added tls handshake for https

http/client/pom.xml

@@ -54,6 +54,10 @@
             <artifactId>jboss-logging</artifactId>
             <scope>provided</scope>
         </dependency>
+        <dependency>
+            <groupId>org.wildfly.security</groupId>
+            <artifactId>wildfly-elytron-sasl-digest</artifactId>
+        </dependency>
         <dependency>
             <groupId>org.jboss.logging</groupId>
             <artifactId>jboss-logging-processor</artifactId>
@@ -63,10 +67,6 @@
             <groupId>org.wildfly.security</groupId>
             <artifactId>wildfly-elytron-mechanism-digest</artifactId>
         </dependency>
-        <dependency>
-            <groupId>org.wildfly.security</groupId>
-            <artifactId>wildfly-elytron-sasl-digest</artifactId>
-        </dependency>
         <dependency>
             <groupId>org.wildfly.security</groupId>
             <artifactId>wildfly-elytron-credential</artifactId>

http/client/src/main/java/org/wildfly/security/http/client/ElytronHttpClient.java

@@ -21,13 +21,20 @@
 import org.wildfly.security.http.client.mechanism.basic.ElytronHttpClientBasicAuthMechanism;
 import org.wildfly.security.http.client.mechanism.bearer.ElytronHttpClientBearerAuthMechanism;
 import org.wildfly.security.http.client.mechanism.digest.ElytronHttpClientDigestAuthMechanism;
+import org.wildfly.security.http.client.utils.ElytronHttpClientConstants;
+import org.wildfly.security.http.client.utils.ElytronHttpClientCredentialUtils;
+import org.wildfly.security.http.client.utils.ElytronHttpClientRequestBuilder;
 import org.wildfly.security.http.client.utils.ElytronMessages;
 
+import javax.net.ssl.SSLContext;
+
 import static org.wildfly.security.http.HttpConstants.OK;
 
 import java.io.IOException;
+import java.net.MalformedURLException;
 import java.net.URI;
 import java.net.URISyntaxException;
+import java.net.URL;
 import java.net.http.HttpClient;
 import java.net.http.HttpRequest;
 import java.net.http.HttpResponse;
@@ -41,72 +48,92 @@
  */
 public class ElytronHttpClient {
 
-    private final HttpClient httpClient;
+    private HttpClient httpClient;
 
     public ElytronHttpClient() {
         this.httpClient = HttpClient.newHttpClient();
     }
 
-    private HttpResponse getResponse(HttpRequest request) throws IOException, InterruptedException{
+    private HttpResponse getResponse(HttpRequest request) throws IOException, InterruptedException {
         return httpClient.send(request, HttpResponse.BodyHandlers.ofString());
     }
 
-    private HttpRequest evaluateNoAuthMechanism(URI uri) {
-        HttpRequest request = HttpRequest
-                .newBuilder()
-                .uri(uri)
-                .build();
+    private void addSSLContextToHttpClient(URI uri) throws MalformedURLException {
+        String protocol = new URL(uri.toString()).getProtocol();
 
-        return request;
+        if (protocol.equalsIgnoreCase("https")) {
+            SSLContext sslContext = ElytronHttpClientCredentialUtils.getSSLContext(uri);
+            httpClient = HttpClient.newBuilder().sslContext(sslContext).build();
+        }
     }
 
     /**
      * Used to connect to the secured uri and return the response based on that.
      */
-    public HttpResponse connect(String uri) throws IOException, InterruptedException, URISyntaxException {
-
+    public HttpResponse connect(String uri, String method, String body, Map<String, String> headers) throws IOException, InterruptedException, URISyntaxException {
         URI uriPath = new URI(uri);
-        HttpRequest request = evaluateNoAuthMechanism(uriPath);
+        addSSLContextToHttpClient(uriPath);
+
+        HttpRequest request = ElytronHttpClientRequestBuilder.buildRequest(uriPath, method, body, headers);
         HttpResponse response = getResponse(request);
 
-        if(response.statusCode() == OK){
+        if (response.statusCode() == OK) {
             return response;
         }
 
