org.apache.http.impl.NoConnectionReuseStrategy;
72  import org.apache.http.impl.auth.BasicScheme;
73  import org.apache.http.impl.auth.BasicSchemeFactory;
74  import org.apache.http.impl.auth.DigestSchemeFactory;
75  import org.apache.http.impl.auth.KerberosSchemeFactory;
76  import org.apache.http.impl.auth.NTLMSchemeFactory;
77  import org.apache.http.impl.auth.SPNegoSchemeFactory;
78  import org.apache.http.impl.client.CloseableHttpClient;
79  import org.apache.http.impl.client.DefaultHttpRequestRetryHandler;
80  import org.apache.http.impl.client.HttpClientBuilder;
81  import org.apache.http.impl.client.LaxRedirectStrategy;
82  import org.apache.http.impl.client.StandardHttpRequestRetryHandler;
83  import org.apache.http.protocol.HttpContext;
84  import org.apache.http.util.EntityUtils;
85  import org.eclipse.aether.Keys;
86  import org.eclipse.aether.RepositorySystemSession;
87  import org.eclipse.aether.repository.AuthenticationContext;
88  import org.eclipse.aether.repository.Proxy;
89  import org.eclipse.aether.repository.RemoteRepository;
90  import org.eclipse.aether.spi.connector.transport.AbstractTransporter;
91  import org.eclipse.aether.spi.connector.transport.GetTask;
92  import org.eclipse.aether.spi.connector.transport.PeekTask;
93  import org.eclipse.aether.spi.connector.transport.PutTask;
94  import org.eclipse.aether.spi.connector.transport.TransportTask;
95  import org.eclipse.aether.spi.connector.transport.http.ChecksumExtractor;
96  import org.eclipse.aether.spi.connector.transport.http.HttpTransporter;
97  import org.eclipse.aether.spi.connector.transport.http.HttpTransporterException;
98  import org.eclipse.aether.spi.io.PathProcessor;
99  import org.eclipse.aether.transfer.NoTransporterException;
100 import org.eclipse.aether.transfer.TransferCancelledException;
101 import org.eclipse.aether.util.ConfigUtils;
102 import org.eclipse.aether.util.StringDigestUtil;
103 import org.eclipse.aether.util.connector.transport.http.HttpTransporterUtils;
104 import org.slf4j.Logger;
105 import org.slf4j.LoggerFactory;
106 
107 import static java.util.Objects.requireNonNull;
108 import static org.eclipse.aether.spi.connector.transport.http.HttpConstants.CONTENT_RANGE_PATTERN;
109 import static org.eclipse.aether.transport.apache.ApacheTransporterConfigurationKeys.CONFIG_PROP_FOLLOW_REDIRECTS;
110 import static org.eclipse.aether.transport.apache.ApacheTransporterConfigurationKeys.CONFIG_PROP_HTTP_RETRY_HANDLER_NAME;
111 import static org.eclipse.aether.transport.apache.ApacheTransporterConfigurationKeys.CONFIG_PROP_HTTP_RETRY_HANDLER_REQUEST_SENT_ENABLED;
112 import static org.eclipse.aether.transport.apache.ApacheTransporterConfigurationKeys.CONFIG_PROP_MAX_REDIRECTS;
113 import static org.eclipse.aether.transport.apache.ApacheTransporterConfigurationKeys.CONFIG_PROP_USE_SYSTEM_PROPERTIES;
114 import static org.eclipse.aether.transport.apache.ApacheTransporterConfigurationKeys.DEFAULT_FOLLOW_REDIRECTS;
115 import static org.eclipse.aether.transport.apache.ApacheTransporterConfigurationKeys.DEFAULT_HTTP_RETRY_HANDLER_REQUEST_SENT_ENABLED;
116 import static org.eclipse.aether.transport.apache.ApacheTransporterConfigurationKeys.DEFAULT_MAX_REDIRECTS;
117 import static org.eclipse.aether.transport.apache.ApacheTransporterConfigurationKeys.DEFAULT_USE_SYSTEM_PROPERTIES;
118 import static org.eclipse.aether.transport.apache.ApacheTransporterConfigurationKeys.HTTP_RETRY_HANDLER_NAME_DEFAULT;
119 import static org.eclipse.aether.transport.apache.ApacheTransporterConfigurationKeys.HTTP_RETRY_HANDLER_NAME_STANDARD;
120 
121 /**
122  * A transporter for HTTP/HTTPS.
