1 /*
  2  * Copyright (c) 2019, 2023, Oracle and/or its affiliates. All rights reserved.
  3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  4  *
  5  * This code is free software; you can redistribute it and/or modify it
  6  * under the terms of the GNU General Public License version 2 only, as
  7  * published by the Free Software Foundation.
  8  *
  9  * This code is distributed in the hope that it will be useful, but WITHOUT
 10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 12  * version 2 for more details (a copy is included in the LICENSE file that
 13  * accompanied this code).
 14  *
 15  * You should have received a copy of the GNU General Public License version
 16  * 2 along with this work; if not, write to the Free Software Foundation,
 17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 18  *
 19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 20  * or visit www.oracle.com if you need additional information or have any
 21  * questions.
 22  */
 23 import com.sun.net.httpserver.HttpServer;
 24 import com.sun.net.httpserver.HttpsConfigurator;
 25 import com.sun.net.httpserver.HttpsServer;
 26 import jdk.test.lib.net.SimpleSSLContext;
 27 import org.testng.annotations.BeforeClass;
 28 import org.testng.annotations.AfterClass;
 29 import org.testng.annotations.DataProvider;
 30 import org.testng.annotations.Test;
 31 import static java.net.http.HttpClient.Version.HTTP_1_1;
 32 import static java.net.http.HttpClient.Version.HTTP_2;
 33 import static org.testng.Assert.*;
 34 
 35 import javax.net.ssl.SSLContext;
 36 import java.io.IOException;
 37 import java.io.InputStream;
 38 import java.io.OutputStream;
 39 import java.net.InetAddress;
 40 import java.net.InetSocketAddress;
 41 import java.net.Proxy;
 42 import java.net.ProxySelector;
 43 import java.net.SocketAddress;
 44 import java.net.URI;
 45 import java.net.URISyntaxException;
 46 import java.net.http.HttpClient;
 47 import java.net.http.HttpRequest;
 48 import java.net.http.HttpResponse;
 49 import java.nio.charset.StandardCharsets;
 50 import java.util.List;
 51 import java.util.Map;
 52 import java.util.Random;
 53 import java.util.Set;
 54 import java.util.concurrent.CompletableFuture;
 55 import java.util.concurrent.CopyOnWriteArrayList;
 56 import java.util.concurrent.CopyOnWriteArraySet;
 57 import java.util.concurrent.ExecutorService;
 58 import java.util.concurrent.LinkedBlockingQueue;
 59 import java.util.concurrent.ThreadPoolExecutor;
 60 import java.util.concurrent.TimeUnit;
 61 import java.util.concurrent.atomic.AtomicLong;
 62 import jdk.httpclient.test.lib.common.HttpServerAdapters;
 63 import jdk.httpclient.test.lib.http2.Http2TestServer;
 64 
 65 /**
 66  * @test
 67  * @bug 8232625
 68  * @summary This test verifies that the HttpClient works correctly when redirecting a post request.
