From da2f28e84d2976e7510bb2ad643bfafc6d92e6e1 Mon Sep 17 00:00:00 2001
From: Travis Tam <ttam@SFO0-TTAM-00.local>
Date: Wed, 9 Aug 2017 11:30:46 -0700
Subject: [PATCH] Adding support for loading assets from URLs that follow Basic
 Authentication rules

---
 .../jasperreports/engine/util/JRLoader.java   | 42 +++++++++++++++++--
 1 file changed, 38 insertions(+), 4 deletions(-)

diff --git a/jasperreports/src/net/sf/jasperreports/engine/util/JRLoader.java b/jasperreports/src/net/sf/jasperreports/engine/util/JRLoader.java
index 563147ff6e..328503f3ed 100644
--- a/jasperreports/src/net/sf/jasperreports/engine/util/JRLoader.java
+++ b/jasperreports/src/net/sf/jasperreports/engine/util/JRLoader.java
@@ -34,6 +34,7 @@
 import java.io.ObjectInputStream;
 import java.net.MalformedURLException;
 import java.net.URL;
+import java.net.URLConnection;
 import java.util.ArrayList;
 import java.util.Enumeration;
 import java.util.LinkedHashMap;
@@ -42,7 +43,13 @@
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
 
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import com.sun.org.apache.xml.internal.security.utils.Base64;
 import net.sf.jasperreports.engine.DefaultJasperReportsContext;
 import net.sf.jasperreports.engine.JRException;
 import net.sf.jasperreports.engine.JRPropertiesUtil;
@@ -52,9 +59,6 @@
 import net.sf.jasperreports.engine.JasperPrint;
 import net.sf.jasperreports.engine.JasperReportsContext;
 
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
 
 /**
  * Utility class that helps load serialized objects found in various locations 
@@ -205,7 +209,7 @@ public static Object loadObject(JasperReportsContext jasperReportsContext, URL u
 
 		try
 		{
-			is = url.openStream();
+			is = retrieveStreamFromUrl(url);
 			ois = new ContextClassLoaderObjectInputStream(jasperReportsContext, is);
 			obj = ois.readObject();
 		}
@@ -253,6 +257,36 @@ public static Object loadObject(JasperReportsContext jasperReportsContext, URL u
 		return obj;
 	}
 
+	private static InputStream retrieveStreamFromUrl(final URL url) throws IOException {
+		InputStream resultStream = null;
+
+		resultStream = retrieveStreamViaBasicAuthentication(url);
+		if (resultStream == null)
+			resultStream = retrieveStreamViaDefault(url);
+
+		return resultStream;
+	}
+
+	private static InputStream retrieveStreamViaDefault(final URL url) throws IOException {
+		return url.openStream();
+	}
+
+	private static InputStream retrieveStreamViaBasicAuthentication(final URL url) throws IOException {
+		// validate format of url
+		Pattern pattern = Pattern.compile("https?:\\/\\/(\\S+:\\S+)@(?:www\\.|(?!www)[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]\\.[^\\s]{2,}|www\\.[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]\\.[^\\s]{2,}|https?:\\/\\/(?:www\\.|(?!www))[a-zA-Z0-9]\\.[^\\s]{2,}|www\\.[a-zA-Z0-9]\\.[^\\s]{2,})$");
+		Matcher match = pattern.matcher(url.toString());
+
+		if (!match.matches()) return null;
+
+		String userNamePassword = match.group(1);
+		String authEncString = Base64.encode(userNamePassword.getBytes());
+		URLConnection connection = null;
+
+		connection = url.openConnection();
+		connection.setRequestProperty("Authorization", "Basic " + authEncString);
+		return connection.getInputStream();
+	}
+
 
 	/**
 	 *