Merge pull request #17010 from nosan

* pr/17010:
  Polish "Use request factory to support Basic Authentication"
  Use request factory to support Basic Authentication

Closes gh-17010

Author: philwebb

spring-boot-project/spring-boot-test/src/main/java/org/springframework/boot/test/web/client/TestRestTemplate.java

@@ -17,16 +17,11 @@
 package org.springframework.boot.test.web.client;
 
 import java.io.IOException;
-import java.lang.reflect.Field;
 import java.net.URI;
-import java.util.ArrayList;
 import java.util.Arrays;
-import java.util.Collections;
 import java.util.HashSet;
-import java.util.List;
 import java.util.Map;
 import java.util.Set;
-import java.util.function.Supplier;
 
 import org.apache.http.client.HttpClient;
 import org.apache.http.client.config.CookieSpecs;
@@ -39,9 +34,6 @@
 import org.apache.http.protocol.HttpContext;
 import org.apache.http.ssl.SSLContextBuilder;
 
-import org.springframework.beans.BeanInstantiationException;
-import org.springframework.beans.BeanUtils;
-import org.springframework.boot.web.client.ClientHttpRequestFactorySupplier;
 import org.springframework.boot.web.client.RestTemplateBuilder;
 import org.springframework.boot.web.client.RootUriTemplateHandler;
 import org.springframework.core.ParameterizedTypeReference;
@@ -51,13 +43,9 @@
 import org.springframework.http.RequestEntity;
 import org.springframework.http.ResponseEntity;
 import org.springframework.http.client.ClientHttpRequestFactory;
-import org.springframework.http.client.ClientHttpRequestInterceptor;
 import org.springframework.http.client.ClientHttpResponse;
 import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
-import org.springframework.http.client.InterceptingClientHttpRequestFactory;
-import org.springframework.http.client.support.BasicAuthenticationInterceptor;
 import org.springframework.util.Assert;
-import org.springframework.util.ReflectionUtils;
 import org.springframework.web.client.DefaultResponseErrorHandler;
 import org.springframework.web.client.RequestCallback;
 import org.springframework.web.client.ResponseExtractor;
@@ -86,14 +74,17 @@
  * @author Phillip Webb
  * @author Andy Wilkinson
  * @author Kristine Jetzke
+ * @author Dmytro Nosan
  * @since 1.4.0
  */
 public class TestRestTemplate {
 
-	private final RestTemplate restTemplate;
+	private final RestTemplateBuilder builder;
 
 	private final HttpClientOption[] httpClientOptions;
 
+	private final RestTemplate restTemplate;
+
 	/**
 	 * Create a new {@link TestRestTemplate} instance.
 	 * @param restTemplateBuilder builder used to configure underlying
@@ -125,60 +116,30 @@ public TestRestTemplate(String username, String password,
 
 	/**
 	 * Create a new {@link TestRestTemplate} instance with the specified credentials.
-	 * @param restTemplateBuilder builder used to configure underlying
-	 * {@link RestTemplate}
+	 * @param builder builder used to configure underlying {@link RestTemplate}
 	 * @param username the username to use (or {@code null})
 	 * @param password the password (or {@code null})
 	 * @param httpClientOptions client options to use if the Apache HTTP Client is used
 	 * @since 2.0.0
 	 */
-	public TestRestTemplate(RestTemplateBuilder restTemplateBuilder, String username,
-			String password, HttpClientOption... httpClientOptions) {
-		this((restTemplateBuilder != null) ? restTemplateBuilder.build() : null, username,
-				password, httpClientOptions);
-	}
-
-	private TestRestTemplate(RestTemplate restTemplate, String username, String password,
+	public TestRestTemplate(RestTemplateBuilder builder, String username, String password,
 			HttpClientOption... httpClientOptions) {
-		Assert.notNull(restTemplate, "RestTemplate must not be null");
+		Assert.notNull(builder, "Builder must not be null");
+		this.builder = builder;
 		this.httpClientOptions = httpClientOptions;
-		if (getRequestFactoryClass(restTemplate)
-				.isAssignableFrom(HttpComponentsClientHttpRequestFactory.class)) {
-			restTemplate.setRequestFactory(
-					new CustomHttpComponentsClientHttpRequestFactory(httpClientOptions));
-		}
-		addAuthentication(restTemplate, username, password);
-		restTemplate.setErrorHandler(new NoOpResponseErrorHandler());
-		this.restTemplate = restTemplate;
-	}
-
-	private Class<? extends ClientHttpRequestFactory> getRequestFactoryClass(
-			RestTemplate restTemplate) {
-		ClientHttpRequestFactory requestFactory = restTemplate.getRequestFactory();
-		if (InterceptingClientHttpRequestFactory.class
-				.isAssignableFrom(requestFactory.getClass())) {
-			Field requestFactoryField = ReflectionUtils.findField(RestTemplate.class,
-					"requestFactory");
-			ReflectionUtils.makeAccessible(requestFactoryField);
-			requestFactory = (ClientHttpRequestFactory) ReflectionUtils
-					.getField(requestFactoryField, restTemplate);
-		}
-		return requestFactory.getClass();
-	}
-
-	private void addAuthentication(RestTemplate restTemplate, String username,
-			String password) {
-		if (username == null) {
-			return;
+		if (httpClientOptions != null) {
+			ClientHttpRequestFactory requestFactory = builder.buildRequestFactory();
+			if (requestFactory instanceof HttpComponentsClientHttpRequestFactory) {
+				builder = builder.requestFactory(
+						() -> new CustomHttpComponentsClientHttpRequestFactory(
+								httpClientOptions));
+			}
 		}
-		List<ClientHttpRequestInterceptor> interceptors = restTemplate.getInterceptors();
-		if (interceptors == null) {
-			interceptors = Collections.emptyList();
+		if (username != null || password != null) {
+			builder = builder.basicAuthentication(username, password);
 		}
-		interceptors = new ArrayList<>(interceptors);
-		interceptors.removeIf(BasicAuthenticationInterceptor.class::isInstance);
-		interceptors.add(new BasicAuthenticationInterceptor(username, password));
-		restTemplate.setInterceptors(interceptors);
+		this.restTemplate = builder.build();
+		this.restTemplate.setErrorHandler(new NoOpResponseErrorHandler());
 	}
 