 69  * @library /test/lib /test/jdk/java/net/httpclient/lib
 70  * @build jdk.test.lib.net.SimpleSSLContext DigestEchoServer HttpRedirectTest
 71  *        jdk.httpclient.test.lib.common.HttpServerAdapters
 72  * @run testng/othervm -Dtest.requiresHost=true
 73  *                   -Djdk.httpclient.HttpClient.log=headers
 74  *                   -Djdk.internal.httpclient.debug=false
 75  *                   HttpRedirectTest
 76  *
 77  */
 78 public class HttpRedirectTest implements HttpServerAdapters {
 79     static final String GET_RESPONSE_BODY = "Lorem ipsum dolor sit amet";
 80     static final String REQUEST_BODY = "Here it goes";
 81     static final SSLContext context;
 82     static {
 83         try {
 84             context = new SimpleSSLContext().get();
 85             SSLContext.setDefault(context);
 86         } catch (Exception x) {
 87             throw new ExceptionInInitializerError(x);
 88         }
 89     }
 90 
 91     final AtomicLong requestCounter = new AtomicLong();
 92     final AtomicLong responseCounter = new AtomicLong();
 93     HttpTestServer http1Server;
 94     HttpTestServer http2Server;
 95     HttpTestServer https1Server;
 96     HttpTestServer https2Server;
 97     DigestEchoServer.TunnelingProxy proxy;
 98 
 99     URI http1URI;
100     URI https1URI;
101     URI http2URI;
102     URI https2URI;
103     InetSocketAddress proxyAddress;
104     ProxySelector proxySelector;
105     HttpClient client;
106     List<CompletableFuture<?>>  futures = new CopyOnWriteArrayList<>();
107     Set<URI> pending = new CopyOnWriteArraySet<>();
108 
109     final ExecutorService executor = new ThreadPoolExecutor(12, 60, 10,
110             TimeUnit.SECONDS, new LinkedBlockingQueue<>()); // Shared by HTTP/1.1 servers
111     final ExecutorService clientexec = new ThreadPoolExecutor(6, 12, 1,
112             TimeUnit.SECONDS, new LinkedBlockingQueue<>()); // Used by the client
113 
114     public HttpClient newHttpClient(ProxySelector ps) {
115         HttpClient.Builder builder = HttpClient
116                 .newBuilder()
117                 .sslContext(context)
118                 .executor(clientexec)
119                 .followRedirects(HttpClient.Redirect.ALWAYS)
120                 .proxy(ps);
121         return builder.build();
122     }
123 
124     @DataProvider(name="uris")
125     Object[][] testURIs() throws URISyntaxException {
126         List<URI> uris = List.of(
127                 http1URI.resolve("direct/orig/"),
128                 https1URI.resolve("direct/orig/"),
129                 https1URI.resolve("proxy/orig/"),
130                 http2URI.resolve("direct/orig/"),
131                 https2URI.resolve("direct/orig/"),
132                 https2URI.resolve("proxy/orig/"));
133         List<Map.Entry<Integer, String>> redirects = List.of(
134                 Map.entry(301, "GET"),
135                 Map.entry(308, "POST"),
136                 Map.entry(302, "GET"),
137                 Map.entry(303, "GET"),
138                 Map.entry(307, "POST"),
139                 Map.entry(300, "DO_NOT_FOLLOW"),
140                 Map.entry(304, "DO_NOT_FOLLOW"),
141                 Map.entry(305, "DO_NOT_FOLLOW"),
142                 Map.entry(306, "DO_NOT_FOLLOW"),
143                 Map.entry(309, "DO_NOT_FOLLOW"),
144                 Map.entry(new Random().nextInt(90) + 310, "DO_NOT_FOLLOW")
145         );
146         Object[][] tests = new Object[redirects.size() * uris.size()][3];
147         int count = 0;
148         for (int i=0; i < uris.size(); i++) {
149             URI u = uris.get(i);
150             for (int j=0; j < redirects.size() ; j++) {
151                 int code = redirects.get(j).getKey();
152                 String m = redirects.get(j).getValue();
153                 tests[count][0] = u.resolve(code +"/");
154                 tests[count][1] = code;
155                 tests[count][2] = m;
156                 count++;
157             }
158         }
159         return tests;
160     }
161 
162     @BeforeClass
163     public void setUp() throws Exception {
164         try {
165             InetSocketAddress sa = new InetSocketAddress(InetAddress.getLoopbackAddress(), 0);
166 
167             // HTTP/1.1
168             http1Server = HttpTestServer.create(HTTP_1_1, null, executor);
169             http1Server.addHandler(new HttpTestRedirectHandler("http", http1Server),
170                     "/HttpRedirectTest/http1/");
171             http1Server.start();
172             http1URI = new URI("http://" + http1Server.serverAuthority() + "/HttpRedirectTest/http1/");
173 
174 
175             // HTTPS/1.1