         String authHeader = getAuthHeader(response);
 
-        if(authHeader == null){
+        if (authHeader == null) {
             throw new ElytronHttpClientException(ElytronMessages.log.responseHeaderExtractionFailed());
         }
+        String[] authChallenges = authHeader.split(",");
+        HttpRequest authRequest = null;
+
+        String challenge = authChallenges[0];
 
-        String authType = authHeader.split(" ")[0].toLowerCase();
+        String authType = getAuthType(challenge);
 
-        switch (authType){
-            case "basic" :
-                request = ElytronHttpClientBasicAuthMechanism.evaluateMechanism(uriPath);
+        switch (authType) {
+            case "basic":
+                authRequest = ElytronHttpClientBasicAuthMechanism.evaluateMechanism(uriPath, method, body, headers);
                 break;
-            case "digest" :
-                request = ElytronHttpClientDigestAuthMechanism.evaluateMechanism(uriPath, authHeader);
+            case "digest":
+                authRequest = ElytronHttpClientDigestAuthMechanism.evaluateMechanism(uriPath, authHeader, method, body, headers);
                 break;
-            case "bearer" :
-                request = ElytronHttpClientBearerAuthMechanism.evaluateMechanism(uriPath);
+            case "bearer":
+                authRequest = ElytronHttpClientBearerAuthMechanism.evaluateMechanism(uriPath, method, body, headers);
                 break;
             default:
-                request = evaluateNoAuthMechanism(uriPath);
+                authRequest = ElytronHttpClientRequestBuilder.buildRequest(uriPath, method, body, headers);
         }
 
+        if (authRequest != null) {
+            response = getResponse(authRequest);
+            return response;
+        }
+
+        // If none of the authentication mechanisms succeeded, fallback to the initial request
         response = getResponse(request);
         return response;
     }
 
-    private String getAuthHeader(HttpResponse response){
+    public HttpResponse connect(String uri) throws IOException, InterruptedException, URISyntaxException {
+        HttpResponse response = connect(uri, ElytronHttpClientConstants.GET, null, null);
+        return response;
+    }
+
+    private String getAuthHeader(HttpResponse response) {
         String authHeader = null;
         Map<String, List<String>> allHeaderValues = response.headers().map();
-        for(String headerKey : allHeaderValues.keySet()){
-            if(headerKey.toLowerCase().equals("www-authenticate")){
+        for (String headerKey : allHeaderValues.keySet()) {
+            if (headerKey.toLowerCase().equals("www-authenticate")) {
                 authHeader = allHeaderValues.get(headerKey).get(0);
             }
         }
         return authHeader;
     }
+
+    private String getAuthType(String challenge) {
+        return challenge.trim().split(" ")[0].toLowerCase();
+    }
 }

http/client/src/main/java/org/wildfly/security/http/client/exception/ElytronHttpClientException.java

@@ -19,6 +19,7 @@
 
 /**
  * General client configuration exception
+ *
  * @author <a href="mailto:kekumar@redhat.com">Keshav Kumar</a>
  */
 public class ElytronHttpClientException extends RuntimeException {

http/client/src/main/java/org/wildfly/security/http/client/mechanism/basic/ElytronHttpClientBasicAuthMechanism.java

@@ -18,29 +18,32 @@
 
 package org.wildfly.security.http.client.mechanism.basic;
 
+import org.wildfly.security.http.client.utils.ElytronHttpClientConstants;
 import org.wildfly.security.http.client.utils.ElytronHttpClientCredentialUtils;
+import org.wildfly.security.http.client.utils.ElytronHttpClientRequestBuilder;
 
 import java.net.URI;
 import java.net.http.HttpRequest;
 import java.util.Base64;
+import java.util.HashMap;
+import java.util.Map;
 
 /**
  * Elytron client for HTTP authentication
  *
  * @author <a href="mailto:kekumar@redhat.com">Keshav Kumar</a>
  */
 public class ElytronHttpClientBasicAuthMechanism {
-    private static final String AUTHORIZATION = "Authorization";
     private static ElytronHttpClientCredentialUtils elytronHttpClientCredentialProvider = new ElytronHttpClientCredentialUtils();
 
