Skip to content

Commit

Permalink
HTTPCORE-756 - Deprecate and remove userInfo from URIAuthority and UR…
Browse files Browse the repository at this point in the history 
…IBuilder in compliance with RFC 9110.

Removed all references to `userInfo` in the `URIAuthority` class and deprecated methods that utilize `userInfo` in both `URIAuthority` and `URIBuilder`. This change aligns with the RFC's recommendation against using the `userinfo` subcomponent in "http" or "https" URIs.
  • Loading branch information
@arturobernalg
arturobernalg committed Aug 25, 2023
1 parent 88a1118 commit 9c4bbe3
Show file tree
Hide file tree
Showing 8 changed files with 91 additions and 124 deletions.
3 changes: 1 addition & 2 deletions httpcore5/src/main/java/org/apache/hc/core5/http/message/BasicHttpRequest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -264,8 +264,7 @@ public String getRequestUri() {
public void setUri(final URI requestUri) {
this.scheme = requestUri.getScheme();
if (requestUri.getHost() != null) {
this.authority = new URIAuthority(
requestUri.getRawUserInfo(), requestUri.getHost(), requestUri.getPort());
this.authority = new URIAuthority(requestUri.getHost(), requestUri.getPort());
} else if (requestUri.getRawAuthority() != null) {
try {
this.authority = URIAuthority.create(requestUri.getRawAuthority());
Expand Down
2 changes: 1 addition & 1 deletion httpcore5/src/main/java/org/apache/hc/core5/http/support/AbstractRequestBuilder.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -173,7 +173,7 @@ public AbstractRequestBuilder<T> setUri(final URI uri) {
} else {
this.scheme = uri.getScheme();
if (uri.getHost() != null) {
this.authority = new URIAuthority(uri.getRawUserInfo(), uri.getHost(), uri.getPort());
this.authority = new URIAuthority(uri.getHost(), uri.getPort());
} else if (uri.getRawAuthority() != null) {
try {
this.authority = URIAuthority.create(uri.getRawAuthority());
Expand Down
59 changes: 27 additions & 32 deletions httpcore5/src/main/java/org/apache/hc/core5/net/URIAuthority.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,43 +47,33 @@
public final class URIAuthority implements NamedEndpoint, Serializable {

private static final long serialVersionUID = 1L;
private final String userInfo;
private final Host host;

static URIAuthority parse(final CharSequence s, final Tokenizer.Cursor cursor) throws URISyntaxException {
final Tokenizer tokenizer = Tokenizer.INSTANCE;
String userInfo = null;
final int initPos = cursor.getPos();
final String token = tokenizer.parseContent(s, cursor, URISupport.HOST_SEPARATORS);
if (!cursor.atEnd() && s.charAt(cursor.getPos()) == '@') {
cursor.updatePos(cursor.getPos() + 1);
if (!TextUtils.isBlank(token)) {
userInfo = token;
throw URISupport.createException(s, cursor, "Userinfo component is deprecated for http and https URIs");
}
} else {
//Rewind
cursor.updatePos(initPos);
}
final Host host = Host.parse(s, cursor);
return new URIAuthority(userInfo, host);
return new URIAuthority(host);
}

static URIAuthority parse(final CharSequence s) throws URISyntaxException {
final Tokenizer.Cursor cursor = new Tokenizer.Cursor(0, s.length());
return parse(s, cursor);
}

static void format(final StringBuilder buf, final URIAuthority uriAuthority) {
if (uriAuthority.getUserInfo() != null) {
buf.append(uriAuthority.getUserInfo());
buf.append("@");
}
Host.format(buf, uriAuthority);
}

static String format(final URIAuthority uriAuthority) {
final StringBuilder buf = new StringBuilder();
format(buf, uriAuthority);
Host.format(buf, uriAuthority);
return buf.toString();
}

Expand All @@ -93,48 +83,51 @@ static String format(final URIAuthority uriAuthority) {
* @throws IllegalArgumentException
* If the port parameter is outside the specified range of valid port values, which is between 0 and
* 65535, inclusive. {@code -1} indicates the scheme default port.
* @deprecated
*/
@Deprecated
public URIAuthority(final String userInfo, final String hostname, final int port) {
super();
this.userInfo = userInfo;
this.host = new Host(hostname, port);
this(hostname, port);
}

public URIAuthority(final String hostname, final int port) {
this(null, hostname, port);
super();
this.host = new Host(hostname, port);
}

/**
* @since 5.2
* @deprecated
*/
@Deprecated
public URIAuthority(final String userInfo, final Host host) {
super();
Args.notNull(host, "Host");
this.userInfo = userInfo;
this.host = host;
this(host);
}

/**
* @since 5.2
*/
public URIAuthority(final Host host) {
this(null, host);
super();
Args.notNull(host, "Host");
this.host = host;
}