 	/**
@@ -1035,25 +996,10 @@ public RestTemplate getRestTemplate() {
 	 * @since 1.4.1
 	 */
 	public TestRestTemplate withBasicAuth(String username, String password) {
-		RestTemplate restTemplate = new RestTemplateBuilder()
-				.requestFactory(getRequestFactorySupplier())
-				.messageConverters(getRestTemplate().getMessageConverters())
-				.interceptors(getRestTemplate().getInterceptors())
-				.uriTemplateHandler(getRestTemplate().getUriTemplateHandler()).build();
-		return new TestRestTemplate(restTemplate, username, password,
+		TestRestTemplate template = new TestRestTemplate(this.builder, username, password,
 				this.httpClientOptions);
-	}
-
-	private Supplier<ClientHttpRequestFactory> getRequestFactorySupplier() {
-		return () -> {
-			try {
-				return BeanUtils
-						.instantiateClass(getRequestFactoryClass(getRestTemplate()));
-			}
-			catch (BeanInstantiationException ex) {
-				return new ClientHttpRequestFactorySupplier().get();
-			}
-		};
+		template.setUriTemplateHandler(getRestTemplate().getUriTemplateHandler());
+		return template;
 	}
 
 	@SuppressWarnings({ "rawtypes", "unchecked" })
@@ -1075,7 +1021,7 @@ private URI applyRootUriIfNecessary(URI uri) {
 	}
 
 	/**
-	 * Options used to customize the Apache Http Client if it is used.
+	 * Options used to customize the Apache HTTP Client.
 	 */
 	public enum HttpClientOption {
 

spring-boot-project/spring-boot-test/src/test/java/org/springframework/boot/test/web/client/TestRestTemplateTests.java

@@ -21,6 +21,7 @@
 import java.lang.reflect.Modifier;
 import java.net.URI;
 import java.util.List;
+import java.util.stream.Collectors;
 
