Credential fixes - backport from .net 7 (#61114) (#61371)

Jan Jahoda · web-flow · commit ddd0a9ca54bb · 2021-11-10T10:16:23.000-08:00
diff --git a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Authentication.cs b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Authentication.cs
@@ -203,7 +203,7 @@ public static IEnumerable<object[]> Authentication_TestData()
         {
             yield return new object[] { "Basic realm=\"testrealm\"", true };
             yield return new object[] { "Basic ", true };
-            yield return new object[] { "Basic realm=withoutquotes", true };
+            yield return new object[] { "Basic realm=PLACEHOLDERwithoutquotes", true };
             yield return new object[] { "basic ", true };
             yield return new object[] { "bAsiC ", true };
             yield return new object[] { "basic", true };
diff --git a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.AutoRedirect.cs b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.AutoRedirect.cs
@@ -287,7 +287,7 @@ public async Task GetAsync_AllowAutoRedirectTrue_RedirectToUriWithParams_Request
         {
             HttpClientHandler handler = CreateHttpClientHandler();
             handler.AllowAutoRedirect = true;
-            Uri targetUri = remoteServer.BasicAuthUriForCreds(userName: Username, password: Password);
+            Uri targetUri = remoteServer.BasicAuthUriForCreds(Username, Password);
             using (HttpClient client = CreateHttpClientForRemoteServer(remoteServer, handler))
             {
                 Uri uri = remoteServer.RedirectUriForDestinationUri(
@@ -480,8 +480,8 @@ public async Task GetAsync_CredentialIsNetworkCredentialUriRedirect_StatusCodeUn
             {
                 Uri redirectUri = remoteServer.RedirectUriForCreds(
                     statusCode: 302,
-                    userName: Username,
-                    password: Password);
+                    Username,
+                    Password);
                 using (HttpResponseMessage unAuthResponse = await client.GetAsync(redirectUri))
                 {
                     Assert.Equal(HttpStatusCode.Unauthorized, unAuthResponse.StatusCode);
@@ -499,15 +499,15 @@ public async Task HttpClientHandler_CredentialIsNotCredentialCacheAfterRedirect_
             {
                 Uri redirectUri = remoteServer.RedirectUriForCreds(
                     statusCode: 302,
-                    userName: Username,
-                    password: Password);
+                    Username,
+                    Password);
                 using (HttpResponseMessage unAuthResponse = await client.GetAsync(redirectUri))
                 {
                     Assert.Equal(HttpStatusCode.Unauthorized, unAuthResponse.StatusCode);
                 }
 
                 // Use the same handler to perform get request, authentication should succeed after redirect.
-                Uri uri = remoteServer.BasicAuthUriForCreds(userName: Username, password: Password);
+                Uri uri = remoteServer.BasicAuthUriForCreds(Username, Password);
                 using (HttpResponseMessage authResponse = await client.GetAsync(uri))
                 {
                     Assert.Equal(HttpStatusCode.OK, authResponse.StatusCode);
@@ -525,11 +525,11 @@ public async Task GetAsync_CredentialIsCredentialCacheUriRedirect_StatusCodeOK(C
                 return;
             }
 
-            Uri uri = remoteServer.BasicAuthUriForCreds(userName: Username, password: Password);
+            Uri uri = remoteServer.BasicAuthUriForCreds(Username, Password);
             Uri redirectUri = remoteServer.RedirectUriForCreds(
                 statusCode: statusCode,
-                userName: Username,
-                password: Password);
+                Username,
+                Password);
             _output.WriteLine(uri.AbsoluteUri);
             _output.WriteLine(redirectUri.AbsoluteUri);
             var credentialCache = new CredentialCache();
diff --git a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.cs b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.cs
@@ -765,7 +765,7 @@ public async Task PostAsync_ManyDifferentRequestHeaders_SentCorrectly()
             }
 
