Fix RTSP WWW-Authenticate header parsing.

Issue: #9428

PiperOrigin-RevId: 397064086

RELEASENOTES.md

@@ -48,6 +48,8 @@
         ([#9346](https://github.com/google/ExoPlayer/issues/9346)).
     *   Fix RTSP Session header handling
         ([#9416](https://github.com/google/ExoPlayer/issues/9416)).
+    *   Fix RTSP WWW-Authenticate header parsing
+        ([#9428](https://github.com/google/ExoPlayer/issues/9428)).
 *   UI:
     *   Use `defStyleAttr` when obtaining styled attributes in
         `StyledPlayerView`, `PlayerView` and `PlayerControlView`

library/rtsp/src/main/java/com/google/android/exoplayer2/source/rtsp/RtspMessageUtil.java

@@ -99,13 +99,13 @@ import java.util.regex.Pattern;
   // WWW-Authenticate header pattern, see RFC2068 Sections 14.46 and RFC2069.
   private static final Pattern WWW_AUTHENTICATION_HEADER_DIGEST_PATTERN =
       Pattern.compile(
-          "Digest realm=\"([\\w\\s@.]+)\""
+          "Digest realm=\"([^\"\\x00-\\x08\\x0A-\\x1f\\x7f]+)\""
-              + ",\\s?(?:domain=\"(.+)\",\\s?)?"
+              + ",\\s?(?:domain=\"(.+)\""
-              + "nonce=\"(\\w+)\""
+              + ",\\s?)?nonce=\"([^\"\\x00-\\x08\\x0A-\\x1f\\x7f]+)\""
-              + "(?:,\\s?opaque=\"(\\w+)\")?");
+              + "(?:,\\s?opaque=\"([^\"\\x00-\\x08\\x0A-\\x1f\\x7f]+)\")?");
   // WWW-Authenticate header pattern, see RFC2068 Section 11.1 and RFC2069.
   private static final Pattern WWW_AUTHENTICATION_HEADER_BASIC_PATTERN =
-      Pattern.compile("Basic realm=\"([\\w\\s@.]+)\"");
+      Pattern.compile("Basic realm=\"([^\"\\x00-\\x08\\x0A-\\x1f\\x7f]+)\"");
 
   private static final String RTSP_VERSION = "RTSP/1.0";
   private static final String LF = new String(new byte[] {Ascii.LF});

library/rtsp/src/test/java/com/google/android/exoplayer2/source/rtsp/RtspMessageUtilTest.java

@@ -452,10 +452,10 @@ public final class RtspMessageUtilTest {
   @Test
   public void parseWWWAuthenticateHeader_withBasicAuthentication_succeeds() throws Exception {
     RtspAuthenticationInfo authenticationInfo =
-        RtspMessageUtil.parseWwwAuthenticateHeader("Basic realm=\"WallyWorld\"");
+        RtspMessageUtil.parseWwwAuthenticateHeader("Basic realm=\"Wally - World\"");
     assertThat(authenticationInfo.authenticationMechanism).isEqualTo(RtspAuthenticationInfo.BASIC);
     assertThat(authenticationInfo.nonce).isEmpty();
-    assertThat(authenticationInfo.realm).isEqualTo("WallyWorld");
+    assertThat(authenticationInfo.realm).isEqualTo("Wally - World");
   }
 
   @Test
@@ -463,13 +463,13 @@ public final class RtspMessageUtilTest {
       throws Exception {
     RtspAuthenticationInfo authenticationInfo =
         RtspMessageUtil.parseWwwAuthenticateHeader(
-            "Digest realm=\"testrealm@host.com\", domain=\"host.com\","
+            "Digest realm=\"test-realm@host.com\", domain=\"host.com\","
                 + " nonce=\"dcd98b7102dd2f0e8b11d0f600bfb0c093\", "
                 + " opaque=\"5ccc069c403ebaf9f0171e9517f40e41\"");
 
     assertThat(authenticationInfo.authenticationMechanism).isEqualTo(RtspAuthenticationInfo.DIGEST);
     assertThat(authenticationInfo.nonce).isEqualTo("dcd98b7102dd2f0e8b11d0f600bfb0c093");
-    assertThat(authenticationInfo.realm).isEqualTo("testrealm@host.com");
+    assertThat(authenticationInfo.realm).isEqualTo("test-realm@host.com");
     assertThat(authenticationInfo.opaque).isEmpty();
   }