123  */
124 final class ApacheTransporter extends AbstractTransporter implements HttpTransporter {
125     private static final Logger LOGGER = LoggerFactory.getLogger(ApacheTransporter.class);
126 
127     private final ChecksumExtractor checksumExtractor;
128 
129     private final PathProcessor pathProcessor;
130 
131     private final AuthenticationContext repoAuthContext;
132 
133     private final AuthenticationContext proxyAuthContext;
134 
135     private final URI baseUri;
136 
137     private final HttpHost server;
138 
139     private final HttpHost proxy;
140 
141     private final CloseableHttpClient client;
142 
143     private final Map<?, ?> headers;
144 
145     private final LocalState state;
146 
147     private final boolean preemptiveAuth;
148 
149     private final boolean preemptivePutAuth;
150 
151     private final boolean supportWebDav;
152 
153     private final boolean sendRfc9457Accept;
154 
155     private final AuthCache authCache;
156 
157     @SuppressWarnings("checkstyle:methodlength")
158     ApacheTransporter(
159             RemoteRepository repository,
160             RepositorySystemSession session,
161             ChecksumExtractor checksumExtractor,
162             PathProcessor pathProcessor)
163             throws NoTransporterException {
164         this.checksumExtractor = checksumExtractor;
165         this.pathProcessor = pathProcessor;
166         try {
167             this.baseUri = HttpTransporterUtils.getBaseUri(repository);
168             this.server = URIUtils.extractHost(baseUri);
169             if (server == null) {
170                 throw new URISyntaxException(repository.getUrl(), "URL lacks host name");
171             }
172         } catch (URISyntaxException e) {
173             throw new NoTransporterException(repository, e.getMessage(), e);
174         }
175         this.proxy = toHost(repository.getProxy());
176 
177         this.repoAuthContext = AuthenticationContext.forRepository(session, repository);
178         this.proxyAuthContext = AuthenticationContext.forProxy(session, repository);
179 
180         String httpsSecurityMode = HttpTransporterUtils.getHttpsSecurityMode(session, repository);
181         final int connectionMaxTtlSeconds = HttpTransporterUtils.getHttpConnectionMaxTtlSeconds(session, repository);
182         final int maxConnectionsPerRoute = HttpTransporterUtils.getHttpMaxConnectionsPerRoute(session, repository);
183         this.state = new LocalState(
184                 session,
185                 repository,
186                 new ConnMgrConfig(
187                         session, repoAuthContext, httpsSecurityMode, connectionMaxTtlSeconds, maxConnectionsPerRoute));
188 
189         this.headers = HttpTransporterUtils.getHttpHeaders(session, repository);
190         this.preemptiveAuth = HttpTransporterUtils.isHttpPreemptiveAuth(session, repository);
191         this.preemptivePutAuth = HttpTransporterUtils.isHttpPreemptivePutAuth(session, repository);
192         this.supportWebDav = HttpTransporterUtils.isHttpSupportWebDav(session, repository);
193         this.sendRfc9457Accept = HttpTransporterUtils.isHttpSendRfc9457Accept(session, repository);
194         int connectTimeout = HttpTransporterUtils.getHttpConnectTimeout(session, repository);
195         int requestTimeout = HttpTransporterUtils.getHttpRequestTimeout(session, repository);
196         int retryCount = HttpTransporterUtils.getHttpRetryHandlerCount(session, repository);
197         long retryInterval = HttpTransporterUtils.getHttpRetryHandlerInterval(session, repository);
198         long retryIntervalMax = HttpTransporterUtils.getHttpRetryHandlerIntervalMax(session, repository);
199         String retryHandlerName = ConfigUtils.getString(
200                 session,
201                 HTTP_RETRY_HANDLER_NAME_STANDARD,
202                 CONFIG_PROP_HTTP_RETRY_HANDLER_NAME + "." + repository.getId(),
203                 CONFIG_PROP_HTTP_RETRY_HANDLER_NAME);
204         boolean retryHandlerRequestSentEnabled = ConfigUtils.getBoolean(
205                 session,
206                 DEFAULT_HTTP_RETRY_HANDLER_REQUEST_SENT_ENABLED,
207                 CONFIG_PROP_HTTP_RETRY_HANDLER_REQUEST_SENT_ENABLED + "." + repository.getId(),
208                 CONFIG_PROP_HTTP_RETRY_HANDLER_REQUEST_SENT_ENABLED);
209         int maxRedirects = ConfigUtils.getInteger(
210                 session,
211                 DEFAULT_MAX_REDIRECTS,
212                 CONFIG_PROP_MAX_REDIRECTS + "." + repository.getId(),