/**
* @since 5.2
* @deprecated
*/
@Deprecated
public URIAuthority(final String userInfo, final NamedEndpoint endpoint) {
this(endpoint);
}

public URIAuthority(final NamedEndpoint endpoint) {
super();
Args.notNull(endpoint, "Endpoint");
this.userInfo = userInfo;
this.host = new Host(endpoint.getHostName(), endpoint.getPort());
}

public URIAuthority(final NamedEndpoint namedEndpoint) {
this(null, namedEndpoint);
}

/**
* Creates a {@code URIAuthority} instance from a string. Text may not contain any blanks.
*/
Expand All @@ -151,11 +144,15 @@ public static URIAuthority create(final String s) throws URISyntaxException {
}

public URIAuthority(final String hostname) {
this(null, hostname, -1);
this( hostname, -1);
}

/**
* @deprecated do not use.
*/
@Deprecated
public String getUserInfo() {
return userInfo;
return null;
}

@Override
Expand All @@ -180,16 +177,14 @@ public boolean equals(final Object obj) {
}
if (obj instanceof URIAuthority) {
final URIAuthority that = (URIAuthority) obj;
return Objects.equals(this.userInfo, that.userInfo) &&
Objects.equals(this.host, that.host);
return Objects.equals(this.host, that.host);
}
return false;
}

@Override
public int hashCode() {
int hash = LangUtils.HASH_SEED;
hash = LangUtils.hashCode(hash, userInfo);
hash = LangUtils.hashCode(hash, host);
return hash;
}
Expand Down
36 changes: 7 additions & 29 deletions httpcore5/src/main/java/org/apache/hc/core5/net/URIBuilder.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,8 +74,6 @@ public static URIBuilder loopbackAddress() {
private String scheme;
private String encodedSchemeSpecificPart;
private String encodedAuthority;
private String userInfo;
private String encodedUserInfo;
private String host;
private int port;
private String encodedPath;
Expand Down Expand Up @@ -142,7 +140,6 @@ public URIBuilder(final URI uri, final Charset charset) {
* @since 5.2
*/
public URIBuilder setAuthority(final NamedEndpoint authority) {
setUserInfo(null);
setHost(authority.getHostName());
setPort(authority.getPort());
return this;
Expand All @@ -156,7 +153,6 @@ public URIBuilder setAuthority(final NamedEndpoint authority) {
* @since 5.2
*/
public URIBuilder setAuthority(final URIAuthority authority) {
setUserInfo(authority.getUserInfo());
setHost(authority.getHostName());
setPort(authority.getPort());
return this;
Expand All @@ -180,7 +176,7 @@ public URIBuilder setCharset(final Charset charset) {
* @since 5.2
*/
public URIAuthority getAuthority() {
return new URIAuthority(getUserInfo(), getHost(), getPort());
return new URIAuthority(getHost(), getPort());
}

/**
Expand Down Expand Up @@ -327,19 +323,6 @@ private String buildString() {
authoritySpecified = true;
} else if (this.host != null) {
sb.append("//");
if (this.encodedUserInfo != null) {
sb.append(this.encodedUserInfo).append("@");
} else if (this.userInfo != null) {
final int idx = this.userInfo.indexOf(':');
if (idx != -1) {
PercentCodec.encode(sb, this.userInfo.substring(0, idx), this.charset);
sb.append(':');
PercentCodec.encode(sb, this.userInfo.substring(idx + 1), this.charset);
} else {
PercentCodec.encode(sb, this.userInfo, this.charset);
}
sb.append("@");
}
if (InetAddressUtils.isIPv6Address(this.host)) {
sb.append("[").append(this.host).append("]");
} else {
Expand Down Expand Up @@ -390,13 +373,9 @@ private void digestURI(final URI uri, final Charset charset) {
? uriHost.substring(1, uriHost.length() - 1)
: uriHost;
this.port = uri.getPort();
this.encodedUserInfo = uri.getRawUserInfo();
this.userInfo = uri.getUserInfo();
if (this.encodedAuthority != null && this.host == null) {
try {
final URIAuthority uriAuthority = URIAuthority.parse(this.encodedAuthority);
this.encodedUserInfo = uriAuthority.getUserInfo();
this.userInfo = PercentCodec.decode(uriAuthority.getUserInfo(), charset);
this.host = PercentCodec.decode(uriAuthority.getHostName(), charset);
this.port = uriAuthority.getPort();
} catch (final URISyntaxException ignore) {
Expand Down Expand Up @@ -471,14 +450,13 @@ public URIBuilder setSchemeSpecificPart(final String schemeSpecificPart, final L
/**
* Sets URI user info. The value is expected to be unescaped and may contain non ASCII
* characters.
*
* @deprecated
* @return this.
*/
@Deprecated
public URIBuilder setUserInfo(final String userInfo) {
this.userInfo = !TextUtils.isBlank(userInfo) ? userInfo : null;
this.encodedSchemeSpecificPart = null;
this.encodedAuthority = null;
this.encodedUserInfo = null;
return this;
}