             const string content = "hello world";
-
+            string authSafeValue = "QWxhZGRpbjpvcGVuIHNlc2FtZQ==";
             // Using examples from https://en.wikipedia.org/wiki/List_of_HTTP_header_fields#Request_fields
             // Exercises all exposed request.Headers and request.Content.Headers strongly-typed properties
             await LoopbackServerFactory.CreateClientAndServerAsync(async uri =>
@@ -784,7 +784,7 @@ await LoopbackServerFactory.CreateClientAndServerAsync(async uri =>
                     request.Headers.Add("Access-Control-Request-Method", "GET");
                     request.Headers.Add("Access-Control-Request-Headers", "GET");
                     request.Headers.Add("Age", "12");
-                    request.Headers.Authorization = new AuthenticationHeaderValue("Basic", "QWxhZGRpbjpvcGVuIHNlc2FtZQ==");
+                    request.Headers.Authorization = new AuthenticationHeaderValue("Basic", authSafeValue);
                     request.Headers.CacheControl = new CacheControlHeaderValue() { NoCache = true };
                     request.Headers.Connection.Add("close");
                     request.Headers.Add("Cookie", "$Version=1; Skin=new");
@@ -804,7 +804,7 @@ await LoopbackServerFactory.CreateClientAndServerAsync(async uri =>
                     request.Headers.MaxForwards = 10;
                     request.Headers.Add("Origin", "http://www.example-social-network.com");
                     request.Headers.Pragma.Add(new NameValueHeaderValue("no-cache"));
-                    request.Headers.ProxyAuthorization = new AuthenticationHeaderValue("Basic", "QWxhZGRpbjpvcGVuIHNlc2FtZQ==");
+                    request.Headers.ProxyAuthorization = new AuthenticationHeaderValue("Basic", authSafeValue);
                     request.Headers.Range = new RangeHeaderValue(500, 999);
                     request.Headers.Referrer = new Uri("http://en.wikipedia.org/wiki/Main_Page");
                     request.Headers.TE.Add(new TransferCodingWithQualityHeaderValue("trailers"));
@@ -858,7 +858,7 @@ await LoopbackServerFactory.CreateClientAndServerAsync(async uri =>
                     Assert.Equal("GET", requestData.GetSingleHeaderValue("Access-Control-Request-Method"));
                     Assert.Equal("GET", requestData.GetSingleHeaderValue("Access-Control-Request-Headers"));
                     Assert.Equal("12", requestData.GetSingleHeaderValue("Age"));
-                    Assert.Equal("Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==", requestData.GetSingleHeaderValue("Authorization"));
+                    Assert.Equal($"Basic {authSafeValue}", requestData.GetSingleHeaderValue("Authorization"));
                     Assert.Equal("no-cache", requestData.GetSingleHeaderValue("Cache-Control"));
                     Assert.Equal("$Version=1; Skin=new", requestData.GetSingleHeaderValue("Cookie"));
                     Assert.Equal("Tue, 15 Nov 1994 08:12:31 GMT", requestData.GetSingleHeaderValue("Date"));
@@ -873,7 +873,7 @@ await LoopbackServerFactory.CreateClientAndServerAsync(async uri =>
                     Assert.Equal("10", requestData.GetSingleHeaderValue("Max-Forwards"));
                     Assert.Equal("http://www.example-social-network.com", requestData.GetSingleHeaderValue("Origin"));
                     Assert.Equal("no-cache", requestData.GetSingleHeaderValue("Pragma"));
-                    Assert.Equal("Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==", requestData.GetSingleHeaderValue("Proxy-Authorization"));
+                    Assert.Equal($"Basic {authSafeValue}", requestData.GetSingleHeaderValue("Proxy-Authorization"));
                     Assert.Equal("bytes=500-999", requestData.GetSingleHeaderValue("Range"));
                     Assert.Equal("http://en.wikipedia.org/wiki/Main_Page", requestData.GetSingleHeaderValue("Referer"));
                     Assert.Equal("MyTrailer", requestData.GetSingleHeaderValue("Trailer"));

