import com.burgstaller.okhttp.digest.CachingAuthenticator; //导入依赖的package包/类
/**
 * Makes sure that in the case of cached authenticators the authenticators are called in the
 * order in which they were registered.
 *
 * @throws Exception
 */
@Test
public void testAuthenticateWithState__shouldCallAuthenticatorsInExpectedOrder() throws Exception {
    // given
    CachingAuthenticator auth1 = mock(CachingAuthenticator.class);
    CachingAuthenticator auth2 = mock(CachingAuthenticator.class);

    DispatchingAuthenticator authenticator = new DispatchingAuthenticator.Builder()
            .with("digest", auth1)
            .with("basic", auth2)
            .build();
    Request request = createDummyRequest();
    // make sure that the 2nd authenticator will not be called
    given(auth2.authenticateWithState(eq(mockRoute), eq(request))).willThrow(IllegalStateException.class);
    given(auth1.authenticateWithState(eq(mockRoute), eq(request))).willReturn(request);

    // when
    Request result = authenticator.authenticateWithState(mockRoute, request);

    // then
    assertEquals(request, result);
}
 

import com.burgstaller.okhttp.digest.CachingAuthenticator; //导入依赖的package包/类
private Response createUnauthorizedServerResponse() throws IOException {
    final Map<String, CachingAuthenticator> authCache = new ConcurrentHashMap<>();
    Interceptor interceptor = new AuthenticationCacheInterceptor(authCache);
    return interceptor.intercept(new ChainAdapter(createDummyRequest(), mockConnection) {
        @Override
        public Response proceed(Request request) throws IOException {
            return new Response.Builder()
                    .body(ResponseBody.create(MediaType.parse("text/plain"), "Unauthorized"))
                    .request(request)
                    .protocol(Protocol.HTTP_1_1)
                    .code(HTTP_UNAUTHORIZED)
                    .message("Unauthorized")
                    .header("WWW-Authenticate", "Basic realm=\"myrealm\"")
                    .build();
        }

    });
}
 

import com.burgstaller.okhttp.digest.CachingAuthenticator; //导入依赖的package包/类
@Test
public void testCaching_withExpiredAuthentication() throws Exception {
    Map<String, CachingAuthenticator> authCache = new ConcurrentHashMap<>();

    final String dummyUrl = "https://myhost.com/path";

    // Fill in authCache.
    // https://myhost.com => basic auth user1:user1
    givenCachedAuthenticationFor(dummyUrl, authCache);
    assertEquals(1, authCache.size());

    Interceptor interceptor = new AuthenticationCacheInterceptor(authCache);

    // Check that unauthorized response (e.g. credentials changed or expired)
    // removes cached authenticator
    whenServerReturns401(dummyUrl, interceptor);

    thenAuthCacheShouldBeEmpty(authCache);
}
 

import com.burgstaller.okhttp.digest.CachingAuthenticator; //导入依赖的package包/类
@Test
public void testCaching_withDifferentPorts() throws Exception {
    Map<String, CachingAuthenticator> authCache = new ConcurrentHashMap<>();

    // Fill in authCache.
    // https://myhost.com => basic auth user1:user1
    givenCachedAuthenticationFor("https://myhost.com", authCache);
    assertEquals(1, authCache.size());

    Interceptor interceptor = new AuthenticationCacheInterceptor(authCache);

    // Check that authenticator exists for https://myhost.com:443
    final String authorization = whenInterceptAuthenticationForUrl(interceptor, "https://myhost.com:443");
    thenAuthorizationHeaderShouldBePresent(authorization);