213                 CONFIG_PROP_MAX_REDIRECTS);
214         boolean followRedirects = ConfigUtils.getBoolean(
215                 session,
216                 DEFAULT_FOLLOW_REDIRECTS,
217                 CONFIG_PROP_FOLLOW_REDIRECTS + "." + repository.getId(),
218                 CONFIG_PROP_FOLLOW_REDIRECTS);
219         String userAgent = HttpTransporterUtils.getUserAgent(session, repository);
220 
221         Charset credentialsCharset = HttpTransporterUtils.getHttpCredentialsEncoding(session, repository);
222         Registry<AuthSchemeProvider> authSchemeRegistry = RegistryBuilder.<AuthSchemeProvider>create()
223                 .register(AuthSchemes.BASIC, new BasicSchemeFactory(credentialsCharset))
224                 .register(AuthSchemes.DIGEST, new DigestSchemeFactory(credentialsCharset))
225                 .register(AuthSchemes.NTLM, new NTLMSchemeFactory())
226                 .register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory())
227                 .register(AuthSchemes.KERBEROS, new KerberosSchemeFactory())
228                 .build();
229         SocketConfig socketConfig =
230                 // the time to establish connection (low level)
231                 SocketConfig.custom().setSoTimeout(requestTimeout).build();
232         RequestConfig requestConfig = RequestConfig.custom()
233                 .setMaxRedirects(maxRedirects)
234                 .setRedirectsEnabled(followRedirects)
235                 .setRelativeRedirectsAllowed(followRedirects)
236                 // the time waiting for data; max time between two data packets
237                 .setSocketTimeout(requestTimeout)
238                 // the time to establish the connection (high level)
239                 .setConnectTimeout(connectTimeout)
240                 // the time to wait for a connection from the connection manager/pool
241                 .setConnectionRequestTimeout(connectTimeout)
242                 .setLocalAddress(HttpTransporterUtils.getHttpLocalAddress(session, repository)
243                         .orElse(null))
244                 .setCookieSpec(CookieSpecs.STANDARD)
245                 .build();
246 
247         HttpRequestRetryHandler retryHandler;
248         if (HTTP_RETRY_HANDLER_NAME_STANDARD.equals(retryHandlerName)) {
249             retryHandler = new StandardHttpRequestRetryHandler(retryCount, retryHandlerRequestSentEnabled);
250         } else if (HTTP_RETRY_HANDLER_NAME_DEFAULT.equals(retryHandlerName)) {
251             retryHandler = new DefaultHttpRequestRetryHandler(retryCount, retryHandlerRequestSentEnabled);
252         } else {
253             throw new IllegalArgumentException(
254                     "Unsupported parameter " + CONFIG_PROP_HTTP_RETRY_HANDLER_NAME + " value: " + retryHandlerName);
255         }
256         ServiceUnavailableRetryStrategy serviceUnavailableRetryStrategy = new ResolverServiceUnavailableRetryStrategy(
257                 retryCount,
258                 retryInterval,
259                 retryIntervalMax,
260                 HttpTransporterUtils.getHttpServiceUnavailableCodes(session, repository));
261 
262         HttpClientBuilder builder = HttpClientBuilder.create()
263                 .setUserAgent(userAgent)
264                 .setRedirectStrategy(LaxRedirectStrategy.INSTANCE)
265                 .setDefaultSocketConfig(socketConfig)
266                 .setDefaultRequestConfig(requestConfig)
267                 .setServiceUnavailableRetryStrategy(serviceUnavailableRetryStrategy)
268                 .setRetryHandler(retryHandler)
269                 .setDefaultAuthSchemeRegistry(authSchemeRegistry)
270                 .setConnectionManager(state.getConnectionManager())
271                 .setConnectionManagerShared(true)
272                 .setDefaultCredentialsProvider(toCredentialsProvider(server, repoAuthContext, proxy, proxyAuthContext))
273                 .setProxy(proxy);
274         final boolean useSystemProperties = ConfigUtils.getBoolean(
275                 session,
276                 DEFAULT_USE_SYSTEM_PROPERTIES,
277                 CONFIG_PROP_USE_SYSTEM_PROPERTIES + "." + repository.getId(),
278                 CONFIG_PROP_USE_SYSTEM_PROPERTIES);
279         if (useSystemProperties) {
280             LOGGER.warn(
281                     "Transport used Apache HttpClient is instructed to use system properties: this may yield in unwanted side-effects!");
