1 /*
  2  * Copyright (c) 2019, 2023, Oracle and/or its affiliates. All rights reserved.
  3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  4  *
  5  * This code is free software; you can redistribute it and/or modify it
  6  * under the terms of the GNU General Public License version 2 only, as
  7  * published by the Free Software Foundation.
  8  *
  9  * This code is distributed in the hope that it will be useful, but WITHOUT
 10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 12  * version 2 for more details (a copy is included in the LICENSE file that
 13  * accompanied this code).
 14  *
 15  * You should have received a copy of the GNU General Public License version
 16  * 2 along with this work; if not, write to the Free Software Foundation,
 17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 18  *
 19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 20  * or visit www.oracle.com if you need additional information or have any
 21  * questions.
 22  */
 23 import com.sun.net.httpserver.HttpsServer;
 24 import jdk.httpclient.test.lib.common.TestServerConfigurator;
 25 import jdk.test.lib.net.SimpleSSLContext;
 26 import org.testng.annotations.BeforeClass;
 27 import org.testng.annotations.AfterClass;
 28 import org.testng.annotations.DataProvider;
 29 import org.testng.annotations.Test;
 30 import static java.net.http.HttpClient.Version.HTTP_1_1;
 31 import static java.net.http.HttpClient.Version.HTTP_2;
 32 import static org.testng.Assert.*;
 33 
 34 import javax.net.ssl.SSLContext;
 35 import java.io.IOException;
 36 import java.io.InputStream;
 37 import java.io.OutputStream;
 38 import java.net.InetAddress;
 39 import java.net.InetSocketAddress;
 40 import java.net.Proxy;
 41 import java.net.ProxySelector;
 42 import java.net.SocketAddress;
 43 import java.net.URI;
 44 import java.net.URISyntaxException;
 45 import java.net.http.HttpClient;
 46 import java.net.http.HttpRequest;
 47 import java.net.http.HttpResponse;
 48 import java.nio.charset.StandardCharsets;
 49 import java.util.List;
 50 import java.util.Map;
 51 import java.util.Random;
 52 import java.util.Set;
 53 import java.util.concurrent.CompletableFuture;
 54 import java.util.concurrent.CopyOnWriteArrayList;
 55 import java.util.concurrent.CopyOnWriteArraySet;
 56 import java.util.concurrent.ExecutorService;
 57 import java.util.concurrent.LinkedBlockingQueue;
 58 import java.util.concurrent.ThreadPoolExecutor;
 59 import java.util.concurrent.TimeUnit;
 60 import java.util.concurrent.atomic.AtomicLong;
 61 import jdk.httpclient.test.lib.common.HttpServerAdapters;
 62 
 63 /**
 64  * @test
 65  * @bug 8232625
 66  * @summary This test verifies that the HttpClient works correctly when redirecting a post request.
 67  * @library /test/lib /test/jdk/java/net/httpclient/lib
 68  * @build jdk.test.lib.net.SimpleSSLContext DigestEchoServer HttpRedirectTest
 69  *        jdk.httpclient.test.lib.common.HttpServerAdapters
 70  *        jdk.httpclient.test.lib.common.TestServerConfigurator
 71  * @run testng/othervm -Dtest.requiresHost=true
 72  *                   -Djdk.httpclient.HttpClient.log=headers
 73  *                   -Djdk.internal.httpclient.debug=false
 74  *                   HttpRedirectTest
 75  *
 76  */
 77 public class HttpRedirectTest implements HttpServerAdapters {
 78     static final String GET_RESPONSE_BODY = "Lorem ipsum dolor sit amet";
 79     static final String REQUEST_BODY = "Here it goes";
 80     static final SSLContext context;
 81     static {
 82         try {
 83             context = new SimpleSSLContext().get();
 84             SSLContext.setDefault(context);
 85         } catch (Exception x) {
 86             throw new ExceptionInInitializerError(x);
 87         }
 88     }
 89 
 90     final AtomicLong requestCounter = new AtomicLong();
 91     final AtomicLong responseCounter = new AtomicLong();
 92     HttpTestServer http1Server;
 93     HttpTestServer http2Server;
 94     HttpTestServer https1Server;
 95     HttpTestServer https2Server;
 96     DigestEchoServer.TunnelingProxy proxy;
