1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
|
// Copyright 2015 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "net/http/http_auth_multi_round_parse.h"
#include "base/strings/string_util.h"
#include "net/http/http_auth.h"
#include "net/http/http_auth_challenge_tokenizer.h"
#include "net/http/http_auth_scheme.h"
#include "testing/gtest/include/gtest/gtest.h"
namespace net {
TEST(HttpAuthHandlerNegotiateParseTest, ParseFirstRoundChallenge) {
// The first round should just consist of an unadorned header with the scheme
// name.
std::string challenge_text = "Negotiate";
HttpAuthChallengeTokenizer challenge(challenge_text.begin(),
challenge_text.end());
EXPECT_EQ(
HttpAuth::AUTHORIZATION_RESULT_ACCEPT,
ParseFirstRoundChallenge(HttpAuth::AUTH_SCHEME_NEGOTIATE, &challenge));
}
TEST(HttpAuthHandlerNegotiateParseTest,
ParseFirstNegotiateChallenge_UnexpectedToken) {
// If the first round challenge has an additional authentication token, it
// should be treated as an invalid challenge from the server.
std::string challenge_text = "Negotiate Zm9vYmFy";
HttpAuthChallengeTokenizer challenge(challenge_text.begin(),
challenge_text.end());
EXPECT_EQ(
HttpAuth::AUTHORIZATION_RESULT_INVALID,
ParseFirstRoundChallenge(HttpAuth::AUTH_SCHEME_NEGOTIATE, &challenge));
}
TEST(HttpAuthHandlerNegotiateParseTest,
ParseFirstNegotiateChallenge_BadScheme) {
std::string challenge_text = "DummyScheme";
HttpAuthChallengeTokenizer challenge(challenge_text.begin(),
challenge_text.end());
EXPECT_EQ(
HttpAuth::AUTHORIZATION_RESULT_INVALID,
ParseFirstRoundChallenge(HttpAuth::AUTH_SCHEME_NEGOTIATE, &challenge));
}
TEST(HttpAuthHandlerNegotiateParseTest, ParseLaterRoundChallenge) {
// Later rounds should always have a Base64 encoded token.
std::string challenge_text = "Negotiate Zm9vYmFy";
HttpAuthChallengeTokenizer challenge(challenge_text.begin(),
challenge_text.end());
std::string encoded_token;
std::string decoded_token;
EXPECT_EQ(
HttpAuth::AUTHORIZATION_RESULT_ACCEPT,
ParseLaterRoundChallenge(HttpAuth::AUTH_SCHEME_NEGOTIATE, &challenge,
&encoded_token, &decoded_token));
EXPECT_EQ("Zm9vYmFy", encoded_token);
EXPECT_EQ("foobar", decoded_token);
}
TEST(HttpAuthHandlerNegotiateParseTest,
ParseAnotherNegotiateChallenge_MissingToken) {
std::string challenge_text = "Negotiate";
HttpAuthChallengeTokenizer challenge(challenge_text.begin(),
challenge_text.end());
std::string encoded_token;
std::string decoded_token;
EXPECT_EQ(
HttpAuth::AUTHORIZATION_RESULT_REJECT,
ParseLaterRoundChallenge(HttpAuth::AUTH_SCHEME_NEGOTIATE, &challenge,
&encoded_token, &decoded_token));
}
TEST(HttpAuthHandlerNegotiateParseTest,
ParseAnotherNegotiateChallenge_InvalidToken) {
std::string challenge_text = "Negotiate ***";
HttpAuthChallengeTokenizer challenge(challenge_text.begin(),
challenge_text.end());
std::string encoded_token;
std::string decoded_token;
EXPECT_EQ(
HttpAuth::AUTHORIZATION_RESULT_INVALID,
ParseLaterRoundChallenge(HttpAuth::AUTH_SCHEME_NEGOTIATE, &challenge,
&encoded_token, &decoded_token));
}
// The parser assumes that all authentication scheme names are lowercase.
TEST(HttpAuthHandlerNegotiateParseTest, AllSchemesAreCanonical) {
EXPECT_EQ(base::ToLowerASCII(kBasicAuthScheme), kBasicAuthScheme);
EXPECT_EQ(base::ToLowerASCII(kDigestAuthScheme), kDigestAuthScheme);
EXPECT_EQ(base::ToLowerASCII(kNtlmAuthScheme), kNtlmAuthScheme);
EXPECT_EQ(base::ToLowerASCII(kNegotiateAuthScheme), kNegotiateAuthScheme);
EXPECT_EQ(base::ToLowerASCII(kMockAuthScheme), kMockAuthScheme);
}
} // namespace net
|