 import org.apache.http.client.config.RequestConfig;
 import org.junit.jupiter.api.Test;
@@ -35,12 +36,9 @@
 import org.springframework.http.RequestEntity;
 import org.springframework.http.client.ClientHttpRequest;
 import org.springframework.http.client.ClientHttpRequestFactory;
-import org.springframework.http.client.ClientHttpRequestInterceptor;
 import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
-import org.springframework.http.client.InterceptingClientHttpRequestFactory;
 import org.springframework.http.client.OkHttp3ClientHttpRequestFactory;
 import org.springframework.http.client.SimpleClientHttpRequestFactory;
-import org.springframework.http.client.support.BasicAuthenticationInterceptor;
 import org.springframework.mock.env.MockEnvironment;
 import org.springframework.mock.http.client.MockClientHttpRequest;
 import org.springframework.mock.http.client.MockClientHttpResponse;
@@ -102,25 +100,11 @@ public void useTheSameRequestFactoryClassWithBasicAuth() {
 		TestRestTemplate testRestTemplate = new TestRestTemplate(builder)
 				.withBasicAuth("test", "test");
 		RestTemplate restTemplate = testRestTemplate.getRestTemplate();
+		assertThat(restTemplate.getRequestFactory().getClass().getName())
+				.contains("BasicAuth");
 		Object requestFactory = ReflectionTestUtils
 				.getField(restTemplate.getRequestFactory(), "requestFactory");
-		assertThat(requestFactory).isNotEqualTo(customFactory)
-				.hasSameClassAs(customFactory);
-	}
-
-	@Test
-	public void withBasicAuthWhenRequestFactoryTypeCannotBeInstantiatedShouldFallback() {
-		TestClientHttpRequestFactory customFactory = new TestClientHttpRequestFactory(
-				"my-request-factory");
-		RestTemplateBuilder builder = new RestTemplateBuilder()
-				.requestFactory(() -> customFactory);
-		TestRestTemplate testRestTemplate = new TestRestTemplate(builder)
-				.withBasicAuth("test", "test");
-		RestTemplate restTemplate = testRestTemplate.getRestTemplate();
-		Object requestFactory = ReflectionTestUtils
-				.getField(restTemplate.getRequestFactory(), "requestFactory");
-		assertThat(requestFactory).isNotEqualTo(customFactory)
-				.isInstanceOf(CustomHttpComponentsClientHttpRequestFactory.class);
+		assertThat(requestFactory).isEqualTo(customFactory).hasSameClassAs(customFactory);
 	}
 
 	@Test
@@ -148,9 +132,10 @@ public void getRootUriRootUriNotSet() {
 
 	@Test
 	public void authenticated() {
-		assertThat(new TestRestTemplate("user", "password").getRestTemplate()
-				.getRequestFactory())
-						.isInstanceOf(InterceptingClientHttpRequestFactory.class);
+		RestTemplate restTemplate = new TestRestTemplate("user", "password")
+				.getRestTemplate();
+		ClientHttpRequestFactory factory = restTemplate.getRequestFactory();
+		assertThat(factory.getClass().getName()).contains("BasicAuthentication");
 	}
 
 	@Test
@@ -227,43 +212,39 @@ private Object mockArgument(Class<?> type) throws Exception {
 	}
 
 	@Test
-	public void withBasicAuthAddsBasicAuthInterceptorWhenNotAlreadyPresent() {
-		TestRestTemplate originalTemplate = new TestRestTemplate();
-		TestRestTemplate basicAuthTemplate = originalTemplate.withBasicAuth("user",
-				"password");
-		assertThat(basicAuthTemplate.getRestTemplate().getMessageConverters())
-				.containsExactlyElementsOf(
-						originalTemplate.getRestTemplate().getMessageConverters());
-		assertThat(basicAuthTemplate.getRestTemplate().getRequestFactory())
-				.isInstanceOf(InterceptingClientHttpRequestFactory.class);
+	public void withBasicAuthAddsBasicAuthClientFactoryWhenNotAlreadyPresent() {
+		TestRestTemplate original = new TestRestTemplate();
+		TestRestTemplate basicAuth = original.withBasicAuth("user", "password");
+		assertThat(getConverterClasses(original))
+				.containsExactlyElementsOf(getConverterClasses(basicAuth));
+		assertThat(basicAuth.getRestTemplate().getRequestFactory().getClass().getName())
+				.contains("BasicAuth");
 		assertThat(ReflectionTestUtils.getField(
-				basicAuthTemplate.getRestTemplate().getRequestFactory(),
-				"requestFactory"))
+				basicAuth.getRestTemplate().getRequestFactory(), "requestFactory"))
 						.isInstanceOf(CustomHttpComponentsClientHttpRequestFactory.class);
-		assertThat(basicAuthTemplate.getRestTemplate().getUriTemplateHandler())
-				.isSameAs(originalTemplate.getRestTemplate().getUriTemplateHandler());
-		assertThat(basicAuthTemplate.getRestTemplate().getInterceptors()).hasSize(1);
-		assertBasicAuthorizationInterceptorCredentials(basicAuthTemplate, "user",
-				"password");
+		assertThat(basicAuth.getRestTemplate().getInterceptors()).isEmpty();
+		assertBasicAuthorizationCredentials(basicAuth, "user", "password");
 	}
 