282             LOGGER.warn("Please use documented means to configure resolver transport.");
283             builder.useSystemProperties();
284         }
285 
286         HttpTransporterUtils.getHttpExpectContinue(session, repository).ifPresent(state::setExpectContinue);
287         if (!HttpTransporterUtils.isHttpReuseConnections(session, repository)) {
288             builder.setConnectionReuseStrategy(NoConnectionReuseStrategy.INSTANCE);
289         }
290 
291         if (session.getCache() != null) {
292             this.authCache = (AuthCache) session.getCache()
293                     .computeIfAbsent(
294                             session,
295                             Keys.of(
296                                     getClass(),
297                                     repository.getId() + "-" + StringDigestUtil.sha1(repository.toString())),
298                             ConcurrentAuthCache::new);
299         } else {
300             this.authCache = new ConcurrentAuthCache();
301         }
302         this.client = builder.build();
303     }
304 
305     private static HttpHost toHost(Proxy proxy) {
306         HttpHost host = null;
307         if (proxy != null) {
308             // in Maven, the proxy.protocol is used for proxy matching against remote repository protocol; no TLS proxy
309             // support
310             // https://github.com/apache/maven/issues/2519
311             // https://github.com/apache/maven-resolver/issues/745
312             host = new HttpHost(proxy.getHost(), proxy.getPort());
313         }
314         return host;
315     }
316 
317     private static CredentialsProvider toCredentialsProvider(
318             HttpHost server, AuthenticationContext serverAuthCtx, HttpHost proxy, AuthenticationContext proxyAuthCtx) {
319         CredentialsProvider provider = toCredentialsProvider(server.getHostName(), AuthScope.ANY_PORT, serverAuthCtx);
320         if (proxy != null) {
321             CredentialsProvider p = toCredentialsProvider(proxy.getHostName(), proxy.getPort(), proxyAuthCtx);
322             provider = new DemuxCredentialsProvider(provider, p, proxy);
323         }
324         return provider;
325     }
326 
327     private static CredentialsProvider toCredentialsProvider(String host, int port, AuthenticationContext ctx) {
328         DeferredCredentialsProvider provider = new DeferredCredentialsProvider();
329         if (ctx != null) {
330             AuthScope basicScope = new AuthScope(host, port);
331             provider.setCredentials(basicScope, new DeferredCredentialsProvider.BasicFactory(ctx));
332 
333             AuthScope ntlmScope = new AuthScope(host, port, AuthScope.ANY_REALM, "ntlm");
334             provider.setCredentials(ntlmScope, new DeferredCredentialsProvider.NtlmFactory(ctx));
335         }
336         return provider;
337     }
338 
339     LocalState getState() {
340         return state;
341     }
342 
343     private URI resolve(TransportTask task) {
344         return UriUtils.resolve(baseUri, task.getLocation());
345     }
346 
347     @Override
348     protected void implPeek(PeekTask task) throws Exception {
349         HttpHead request = commonHeaders(new HttpHead(resolve(task)));
350         try {
351             execute(request, null);
352         } catch (HttpResponseException e) {
353             throw new HttpTransporterException(e.getStatusCode());
354         }
355     }
356 
357     @Override
358     protected void implGet(GetTask task) throws Exception {
359         boolean resume = true;
360 
361         EntityGetter getter = new EntityGetter(task);
362         HttpGet request = commonHeaders(new HttpGet(resolve(task)));
363         if (sendRfc9457Accept) {
364             ApacheRFC9457Reporter.INSTANCE.prepareRequest(request);
365         }
366         while (true) {
367             try {
368                 if (resume) {
369                     resume(request, task);
370                 }
371                 execute(request, getter);
372                 break;
373             } catch (HttpResponseException e) {
374                 if (resume
375                         && e.getStatusCode() == HttpStatus.SC_PRECONDITION_FAILED
376                         && request.containsHeader(HttpHeaders.RANGE)) {
377                     request = commonHeaders(new HttpGet(resolve(task)));
378                     resume = false;
379                     continue;
380                 }
381                 throw new HttpTransporterException(e.getStatusCode());
382             }
