Skip to content

Commit

Permalink
Do not throw PNSE exception from NegotiateAuthentication constructor,…
Browse files Browse the repository at this point in the history 
… report Unsupported status instead (#91753)

Co-authored-by: Carlos Sánchez López <1175054+carlossanlop@users.noreply.github.com>
  • Loading branch information
@filipnavara @carlossanlop
filipnavara and carlossanlop authored Sep 14, 2023
1 parent 0189dc4 commit 851a936
Show file tree
Hide file tree
Showing 3 changed files with 50 additions and 16 deletions.
27 changes: 27 additions & 0 deletions src/libraries/System.Net.Http/tests/FunctionalTests/NtAuthTests.FakeServer.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -139,5 +139,32 @@ await server.AcceptConnectionAsync(async connection =>
}).ConfigureAwait(false);
});
}

[Fact]
[SkipOnPlatform(TestPlatforms.Browser | TestPlatforms.Windows, "DefaultCredentials are unsupported for NTLM on Unix / Managed implementation")]
public async Task DefaultHandler_FakeServer_DefaultCredentials()
{
await LoopbackServer.CreateClientAndServerAsync(
async uri =>
{
HttpRequestMessage requestMessage = new HttpRequestMessage(HttpMethod.Get, uri);
requestMessage.Version = new Version(1, 1);
HttpMessageHandler handler = new HttpClientHandler() { Credentials = CredentialCache.DefaultCredentials };
using (var client = new HttpClient(handler))
{
HttpResponseMessage response = await client.SendAsync(requestMessage);
Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode);
}
},
async server =>
{
await server.AcceptConnectionAsync(async connection =>
{
var authHeader = "WWW-Authenticate: NTLM\r\n";
await connection.SendResponseAsync(HttpStatusCode.Unauthorized, authHeader).ConfigureAwait(false);
connection.CompleteRequestProcessing();
}).ConfigureAwait(false);
});
}
}
}
21 changes: 14 additions & 7 deletions src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.Managed.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,16 +9,23 @@ internal abstract partial class NegotiateAuthenticationPal
{
public static NegotiateAuthenticationPal Create(NegotiateAuthenticationClientOptions clientOptions)
{
switch (clientOptions.Package)
try
{
case NegotiationInfoClass.NTLM:
return new ManagedNtlmNegotiateAuthenticationPal(clientOptions);
switch (clientOptions.Package)
{
case NegotiationInfoClass.NTLM:
return new ManagedNtlmNegotiateAuthenticationPal(clientOptions);

case NegotiationInfoClass.Negotiate:
return new ManagedSpnegoNegotiateAuthenticationPal(clientOptions);
case NegotiationInfoClass.Negotiate:
return new ManagedSpnegoNegotiateAuthenticationPal(clientOptions);

default:
return new UnsupportedNegotiateAuthenticationPal(clientOptions);
default:
return new UnsupportedNegotiateAuthenticationPal(clientOptions);
}
}
catch (PlatformNotSupportedException)
{
return new UnsupportedNegotiateAuthenticationPal(clientOptions);
}
}

Expand Down
18 changes: 9 additions & 9 deletions src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.Unix.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,20 +23,20 @@ internal partial class NegotiateAuthenticationPal

public static NegotiateAuthenticationPal Create(NegotiateAuthenticationClientOptions clientOptions)
{
if (UseManagedNtlm)
try
{
switch (clientOptions.Package)
if (UseManagedNtlm)
{
case NegotiationInfoClass.NTLM:
return new ManagedNtlmNegotiateAuthenticationPal(clientOptions);
switch (clientOptions.Package)
{
case NegotiationInfoClass.NTLM:
return new ManagedNtlmNegotiateAuthenticationPal(clientOptions);

case NegotiationInfoClass.Negotiate:
return new ManagedSpnegoNegotiateAuthenticationPal(clientOptions, supportKerberos: true);
case NegotiationInfoClass.Negotiate:
return new ManagedSpnegoNegotiateAuthenticationPal(clientOptions, supportKerberos: true);
}
}
}

try
{
return new UnixNegotiateAuthenticationPal(clientOptions);
}
catch (Win32Exception)
Expand Down

0 comments on commit 851a936

Please sign in to comment.