/** * Returns a string with containing this URL with its username, password, query, and fragment * stripped, and its path replaced with {@code /...}. For example, redacting {@code * http://username:password@example.com/path} returns {@code http://example.com/...}. */ public String redact() { return newBuilder("/...") .username("") .password("") .build() .toString(); }
/** * Returns a string with containing this URL with its username, password, query, and fragment * stripped, and its path replaced with {@code /...}. For example, redacting {@code * http://username:password@example.com/path} returns {@code http://example.com/...}. */ public String redact() { return newBuilder("/...") .username("") .password("") .build() .toString(); }
@Test public void send_basic_authentication_header_if_url_contains_credentials() throws Exception { HttpUrl url = server.url("/ping").newBuilder().username("theLogin").password("thePassword").build(); Webhook webhook = new Webhook(WEBHOOK_UUID, PROJECT_UUID, CE_TASK_UUID, RandomStringUtils.randomAlphanumeric(40),"my-webhook", url.toString()); server.enqueue(new MockResponse().setBody("pong")); WebhookDelivery delivery = newSender().call(webhook, PAYLOAD); assertThat(delivery.getWebhook().getUrl()) .isEqualTo(url.toString()) .contains("://theLogin:thePassword@"); RecordedRequest recordedRequest = takeAndVerifyPostRequest("/ping"); assertThat(recordedRequest.getHeader("Authorization")).isEqualTo(Credentials.basic(url.username(), url.password())); }
public HTTPLocation(final URI uri, final String username, final String password) throws URISyntaxException { final String scheme = uri.getScheme(); Objects.requireNonNull(username); Objects.requireNonNull(password); if ("http".equals(scheme) || "https".equals(scheme)) { this.url = HttpUrl.get(uri).newBuilder().username(username).password( password).build(); } else { throw new URISyntaxException(uri.toString(), "URI does not point to an HTTP(S) location."); } }
/** * Returns a string with containing this URL with its username, password, query, and fragment * stripped, and its path replaced with {@code /...}. For example, redacting {@code * http://username:password@example.com/path} returns {@code http://example.com/...}. */ public String redact() { return newBuilder("/...") .username("") .password("") .build() .toString(); }
/** * @param url the url * @throws URISyntaxException If the given string violates RFC 2396, or does * not point to a HTTP(S) location. * @throws MalformedURLException */ public HTTPLocation(final String url, final String username, final String password) throws URISyntaxException, MalformedURLException { this.url = HttpUrl.parse(url).newBuilder().username(username).password( password).build(); }
/** * Returns a string with containing this URL with its username, password, query, and fragment * stripped, and its path replaced with {@code /...}. For example, redacting {@code * http://username:password@example.com/path} returns {@code http://example.com/...}. */ public String redact() { return newBuilder("/...") .username("") .password("") .build() .toString(); }
@Test public void credentials_are_propagated_to_POST_redirects() throws Exception { HttpUrl url = server.url("/redirect").newBuilder().username("theLogin").password("thePassword").build(); Webhook webhook = new Webhook(WEBHOOK_UUID, PROJECT_UUID, CE_TASK_UUID, RandomStringUtils.randomAlphanumeric(40),"my-webhook", url.toString()); // /redirect redirects to /target server.enqueue(new MockResponse().setResponseCode(307).setHeader("Location", server.url("target"))); server.enqueue(new MockResponse().setResponseCode(200)); WebhookDelivery delivery = newSender().call(webhook, PAYLOAD); assertThat(delivery.getHttpStatus().get()).isEqualTo(200); RecordedRequest redirectedRequest = takeAndVerifyPostRequest("/redirect"); assertThat(redirectedRequest.getHeader("Authorization")).isEqualTo(Credentials.basic(url.username(), url.password())); RecordedRequest targetRequest = takeAndVerifyPostRequest("/target"); assertThat(targetRequest.getHeader("Authorization")).isEqualTo(Credentials.basic(url.username(), url.password())); }