383         }
384     }
385 
386     @Override
387     protected void implPut(PutTask task) throws Exception {
388         PutTaskEntity entity = new PutTaskEntity(task);
389         HttpPut request = commonHeaders(entity(new HttpPut(resolve(task)), entity));
390         if (sendRfc9457Accept) {
391             ApacheRFC9457Reporter.INSTANCE.prepareRequest(request);
392         }
393         try {
394             execute(request, null);
395         } catch (HttpResponseException e) {
396             if (e.getStatusCode() == HttpStatus.SC_EXPECTATION_FAILED && request.containsHeader(HttpHeaders.EXPECT)) {
397                 state.setExpectContinue(false);
398                 request = commonHeaders(entity(new HttpPut(request.getURI()), entity));
399                 execute(request, null);
400                 return;
401             }
402             throw new HttpTransporterException(e.getStatusCode());
403         }
404     }
405 
406     private void execute(HttpUriRequest request, EntityGetter getter) throws Exception {
407         try {
408             SharingHttpContext context = new SharingHttpContext(state);
409             context.setAuthCache(authCache);
410             prepare(request, context);
411             try (CloseableHttpResponse response = client.execute(server, request, context)) {
412                 try {
413                     handleStatus(response);
414                     if (getter != null) {
415                         getter.handle(response);
416                     }
417                 } finally {
418                     EntityUtils.consumeQuietly(response.getEntity());
419                 }
420             }
421         } catch (IOException e) {
422             if (e.getCause() instanceof TransferCancelledException) {
423                 throw (Exception) e.getCause();
424             }
425             throw e;
426         }
427     }
428 
429     private void prepare(HttpUriRequest request, SharingHttpContext context) throws Exception {
430         final boolean put = HttpPut.METHOD_NAME.equalsIgnoreCase(request.getMethod());
431         if (preemptiveAuth || (preemptivePutAuth && put)) {
432             context.getAuthCache().put(server, new BasicScheme());
433         }
434         if (supportWebDav) {
435             if (state.getWebDav() == null && (put || isPayloadPresent(request))) {
436                 HttpOptions req = commonHeaders(new HttpOptions(request.getURI()));
437                 try (CloseableHttpResponse response = client.execute(server, req, context)) {
438                     state.setWebDav(response.containsHeader(HttpHeaders.DAV));
439                     EntityUtils.consumeQuietly(response.getEntity());
440                 } catch (IOException e) {
441                     LOGGER.debug("Failed to prepare HTTP context", e);
442                 }
443             }
444             if (put && Boolean.TRUE.equals(state.getWebDav())) {
445                 mkdirs(request.getURI(), context);
446             }
447         }
448     }
449 
450     private void mkdirs(URI uri, SharingHttpContext context) throws Exception {
451         List<URI> dirs = UriUtils.getDirectories(baseUri, uri);
452         int index = 0;
453         for (; index < dirs.size(); index++) {
454             try (CloseableHttpResponse response =
455                     client.execute(server, commonHeaders(new HttpMkCol(dirs.get(index))), context)) {
456                 try {
457                     int status = response.getStatusLine().getStatusCode();
458                     if (status < 300 || status == HttpStatus.SC_METHOD_NOT_ALLOWED) {
459                         break;
460                     } else if (status == HttpStatus.SC_CONFLICT) {
461                         continue;
462                     }
463                     handleStatus(response);
464                 } finally {
465                     EntityUtils.consumeQuietly(response.getEntity());
466                 }
467             } catch (IOException e) {
468                 LOGGER.debug("Failed to create parent directory {}", dirs.get(index), e);
469                 return;
470             }
471         }
472         for (index--; index >= 0; index--) {
473             try (CloseableHttpResponse response =
474                     client.execute(server, commonHeaders(new HttpMkCol(dirs.get(index))), context)) {
475                 try {
476                     handleStatus(response);
477                 } finally {
