Fix: Ensure Basic Authentication adds the Authorization header correctly.

Claudia Beatriz Murialdo Garrone · Claudia Beatriz Murialdo Garrone · commit aed82681de81 · 2024-08-28T15:01:39.000-03:00
diff --git a/dotnet/src/dotnetframework/GxClasses/Domain/GxHttpClient.cs b/dotnet/src/dotnetframework/GxClasses/Domain/GxHttpClient.cs
@@ -488,6 +488,10 @@ public void AddAuthentication(int scheme, string realm, string user, string pass
 		{
 			if (scheme >= _Basic && scheme <= _Kerberos)
 				_authCollection.Add(new GxAuthScheme(scheme, realm, user, password));
+			if (scheme == _Basic) {
+				string authHeader = Convert.ToBase64String(Encoding.UTF8.GetBytes($"{user}:{password}"));
+				AddHeader(HttpHeader.AUTHORIZATION, new AuthenticationHeaderValue("Basic", authHeader).ToString());
+			}
 		}
 
 		public void AddProxyAuthentication(int scheme, string realm, string user, string password)
@@ -727,7 +731,7 @@ void setContentHeaders(HttpRequestMessage request, string contentType)
 			}
 			InferContentType(contentType, request);
 		}
-		void setHeaders(HttpRequestMessage request, CookieContainer cookies, out string contentType)
+		internal void SetHeaders(HttpRequestMessage request, CookieContainer cookies, out string contentType)
 		{
 			HttpRequestHeaders headers = request.Headers;
 			contentType = null;
@@ -864,7 +868,7 @@ HttpResponseMessage ExecuteRequest(string method, string requestUrl, bool contex
 				RequestUri = new Uri(requestUrl),
 				Method = new HttpMethod(method),
 			};
-			setHeaders(request, cookies, out string contentType);
+			SetHeaders(request, cookies, out string contentType);
 			SetHttpVersion(request);
 			bool disposableInstance = true;
 			try
@@ -926,7 +930,7 @@ async Task<HttpResponseMessage> ExecuteRequestAsync(string method, string reques
 				RequestUri = new Uri(requestUrl),
 				Method = new HttpMethod(method),
 			};
-			setHeaders(request, cookies, out string contentType);
+			SetHeaders(request, cookies, out string contentType);
 			SetHttpVersion(request);
 			bool disposableInstance = true;
 			try
@@ -1581,6 +1585,8 @@ static ICredentials getCredentialCache(Uri URI, ArrayList authenticationCollecti
 					}
 					else
 					{
+						//return new NetworkCredential(auth.User, auth.Password);
+
 						if (cc == null)
 						{
 							cc = new CredentialCache();
diff --git a/dotnet/src/dotnetframework/GxClasses/Helpers/HttpHelper.cs b/dotnet/src/dotnetframework/GxClasses/Helpers/HttpHelper.cs
@@ -52,6 +52,7 @@ public class HttpHeader
 		internal static string TRANSFER_ENCODING = "Transfer-Encoding";
 		internal static string X_CSRF_TOKEN_HEADER = "X-XSRF-TOKEN";
 		internal static string X_CSRF_TOKEN_COOKIE = "XSRF-TOKEN";
+		internal static string AUTHORIZATION = "Authorization";
 	}
 	internal class HttpHeaderValue
 	{
diff --git a/dotnet/test/DotNetUnitTest/Domain/GxHttpClientTest.cs b/dotnet/test/DotNetUnitTest/Domain/GxHttpClientTest.cs
@@ -4,10 +4,14 @@
 using System.Linq;
 using System.Net;
 using System.Net.Http;
+using System.Text;
 using System.Threading.Tasks;
 using GeneXus.Application;
 using GeneXus.Http.Client;
 using Xunit;
+
+
+
 #if !NETCORE
 using System.Web.SessionState;
 using System.Web;
@@ -18,8 +22,10 @@ namespace xUnitTesting
 