    // Check that authenticator does not exist for http://myhost.com:8080
    final String authorization2 = whenInterceptAuthenticationForUrl(interceptor, "http://myhost.com:8080");
    thenNoAuthorizationHeaderShouldBePresent(authorization2);
}
 

import com.burgstaller.okhttp.digest.CachingAuthenticator; //导入依赖的package包/类
private void givenCachedAuthenticationFor(String url, Map<String, CachingAuthenticator> authCache) throws IOException {
    Authenticator decorator = new CachingAuthenticatorDecorator(
            new BasicAuthenticator(new Credentials("user1", "user1")),
            authCache);
    Request dummyRequest = new Request.Builder()
            .url(url)
            .get()
            .build();
    Response response = new Response.Builder()
            .request(dummyRequest)
            .protocol(Protocol.HTTP_1_1)
            .code(HTTP_UNAUTHORIZED)
            .message("Unauthorized")
            .header("WWW-Authenticate", "Basic realm=\"myrealm\"")
            .build();
    decorator.authenticate(null, response);
}
 

import com.burgstaller.okhttp.digest.CachingAuthenticator; //导入依赖的package包/类
protected OkHttpBuilder(final HttpObjectConfig config) {
    super(config);

    this.config = new HttpConfigs.ThreadSafeHttpConfig(config.getChainedConfig());
    this.clientConfig = config.getClient();
    this.executor = config.getExecution().getExecutor();

    final OkHttpClient.Builder builder = new OkHttpClient.Builder();

    final SSLContext sslContext = config.getExecution().getSslContext();
    if (sslContext != null) {
        builder.sslSocketFactory(sslContext.getSocketFactory()/*, (X509TrustManager) TRUST_MANAGERS[0]*/);
        builder.hostnameVerifier(config.getExecution().getHostnameVerifier());
    }

    // DIGEST support - defining this here only allows DIGEST config on the HttpBuilder configuration, not for individual methods.
    final HttpConfig.Auth auth = config.getRequest().getAuth();
    if (auth != null && auth.getAuthType() == DIGEST) {
        Map<String, CachingAuthenticator> authCache = new ConcurrentHashMap<>();

        builder.addInterceptor(new AuthenticationCacheInterceptor(authCache));
        builder.authenticator(new CachingAuthenticatorDecorator(
            new DigestAuthenticator(new com.burgstaller.okhttp.digest.Credentials(auth.getUser(), auth.getPassword())), authCache)
        );
    }

    final Consumer<Object> clientCustomizer = clientConfig.getClientCustomizer();
    if (clientCustomizer != null) {
        clientCustomizer.accept(builder);
    }

    final ProxyInfo pinfo = config.getExecution().getProxyInfo();
    if (usesProxy(pinfo)) {
        builder.proxy(pinfo.getProxy());
    }

    this.client = builder.build();
}
 

import com.burgstaller.okhttp.digest.CachingAuthenticator; //导入依赖的package包/类
@Override
public Request authenticate(Route route, Response response) throws IOException {
    Request authenticated = innerAuthenticator.authenticate(route, response);
    if (authenticated != null) {
        String authorizationValue = authenticated.header("Authorization");
        if (authorizationValue != null && innerAuthenticator instanceof CachingAuthenticator) {
            final HttpUrl url = authenticated.url();
            final String key = CachingUtils.getCachingKey(url);
            authCache.put(key, (CachingAuthenticator) innerAuthenticator);
        }
    }
    return authenticated;
}
 

import com.burgstaller.okhttp.digest.CachingAuthenticator; //导入依赖的package包/类
@Override
public Response intercept(Chain chain) throws IOException {
    final Request request = chain.request();
    final HttpUrl url = request.url();
    final String key = CachingUtils.getCachingKey(url);
    CachingAuthenticator authenticator = authCache.get(key);
    Request authRequest = null;
    Connection connection = chain.connection();
    Route route = connection != null ? connection.route() : null;
    if (authenticator != null) {
        authRequest = authenticator.authenticateWithState(route, request);
    }
    if (authRequest == null) {
        authRequest = request;
    }
    Response response = chain.proceed(authRequest);

