From 0ebf04dca1b5118833a04c1a610b4ae6a9ad8def Mon Sep 17 00:00:00 2001 From: Ray Chen Date: Tue, 4 Jan 2022 08:17:15 +0800 Subject: [PATCH 1/8] Auth tests --- requests/test/src/requests/RequestTests.scala | 33 +++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/requests/test/src/requests/RequestTests.scala b/requests/test/src/requests/RequestTests.scala index 98b94b4..26cd2e6 100644 --- a/requests/test/src/requests/RequestTests.scala +++ b/requests/test/src/requests/RequestTests.scala @@ -207,6 +207,39 @@ object RequestTests extends TestSuite{ } } } + test("auth"){ + test("basicAuth"){ + val (username, password) = ("foo", "bar") + val rawCreds = s"$username:$password" + val encodedCreds = java.util.Base64.getEncoder.encodeToString(rawCreds.getBytes()) + val auth = new RequestAuth.Basic(username, password) + + val res = requests.get("https://httpbin.org/headers", auth=auth).text() + val hs = read(res)("headers").obj + + assert(hs("Authorization").str == s"Basic $encodedCreds") + } + test("bearerAuth"){ + val token = "foobar" + val auth = new RequestAuth.Bearer(token) + + val res = requests.get("https://httpbin.org/headers", auth=auth).text() + val hs = read(res)("headers").obj + + assert(hs("Authorization").str == s"Bearer $token") + } + test("proxyAuth"){ + val (username, password) = ("foo", "bar") + val rawCreds = s"$username:$password" + val encodedCreds = java.util.Base64.getEncoder.encodeToString(rawCreds.getBytes()) + val auth = new RequestAuth.Proxy(username, password) + + val res = requests.get("https://httpbin.org/headers", auth=auth).text() + val hs = read(res)("headers").obj + + assert(hs("Proxy-Authorization").str == s"Basic $encodedCreds") + } + } test("clientCertificate"){ val base = "./requests/test/resources" val url = "https://client.badssl.com" From 3a8b84cec75e2bf045f7dbae09cbb34239e1cd67 Mon Sep 17 00:00:00 2001 From: Ray Chen Date: Tue, 4 Jan 2022 08:33:18 +0800 Subject: [PATCH 2/8] Update proxyAuth test case; looks like most httpbin-like services don't echo the Proxy-Authorization header back (which is expectedly in-line with the specs) --- requests/test/src/requests/RequestTests.scala | 24 ++++++++++++------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/requests/test/src/requests/RequestTests.scala b/requests/test/src/requests/RequestTests.scala index 26cd2e6..f1ad2f4 100644 --- a/requests/test/src/requests/RequestTests.scala +++ b/requests/test/src/requests/RequestTests.scala @@ -229,15 +229,21 @@ object RequestTests extends TestSuite{ assert(hs("Authorization").str == s"Bearer $token") } test("proxyAuth"){ - val (username, password) = ("foo", "bar") - val rawCreds = s"$username:$password" - val encodedCreds = java.util.Base64.getEncoder.encodeToString(rawCreds.getBytes()) - val auth = new RequestAuth.Proxy(username, password) - - val res = requests.get("https://httpbin.org/headers", auth=auth).text() - val hs = read(res)("headers").obj - - assert(hs("Proxy-Authorization").str == s"Basic $encodedCreds") + // @TODO Need a service that echos the Proxy-Authorization header back. + // + // From RFC: "Unlike Authorization, the Proxy-Authorization header field + // applies only to the next inbound proxy that demanded authentication + // using the Proxy-Authenticate field." [0] + // + // [0] https://tools.ietf.org/html/rfc7235#section-4.4 + // + // val (username, password) = ("foo", "bar") + // val rawCreds = s"$username:$password" + // val encodedCreds = java.util.Base64.getEncoder.encodeToString(rawCreds.getBytes()) + // val auth = new RequestAuth.Proxy(username, password) + // val res = requests.get("http://localhost:8881", auth=auth).text() + // val hs = read(res)("headers").obj + // assert(hs("Proxy-Authorization").str == s"Basic $encodedCreds") } } test("clientCertificate"){ From 5d2bff630722b5b6172e5f8c37122d8b2e7a66d0 Mon Sep 17 00:00:00 2001 From: Ray Chen Date: Tue, 4 Jan 2022 08:33:45 +0800 Subject: [PATCH 3/8] auth: Allow adjustment of header key dynamically --- requests/src/requests/Model.scala | 10 +++++----- requests/src/requests/Requester.scala | 12 +++++++++++- 2 files