java - 创建具有特定范围的 java.net.Authenticator

Question

我正在使用 JDK11 HTTP 客户端库，在其中尝试创建具有特定范围的身份验证，该范围可能与主机、端口、领域或方案（BASIC、DIGEST 等）相关。

我的课程实现是：

class CredentialsProviderAuthenticator extends Authenticator {

    private final AuthScope authScope;
    private final Credentials credentials;

    private CredentialsProviderAuthenticator(AuthScope authScope, Credentials credentials) {
        this.authScope = authScope;
        this.credentials = credentials;
    }


    public static Authenticator createAuthenticator(AuthScope authScope, Credentials credentials) {
        return new CredentialsProviderAuthenticator(authScope, credentials);
    }

    @Override
    protected PasswordAuthentication getPasswordAuthentication() {
        if ( (authScope.getScheme() == null ||  authScope.getScheme().equalsIgnoreCase(getRequestingScheme()))
                && ((authScope.getHost() == null || authScope.getHost().equalsIgnoreCase(getRequestingHost())))
                && ((authScope.getRealm() == null || authScope.getRealm().equalsIgnoreCase(getRequestingPrompt())))
                && ((authScope.getPort() < 0) || authScope.getPort() == getRequestingPort())) {

            return new PasswordAuthentication(credentials.getUserPrincipal().getName(), credentials.getPassword().toCharArray());
        }

        return null;
    }

}

当实例返回时，此实现工作正常PasswordAuthentication，但是当没有找到合适的身份验证时，客户端会抛出异常。

Caused by: java.io.IOException: No credentials provided
    at java.net.http/jdk.internal.net.http.HttpClientImpl.send(HttpClientImpl.java:565)
    at java.net.http/jdk.internal.net.http.HttpClientFacade.send(HttpClientFacade.java:119)
    at com.imperva.shcf4j.java.http.client.ClosableSyncHttpClient.execute(ClosableSyncHttpClient.java:50)
    ... 27 more
Caused by: java.io.IOException: No credentials provided
    at java.net.http/jdk.internal.net.http.AuthenticationFilter.response(AuthenticationFilter.java:303)
    at java.net.http/jdk.internal.net.http.MultiExchange.responseFilters(MultiExchange.java:181)
    at java.net.http/jdk.internal.net.http.MultiExchange.lambda$responseAsyncImpl$5(MultiExchange.java:245)
    at java.base/java.util.concurrent.CompletableFuture$UniCompose.tryFire(CompletableFuture.java:1072)
    at java.base/java.util.concurrent.CompletableFuture.postComplete(CompletableFuture.java:506)
    at java.base/java.util.concurrent.CompletableFuture.postFire(CompletableFuture.java:610)
    at java.base/java.util.concurrent.CompletableFuture$UniApply.tryFire(CompletableFuture.java:649)
    at java.base/java.util.concurrent.CompletableFuture$Completion.run(CompletableFuture.java:478)
    at java.net.http/jdk.internal.net.http.HttpClientImpl$DelegatingExecutor.execute(HttpClientImpl.java:153)
    at java.base/java.util.concurrent.CompletableFuture$UniCompletion.claim(CompletableFuture.java:568)
    at java.base/java.util.concurrent.CompletableFuture$UniApply.tryFire(CompletableFuture.java:638)
    at java.base/java.util.concurrent.CompletableFuture.postComplete(CompletableFuture.java:506)
    at java.base/java.util.concurrent.CompletableFuture.complete(CompletableFuture.java:2073)
    at java.net.http/jdk.internal.net.http.Http1Response$HeadersReader.handle(Http1Response.java:677)
    at java.net.http/jdk.internal.net.http.Http1Response$HeadersReader.handle(Http1Response.java:603)
    at java.net.http/jdk.internal.net.http.Http1Response$Receiver.accept(Http1Response.java:594)
    at java.net.http/jdk.internal.net.http.Http1Response$HeadersReader.tryAsyncReceive(Http1Response.java:650)
    at java.net.http/jdk.internal.net.http.Http1AsyncReceiver.flush(Http1AsyncReceiver.java:228)
    at java.net.http/jdk.internal.net.http.common.SequentialScheduler$SynchronizedRestartableTask.run(SequentialScheduler.java:175)
    at java.net.http/jdk.internal.net.http.common.SequentialScheduler$CompleteRestartableTask.run(SequentialScheduler.java:147)
    at java.net.http/jdk.internal.net.http.common.SequentialScheduler$SchedulableTask.run(SequentialScheduler.java:198)
    at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
    at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
    at java.base/java.lang.Thread.run(Thread.java:834)

我正在寻找一种在这种情况下客户端将返回 401 HTTP 错误代码的方法。一个想法是创建一个在每次调用时生成用户名和密码的实例，但也许存在更简单的方法？

Answer 1

这个时候恐怕没有更好的选择：要么你提供一个authenticator，如果authenticator没有提供有效的凭证，你会得到一个异常，或者你没有提供任何authenticator，你可以处理401响应在您自己的代码中（您可能选择在与 HttpClient::sendAsync 返回的可完成未来异步注册的依赖操作中实现该代码）。例如：

client.sendAsync(...).thenApplyAsync(resp -> handle401(client, resp))...