开发者

Headers overwritten on redirect using Apache HttpComponents

I'm using Apache HttpComponents (core - 4.1.3, httpclient 4.1.1) to make http requests in a REST client I've written. The web service requires OAuth, which I've implemented using signpost. Recently, the webservice has introduced 301 redirects to endpoints that also require oauth. So, I've implemented a custom RedirectStrategy which builds a new request and signs it with signpost, just like I would do normally. However, the first two lines (in DefaultRequestDirector) immediately after I return my new request are setting all the headers to those that were sent in the initial request, effectively wiping my new Authorization header and causing all redirect requests to fail.

Does anyone know a way around this? I've consider开发者_JS百科ed always returning false in my custom RedirectStrategy and handing this in the ResponseHandler that I've attached to my request, but there's no trivial way of reconstructing the request and submitting it back through the proper client.

These are lines 1021-1023 in the DefaultRequestDirector where it calls to my custom RedirectStrategy and then wipes my headers (I'll try to link to source, shortly):

HttpUriRequest redirect = redirectStrategy.getRedirect(request, response, context);
HttpRequest orig = request.getOriginal();
redirect.setHeaders(orig.getAllHeaders());


I'm guessing a bit here, but if the code that you are referring to is line 349 of DefaultRequestDirector, then a bit further down on line 452 there is a call to requestExec.preProcess(wrapper, httpProcessor, context).

Would it be possible to register a processor here that signs the request?

If not, the BasicHttpProcessor (which is probably the processor used here) allows you to register interceptors that allow you to participate in the pre-processing of the request.

This might be another option to sign the request.

Alternatively, there is a HttpContext object. The Javadoc for this object suggests that it can be used to hold contextual data for the request, and your data would fit this description. So park it there and regather when you need it later.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