478                     EntityUtils.consumeQuietly(response.getEntity());
479                 }
480             } catch (IOException e) {
481                 LOGGER.debug("Failed to create parent directory {}", dirs.get(index), e);
482                 return;
483             }
484         }
485     }
486 
487     private <T extends HttpEntityEnclosingRequest> T entity(T request, HttpEntity entity) {
488         request.setEntity(entity);
489         return request;
490     }
491 
492     private boolean isPayloadPresent(HttpUriRequest request) {
493         if (request instanceof HttpEntityEnclosingRequest) {
494             HttpEntity entity = ((HttpEntityEnclosingRequest) request).getEntity();
495             return entity != null && entity.getContentLength() != 0;
496         }
497         return false;
498     }
499 
500     private <T extends HttpUriRequest> T commonHeaders(T request) {
501         request.setHeader(HttpHeaders.CACHE_CONTROL, "no-cache, no-store");
502         request.setHeader(HttpHeaders.PRAGMA, "no-cache");
503 
504         if (state.isExpectContinue() && isPayloadPresent(request)) {
505             request.setHeader(HttpHeaders.EXPECT, "100-continue");
506         }
507 
508         for (Map.Entry<?, ?> entry : headers.entrySet()) {
509             if (!(entry.getKey() instanceof String)) {
510                 continue;
511             }
512             if (entry.getValue() instanceof String) {
513                 request.setHeader(entry.getKey().toString(), entry.getValue().toString());
514             } else {
515                 request.removeHeaders(entry.getKey().toString());
516             }
517         }
518 
519         if (!state.isExpectContinue()) {
520             request.removeHeaders(HttpHeaders.EXPECT);
521         }
522         return request;
523     }
524 
525     private <T extends HttpUriRequest> void resume(T request, GetTask task) throws IOException {
526         long resumeOffset = task.getResumeOffset();
527         if (resumeOffset > 0L && task.getDataPath() != null) {
528             long lastModified = Files.getLastModifiedTime(task.getDataPath()).toMillis();
529             request.setHeader(HttpHeaders.RANGE, "bytes=" + resumeOffset + '-');
530             request.setHeader(
531                     HttpHeaders.IF_UNMODIFIED_SINCE, DateUtils.formatDate(new Date(lastModified - 60L * 1000L)));
532             request.setHeader(HttpHeaders.ACCEPT_ENCODING, "identity");
533         }
534     }
535 
536     private void handleStatus(CloseableHttpResponse response) throws Exception {
537         int status = response.getStatusLine().getStatusCode();
538         if (status >= 300) {
539             ApacheRFC9457Reporter.INSTANCE.generateException(response, (statusCode, reasonPhrase) -> {
540                 throw new HttpResponseException(statusCode, reasonPhrase + " (" + statusCode + ")");
541             });
542         }
543     }
544 
545     @Override
546     protected void implClose() {
547         try {
548             client.close();
549         } catch (IOException e) {
550             throw new UncheckedIOException(e);
551         }
552         AuthenticationContext.close(repoAuthContext);
553         AuthenticationContext.close(proxyAuthContext);
554         state.close();
555     }
556 
557     private class EntityGetter {
558 
559         private final GetTask task;
560 
561         EntityGetter(GetTask task) {
562             this.task = task;
563         }
564 
565         public void handle(CloseableHttpResponse response) throws IOException, TransferCancelledException {
566             HttpEntity entity = response.getEntity();
567             if (entity == null) {
568                 entity = new ByteArrayEntity(new byte[0]);
569             }
570 
571             long offset = 0L, length = entity.getContentLength();
572             Header rangeHeader = response.getFirstHeader(HttpHeaders.CONTENT_RANGE);
573             String range = rangeHeader != null ? rangeHeader.getValue() : null;
574             if (range != null) {
575                 Matcher m = CONTENT_RANGE_PATTERN.matcher(range);
576                 if (!m.matches()) {
577                     throw new IOException("Invalid Content-Range header for partial download: " + range);
578                 }
579                 offset = Long.parseLong(m.group(1));
580                 length = Long.parseLong(m.group(2)) + 1L;
581                 if (offset < 0L || offset >= length || (offset > 0L && offset != task.getResumeOffset())) {