 97 
 98     URI http1URI;
 99     URI https1URI;
100     URI http2URI;
101     URI https2URI;
102     InetSocketAddress proxyAddress;
103     ProxySelector proxySelector;
104     HttpClient client;
105     List<CompletableFuture<?>>  futures = new CopyOnWriteArrayList<>();
106     Set<URI> pending = new CopyOnWriteArraySet<>();
107 
108     final ExecutorService executor = new ThreadPoolExecutor(12, 60, 10,
109             TimeUnit.SECONDS, new LinkedBlockingQueue<>()); // Shared by HTTP/1.1 servers
110     final ExecutorService clientexec = new ThreadPoolExecutor(6, 12, 1,
111             TimeUnit.SECONDS, new LinkedBlockingQueue<>()); // Used by the client
112 
113     public HttpClient newHttpClient(ProxySelector ps) {
114         HttpClient.Builder builder = HttpClient
115                 .newBuilder()
116                 .sslContext(context)
117                 .executor(clientexec)
118                 .followRedirects(HttpClient.Redirect.ALWAYS)
119                 .proxy(ps);
120         return builder.build();
121     }
122 
123     @DataProvider(name="uris")
124     Object[][] testURIs() throws URISyntaxException {
125         List<URI> uris = List.of(
126                 http1URI.resolve("direct/orig/"),
127                 https1URI.resolve("direct/orig/"),
128                 https1URI.resolve("proxy/orig/"),
129                 http2URI.resolve("direct/orig/"),
130                 https2URI.resolve("direct/orig/"),
131                 https2URI.resolve("proxy/orig/"));
132         List<Map.Entry<Integer, String>> redirects = List.of(
133                 Map.entry(301, "GET"),
134                 Map.entry(308, "POST"),
135                 Map.entry(302, "GET"),
136                 Map.entry(303, "GET"),
137                 Map.entry(307, "POST"),
138                 Map.entry(300, "DO_NOT_FOLLOW"),
139                 Map.entry(304, "DO_NOT_FOLLOW"),
140                 Map.entry(305, "DO_NOT_FOLLOW"),
141                 Map.entry(306, "DO_NOT_FOLLOW"),
142                 Map.entry(309, "DO_NOT_FOLLOW"),
143                 Map.entry(new Random().nextInt(90) + 310, "DO_NOT_FOLLOW")
144         );
145         Object[][] tests = new Object[redirects.size() * uris.size()][3];
146         int count = 0;
147         for (int i=0; i < uris.size(); i++) {
148             URI u = uris.get(i);
149             for (int j=0; j < redirects.size() ; j++) {
150                 int code = redirects.get(j).getKey();
151                 String m = redirects.get(j).getValue();
152                 tests[count][0] = u.resolve(code +"/");
153                 tests[count][1] = code;
154                 tests[count][2] = m;
155                 count++;
156             }
157         }
158         return tests;
159     }
160 
161     @BeforeClass
162     public void setUp() throws Exception {
163         try {
164             InetSocketAddress sa = new InetSocketAddress(InetAddress.getLoopbackAddress(), 0);
165 
166             // HTTP/1.1
167             http1Server = HttpTestServer.create(HTTP_1_1, null, executor);
168             http1Server.addHandler(new HttpTestRedirectHandler("http", http1Server),
169                     "/HttpRedirectTest/http1/");
170             http1Server.start();
171             http1URI = new URI("http://" + http1Server.serverAuthority() + "/HttpRedirectTest/http1/");
172 
173 
174             // HTTPS/1.1
175             HttpsServer sserver1 = HttpsServer.create(sa, 100);
176             sserver1.setExecutor(executor);
177             sserver1.setHttpsConfigurator(new TestServerConfigurator(sa.getAddress(), context));
178             https1Server = HttpTestServer.of(sserver1);
179             https1Server.addHandler(new HttpTestRedirectHandler("https", https1Server),
180                     "/HttpRedirectTest/https1/");
181             https1Server.start();
182             https1URI = new URI("https://" + https1Server.serverAuthority() + "/HttpRedirectTest/https1/");
183 
184             // HTTP/2.0
185             http2Server = HttpTestServer.create(HTTP_2);