-    public static HttpRequest evaluateMechanism(URI uri) {
+    public static HttpRequest evaluateMechanism(URI uri, String method, String body, Map<String, String> headers) {
         String userName = elytronHttpClientCredentialProvider.getUserName(uri);
         String password = elytronHttpClientCredentialProvider.getPassword(uri);
-        HttpRequest request = HttpRequest
-                .newBuilder()
-                .uri(uri)
-                .header(AUTHORIZATION, basicAuth(userName, password))
-                .build();
+        if(headers == null){
+            headers = new HashMap<>();
+        }
+        headers.put(ElytronHttpClientConstants.AUTHORIZATION, basicAuth(userName, password));
+        HttpRequest request = ElytronHttpClientRequestBuilder.buildRequest(uri, method, body, headers);
         return request;
     }
 

http/client/src/main/java/org/wildfly/security/http/client/mechanism/bearer/ElytronHttpClientBearerAuthMechanism.java

@@ -1,26 +1,27 @@
 package org.wildfly.security.http.client.mechanism.bearer;
 
+import org.wildfly.security.http.client.utils.ElytronHttpClientConstants;
 import org.wildfly.security.http.client.utils.ElytronHttpClientCredentialUtils;
+import org.wildfly.security.http.client.utils.ElytronHttpClientRequestBuilder;
 
 import java.net.URI;
 import java.net.http.HttpRequest;
+import java.util.HashMap;
+import java.util.Map;
 
 public class ElytronHttpClientBearerAuthMechanism {
 
-    private static final String AUTHORIZATION = "Authorization";
-    private static ElytronHttpClientCredentialUtils elytronHttpClientCredentialProvider = new ElytronHttpClientCredentialUtils();
-
-    public static HttpRequest evaluateMechanism(URI uri) {
-        String token = elytronHttpClientCredentialProvider.getToken(uri);
-        HttpRequest request = HttpRequest
-                .newBuilder()
-                .uri(uri)
-                .header(AUTHORIZATION, getBearerHeader(token))
-                .build();
+    public static HttpRequest evaluateMechanism(URI uri, String method, String body, Map<String, String> headers) {
+        String token = ElytronHttpClientCredentialUtils.getToken(uri);
+        if(headers == null){
+            headers = new HashMap<>();
+        }
+        headers.put(ElytronHttpClientConstants.AUTHORIZATION, getBearerHeader(token));
+        HttpRequest request = ElytronHttpClientRequestBuilder.buildRequest(uri, method, body, headers);
         return request;
     }
 
-    private static String getBearerHeader(String token){
+    private static String getBearerHeader(String token) {
         return "Bearer " + token;
     }
 }

http/client/src/main/java/org/wildfly/security/http/client/mechanism/digest/ElytronHttpClientDigestAuthMechanism.java

@@ -24,6 +24,7 @@
 
 import java.net.URI;
 import java.net.http.HttpRequest;
+import java.util.Map;
 
 /**
  * Elytron client for HTTP authentication
@@ -32,11 +33,9 @@
  */
 public class ElytronHttpClientDigestAuthMechanism {
 
-    private static ElytronHttpClientCredentialUtils elytronHttpClientCredentialProvider = new ElytronHttpClientCredentialUtils();
-
-    public static HttpRequest evaluateMechanism(URI uri, String authHeader) throws AuthenticationMechanismException {
-        String userName = elytronHttpClientCredentialProvider.getUserName(uri);
-        String password = elytronHttpClientCredentialProvider.getPassword(uri);
-        return DigestHttpMechanismUtil.createDigestRequest(uri, userName, password, authHeader);
+    public static HttpRequest evaluateMechanism(URI uri, String authHeader, String method, String body, Map<String, String> headers) throws AuthenticationMechanismException {
+        String userName = ElytronHttpClientCredentialUtils.getUserName(uri);
+        String password = ElytronHttpClientCredentialUtils.getPassword(uri);
+        return DigestHttpMechanismUtil.createDigestRequest(uri, userName, password, authHeader, method, body, headers);
     }
 }