From 7a8ddfee995e3e914bab20e21e75e6e043f11a1e Mon Sep 17 00:00:00 2001 From: Mark Sheppard Date: Sun, 13 Jan 2013 22:09:50 +0000 Subject: [PATCH] 8006153: HTTP protocol handler authenication should use Base64 API Reviewed-by: chegar, alanb --- .../www/protocol/http/BasicAuthentication.java | 16 +++++----------- .../protocol/http/NegotiateAuthentication.java | 13 +++---------- 2 files changed, 8 insertions(+), 21 deletions(-) diff --git a/jdk/src/share/classes/sun/net/www/protocol/http/BasicAuthentication.java b/jdk/src/share/classes/sun/net/www/protocol/http/BasicAuthentication.java index 706037223fd..50de0383952 100644 --- a/jdk/src/share/classes/sun/net/www/protocol/http/BasicAuthentication.java +++ b/jdk/src/share/classes/sun/net/www/protocol/http/BasicAuthentication.java @@ -31,8 +31,9 @@ import java.net.URISyntaxException; import java.net.PasswordAuthentication; import java.io.IOException; import java.io.OutputStream; +import java.util.Base64; +import java.util.Base64.Encoder; import sun.net.www.HeaderParser; -import sun.misc.BASE64Encoder; /** * BasicAuthentication: Encapsulate an http server authentication using @@ -76,7 +77,7 @@ class BasicAuthentication extends AuthenticationInfo { System.arraycopy(nameBytes, 0, concat, 0, nameBytes.length); System.arraycopy(passwdBytes, 0, concat, nameBytes.length, passwdBytes.length); - this.auth = "Basic " + (new BasicBASE64Encoder()).encode(concat); + this.auth = "Basic " + Base64.getEncoder().encodeToString(concat); this.pw = pw; } @@ -116,7 +117,7 @@ class BasicAuthentication extends AuthenticationInfo { System.arraycopy(nameBytes, 0, concat, 0, nameBytes.length); System.arraycopy(passwdBytes, 0, concat, nameBytes.length, passwdBytes.length); - this.auth = "Basic " + (new BasicBASE64Encoder()).encode(concat); + this.auth = "Basic " + Base64.getEncoder().encodeToString(concat); this.pw = pw; } @@ -201,12 +202,5 @@ class BasicAuthentication extends AuthenticationInfo { /*should not reach here. If we do simply return npath*/ return npath; } - - /* It is never expected that the header value will exceed the bytesPerLine */ - private class BasicBASE64Encoder extends BASE64Encoder { - @Override - protected int bytesPerLine() { - return (10000); - } - } } + diff --git a/jdk/src/share/classes/sun/net/www/protocol/http/NegotiateAuthentication.java b/jdk/src/share/classes/sun/net/www/protocol/http/NegotiateAuthentication.java index 23a8a83ca94..24e99044c42 100644 --- a/jdk/src/share/classes/sun/net/www/protocol/http/NegotiateAuthentication.java +++ b/jdk/src/share/classes/sun/net/www/protocol/http/NegotiateAuthentication.java @@ -28,10 +28,9 @@ package sun.net.www.protocol.http; import java.net.URL; import java.io.IOException; import java.net.Authenticator.RequestorType; +import java.util.Base64; import java.util.HashMap; import sun.net.www.HeaderParser; -import sun.misc.BASE64Decoder; -import sun.misc.BASE64Encoder; import static sun.net.www.protocol.http.AuthScheme.NEGOTIATE; import static sun.net.www.protocol.http.AuthScheme.KERBEROS; @@ -151,9 +150,9 @@ class NegotiateAuthentication extends AuthenticationInfo { byte[] incoming = null; String[] parts = raw.split("\\s+"); if (parts.length > 1) { - incoming = new BASE64Decoder().decodeBuffer(parts[1]); + incoming = Base64.getDecoder().decode(parts[1]); } - response = hci.scheme + " " + new B64Encoder().encode( + response = hci.scheme + " " + Base64.getEncoder().encodeToString( incoming==null?firstToken():nextToken(incoming)); conn.setAuthenticationProperty(getHeaderName(), response); @@ -201,12 +200,6 @@ class NegotiateAuthentication extends AuthenticationInfo { return negotiator.nextToken(token); } - class B64Encoder extends BASE64Encoder { - protected int bytesPerLine () { - return 100000; // as big as it can be, maybe INT_MAX - } - } - // MS will send a final WWW-Authenticate even if the status is already // 200 OK. The token can be fed into initSecContext() again to determine // if the server can be trusted. This is not the same concept as Digest's