Add the Expect 100-Continue header when using a client certificate

aleksey-chernov · Apr 23, 2018 · 6b9fc29 · 6b9fc29
1 parent 22926a2
commit 6b9fc29
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 13 deletions.
diff --git a/src/System.Private.ServiceModel/src/System/ServiceModel/Channels/HttpChannelFactory.cs b/src/System.Private.ServiceModel/src/System/ServiceModel/Channels/HttpChannelFactory.cs
@@ -240,6 +240,11 @@ protected ClientWebSocketFactory ClientWebSocketFactory
             }
         }
 
+        private bool AuthenticationSchemeMayRequireResend()
+        {
+            return AuthenticationScheme != AuthenticationSchemes.Anonymous;
+        }
+
         public override T GetProperty<T>()
         {
             if (typeof(T) == typeof(ISecurityCapabilities))
@@ -378,6 +383,13 @@ internal async Task<HttpClient> GetHttpClientAsync(EndpointAddress to, Uri via,
                 if(!_keepAliveEnabled)
                    httpClient.DefaultRequestHeaders.ConnectionClose = true;
 
+#if !FEATURE_NETNATIVE // Expect continue not correctly supported on UAP
+                if (IsExpectContinueHeaderRequired)
+                {
+                    httpClient.DefaultRequestHeaders.ExpectContinue = true;
+                }
+#endif
+
                 // We provide our own CancellationToken for each request. Setting HttpClient.Timeout to -1 
                 // prevents a call to CancellationToken.CancelAfter that HttpClient does internally which
                 // causes TimerQueue contention at high load.
@@ -401,6 +413,8 @@ internal async Task<HttpClient> GetHttpClientAsync(EndpointAddress to, Uri via,
             return httpClient;
         }
 
+        internal virtual bool IsExpectContinueHeaderRequired => AuthenticationSchemeMayRequireResend();
+
         internal virtual HttpClientHandler GetHttpClientHandler(EndpointAddress to, SecurityTokenContainer clientCertificateToken)
         {
             return new HttpClientHandler();
@@ -1296,13 +1310,6 @@ private bool PrepareMessageHeaders(Message message)
                         }
                     }
 
-#if !FEATURE_NETNATIVE // Expect continue not correctly supported on UAP
-                    if (AuthenticationSchemeMayRequireResend())
-                    {
-                        _httpRequestMessage.Headers.ExpectContinue = true;
-                    }
-#endif
-
                     if (action != null)
                     {
                         if (message.Version.Envelope == EnvelopeVersion.Soap11)
@@ -1351,7 +1358,7 @@ private void TryCompleteHttpRequest(HttpRequestMessage request)
 
                 private async Task SendPreauthenticationHeadRequestIfNeeded()
                 {
-                    if (!AuthenticationSchemeMayRequireResend())
+                    if (!_factory.AuthenticationSchemeMayRequireResend())
                     {
                         return;
                     }
@@ -1369,11 +1376,6 @@ private async Task SendPreauthenticationHeadRequestIfNeeded()
                     var cancelToken = await _timeoutHelper.GetCancellationTokenAsync();
                     await _httpClient.SendAsync(headHttpRequestMessage, cancelToken);
                 }
-
-                private bool AuthenticationSchemeMayRequireResend()
-                {
-                    return _factory.AuthenticationScheme != AuthenticationSchemes.Anonymous;
-                }
             }
         }
 

diff --git a/src/System.Private.ServiceModel/src/System/ServiceModel/Channels/HttpsChannelFactory.cs b/src/System.Private.ServiceModel/src/System/ServiceModel/Channels/HttpsChannelFactory.cs
@@ -227,6 +227,8 @@ internal override HttpClientHandler GetHttpClientHandler(EndpointAddress to, Sec
             return handler;
         }
 
+        internal override bool IsExpectContinueHeaderRequired => RequireClientCertificate || base.IsExpectContinueHeaderRequired;
+
         private static void SetCertificate(HttpClientHandler handler, SecurityTokenContainer clientCertificateToken)
         {
             if (clientCertificateToken != null)