HttpClient throws exception when using invalid username/password on Linux #416
Description
Found during my enterprise-scenario testing.
Sending a request with HttpClient to a server that requires Negotiate scheme authentication throws an exception on Linux when an incorrect username/password is used.
Sample repro:
[Fact]
public async Task HttpClient_InvalidAuthentication_Failure()
{
using var handler = new HttpClientHandler();
handler.Credentials = TestConfiguration.InvalidNetworkCredentials;
using var client = new HttpClient(handler);
using HttpResponseMessage response = await client.GetAsync(TestConfiguration.NegotiateAuthWebServer);
Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode);
}Stack:
System.Net.Http.Enterprise.Tests.HttpClientEnterpriseTest.HttpClient_InvalidAuthentication_Failure [FAIL]
System.ComponentModel.Win32Exception : GSSAPI operation failed with error - Unspecified GSS failure. Minor code may provide more information (SPNEGO failed to negotiate a mechanism).
Stack Trace:
/repo/src/libraries/Common/src/System/Net/NTAuthentication.Common.cs(285,0): at System.Net.NTAuthentication.GetOutgoingBlob(Byte[] incomingBlob, Boolean throwOnError, SecurityStatusPal& statusCode) /repo/src/libraries/Common/src/System/Net/NTAuthentication.Common.cs(187,0): at System.Net.NTAuthentication.GetOutgoingBlob(String incomingBlob)
On Windows, an invalid username/password will simply cause no auth token to be generated and a final HTTP status code 401 will result for the request.