Expand Down Expand Up @@ -897,11 +875,12 @@ public String getSchemeSpecificPart() {

/**
* Gets the user info.
*
* @return the user info.
* @deprecated do not use.
* @return {@code null}.
*/
@Deprecated
public String getUserInfo() {
return this.userInfo;
return null;
}

/**
Expand Down Expand Up @@ -1032,7 +1011,6 @@ public URIBuilder optimize() {
// Force Percent-Encoding re-encoding
this.encodedSchemeSpecificPart = null;
this.encodedAuthority = null;
this.encodedUserInfo = null;
this.encodedPath = null;
this.encodedQuery = null;
this.encodedFragment = null;
Expand Down
6 changes: 3 additions & 3 deletions httpcore5/src/test/java/org/apache/hc/core5/http/message/HttpRequestWrapperTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -120,7 +120,7 @@ public void testRequestWithUserInfo() throws Exception {
final HttpRequestWrapper httpRequestWrapper = new HttpRequestWrapper(request);
Assertions.assertEquals(Method.GET.name(), httpRequestWrapper.getMethod());
Assertions.assertEquals("/stuff?param=value", httpRequestWrapper.getPath());
Assertions.assertEquals(new URIAuthority("user:pwd", "host", 9443), httpRequestWrapper.getAuthority());
Assertions.assertEquals(new URIAuthority("host", 9443), httpRequestWrapper.getAuthority());
Assertions.assertEquals("https", httpRequestWrapper.getScheme());
Assertions.assertEquals(new URI("https://host:9443/stuff?param=value"), httpRequestWrapper.getUri());
}
Expand Down Expand Up @@ -152,11 +152,11 @@ public void testRequestWithAuthorityRelativePath() throws Exception {

@Test
public void testRequestHostWithReservedChars() throws Exception {
final HttpRequest request = new BasicHttpRequest(Method.GET, URI.create("http://someuser%21@%21example%21.com/stuff"));
final HttpRequest request = new BasicHttpRequest(Method.GET, URI.create("http://%21example%21.com/stuff"));
final HttpRequestWrapper httpRequestWrapper = new HttpRequestWrapper(request);
Assertions.assertEquals(Method.GET.name(), httpRequestWrapper.getMethod());
Assertions.assertEquals("/stuff", httpRequestWrapper.getPath());
Assertions.assertEquals(new URIAuthority("someuser%21", "%21example%21.com", -1), httpRequestWrapper.getAuthority());
Assertions.assertEquals(new URIAuthority( "%21example%21.com", -1), httpRequestWrapper.getAuthority());
Assertions.assertEquals(new URI("http://%21example%21.com/stuff"), httpRequestWrapper.getUri());
}
}
6 changes: 3 additions & 3 deletions httpcore5/src/test/java/org/apache/hc/core5/http/message/TestBasicMessages.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -165,7 +165,7 @@ public void testRequestWithUserInfo() throws Exception {
final HttpRequest request = new BasicHttpRequest(Method.GET, new URI("https://user:pwd@host:9443/stuff?param=value"));
Assertions.assertEquals(Method.GET.name(), request.getMethod());
Assertions.assertEquals("/stuff?param=value", request.getPath());
Assertions.assertEquals(new URIAuthority("user:pwd", "host", 9443), request.getAuthority());
Assertions.assertEquals(new URIAuthority("host", 9443), request.getAuthority());
Assertions.assertEquals("https", request.getScheme());
Assertions.assertEquals(new URI("https://host:9443/stuff?param=value"), request.getUri());
}
Expand All @@ -190,10 +190,10 @@ public void testRequestWithAuthorityRelativePath() throws Exception {

@Test
public void testRequestHostWithReservedChars() throws Exception {
final HttpRequest request = new BasicHttpRequest(Method.GET, URI.create("http://someuser%21@%21example%21.com/stuff"));
final HttpRequest request = new BasicHttpRequest(Method.GET, URI.create("http://%21example%21.com/stuff"));
Assertions.assertEquals(Method.GET.name(), request.getMethod());
Assertions.assertEquals("/stuff", request.getPath());
Assertions.assertEquals(new URIAuthority("someuser%21", "%21example%21.com", -1), request.getAuthority());
Assertions.assertEquals(new URIAuthority("%21example%21.com", -1), request.getAuthority());
Assertions.assertEquals(new URI("http://%21example%21.com/stuff"), request.getUri());
}

Expand Down
Loading

0 comments on commit 9c4bbe3

Please sign in to comment.