changed, 16 insertions(+), 6 deletions(-) diff --git a/requests/src/requests/Model.scala b/requests/src/requests/Model.scala index 797500c..92190ac 100644 --- a/requests/src/requests/Model.scala +++ b/requests/src/requests/Model.scala @@ -237,22 +237,22 @@ case class StreamHeaders(url: String, * auth and Proxy auth are supported */ trait RequestAuth{ - def header: Option[String] + def credentials: Option[String] } object RequestAuth{ object Empty extends RequestAuth{ - def header = None + def credentials = None } implicit def implicitBasic(x: (String, String)): Basic = new Basic(x._1, x._2) class Basic(username: String, password: String) extends RequestAuth{ - def header = Some("Basic " + java.util.Base64.getEncoder.encodeToString((username + ":" + password).getBytes())) + def credentials = Some("Basic " + java.util.Base64.getEncoder.encodeToString((username + ":" + password).getBytes())) } case class Proxy(username: String, password: String) extends RequestAuth{ - def header = Some("Proxy-Authorization " + java.util.Base64.getEncoder.encodeToString((username + ":" + password).getBytes())) + def credentials = Some("Basic " + java.util.Base64.getEncoder.encodeToString((username + ":" + password).getBytes())) } case class Bearer(token: String) extends RequestAuth { - def header = Some(s"Bearer $token") + def credentials = Some(s"Bearer $token") } } diff --git a/requests/src/requests/Requester.scala b/requests/src/requests/Requester.scala index 54f345a..a63a026 100644 --- a/requests/src/requests/Requester.scala +++ b/requests/src/requests/Requester.scala @@ -230,7 +230,17 @@ case class Requester(verb: String, for((k, v) <- compress.headers) connection.setRequestProperty(k, v) connection.setReadTimeout(readTimeout) - auth.header.foreach(connection.setRequestProperty("Authorization", _)) + + auth match { + case basic: RequestAuth.Basic => + connection.setRequestProperty("Authorization", basic.credentials.get) + case bearer: RequestAuth.Bearer => + connection.setRequestProperty("Authorization", bearer.credentials.get) + case proxy: RequestAuth.Proxy => + connection.setRequestProperty("Proxy-Authorization", proxy.credentials.get) + case RequestAuth.Empty => + } + connection.setConnectTimeout(connectTimeout) connection.setUseCaches(false) connection.setDoOutput(true) From 6a6216d633205e2578865e639c931dfe41d1c049 Mon Sep 17 00:00:00 2001 From: Ray Chen Date: Sun, 9 Jan 2022 13:28:29 +0800 Subject: [PATCH 4/8] Use proxyAuth param instead --- requests/src/requests/Model.scala | 14 ++++----- requests/src/requests/Requester.scala | 42 ++++++++++++++++----------- requests/src/requests/Session.scala | 2 ++ requests/src/requests/package.scala | 2 ++ 4 files changed, 35 insertions(+), 25 deletions(-) diff --git a/requests/src/requests/Model.scala b/requests/src/requests/Model.scala index 92190ac..1a12471 100644 --- a/requests/src/requests/Model.scala +++ b/requests/src/requests/Model.scala @@ -51,6 +51,7 @@ case class Request(url: String, readTimeout: Int = 0, connectTimeout: Int = 0, proxy: (String, Int) = null, + proxyAuth: (String, String) = null, cert: Cert = null, sslContext: SSLContext = null, cookies: Map[String, HttpCookie] = Map(), @@ -234,25 +235,22 @@ case class StreamHeaders(url: String, } /** * Different ways you can authorize a HTTP request; by default, HTTP Basic - * auth and Proxy auth are supported + * and Bearer auth are supported */ trait RequestAuth{ - def credentials: Option[String] + def header: Option[String] } object RequestAuth{ object Empty extends RequestAuth{ - def credentials = None + def header = None } implicit def implicitBasic(x: (String, String)): Basic = new Basic(x._1, x._2) class Basic(username: String, password: String) extends RequestAuth{ - def credentials = Some("Basic " + java.util.Base64.getEncoder.encodeToString((username + ":" + password).getBytes())) - } - case class Proxy(username: String, password: String) extends RequestAuth{ - def credentials = Some("Basic " + java.util.Base64.getEncoder.encodeToString((username + ":" + password).getBytes())) + def header = Some("Basic " + java.util.Base64.getEncoder.encodeToString((username + ":" + password).getBytes())) } case class Bearer(token: String) extends RequestAuth { - def credentials = Some(s"Bearer $token") + def header = Some(s"Bearer $token") } } diff --git a/requests/src/requests/Requester.scala b/requests/src/requests/Requester.scala index a63a026..7f4f126 100644 --- a/requests/src/requests/Requester.scala +++ b/requests/src/requests/Requester.scala @@ -15,6 +15,7 @@ trait BaseSession{ def connectTimeout: Int def auth: RequestAuth def proxy: (String, Int) + def proxyAuth: (String, String) def cert: Cert def sslContext: SSLContext def maxRedirects: Int @@ -72,7 +73,8 @@ case class Requester(verb: String, * or MultiPart form data. * @param readTimeout How long to wait for data to be read before timing out * @param connectTimeout How long to wait for a connection before timing out - * @param proxy Host and port of a proxy you want to use + * @param proxy Host, port of HTTP proxy to use + * @param proxyAuth (Username, Password) authentication for HTTP proxy * @param cert Client certificate configuration * @param sslContext Client sslContext configuration * @param cookies Custom cookies to send up with this request @@ -90,6 +92,7 @@ case class Requester(verb: String, readTimeout: Int = sess.readTimeout, connectTimeout: Int = sess.connectTimeout, proxy: (String, Int) = sess.proxy, + proxyAuth: (String, String) = sess.proxyAuth, cert: Cert = sess.cert, sslContext: SSLContext = sess.sslContext, cookies: Map[String, HttpCookie] = Map(), @@ -106,9 +109,9 @@ case class Requester(verb: String, var streamHeaders: StreamHeaders = null val w = stream( url, auth, params, data.headers, headers, data, readTimeout, - connectTimeout, proxy, cert, sslContext, cookies, cookieValues, maxRedirects, - verifySslCerts, autoDecompress, compress, keepAlive, check, chunkedUpload, - onHeadersReceived = sh => streamHeaders = sh + connectTimeout, proxy, proxyAuth, cert, sslContext, cookies, cookieValues, + maxRedirects, verifySslCerts, autoDecompress, compress, keepAlive, check, + chunkedUpload, onHeadersReceived = sh => streamHeaders = sh ) w.writeBytesTo(out) @@ -150,6 +153,7 @@ case class Requester(verb: String, readTimeout: Int = sess.readTimeout, connectTimeout: Int = sess.connectTimeout, proxy: (String, Int) = sess.proxy, + proxyAuth: (String, String) = sess.proxyAuth, cert: Cert = sess.cert, sslContext: SSLContext = sess.sslContext, cookies: Map[String, HttpCookie] = Map(), @@ -185,6 +189,17 @@ case class Requester(verb: String, java.net.Proxy.Type.HTTP, new InetSocketAddress(ip, port) ) url1.openConnection(p) + + // Apply auth headers, if any + if (proxyAuth != null) { + // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Proxy-Authorization + // @TODO This should support other auth types (digest, etc.) + val (proxyUser, proxyPass) = proxyAuth + connection.setRequestProperty( + "Proxy-Authorization", + "Basic " + java.util.Base64.getEncoder.encodeToString((proxyUser + ":" + proxyPass).getBytes()) + ) + } } connection = conn match{ @@ -231,16 +246,7 @@ case class Requester(verb: String, connection.setReadTimeout(readTimeout) - auth match { - case basic: RequestAuth.Basic => - connection.setRequestProperty("Authorization", basic.credentials.get) - case bearer: RequestAuth.Bearer => - connection.setRequestProperty("Authorization", bearer.credentials.get) - case proxy: RequestAuth.Proxy => - connection.setRequestProperty("Proxy-Authorization", proxy.credentials.get) - case RequestAuth.Empty => - } - + auth.header.foreach(connection.setRequestProperty("Authorization", _)) connection.setConnectTimeout(connectTimeout) connection.setUseCaches(false) connection.setDoOutput(true) @@ -319,9 +325,9 @@ case class Requester(verb: String, val newUrl = current.headers("location").head stream( new java.net.URL(url1, newUrl).toString, auth, params, blobHeaders, - headers, data, readTimeout, connectTimeout, proxy, cert, sslContext, cookies, - cookieValues, maxRedirects - 1, verifySslCerts, autoDecompress, - compress, keepAlive, check, chunkedUpload, Some(current), + headers, data, readTimeout, connectTimeout, proxy, proxyAuth, cert, + sslContext, cookies, cookieValues, maxRedirects - 1, verifySslCerts, + autoDecompress, compress, keepAlive, check, chunkedUpload, Some(current), onHeadersReceived ).readBytesThrough(f) }else{ @@ -389,6 +395,7 @@ case class Requester(verb: String, r.readTimeout, r.connectTimeout, r.proxy, + r.proxyAuth, r.cert, r.sslContext, r.cookies, @@ -418,6 +425,7 @@ case class Requester(verb: String, r.readTimeout, r.connectTimeout, r.proxy, + r.proxyAuth, r.cert, r.sslContext, r.cookies, diff --git a/requests/src/requests/Session.scala b/requests/src/requests/Session.scala index e1b4633..c9c602f 100644 --- a/requests/src/requests/Session.scala +++ b/requests/src/requests/Session.scala @@ -16,6 +16,7 @@ import scala.collection.mutable * @param readTimeout How long to wait for data to be read before timing out * @param connectTimeout How long to wait for a connection before timing out * @param proxy Host and port of a proxy you want to use + * @param proxyAuth Username and password of HTTP proxy * @param cookies Custom cookies to send up with this request * @param maxRedirects How many redirects to automatically resolve; defaults to 5. * You can also set it to 0 to prevent Requests from resolving @@ -27,6 +28,7 @@ case class Session(headers: Map[String, String] = BaseSession.defaultHeaders, cookies: mutable.Map[String, HttpCookie] = mutable.LinkedHashMap.empty[String, HttpCookie], auth: RequestAuth = RequestAuth.Empty, proxy: (String, Int) = null, + proxyAuth: (String, String) = null, cert: Cert = null, sslContext: SSLContext = null, persistCookies: Boolean = true, diff --git a/requests/src/requests/package.scala b/requests/src/requests/package.scala index 655f5b0..cc13813 100644 --- a/requests/src/requests/package.scala +++ b/requests/src/requests/package.scala @@ -13,6 +13,8 @@ package object requests extends _root_.requests.BaseSession { def proxy = null + def proxyAuth = null + def cert: Cert = null def sslContext: SSLContext = null From 6c7e2f5ef08b3132d786446b02afbcb083b4aa90 Mon Sep 17 00:00:00 2001 From: Ray Chen Date: Sun, 9 Jan 2022 13:29:37 +0800 Subject: [PATCH 5/8] Remove old tests --- requests/test/src/requests/RequestTests.scala | 17 ----------------- 1 file changed, 17 deletions(-) diff --git a/requests/test/src/requests/RequestTests.scala b/requests/test/src/requests/RequestTests.scala index f1ad2f4..2dcc375 100644 --- a/requests/test/src/requests/RequestTests.scala +++ b/requests/test/src/requests/RequestTests.scala @@ -228,23 +228,6 @@ object RequestTests extends TestSuite{ assert(hs("Authorization").str == s"Bearer $token") } - test("proxyAuth"){ - // @TODO Need a service that echos the Proxy-Authorization header back. - // - // From RFC: "Unlike Authorization, the Proxy-Authorization header field - // applies only to the next inbound proxy that demanded authentication - // using the Proxy-Authenticate field." [0] - // - // [0] https://tools.ietf.org/html/rfc7235#section-4.4 - // - // val (username, password) = ("foo", "bar") - // val rawCreds = s"$username:$password" - // val encodedCreds = java.util.Base64.getEncoder.encodeToString(rawCreds.getBytes()) - // val auth = new RequestAuth.Proxy(username, password) - // val res = requests.get("http://localhost:8881", auth=auth).text() - // val hs = read(res)("headers").obj - // assert(hs("Proxy-Authorization").str == s"Basic $encodedCreds") - } } test("clientCertificate"){ val base = "./requests/test/resources" From 76493ac8b988f3a746a45a019e1c1d6caf074c77 Mon Sep 17 00:00:00 2001 From: Ray Chen Date: Sun, 9 Jan 2022 13:30:09 +0800 Subject: [PATCH 6/8] Clean up tests --- requests/test/src/requests/RequestTests.scala | 22 ------------------- 1 file changed, 22 deletions(-) diff --git a/requests/test/src/requests/RequestTests.scala b/requests/test/src/requests/RequestTests.scala index 2dcc375..98b94b4 100644 --- a/requests/test/src/requests/RequestTests.scala +++ b/requests/test/src/requests/RequestTests.scala @@ -207,28 +207,6 @@ object RequestTests extends TestSuite{ } } } - test("auth"){ - test("basicAuth"){ - val (username, password) = ("foo", "bar") - val rawCreds = s"$username:$password" - val encodedCreds = java.util.Base64.getEncoder.encodeToString(rawCreds.getBytes()) - val auth = new RequestAuth.Basic(username, password) - - val res = requests.get("https://httpbin.org/headers", auth=auth).text() - val hs = read(res)("headers").obj - - assert(hs("Authorization").str == s"Basic $encodedCreds") - } - test("bearerAuth"){ - val token = "foobar" - val auth = new RequestAuth.Bearer(token) - - val res = requests.get("https://httpbin.org/headers", auth=auth).text() - val hs = read(res)("headers").obj - - assert(hs("Authorization").str == s"Bearer $token") - } - } test("clientCertificate"){ val base = "./requests/test/resources" val url = "https://client.badssl.com" From e60d22e48739540639f191155157b1ebd3c64456 Mon Sep 17 00:00:00 2001 From: Ray Chen Date: Sun, 9 Jan 2022 13:38:18 +0800 Subject: [PATCH 7/8] Add documentation on proxy usage --- readme.md | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/readme.md b/readme.md index eb5c577..5c8efef 100644 --- a/readme.md +++ b/readme.md @@ -37,6 +37,7 @@ For a hands-on introduction to this library, take a look at the following blog p - [Compression](#compression) - [Cookies](#cookies) - [Redirects](#redirects) + - [Proxies](#proxies) - [Client Side Certificates](#client-side-certificates) - [Sessions](#sessions) - [Why Requests-Scala?](#why-requests-scala) @@ -428,6 +429,36 @@ a linked list of `Response` objects until the earliest response has a value of `None`. You can crawl up this linked list if you want to inspect the headers or other metadata of the intermediate redirects that brought you to your final value. +### Proxies + +Usage of proxies is supported via the `proxy` parameter: +```scala +val proxyHost = "some.proxy.host" +val proxyPort = 8001 + +val r = requests.get( + "https://httpbin.org", + proxy=(proxyHost, proxyPort) +) +``` + +For proxies that requires username/password authentication, you can provide them +via `proxyAuth`: + +```scala +val proxyHost = "some.proxy.host" +val proxyPort = 8001 + +val proxyUsername = "foo" +val proxyPassword = "bar" + +val r = requests.get( + "https://httpbin.org", + proxy=(proxyHost, proxyPort), + proxyAuth=(proxyUsername, proxyPassword) +) +``` + ### Client Side Certificates To use client certificate you need a PKCS 12 archive with private key and certificate. From 0308e10e30b56f69669c4b5c33d354c888faf953 Mon Sep 17 00:00:00 2001 From: Ray Chen Date: Sun, 9 Jan 2022 14:54:24 +0800 Subject: [PATCH 8/8] Move block & tweak null-checks --- requests/src/requests/Requester.scala | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/requests/src/requests/Requester.scala b/requests/src/requests/Requester.scala index 7f4f126..7e8126f 100644 --- a/requests/src/requests/Requester.scala +++ b/requests/src/requests/Requester.scala @@ -189,17 +189,6 @@ case class Requester(verb: String, java.net.Proxy.Type.HTTP, new InetSocketAddress(ip, port) ) url1.openConnection(p) - - // Apply auth headers, if any - if (proxyAuth != null) { - // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Proxy-Authorization - // @TODO This should support other auth types (digest, etc.) - val (proxyUser, proxyPass) = proxyAuth - connection.setRequestProperty( - "Proxy-Authorization", - "Basic " + java.util.Base64.getEncoder.encodeToString((proxyUser + ":" + proxyPass).getBytes()) - ) - } } connection = conn match{ @@ -246,6 +235,17 @@ case class Requester(verb: String, connection.setReadTimeout(readTimeout) + // Apply proxy auth headers, if any + if (proxy != null && proxyAuth != null) { + // @TODO This should support other auth types (digest, etc.) + // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Proxy-Authorization + val (proxyUser, proxyPass) = proxyAuth + connection.setRequestProperty( + "Proxy-Authorization", + "Basic " + java.util.Base64.getEncoder.encodeToString((proxyUser + ":" + proxyPass).getBytes()) + ) + } + auth.header.foreach(connection.setRequestProperty("Authorization", _)) connection.setConnectTimeout(connectTimeout) connection.setUseCaches(false)