    // Cached response was used, but it produced unauthorized response (cache expired).
    int responseCode = response != null ? response.code() : 0;
    if (authenticator != null && (responseCode == HTTP_UNAUTHORIZED || responseCode == HTTP_PROXY_AUTH)) {
        // Remove cached authenticator and resend request
        if (authCache.remove(key) != null) {
            response.body().close();
            Platform.get().log(Platform.INFO, "Cached authentication expired. Sending a new request.", null);
            // Force sending a new request without "Authorization" header
            response = chain.proceed(request);
        }
    }
    return response;
}
 

import com.burgstaller.okhttp.digest.CachingAuthenticator; //导入依赖的package包/类
private DispatchingAuthenticator(Map<String, Authenticator> registry) {
    authenticatorRegistry = registry;
    cachingRegistry = new LinkedHashMap<>();
    for (Map.Entry<String, Authenticator> entry : authenticatorRegistry.entrySet()) {
        if (entry.getValue() instanceof CachingAuthenticator) {
            cachingRegistry.put(entry.getKey(), (CachingAuthenticator) entry.getValue());
        }
    }
}
 

import com.burgstaller.okhttp.digest.CachingAuthenticator; //导入依赖的package包/类
@Override
public Request authenticateWithState(Route route, Request request) throws IOException {
    for (Map.Entry<String, CachingAuthenticator> authenticatorEntry : cachingRegistry.entrySet()) {
        final Request authRequest = authenticatorEntry.getValue().authenticateWithState(route, request);
        if (authRequest != null) {
            return authRequest;
        }
    }
    return null;
}
 

import com.burgstaller.okhttp.digest.CachingAuthenticator; //导入依赖的package包/类
@Test
public void testCaching__whenNoConnectionExists__shouldNotBombOut() throws IOException {
    Map<String, CachingAuthenticator> authCache = new ConcurrentHashMap<>();
    Interceptor interceptor = new AuthenticationCacheInterceptor(authCache);

    String auth = whenInterceptAuthenticationForUrlWithNoConnection(interceptor, "https://myhost.com:443");
    assertNull(auth);
}
 

import com.burgstaller.okhttp.digest.CachingAuthenticator; //导入依赖的package包/类
@Test
public void testCaching__whenNoConnectionExistsButCachedInfo__shouldNotBombOut() throws IOException {
    Map<String, CachingAuthenticator> authCache = new ConcurrentHashMap<>();
    givenCachedAuthenticationFor("https://myhost.com:443", authCache);
    Interceptor interceptor = new AuthenticationCacheInterceptor(authCache);

    // when
    String auth = whenInterceptAuthenticationForUrlWithNoConnection(interceptor, "https://myhost.com:443");
    thenAuthorizationHeaderShouldBePresent(auth);
}
 

import com.burgstaller.okhttp.digest.CachingAuthenticator; //导入依赖的package包/类
private OkHttpClient getClient(ConnectionInfo ci) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException {

        OkHttpClient.Builder builder = new OkHttpClient.Builder();
        final Map<String, CachingAuthenticator> authCache = new ConcurrentHashMap<>();

        com.burgstaller.okhttp.digest.Credentials credentials = new com.burgstaller.okhttp.digest.Credentials(ci.username, ci.password);
        final BasicAuthenticator basicAuthenticator = new BasicAuthenticator(credentials);
        final DigestAuthenticator digestAuthenticator = new DigestAuthenticator(credentials);

        // note that all auth schemes should be registered as lowercase!
        DispatchingAuthenticator authenticator = new DispatchingAuthenticator.Builder()
                .with("digest", digestAuthenticator)
                .with("basic", basicAuthenticator)
                .build();

        builder = builder.authenticator(new CachingAuthenticatorDecorator(authenticator, authCache))
                .addInterceptor(new AuthenticationCacheInterceptor(authCache));
        if ((mCertificateErrorHandler != null) && (!mCertificateErrorHandler.alwaysFailOnValidationError())) {