186             http2Server.addHandler(new HttpTestRedirectHandler("http", http2Server),
187                     "/HttpRedirectTest/http2/");
188             http2Server.start();
189             http2URI = new URI("http://" + http2Server.serverAuthority() + "/HttpRedirectTest/http2/");
190 
191             // HTTPS/2.0
192             https2Server = HttpTestServer.create(HTTP_2, SSLContext.getDefault());
193             https2Server.addHandler(new HttpTestRedirectHandler("https", https2Server),
194                     "/HttpRedirectTest/https2/");
195             https2Server.start();
196             https2URI = new URI("https://" + https2Server.serverAuthority() + "/HttpRedirectTest/https2/");
197 
198             proxy = DigestEchoServer.createHttpsProxyTunnel(
199                     DigestEchoServer.HttpAuthSchemeType.NONE);
200             proxyAddress = proxy.getProxyAddress();
201             proxySelector = new HttpProxySelector(proxyAddress);
202             client = newHttpClient(proxySelector);
203             System.out.println("Setup: done");
204         } catch (Exception x) {
205             tearDown(); throw x;
206         } catch (Error e) {
207             tearDown(); throw e;
208         }
209     }
210 
211     private void testNonIdempotent(URI u, HttpRequest request,
212                                    int code, String method) throws Exception {
213         System.out.println("Testing with " + u);
214         CompletableFuture<HttpResponse<String>> respCf =
215                 client.sendAsync(request, HttpResponse.BodyHandlers.ofString());
216         HttpResponse<String> resp = respCf.join();
217         if (method.equals("DO_NOT_FOLLOW")) {
218             assertEquals(resp.statusCode(), code, u + ": status code");
219         } else {
220             assertEquals(resp.statusCode(), 200, u + ": status code");
221         }
222         if (method.equals("POST")) {
223             assertEquals(resp.body(), REQUEST_BODY, u + ": body");
224         } else if (code == 304) {
225             assertEquals(resp.body(), "", u + ": body");
226         } else if (method.equals("DO_NOT_FOLLOW")) {
227             assertNotEquals(resp.body(), GET_RESPONSE_BODY, u + ": body");
228             assertNotEquals(resp.body(), REQUEST_BODY, u + ": body");
229         } else {
230             assertEquals(resp.body(), GET_RESPONSE_BODY, u + ": body");
231         }
232     }
233 
234     public void testIdempotent(URI u, HttpRequest request,
235                                int code, String method) throws Exception {
236         CompletableFuture<HttpResponse<String>> respCf =
237                 client.sendAsync(request, HttpResponse.BodyHandlers.ofString());
238         HttpResponse<String> resp = respCf.join();
239         if (method.equals("DO_NOT_FOLLOW")) {
240             assertEquals(resp.statusCode(), code, u + ": status code");
241         } else {
242             assertEquals(resp.statusCode(), 200, u + ": status code");
243         }
244         if (method.equals("POST")) {
245             assertEquals(resp.body(), REQUEST_BODY, u + ": body");
246         } else if (code == 304) {
247             assertEquals(resp.body(), "", u + ": body");
248         } else if (method.equals("DO_NOT_FOLLOW")) {
249             assertNotEquals(resp.body(), GET_RESPONSE_BODY, u + ": body");
250             assertNotEquals(resp.body(), REQUEST_BODY, u + ": body");
251         } else if (code == 303) {
252             assertEquals(resp.body(), GET_RESPONSE_BODY, u + ": body");
253         } else {
254             assertEquals(resp.body(), REQUEST_BODY, u + ": body");
255         }
256     }
257 
258     @Test(dataProvider = "uris")
259     public void testPOST(URI uri, int code, String method) throws Exception {
260         URI u = uri.resolve("foo?n=" + requestCounter.incrementAndGet());
261         HttpRequest request = HttpRequest.newBuilder(u)
262                 .POST(HttpRequest.BodyPublishers.ofString(REQUEST_BODY)).build();
263         // POST is not considered idempotent.