176             HttpsServer sserver1 = HttpsServer.create(sa, 100);
177             sserver1.setExecutor(executor);
178             sserver1.setHttpsConfigurator(new HttpsConfigurator(context));
179             https1Server = HttpTestServer.of(sserver1);
180             https1Server.addHandler(new HttpTestRedirectHandler("https", https1Server),
181                     "/HttpRedirectTest/https1/");
182             https1Server.start();
183             https1URI = new URI("https://" + https1Server.serverAuthority() + "/HttpRedirectTest/https1/");
184 
185             // HTTP/2.0
186             http2Server = HttpTestServer.create(HTTP_2);
187             http2Server.addHandler(new HttpTestRedirectHandler("http", http2Server),
188                     "/HttpRedirectTest/http2/");
189             http2Server.start();
190             http2URI = new URI("http://" + http2Server.serverAuthority() + "/HttpRedirectTest/http2/");
191 
192             // HTTPS/2.0
193             https2Server = HttpTestServer.create(HTTP_2, SSLContext.getDefault());
194             https2Server.addHandler(new HttpTestRedirectHandler("https", https2Server),
195                     "/HttpRedirectTest/https2/");
196             https2Server.start();
197             https2URI = new URI("https://" + https2Server.serverAuthority() + "/HttpRedirectTest/https2/");
198 
199             proxy = DigestEchoServer.createHttpsProxyTunnel(
200                     DigestEchoServer.HttpAuthSchemeType.NONE);
201             proxyAddress = proxy.getProxyAddress();
202             proxySelector = new HttpProxySelector(proxyAddress);
203             client = newHttpClient(proxySelector);
204             System.out.println("Setup: done");
205         } catch (Exception x) {
206             tearDown(); throw x;
207         } catch (Error e) {
208             tearDown(); throw e;
209         }
210     }
211 
212     private void testNonIdempotent(URI u, HttpRequest request,
213                                    int code, String method) throws Exception {
214         System.out.println("Testing with " + u);
215         CompletableFuture<HttpResponse<String>> respCf =
216                 client.sendAsync(request, HttpResponse.BodyHandlers.ofString());
217         HttpResponse<String> resp = respCf.join();
218         if (method.equals("DO_NOT_FOLLOW")) {
219             assertEquals(resp.statusCode(), code, u + ": status code");
220         } else {
221             assertEquals(resp.statusCode(), 200, u + ": status code");
222         }
223         if (method.equals("POST")) {
224             assertEquals(resp.body(), REQUEST_BODY, u + ": body");
225         } else if (code == 304) {
226             assertEquals(resp.body(), "", u + ": body");
227         } else if (method.equals("DO_NOT_FOLLOW")) {
228             assertNotEquals(resp.body(), GET_RESPONSE_BODY, u + ": body");
229             assertNotEquals(resp.body(), REQUEST_BODY, u + ": body");
230         } else {
231             assertEquals(resp.body(), GET_RESPONSE_BODY, u + ": body");
232         }
233     }
234 
235     public void testIdempotent(URI u, HttpRequest request,
236                                int code, String method) throws Exception {
237         CompletableFuture<HttpResponse<String>> respCf =
238                 client.sendAsync(request, HttpResponse.BodyHandlers.ofString());
239         HttpResponse<String> resp = respCf.join();
240         if (method.equals("DO_NOT_FOLLOW")) {
241             assertEquals(resp.statusCode(), code, u + ": status code");
242         } else {
243             assertEquals(resp.statusCode(), 200, u + ": status code");
244         }
245         if (method.equals("POST")) {
246             assertEquals(resp.body(), REQUEST_BODY, u + ": body");
247         } else if (code == 304) {
248             assertEquals(resp.body(), "", u + ": body");
249         } else if (method.equals("DO_NOT_FOLLOW")) {
250             assertNotEquals(resp.body(), GET_RESPONSE_BODY, u + ": body");
251             assertNotEquals(resp.body(), REQUEST_BODY, u + ": body");
252         } else if (code == 303) {
253             assertEquals(resp.body(), GET_RESPONSE_BODY, u + ": body");
254         } else {
255             assertEquals(resp.body(), REQUEST_BODY, u + ": body");
256         }
257     }
258 
259     @Test(dataProvider = "uris")
260     public void testPOST(URI uri, int code, String method) throws Exception {
261         URI u = uri.resolve("foo?n=" + requestCounter.incrementAndGet());
262         HttpRequest request = HttpRequest.newBuilder(u)
263                 .POST(HttpRequest.BodyPublishers.ofString(REQUEST_BODY)).build();
264         // POST is not considered idempotent.