 	public class GxHttpClientTest
 	{
-		const int MAX_CONNECTIONS= 5;
-		public GxHttpClientTest() {
+		const int MAX_CONNECTIONS = 5;
+
+		public GxHttpClientTest()
+		{
 			Environment.SetEnvironmentVariable("GX_HTTPCLIENT_MAX_PER_ROUTE", MAX_CONNECTIONS.ToString(), EnvironmentVariableTarget.Process);
 		}
 		[Fact]
@@ -203,5 +209,31 @@ public void NoStoreHeader()
 			Assert.Equal(0, result);
 		}
 #endif
+
+#if NETCORE
+		[Fact]
+		public void BasicAuthenticationIncludesHeader()
+		{
+			GxContext context = new GxContext();
+			using (GxHttpClient httpclient = new GxHttpClient(context))
+			{
+				string url= "https://www.google.com/";
+				string username = "user";
+				string password = "pass";
+				string credentialsBase64 = Convert.ToBase64String(Encoding.ASCII.GetBytes($"{username}:{password}"));
+				httpclient.AddAuthentication(0, string.Empty, username, password);
+
+				HttpRequestMessage request = new HttpRequestMessage()
+				{
+					RequestUri = new Uri(url),
+					Method = HttpMethod.Post,
+				};
+				httpclient.SetHeaders(request, null, out string contentType);
+				string headerValue = request.Headers.GetValues("Authorization").FirstOrDefault();
+				Assert.Equal(headerValue, $"Basic {credentialsBase64}");
+			}
+		}
+#endif
 	}
+
 }

Original file line number	Diff line number	Diff line change
`@@ -488,6 +488,10 @@ public void AddAuthentication(int scheme, string realm, string user, string pass`
`488`	`488`	`{`
`489`	`489`	`if (scheme >= _Basic && scheme <= _Kerberos)`
`490`	`490`	`_authCollection.Add(new GxAuthScheme(scheme, realm, user, password));`
	`491`	`+ if (scheme == _Basic) {`
	`492`	`+ string authHeader = Convert.ToBase64String(Encoding.UTF8.GetBytes($"{user}:{password}"));`
	`493`	`+ AddHeader(HttpHeader.AUTHORIZATION, new AuthenticationHeaderValue("Basic", authHeader).ToString());`
	`494`	`+ }`
`491`	`495`	`}`
`492`	`496`
`493`	`497`	`public void AddProxyAuthentication(int scheme, string realm, string user, string password)`
`@@ -727,7 +731,7 @@ void setContentHeaders(HttpRequestMessage request, string contentType)`
`727`	`731`	`}`
`728`	`732`	`InferContentType(contentType, request);`
`729`	`733`	`}`
`730`		`- void setHeaders(HttpRequestMessage request, CookieContainer cookies, out string contentType)`
	`734`	`+ internal void SetHeaders(HttpRequestMessage request, CookieContainer cookies, out string contentType)`
`731`	`735`	`{`
`732`	`736`	`HttpRequestHeaders headers = request.Headers;`
`733`	`737`	`contentType = null;`
`@@ -864,7 +868,7 @@ HttpResponseMessage ExecuteRequest(string method, string requestUrl, bool contex`
`864`	`868`	`RequestUri = new Uri(requestUrl),`
`865`	`869`	`Method = new HttpMethod(method),`
`866`	`870`	`};`
`867`		`- setHeaders(request, cookies, out string contentType);`
	`871`	`+ SetHeaders(request, cookies, out string contentType);`
`868`	`872`	`SetHttpVersion(request);`
`869`	`873`	`bool disposableInstance = true;`
`870`	`874`	`try`
`@@ -926,7 +930,7 @@ async Task<HttpResponseMessage> ExecuteRequestAsync(string method, string reques`
`926`	`930`	`RequestUri = new Uri(requestUrl),`
`927`	`931`	`Method = new HttpMethod(method),`
`928`	`932`	`};`
`929`		`- setHeaders(request, cookies, out string contentType);`
	`933`	`+ SetHeaders(request, cookies, out string contentType);`
`930`	`934`	`SetHttpVersion(request);`
`931`	`935`	`bool disposableInstance = true;`
`932`	`936`	`try`
`@@ -1581,6 +1585,8 @@ static ICredentials getCredentialCache(Uri URI, ArrayList authenticationCollecti`
`1581`	`1585`	`}`
`1582`	`1586`	`else`
`1583`	`1587`	`{`
	`1588`	`+ //return new NetworkCredential(auth.User, auth.Password);`
	`1589`	`+`
`1584`	`1590`	`if (cc == null)`
`1585`	`1591`	`{`
`1586`	`1592`	`cc = new CredentialCache();`
Original file line number	Diff line number	Diff line change
`@@ -52,6 +52,7 @@ public class HttpHeader`
`52`	`52`	`internal static string TRANSFER_ENCODING = "Transfer-Encoding";`
`53`	`53`	`internal static string X_CSRF_TOKEN_HEADER = "X-XSRF-TOKEN";`
`54`	`54`	`internal static string X_CSRF_TOKEN_COOKIE = "XSRF-TOKEN";`
	`55`	`+ internal static string AUTHORIZATION = "Authorization";`
`55`	`56`	`}`
`56`	`57`	`internal class HttpHeaderValue`
`57`	`58`	`{`