264         testNonIdempotent(u, request, code, method);
265     }
266 
267     @Test(dataProvider = "uris")
268     public void testPUT(URI uri, int code, String method) throws Exception {
269         URI u = uri.resolve("foo?n=" + requestCounter.incrementAndGet());
270         System.out.println("Testing with " + u);
271         HttpRequest request = HttpRequest.newBuilder(u)
272                 .PUT(HttpRequest.BodyPublishers.ofString(REQUEST_BODY)).build();
273         // PUT is considered idempotent.
274         testIdempotent(u, request, code, method);
275     }
276 
277     @Test(dataProvider = "uris")
278     public void testFoo(URI uri, int code, String method) throws Exception {
279         URI u = uri.resolve("foo?n=" + requestCounter.incrementAndGet());
280         System.out.println("Testing with " + u);
281         HttpRequest request = HttpRequest.newBuilder(u)
282                 .method("FOO",
283                         HttpRequest.BodyPublishers.ofString(REQUEST_BODY)).build();
284         // FOO is considered idempotent.
285         testIdempotent(u, request, code, method);
286     }
287 
288     @Test(dataProvider = "uris")
289     public void testGet(URI uri, int code, String method) throws Exception {
290         URI u = uri.resolve("foo?n=" + requestCounter.incrementAndGet());
291         System.out.println("Testing with " + u);
292         HttpRequest request = HttpRequest.newBuilder(u)
293                 .method("GET",
294                         HttpRequest.BodyPublishers.ofString(REQUEST_BODY)).build();
295         CompletableFuture<HttpResponse<String>> respCf =
296                 client.sendAsync(request, HttpResponse.BodyHandlers.ofString());
297         HttpResponse<String> resp = respCf.join();
298         // body will be preserved except for 304 and 303: this is a GET.
299         if (method.equals("DO_NOT_FOLLOW")) {
300             assertEquals(resp.statusCode(), code, u + ": status code");
301         } else {
302             assertEquals(resp.statusCode(), 200, u + ": status code");
303         }
304         if (code == 304) {
305             assertEquals(resp.body(), "", u + ": body");
306         } else if (method.equals("DO_NOT_FOLLOW")) {
307             assertNotEquals(resp.body(), GET_RESPONSE_BODY, u + ": body");
308             assertNotEquals(resp.body(), REQUEST_BODY, u + ": body");
309         } else if (code == 303) {
310             assertEquals(resp.body(), GET_RESPONSE_BODY, u + ": body");
311         } else {
312             assertEquals(resp.body(), REQUEST_BODY, u + ": body");
313         }
314     }
315 
316     @AfterClass
317     public void tearDown() {
318         proxy = stop(proxy, DigestEchoServer.TunnelingProxy::stop);
319         http1Server = stop(http1Server, HttpTestServer::stop);
320         https1Server = stop(https1Server, HttpTestServer::stop);
321         http2Server = stop(http2Server, HttpTestServer::stop);
322         https2Server = stop(https2Server, HttpTestServer::stop);
323         client = null;
324         try {
325             executor.awaitTermination(2000, TimeUnit.MILLISECONDS);
326         } catch (Throwable x) {
327         } finally {
328             executor.shutdownNow();
329         }
330         try {
331             clientexec.awaitTermination(2000, TimeUnit.MILLISECONDS);
332         } catch (Throwable x) {
333         } finally {
334             clientexec.shutdownNow();
335         }
336         System.out.println("Teardown: done");
337     }
338 
339     private interface Stoppable<T> { public void stop(T service) throws Exception; }
340 
341     static <T>  T stop(T service, Stoppable<T> stop) {
342         try { if (service != null) stop.stop(service); } catch (Throwable x) { };
343         return null;
344     }
345 
346     static class HttpProxySelector extends ProxySelector {
347         private static final List<Proxy> NO_PROXY = List.of(Proxy.NO_PROXY);
348         private final List<Proxy> proxyList;
349         HttpProxySelector(InetSocketAddress proxyAddress) {
350             proxyList = List.of(new Proxy(Proxy.Type.HTTP, proxyAddress));
351         }
352 
353         @Override
354         public List<Proxy> select(URI uri) {
355             // our proxy only supports tunneling
356             if (uri.getScheme().equalsIgnoreCase("https")) {