582                     throw new IOException("Invalid Content-Range header for partial download from offset "
583                             + task.getResumeOffset() + ": " + range);
584                 }
585             }
586 
587             final boolean resume = offset > 0L;
588             final Path dataFile = task.getDataPath();
589             if (dataFile == null) {
590                 try (InputStream is = entity.getContent()) {
591                     utilGet(task, is, true, length, resume);
592                     extractChecksums(response);
593                 }
594             } else {
595                 try (PathProcessor.CollocatedTempFile tempFile = pathProcessor.newTempFile(dataFile)) {
596                     task.setDataPath(tempFile.getPath(), resume);
597                     if (resume && Files.isRegularFile(dataFile)) {
598                         try (InputStream inputStream = Files.newInputStream(dataFile)) {
599                             Files.copy(inputStream, tempFile.getPath(), StandardCopyOption.REPLACE_EXISTING);
600                         }
601                     }
602                     try (InputStream is = entity.getContent()) {
603                         utilGet(task, is, true, length, resume);
604                     }
605                     tempFile.move();
606                 } finally {
607                     task.setDataPath(dataFile);
608                 }
609             }
610             if (task.getDataPath() != null) {
611                 Header lastModifiedHeader =
612                         response.getFirstHeader(HttpHeaders.LAST_MODIFIED); // note: Wagon also does first not last
613                 if (lastModifiedHeader != null) {
614                     Date lastModified = DateUtils.parseDate(lastModifiedHeader.getValue());
615                     if (lastModified != null) {
616                         pathProcessor.setLastModified(task.getDataPath(), lastModified.getTime());
617                     }
618                 }
619             }
620             extractChecksums(response);
621         }
622 
623         private void extractChecksums(CloseableHttpResponse response) {
624             Map<String, String> checksums = checksumExtractor.extractChecksums(headerGetter(response));
625             if (checksums != null && !checksums.isEmpty()) {
626                 checksums.forEach(task::setChecksum);
627             }
628         }
629     }
630 
631     private static Function<String, String> headerGetter(CloseableHttpResponse closeableHttpResponse) {
632         return s -> {
633             Header header = closeableHttpResponse.getFirstHeader(s);
634             return header != null ? header.getValue() : null;
635         };
636     }
637 
638     private class PutTaskEntity extends AbstractHttpEntity {
639 
640         private final PutTask task;
641 
642         PutTaskEntity(PutTask task) {
643             this.task = task;
644         }
645 
646         @Override
647         public boolean isRepeatable() {
648             return true;
649         }
650 
651         @Override
652         public boolean isStreaming() {
653             return false;
654         }
655 
656         @Override
657         public long getContentLength() {
658             return task.getDataLength();
659         }
660 
661         @Override
662         public InputStream getContent() throws IOException {
663             return task.newInputStream();
664         }
665 
666         @Override
667         public void writeTo(OutputStream os) throws IOException {
668             try {
669                 utilPut(task, os, false);
670             } catch (TransferCancelledException e) {
671                 throw (IOException) new InterruptedIOException().initCause(e);
672             }
673         }
674     }
675 
676     private static class ResolverServiceUnavailableRetryStrategy implements ServiceUnavailableRetryStrategy {
677         private final int retryCount;
678 
679         private final long retryInterval;
680 
681         private final long retryIntervalMax;
682 
683         private final Set<Integer> serviceUnavailableHttpCodes;
684 
685         /**
686          * Ugly, but forced by HttpClient API {@link ServiceUnavailableRetryStrategy}: the calls for
687          * {@link #retryRequest(HttpResponse, int, HttpContext)} and {@link #getRetryInterval()} are done by same
688          * thread and are actually done from spot that are very close to each other (almost subsequent calls).
