final String proxyAuth = responsePacket.getHeader(Header.ProxyAuthenticate);
if (proxyAuth == null) {
throw new IllegalStateException("407 response received, but no Proxy Authenticate header was present");
}
final Request req = httpTransactionContext.getRequest();
ProxyServer proxyServer = httpTransactionContext.getProvider().getClientConfig().getProxyServerSelector()
.select(req.getUri());
String principal = proxyServer.getPrincipal();
String password = proxyServer.getPassword();
Realm realm = new Realm.RealmBuilder().setPrincipal(principal).setPassword(password).setUri(req.getUri()).setOmitQuery(true)
.setMethodName(Method.CONNECT.getMethodString()).setUsePreemptiveAuth(true).parseProxyAuthenticateHeader(proxyAuth).build();
String proxyAuthLowerCase = proxyAuth.toLowerCase(Locale.ENGLISH);
if (proxyAuthLowerCase.startsWith("basic")) {
req.getHeaders().remove(Header.ProxyAuthenticate.toString());
req.getHeaders().remove(Header.ProxyAuthorization.toString());
req.getHeaders().add(Header.ProxyAuthorization.toString(), AuthenticatorUtils.computeBasicAuthentication(realm));
} else if (proxyAuthLowerCase.startsWith("digest")) {
req.getHeaders().remove(Header.ProxyAuthenticate.toString());
req.getHeaders().remove(Header.ProxyAuthorization.toString());
req.getHeaders().add(Header.ProxyAuthorization.toString(), AuthenticatorUtils.computeDigestAuthentication(realm));
} else if (proxyAuthLowerCase.startsWith("ntlm")) {
req.getHeaders().remove(Header.ProxyAuthenticate.toString());
req.getHeaders().remove(Header.ProxyAuthorization.toString());
String msg;
try {
if (isNTLMFirstHandShake(proxyAuth)) {
msg = GrizzlyAsyncHttpProvider.NTLM_ENGINE.generateType1Msg();
} else {
String serverChallenge = proxyAuth.trim().substring("NTLM ".length());
msg = GrizzlyAsyncHttpProvider.NTLM_ENGINE.generateType3Msg(principal, password, proxyServer.getNtlmDomain(),
proxyServer.getHost(), serverChallenge);
}
req.getHeaders().add(Header.ProxyAuthorization.toString(), "NTLM " + msg);
} catch (Exception e1) {
e1.printStackTrace();
}
} else if (proxyAuthLowerCase.startsWith("negotiate")) {
//this is for kerberos
req.getHeaders().remove(Header.ProxyAuthenticate.toString());
req.getHeaders().remove(Header.ProxyAuthorization.toString());
} else {
throw new IllegalStateException("Unsupported authorization method: " + proxyAuth);
}
InvocationStatus tempInvocationStatus = InvocationStatus.STOP;
try {
if (isNTLMFirstHandShake(proxyAuth)) {
tempInvocationStatus = InvocationStatus.CONTINUE;
}
if (proxyAuth.toLowerCase().startsWith("negotiate")) {
final Connection c = getConnectionForNextRequest(ctx, req, responsePacket, httpTransactionContext);
final HttpTxContext newContext = httpTransactionContext.copy();
httpTransactionContext.setFuture(null);
HttpTxContext.set(ctx, newContext);
newContext.setInvocationStatus(tempInvocationStatus);
String challengeHeader;
String server = proxyServer.getHost();
challengeHeader = GSSSPNEGOWrapper.generateToken(server);
req.getHeaders().add(Header.ProxyAuthorization.toString(), "Negotiate " + challengeHeader);
return executeRequest(httpTransactionContext, req, c, newContext);
} else if (isNTLMSecondHandShake(proxyAuth)) {
final Connection c = ctx.getConnection();
final HttpTxContext newContext = httpTransactionContext.copy();