357                 if (uri.getPath().contains("/proxy/")) {
358                     return proxyList;
359                 }
360             }
361             return NO_PROXY;
362         }
363 
364         @Override
365         public void connectFailed(URI uri, SocketAddress sa, IOException ioe) {
366             System.err.println("Connection to proxy failed: " + ioe);
367             System.err.println("Proxy: " + sa);
368             System.err.println("\tURI: " + uri);
369             ioe.printStackTrace();
370         }
371     }
372 
373     public static class HttpTestRedirectHandler implements HttpTestHandler {
374         static final AtomicLong respCounter = new AtomicLong();
375         final String scheme;
376         final HttpTestServer server;
377         HttpTestRedirectHandler(String scheme, HttpTestServer server) {
378             this.scheme = scheme;
379             this.server = server;
380         }
381 
382         @Override
383         public void handle(HttpTestExchange t) throws IOException {
384             try (InputStream is = t.getRequestBody()) {
385                 byte[] bytes = is.readAllBytes();
386                 URI u = t.getRequestURI();
387                 long responseID = Long.parseLong(u.getQuery().substring(2));
388                 String path = u.getPath();
389                 int i = path.lastIndexOf('/');
390                 String file = path.substring(i+1);
391                 String parent =  path.substring(0, i);
392                 int code = 200;
393                 if (file.equals("foo")) {
394                     i = parent.lastIndexOf("/");
395                     code = Integer.parseInt(parent.substring(i+1));
396                 }
397                 String response;
398                 if (code == 200) {
399                     if (t.getRequestMethod().equals("GET")) {
400                         if (bytes.length == 0) {
401                             response = GET_RESPONSE_BODY;
402                         } else {
403                             response = new String(bytes, StandardCharsets.UTF_8);
404                         }
405                     } else if (t.getRequestMethod().equals("POST")) {
406                         response = new String(bytes, StandardCharsets.UTF_8);
407                     } else {
408                         response = new String(bytes, StandardCharsets.UTF_8);
409                     }
410                 } else if (code < 300 || code > 399) {
411                     response = "Unexpected code: " + code;
412                     code = 400;
413                 } else {
414                     try {
415                         URI reloc = new URI(scheme, server.serverAuthority(), parent + "/bar", u.getQuery(), null);
416                         t.getResponseHeaders().addHeader("Location", reloc.toASCIIString());
417                         if (code != 304) {
418                             response = "Code: " + code;
419                         } else response = null;
420                     } catch (URISyntaxException x) {
421                         x.printStackTrace();
422                         x.printStackTrace(System.out);
423                         code = 400;
424                         response = x.toString();
425                     }
426                 }
427 
428                 System.out.println("Server " + t.getRequestURI() + " sending response " + responseID);
429                 System.out.println("code: " + code + " body: " + response);
430                 t.sendResponseHeaders(code, code == 304 ? 0: -1);
431                 if (code != 304) {
432                     try (OutputStream os = t.getResponseBody()) {
433                         bytes = response.getBytes(StandardCharsets.UTF_8);
434                         os.write(bytes);
435                         os.flush();
436                     }
437                 } else {
438                     bytes = new byte[0];
439                 }
440 
441                 System.out.println("\tresp:" + responseID + ": wrote " + bytes.length + " bytes");
442             } catch (Throwable e) {
443                 e.printStackTrace();
444                 e.printStackTrace(System.out);
445                 throw e;
446             }
447         }
448     }
449 
450 }