 	@Test
-	public void withBasicAuthReplacesBasicAuthInterceptorWhenAlreadyPresent() {
+	public void withBasicAuthReplacesBasicAuthClientFactoryWhenAlreadyPresent() {
 		TestRestTemplate original = new TestRestTemplate("foo", "bar")
 				.withBasicAuth("replace", "replace");
 		TestRestTemplate basicAuth = original.withBasicAuth("user", "password");
-		assertThat(basicAuth.getRestTemplate().getMessageConverters())
-				.containsExactlyElementsOf(
-						original.getRestTemplate().getMessageConverters());
-		assertThat(basicAuth.getRestTemplate().getRequestFactory())
-				.isInstanceOf(InterceptingClientHttpRequestFactory.class);
+		assertThat(getConverterClasses(basicAuth))
+				.containsExactlyElementsOf(getConverterClasses(original));
+		assertThat(basicAuth.getRestTemplate().getRequestFactory().getClass().getName())
+				.contains("BasicAuth");
 		assertThat(ReflectionTestUtils.getField(
 				basicAuth.getRestTemplate().getRequestFactory(), "requestFactory"))
 						.isInstanceOf(CustomHttpComponentsClientHttpRequestFactory.class);
-		assertThat(basicAuth.getRestTemplate().getUriTemplateHandler())
-				.isSameAs(original.getRestTemplate().getUriTemplateHandler());
-		assertThat(basicAuth.getRestTemplate().getInterceptors()).hasSize(1);
-		assertBasicAuthorizationInterceptorCredentials(basicAuth, "user", "password");
+		assertThat(basicAuth.getRestTemplate().getInterceptors()).isEmpty();
+		assertBasicAuthorizationCredentials(basicAuth, "user", "password");
+	}
+
+	private List<Class<?>> getConverterClasses(TestRestTemplate testRestTemplate) {
+		return testRestTemplate.getRestTemplate().getMessageConverters().stream()
+				.map(Object::getClass).collect(Collectors.toList());
 	}
 
 	@Test
@@ -394,17 +375,14 @@ private void verifyRelativeUriHandling(TestRestTemplateCallback callback)
 		verify(requestFactory).createRequest(eq(absoluteUri), any(HttpMethod.class));
 	}
 
-	private void assertBasicAuthorizationInterceptorCredentials(
-			TestRestTemplate testRestTemplate, String username, String password) {
-		@SuppressWarnings("unchecked")
-		List<ClientHttpRequestInterceptor> requestFactoryInterceptors = (List<ClientHttpRequestInterceptor>) ReflectionTestUtils
-				.getField(testRestTemplate.getRestTemplate().getRequestFactory(),
-						"interceptors");
-		assertThat(requestFactoryInterceptors).hasSize(1);
-		ClientHttpRequestInterceptor interceptor = requestFactoryInterceptors.get(0);
-		assertThat(interceptor).isInstanceOf(BasicAuthenticationInterceptor.class);
-		assertThat(interceptor).hasFieldOrPropertyWithValue("username", username);
-		assertThat(interceptor).hasFieldOrPropertyWithValue("password", password);
+	private void assertBasicAuthorizationCredentials(TestRestTemplate testRestTemplate,
+			String username, String password) {
+		ClientHttpRequestFactory requestFactory = testRestTemplate.getRestTemplate()
+				.getRequestFactory();
+		Object authentication = ReflectionTestUtils.getField(requestFactory,
+				"authentication");
+		assertThat(authentication).hasFieldOrPropertyWithValue("username", username);
+		assertThat(authentication).hasFieldOrPropertyWithValue("password", password);
 
 	}
 

spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/client/BasicAuthentication.java

@@ -0,0 +1,55 @@
+/*
+ * Copyright 2012-2019 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.boot.web.client;
+
+import java.nio.charset.Charset;
+
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.client.ClientHttpRequest;
+import org.springframework.util.Assert;
+
+/**
+ * Basic authentication properties which are used by
+ * {@link BasicAuthenticationClientHttpRequestFactory}.
+ *
+ * @author Dmytro Nosan
+ * @see BasicAuthenticationClientHttpRequestFactory
+ */
+class BasicAuthentication {
+
+	private final String username;
+
+	private final String password;
+
+	private final Charset charset;
+
+	BasicAuthentication(String username, String password, Charset charset) {
+		Assert.notNull(username, "Username must not be null");
+		Assert.notNull(password, "Password must not be null");
+		this.username = username;
+		this.password = password;
+		this.charset = charset;
+	}
+
+	void applyTo(ClientHttpRequest request) {
+		HttpHeaders headers = request.getHeaders();
+		if (!headers.containsKey(HttpHeaders.AUTHORIZATION)) {
+			headers.setBasicAuth(this.username, this.password, this.charset);
+		}
+	}
+
+}