Original file line number	Diff line number	Diff line change
`@@ -203,7 +203,7 @@ public static IEnumerable<object[]> Authentication_TestData()`
`203`	`203`	`{`
`204`	`204`	`yield return new object[] { "Basic realm=\"testrealm\"", true };`
`205`	`205`	`yield return new object[] { "Basic ", true };`
`206`		`- yield return new object[] { "Basic realm=withoutquotes", true };`
	`206`	`+ yield return new object[] { "Basic realm=PLACEHOLDERwithoutquotes", true };`
`207`	`207`	`yield return new object[] { "basic ", true };`
`208`	`208`	`yield return new object[] { "bAsiC ", true };`
`209`	`209`	`yield return new object[] { "basic", true };`
Original file line number	Diff line number	Diff line change
`@@ -287,7 +287,7 @@ public async Task GetAsync_AllowAutoRedirectTrue_RedirectToUriWithParams_Request`
`287`	`287`	`{`
`288`	`288`	`HttpClientHandler handler = CreateHttpClientHandler();`
`289`	`289`	`handler.AllowAutoRedirect = true;`
`290`		`- Uri targetUri = remoteServer.BasicAuthUriForCreds(userName: Username, password: Password);`
	`290`	`+ Uri targetUri = remoteServer.BasicAuthUriForCreds(Username, Password);`
`291`	`291`	`using (HttpClient client = CreateHttpClientForRemoteServer(remoteServer, handler))`
`292`	`292`	`{`
`293`	`293`	`Uri uri = remoteServer.RedirectUriForDestinationUri(`
`@@ -480,8 +480,8 @@ public async Task GetAsync_CredentialIsNetworkCredentialUriRedirect_StatusCodeUn`
`480`	`480`	`{`
`481`	`481`	`Uri redirectUri = remoteServer.RedirectUriForCreds(`
`482`	`482`	`statusCode: 302,`
`483`		`- userName: Username,`
`484`		`- password: Password);`
	`483`	`+ Username,`
	`484`	`+ Password);`
`485`	`485`	`using (HttpResponseMessage unAuthResponse = await client.GetAsync(redirectUri))`
`486`	`486`	`{`
`487`	`487`	`Assert.Equal(HttpStatusCode.Unauthorized, unAuthResponse.StatusCode);`
`@@ -499,15 +499,15 @@ public async Task HttpClientHandler_CredentialIsNotCredentialCacheAfterRedirect_`
`499`	`499`	`{`
`500`	`500`	`Uri redirectUri = remoteServer.RedirectUriForCreds(`
`501`	`501`	`statusCode: 302,`
`502`		`- userName: Username,`
`503`		`- password: Password);`
	`502`	`+ Username,`
	`503`	`+ Password);`
`504`	`504`	`using (HttpResponseMessage unAuthResponse = await client.GetAsync(redirectUri))`
`505`	`505`	`{`
`506`	`506`	`Assert.Equal(HttpStatusCode.Unauthorized, unAuthResponse.StatusCode);`
`507`	`507`	`}`
`508`	`508`
`509`	`509`	`// Use the same handler to perform get request, authentication should succeed after redirect.`
`510`		`- Uri uri = remoteServer.BasicAuthUriForCreds(userName: Username, password: Password);`
	`510`	`+ Uri uri = remoteServer.BasicAuthUriForCreds(Username, Password);`
`511`	`511`	`using (HttpResponseMessage authResponse = await client.GetAsync(uri))`
`512`	`512`	`{`
`513`	`513`	`Assert.Equal(HttpStatusCode.OK, authResponse.StatusCode);`
`@@ -525,11 +525,11 @@ public async Task GetAsync_CredentialIsCredentialCacheUriRedirect_StatusCodeOK(C`
`525`	`525`	`return;`
`526`	`526`	`}`
`527`	`527`
`528`		`- Uri uri = remoteServer.BasicAuthUriForCreds(userName: Username, password: Password);`
	`528`	`+ Uri uri = remoteServer.BasicAuthUriForCreds(Username, Password);`
`529`	`529`	`Uri redirectUri = remoteServer.RedirectUriForCreds(`
`530`	`530`	`statusCode: statusCode,`
`531`		`- userName: Username,`
`532`		`- password: Password);`
	`531`	`+ Username,`
	`532`	`+ Password);`
`533`	`533`	`_output.WriteLine(uri.AbsoluteUri);`
`534`	`534`	`_output.WriteLine(redirectUri.AbsoluteUri);`
`535`	`535`	`var credentialCache = new CredentialCache();`