Add tests for Classic client using the Subject from the Security Context

Author: stoty

httpclient5-testing/src/test/java/org/apache/hc/client5/testing/compatibility/ApacheHTTPDSquidCompatibilityIT.java

@@ -135,6 +135,7 @@ public ClassicDirectHttpPw() throws Exception {
             super(targetContainerHost(),
                 new UsernamePasswordCredentials("testuser", "nopassword".toCharArray()),
                 null,
+                null,
                 null);
         }
 
@@ -148,7 +149,8 @@ public ClassicDirectHttpSpnego() throws Exception {
             super(targetContainerHost(),
                 SpnegoTestUtil.createCredentials(spnegoSubject),
                 null,
-                null);
+                null,
+                spnegoSubject);
         }
 
     }
@@ -161,6 +163,7 @@ public ClassicViaProxyHttp() throws Exception {
             super(targetInternalHost(),
                 new UsernamePasswordCredentials("testuser", "nopassword".toCharArray()),
                 proxyContainerHost(),
+                null,
                 null);
         }
 
@@ -174,6 +177,7 @@ public ClassicDirectHttpTlsPw() throws Exception {
             super(targetContainerTlsHost(),
                 new UsernamePasswordCredentials("testuser", "nopassword".toCharArray()),
                 null,
+                null,
                 null);
         }
 
@@ -187,7 +191,8 @@ public ClassicDirectHttpTlsSpnego() throws Exception {
             super(targetContainerTlsHost(),
                 SpnegoTestUtil.createCredentials(spnegoSubject),
                 null,
-                null);
+                null,
+                spnegoSubject);
         }
 
     }
@@ -200,6 +205,7 @@ public ClassicViaProxyHttpTls() throws Exception {
             super(targetInternalTlsHost(),
                 new UsernamePasswordCredentials("testuser", "nopassword".toCharArray()),
                 proxyContainerHost(),
+                null,
                 null);
         }
 
@@ -213,7 +219,8 @@ public ClassicViaPwProtectedProxyHttpTls() throws Exception {
             super(targetInternalTlsHost(),
                 new UsernamePasswordCredentials("testuser", "nopassword".toCharArray()),
                 proxyAuthenticatedContainerHost(),
-                new UsernamePasswordCredentials("squid", "nopassword".toCharArray()));
+                new UsernamePasswordCredentials("squid", "nopassword".toCharArray()),
+                null);
         }
 
     }
@@ -226,7 +233,8 @@ public ClassicViaSpnegoProtectedProxyHttpTls() throws Exception {
             super(targetInternalTlsHost(),
                 new UsernamePasswordCredentials("testuser", "nopassword".toCharArray()),
                 proxyAuthenticatedContainerHost(),
-                SpnegoTestUtil.createCredentials(spnegoSubject));
+                SpnegoTestUtil.createCredentials(spnegoSubject),
+                null);
         }
 
     }

httpclient5-testing/src/test/java/org/apache/hc/client5/testing/compatibility/sync/HttpClientCompatibilityTest.java

@@ -27,6 +27,10 @@
 package org.apache.hc.client5.testing.compatibility.sync;
 
 
+import static org.junit.jupiter.api.Assumptions.assumeFalse;
+
+import javax.security.auth.Subject;
+
 import org.apache.hc.client5.http.ContextBuilder;
 import org.apache.hc.client5.http.auth.AuthScope;
 import org.apache.hc.client5.http.auth.Credentials;
@@ -41,6 +45,7 @@
 import org.apache.hc.client5.testing.compatibility.spnego.SpnegoAuthenticationStrategy;
 import org.apache.hc.client5.testing.compatibility.spnego.SpnegoTestUtil;
 import org.apache.hc.client5.testing.extension.sync.HttpClientResource;
+import org.apache.hc.client5.testing.util.SecurityUtils;
 import org.apache.hc.core5.http.ClassicHttpRequest;
 import org.apache.hc.core5.http.ClassicHttpResponse;
 import org.apache.hc.core5.http.HttpHeaders;
@@ -59,16 +64,18 @@ public abstract class HttpClientCompatibilityTest {
     private final HttpClientResource clientResource;
     private final CredentialsStore credentialsProvider;
     private final Credentials targetCreds;
+    private Subject callAs;
     private String secretPath = "/private/big-secret.txt";
 
-    public HttpClientCompatibilityTest(final HttpHost target, final Credentials targetCreds, final HttpHost proxy, final Credentials proxyCreds) throws Exception {
+    public HttpClientCompatibilityTest(final HttpHost target, final Credentials targetCreds, final HttpHost proxy, final Credentials proxyCreds, final Subject callAs) throws Exception {
         this.target = target;
         this.targetCreds = targetCreds;
+        this.callAs = callAs;
         this.credentialsProvider = new BasicCredentialsProvider();
         this.clientResource = new HttpClientResource();
-        if (targetCreds != null) {
+        if (targetCreds != null || callAs != null) {
             //this.setCredentials(new AuthScope(target), targetCreds);
-            if (targetCreds instanceof GssCredentials) {
+            if (targetCreds instanceof GssCredentials || callAs != null) {
                 secretPath = "/private_spnego/big-secret.txt";
                 this.clientResource.configure(builder -> builder
                     .setTargetAuthenticationStrategy(new SpnegoAuthenticationStrategy())
@@ -183,6 +190,19 @@ void test_wrong_target_credentials() throws Exception {
     void test_correct_target_credentials() throws Exception {
         setCredentials(
                 new AuthScope(target), targetCreds);
+        test_correct_target_credentials_int();
+    }
+
+    @Test
+    void test_correct_target_credentials_call_as() throws Exception {
+        assumeFalse(callAs == null);
+        SecurityUtils.callAs(callAs, () -> {
+         test_correct_target_credentials_int();
+         return 0;
+        });
+    }
+
+    private void test_correct_target_credentials_int() throws Exception {
         final CloseableHttpClient client = client();
         final HttpClientContext context = context();
 
@@ -197,6 +217,19 @@ void test_correct_target_credentials() throws Exception {
     void test_correct_target_credentials_no_keep_alive() throws Exception {
         setCredentials(
                 new AuthScope(target), targetCreds);
+        test_correct_target_credentials_no_keep_alive_int();
+    }
+
+    @Test
+    void test_correct_target_credentials_no_keep_alive_call_as() throws Exception {
+        assumeFalse(callAs == null);
+        SecurityUtils.callAs(callAs, () -> {
+         test_correct_target_credentials_int();
+         return 0;
+        });
+    }
+
+    private void test_correct_target_credentials_no_keep_alive_int() throws Exception {
         final CloseableHttpClient client = client();
         final HttpClientContext context = context();
 
@@ -208,5 +241,4 @@ void test_correct_target_credentials_no_keep_alive() throws Exception {
             EntityUtils.consume(response.getEntity());
         }
     }
-
 }