From c41c46d0a2ff493341b751dcd1a1718d5c72285b Mon Sep 17 00:00:00 2001
From: doublemarket <doublemarket@gmail.com>
Date: Thu, 21 May 2020 14:24:22 +0900
Subject: [PATCH] Support wildcard for Basic auth domains

---
 .../bup/filters/AutoBasicAuthFilter.java      |  9 +++++++-
 .../browserup/bup/proxy/AutoAuthTest.groovy   | 23 +++++++++++++++++++
 2 files changed, 31 insertions(+), 1 deletion(-)

diff --git a/browserup-proxy-core/src/main/java/com/browserup/bup/filters/AutoBasicAuthFilter.java b/browserup-proxy-core/src/main/java/com/browserup/bup/filters/AutoBasicAuthFilter.java
index 3fc6abddb..e2ba5f015 100644
--- a/browserup-proxy-core/src/main/java/com/browserup/bup/filters/AutoBasicAuthFilter.java
+++ b/browserup-proxy-core/src/main/java/com/browserup/bup/filters/AutoBasicAuthFilter.java
@@ -47,7 +47,14 @@ public HttpResponse clientToProxyRequest(HttpObject httpObject) {
             String hostname = getHost(httpRequest);
 
             // if there is an entry in the credentials map matching this hostname, add the credentials to the request
-            String base64CredentialsForHostname = credentialsByHostname.get(hostname);
+            String base64CredentialsForHostname = null;
+            for (String key : credentialsByHostname.keySet()) {
+                String regex = key.replace("*", ".*?");
+                if (hostname.matches(regex)) {
+                    base64CredentialsForHostname = credentialsByHostname.get(key);
+                }
+            }
+
             if (base64CredentialsForHostname != null) {
                 httpRequest.headers().add(HttpHeaderNames.AUTHORIZATION, "Basic " + base64CredentialsForHostname);
             }
diff --git a/browserup-proxy-core/src/test/groovy/com/browserup/bup/proxy/AutoAuthTest.groovy b/browserup-proxy-core/src/test/groovy/com/browserup/bup/proxy/AutoAuthTest.groovy
index 9402cbaa9..d115b0428 100644
--- a/browserup-proxy-core/src/test/groovy/com/browserup/bup/proxy/AutoAuthTest.groovy
+++ b/browserup-proxy-core/src/test/groovy/com/browserup/bup/proxy/AutoAuthTest.groovy
@@ -80,6 +80,29 @@ class AutoAuthTest extends MockServerTest {
         verify(1, getRequestedFor(urlMatching(stubUrl)))
     }
 
+    @Test
+    void testBasicAuthWithWildcardAddedToHttpsRequest() {
+        // the base64-encoded rendering of "testUsername:testPassword" is dGVzdFVzZXJuYW1lOnRlc3RQYXNzd29yZA==
+        def stubUrl = "/basicAuthHttp"
+
+        stubFor(get(urlEqualTo(stubUrl))
+                .withHeader("Authorization", new EqualToPattern("Basic dGVzdFVzZXJuYW1lOnRlc3RQYXNzd29yZA=="))
+                .willReturn(ok().withBody("success")))
+
+        proxy = new BrowserUpProxyServer()
+        // * (wildcard) should match "localhost"
+        proxy.autoAuthorization("*", "testUsername", "testPassword", AuthType.BASIC)
+        proxy.setTrustAllServers(true)
+        proxy.start()
+
+        NewProxyServerTestUtil.getNewHttpClient(proxy.port).withCloseable {
+            String responseBody = NewProxyServerTestUtil.toStringAndClose(it.execute(new HttpGet("https://localhost:${mockServerHttpsPort}/basicAuthHttp")).getEntity().getContent())
+            assertEquals("Did not receive expected response from mock server", "success", responseBody)
+        }
+
+        verify(1, getRequestedFor(urlMatching(stubUrl)))
+    }
+
     @Test
     void testCanStopBasicAuth() {
         // the base64-encoded rendering of "testUsername:testPassword" is dGVzdFVzZXJuYW1lOnRlc3RQYXNzd29yZA==