265         testNonIdempotent(u, request, code, method);
266     }
267 
268     @Test(dataProvider = "uris")
269     public void testPUT(URI uri, int code, String method) throws Exception {
270         URI u = uri.resolve("foo?n=" + requestCounter.incrementAndGet());
271         System.out.println("Testing with " + u);
272         HttpRequest request = HttpRequest.newBuilder(u)
273                 .PUT(HttpRequest.BodyPublishers.ofString(REQUEST_BODY)).build();
274         // PUT is considered idempotent.
275         testIdempotent(u, request, code, method);
276     }
277 
278     @Test(dataProvider = "uris")
279     public void testFoo(URI uri, int code, String method) throws Exception {
280         URI u = uri.resolve("foo?n=" + requestCounter.incrementAndGet());
281         System.out.println("Testing with " + u);
282         HttpRequest request = HttpRequest.newBuilder(u)
283                 .method("FOO",
284                         HttpRequest.BodyPublishers.ofString(REQUEST_BODY)).build();
285         // FOO is considered idempotent.
286         testIdempotent(u, request, code, method);
287     }
288 
289     @Test(dataProvider = "uris")
290     public void testGet(URI uri, int code, String method) throws Exception {
291         URI u = uri.resolve("foo?n=" + requestCounter.incrementAndGet());
292         System.out.println("Testing with " + u);
293         HttpRequest request = HttpRequest.newBuilder(u)
294                 .method("GET",
295                         HttpRequest.BodyPublishers.ofString(REQUEST_BODY)).build();
296         CompletableFuture<HttpResponse<String>> respCf =
297                 client.sendAsync(request, HttpResponse.BodyHandlers.ofString());
298         HttpResponse<String> resp = respCf.join();
299         // body will be preserved except for 304 and 303: this is a GET.
300         if (method.equals("DO_NOT_FOLLOW")) {
301             assertEquals(resp.statusCode(), code, u + ": status code");
302         } else {
303             assertEquals(resp.statusCode(), 200, u + ": status code");
304         }
305         if (code == 304) {
306             assertEquals(resp.body(), "", u + ": body");
307         } else if (method.equals("DO_NOT_FOLLOW")) {
308             assertNotEquals(resp.body(), GET_RESPONSE_BODY, u + ": body");
309             assertNotEquals(resp.body(), REQUEST_BODY, u + ": body");
310         } else if (code == 303) {
311             assertEquals(resp.body(), GET_RESPONSE_BODY, u + ": body");
312         } else {
313             assertEquals(resp.body(), REQUEST_BODY, u + ": body");
314         }
315     }
316 
317     @AfterClass
318     public void tearDown() {
319         proxy = stop(proxy, DigestEchoServer.TunnelingProxy::stop);
320         http1Server = stop(http1Server, HttpTestServer::stop);
321         https1Server = stop(https1Server, HttpTestServer::stop);
322         http2Server = stop(http2Server, HttpTestServer::stop);
323         https2Server = stop(https2Server, HttpTestServer::stop);
324         client = null;
325         try {
326             executor.awaitTermination(2000, TimeUnit.MILLISECONDS);
327         } catch (Throwable x) {
328         } finally {
329             executor.shutdownNow();
330         }
331         try {
332             clientexec.awaitTermination(2000, TimeUnit.MILLISECONDS);
333         } catch (Throwable x) {
334         } finally {
335             clientexec.shutdownNow();
336         }
337         System.out.println("Teardown: done");
338     }
339 
340     private interface Stoppable<T> { public void stop(T service) throws Exception; }
341 
342     static <T>  T stop(T service, Stoppable<T> stop) {
343         try { if (service != null) stop.stop(service); } catch (Throwable x) { };
344         return null;
345     }
346 
347     static class HttpProxySelector extends ProxySelector {
348         private static final List<Proxy> NO_PROXY = List.of(Proxy.NO_PROXY);
349         private final List<Proxy> proxyList;
350         HttpProxySelector(InetSocketAddress proxyAddress) {
351             proxyList = List.of(new Proxy(Proxy.Type.HTTP, proxyAddress));
352         }
353 
354         @Override
355         public List<Proxy> select(URI uri) {
356             // our proxy only supports tunneling
357             if (uri.getScheme().equalsIgnoreCase("https")) {