            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(
                    TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
                throw new IllegalStateException("Unexpected default trust managers:"
                        + Arrays.toString(trustManagers));
            }
            X509TrustManager trustManager = (X509TrustManager) trustManagers[0];
            trustManager = new DecoratedTrustManager(trustManager, mCertificateErrorHandler);
            SSLContext sslContext = SSLContext.getInstance("TLS");
            sslContext.init(null, new TrustManager[] { trustManager }, null);
            SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();

            builder = builder.sslSocketFactory(sslSocketFactory, trustManager)
                             .hostnameVerifier(new DecoratedHostnameVerifier(OkHostnameVerifier.INSTANCE, mCertificateErrorHandler));


        }

        OkHttpClient client =  builder.build();
        return client;
    }
 

import com.burgstaller.okhttp.digest.CachingAuthenticator; //导入依赖的package包/类
GerritApiClient(String endpoint, Authorization authorization,
        PlatformAbstractionLayer abstractionLayer) {
    mAbstractionLayer = abstractionLayer;
    mEndPoint = endpoint;
    mCookieManager = new CookieManager(toUnauthenticatedEndpoint(mEndPoint));

    Authorization auth = authorization;
    if (auth == null) {
        auth = new Authorization();
    }

    DispatchingAuthenticator authenticator = null;
    if (!auth.isAnonymousUser()) {
        final Credentials credentials = new Credentials(auth.mUsername, auth.mPassword);
        final BasicAuthenticator basicAuthenticator = new BasicAuthenticator(credentials);
        final DigestAuthenticator digestAuthenticator = new DigestAuthenticator(credentials);
        authenticator = new DispatchingAuthenticator.Builder()
                .with("digest", digestAuthenticator)
                .with("basic", basicAuthenticator)
                .requireAuthScheme(false)
                .build();
    }

    // OkHttp client
    OkHttpClient.Builder clientBuilder = auth.mTrustAllCertificates
            ? OkHttpHelper.getUnsafeClientBuilder() : OkHttpHelper.getSafeClientBuilder();
    clientBuilder
            .readTimeout(20000, java.util.concurrent.TimeUnit.MILLISECONDS)
            .cookieJar(mCookieManager)
            .followRedirects(true)
            .followSslRedirects(true)
            .addInterceptor(createConnectivityCheckInterceptor())
            .addInterceptor(createLoggingInterceptor())
            .addInterceptor(createHeadersInterceptor(auth));
    if (!auth.isAnonymousUser()) {
        final Map<String, CachingAuthenticator> authCache = new ConcurrentHashMap<>();
        clientBuilder
                .authenticator(new CachingAuthenticatorDecorator(authenticator, authCache))
                .addInterceptor(new AuthenticationCacheInterceptor(authCache));
    }
    OkHttpClient client = clientBuilder.build();

    // Gson adapter
    GsonConverterFactory gsonFactory = GsonConverterFactory.create(
            GsonHelper.createGerritGsonBuilder(true, mAbstractionLayer).create());

    // RxJava adapter
    RxJava2CallAdapterFactory rxAdapter = RxJava2CallAdapterFactory.create();

    // Retrofit
    Retrofit retrofit = new Retrofit.Builder()
            .baseUrl(endpoint)
            .client(client)
            .addConverterFactory(gsonFactory)
            .addCallAdapterFactory(rxAdapter)
            .build();

    // Build the api
    mService = retrofit.create(GerritRestApi.class);
}
 

import com.burgstaller.okhttp.digest.CachingAuthenticator; //导入依赖的package包/类
public CachingAuthenticatorDecorator(Authenticator innerAuthenticator, Map<String, CachingAuthenticator> authCache) {
    this.innerAuthenticator = innerAuthenticator;
    this.authCache = authCache;
}
 

import com.burgstaller.okhttp.digest.CachingAuthenticator; //导入依赖的package包/类
public AuthenticationCacheInterceptor(Map<String, CachingAuthenticator> authCache) {
    this.authCache = authCache;
}
 

import com.burgstaller.okhttp.digest.CachingAuthenticator; //导入依赖的package包/类
private void thenAuthCacheShouldBeEmpty(Map<String, CachingAuthenticator> authCache) {
    // No cached authenticator anymore
    assertEquals(0, authCache.size());
}