689          */
690         private static final ThreadLocal<Long> RETRY_INTERVAL_HOLDER = new ThreadLocal<>();
691 
692         private ResolverServiceUnavailableRetryStrategy(
693                 int retryCount, long retryInterval, long retryIntervalMax, Set<Integer> serviceUnavailableHttpCodes) {
694             if (retryCount < 0) {
695                 throw new IllegalArgumentException("retryCount must be >= 0");
696             }
697             if (retryInterval < 0L) {
698                 throw new IllegalArgumentException("retryInterval must be >= 0");
699             }
700             if (retryIntervalMax < 0L) {
701                 throw new IllegalArgumentException("retryIntervalMax must be >= 0");
702             }
703             this.retryCount = retryCount;
704             this.retryInterval = retryInterval;
705             this.retryIntervalMax = retryIntervalMax;
706             this.serviceUnavailableHttpCodes = requireNonNull(serviceUnavailableHttpCodes);
707         }
708 
709         @Override
710         public boolean retryRequest(HttpResponse response, int executionCount, HttpContext context) {
711             final boolean retry = executionCount <= retryCount
712                     && (serviceUnavailableHttpCodes.contains(
713                             response.getStatusLine().getStatusCode()));
714             if (retry) {
715                 Long retryInterval = retryInterval(response, executionCount, context);
716                 if (retryInterval != null) {
717                     RETRY_INTERVAL_HOLDER.set(retryInterval);
718                     return true;
719                 }
720             }
721             RETRY_INTERVAL_HOLDER.remove();
722             return false;
723         }
724 
725         /**
726          * Calculates retry interval in milliseconds. If {@link HttpHeaders#RETRY_AFTER} header present, it obeys it.
727          * Otherwise, it returns {@link this#retryInterval} long value multiplied with {@code executionCount} (starts
728          * from 1 and goes 2, 3,...).
729          *
730          * @return Long representing the retry interval as millis, or {@code null} if the request should be failed.
731          */
732         private Long retryInterval(HttpResponse httpResponse, int executionCount, HttpContext httpContext) {
733             Long result = null;
734             Header header = httpResponse.getFirstHeader(HttpHeaders.RETRY_AFTER);
735             if (header != null && header.getValue() != null) {
736                 String headerValue = header.getValue();
737                 if (headerValue.contains(":")) { // is date when to retry
738                     Date when = DateUtils.parseDate(headerValue); // presumably future
739                     if (when != null) {
740                         result = Math.max(when.getTime() - System.currentTimeMillis(), 0L);
741                     }
742                 } else {
743                     try {
744                         result = Long.parseLong(headerValue) * 1000L; // is in seconds
745                     } catch (NumberFormatException e) {
746                         // fall through
747                     }
748                 }
749             }
750             if (result == null) {
751                 result = executionCount * this.retryInterval;
752             }
753             if (result > retryIntervalMax) {
754                 return null;
755             }
756             return result;
757         }
758 
759         @Override
760         public long getRetryInterval() {
761             Long ri = RETRY_INTERVAL_HOLDER.get();
762             if (ri == null) {
763                 return 0L;
764             }
765             RETRY_INTERVAL_HOLDER.remove();
766             return ri;
767         }
768     }
769 
770     static class ConcurrentAuthCache implements AuthCache {
771         private final ConcurrentHashMap<HttpHost, AuthScheme> map = new ConcurrentHashMap<>();
772 
773         @Override
774         public void put(HttpHost host, AuthScheme authScheme) {
775             if (host != null && authScheme != null) {
776                 map.put(host, authScheme);
777             }
778         }
779 
780         @Override
781         public AuthScheme get(HttpHost host) {
782             if (host == null) {
783                 return null;
784             }
785             return map.get(host);
786         }
787 
788         @Override
789         public void remove(HttpHost host) {
790             if (host != null) {
791                 map.remove(host);
792             }
793         }
794 
795         @Override
796         public void clear() {
797             map.clear();
798         }
799     }
800 }