358                 if (uri.getPath().contains("/proxy/")) {
359                     return proxyList;
360                 }
361             }
362             return NO_PROXY;
363         }
364 
365         @Override
366         public void connectFailed(URI uri, SocketAddress sa, IOException ioe) {
367             System.err.println("Connection to proxy failed: " + ioe);
368             System.err.println("Proxy: " + sa);
369             System.err.println("\tURI: " + uri);
370             ioe.printStackTrace();
371         }
372     }
373 
374     public static class HttpTestRedirectHandler implements HttpTestHandler {
375         static final AtomicLong respCounter = new AtomicLong();
376         final String scheme;
377         final HttpTestServer server;
378         HttpTestRedirectHandler(String scheme, HttpTestServer server) {
379             this.scheme = scheme;
380             this.server = server;
381         }
382 
383         @Override
384         public void handle(HttpTestExchange t) throws IOException {
385             try (InputStream is = t.getRequestBody()) {
386                 byte[] bytes = is.readAllBytes();
387                 URI u = t.getRequestURI();
388                 long responseID = Long.parseLong(u.getQuery().substring(2));
389                 String path = u.getPath();
390                 int i = path.lastIndexOf('/');
391                 String file = path.substring(i+1);
392                 String parent =  path.substring(0, i);
393                 int code = 200;
394                 if (file.equals("foo")) {
395                     i = parent.lastIndexOf("/");
396                     code = Integer.parseInt(parent.substring(i+1));
397                 }
398                 String response;
399                 if (code == 200) {
400                     if (t.getRequestMethod().equals("GET")) {
401                         if (bytes.length == 0) {
402                             response = GET_RESPONSE_BODY;
403                         } else {
404                             response = new String(bytes, StandardCharsets.UTF_8);
405                         }
406                     } else if (t.getRequestMethod().equals("POST")) {
407                         response = new String(bytes, StandardCharsets.UTF_8);
408                     } else {
409                         response = new String(bytes, StandardCharsets.UTF_8);
410                     }
411                 } else if (code < 300 || code > 399) {
412                     response = "Unexpected code: " + code;
413                     code = 400;
414                 } else {
415                     try {
416                         URI reloc = new URI(scheme, server.serverAuthority(), parent + "/bar", u.getQuery(), null);
417                         t.getResponseHeaders().addHeader("Location", reloc.toASCIIString());
418                         if (code != 304) {
419                             response = "Code: " + code;
420                         } else response = null;
421                     } catch (URISyntaxException x) {
422                         x.printStackTrace();
423                         x.printStackTrace(System.out);
424                         code = 400;
425                         response = x.toString();
426                     }
427                 }
428 
429                 System.out.println("Server " + t.getRequestURI() + " sending response " + responseID);
430                 System.out.println("code: " + code + " body: " + response);
431                 t.sendResponseHeaders(code, code == 304 ? 0: -1);
432                 if (code != 304) {
433                     try (OutputStream os = t.getResponseBody()) {
434                         bytes = response.getBytes(StandardCharsets.UTF_8);
435                         os.write(bytes);
436                         os.flush();
437                     }
438                 } else {
439                     bytes = new byte[0];
440                 }
441 
442                 System.out.println("\tresp:" + responseID + ": wrote " + bytes.length + " bytes");
443             } catch (Throwable e) {
444                 e.printStackTrace();
445                 e.printStackTrace(System.out);
446                 throw e;
447             }
448         }
449     }
450 
451 }