Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(9)

Side by Side Diff: net/http/http_auth_unittest.cc

Issue 3360017: Fix multi-round authentication.... (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: SocketStream fix Created 10 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/http/http_auth_sspi_win_unittest.cc ('k') | net/http/http_network_transaction_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <set> 5 #include <set>
6 #include <string> 6 #include <string>
7 7
8 #include "base/ref_counted.h" 8 #include "base/ref_counted.h"
9 #include "base/scoped_ptr.h" 9 #include "base/scoped_ptr.h"
10 #include "base/string_util.h" 10 #include "base/string_util.h"
11 #include "net/base/net_errors.h" 11 #include "net/base/net_errors.h"
12 #include "net/http/http_auth.h" 12 #include "net/http/http_auth.h"
13 #include "net/http/http_auth_filter.h" 13 #include "net/http/http_auth_filter.h"
14 #include "net/http/http_auth_handler.h" 14 #include "net/http/http_auth_handler.h"
15 #include "net/http/http_auth_handler_factory.h" 15 #include "net/http/http_auth_handler_factory.h"
16 #include "net/http/http_auth_handler_mock.h"
16 #include "net/http/http_response_headers.h" 17 #include "net/http/http_response_headers.h"
17 #include "net/http/http_util.h" 18 #include "net/http/http_util.h"
18 #include "testing/gtest/include/gtest/gtest.h" 19 #include "testing/gtest/include/gtest/gtest.h"
19 20
20 namespace net { 21 namespace net {
21 22
23 namespace {
24
25 HttpAuthHandlerMock* CreateMockHandler(bool connection_based) {
26 HttpAuthHandlerMock* auth_handler = new HttpAuthHandlerMock();
27 auth_handler->set_connection_based(connection_based);
28 std::string challenge_text = "Mock";
29 HttpAuth::ChallengeTokenizer challenge(challenge_text.begin(),
30 challenge_text.end());
31 GURL origin("www.example.com");
32 EXPECT_TRUE(auth_handler->InitFromChallenge(&challenge,
33 HttpAuth::AUTH_SERVER,
34 origin,
35 BoundNetLog()));
36 return auth_handler;
37 }
38
39 HttpResponseHeaders* HeadersFromResponseText(const std::string& response) {
40 return new HttpResponseHeaders(
41 HttpUtil::AssembleRawHeaders(response.c_str(), response.length()));
42 }
43
44 } // namespace
45
22 TEST(HttpAuthTest, ChooseBestChallenge) { 46 TEST(HttpAuthTest, ChooseBestChallenge) {
23 static const struct { 47 static const struct {
24 const char* headers; 48 const char* headers;
25 const char* challenge_scheme; 49 const char* challenge_scheme;
26 const char* challenge_realm; 50 const char* challenge_realm;
27 } tests[] = { 51 } tests[] = {
28 { 52 {
29 "Y: Digest realm=\"X\", nonce=\"aaaaaaaaaa\"\n" 53 "Y: Digest realm=\"X\", nonce=\"aaaaaaaaaa\"\n"
30 "www-authenticate: Basic realm=\"BasicRealm\"\n", 54 "www-authenticate: Basic realm=\"BasicRealm\"\n",
31 55
(...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after
75 URLSecurityManagerAllow url_security_manager; 99 URLSecurityManagerAllow url_security_manager;
76 scoped_ptr<HttpAuthHandlerRegistryFactory> http_auth_handler_factory( 100 scoped_ptr<HttpAuthHandlerRegistryFactory> http_auth_handler_factory(
77 HttpAuthHandlerFactory::CreateDefault()); 101 HttpAuthHandlerFactory::CreateDefault());
78 http_auth_handler_factory->SetURLSecurityManager( 102 http_auth_handler_factory->SetURLSecurityManager(
79 "negotiate", &url_security_manager); 103 "negotiate", &url_security_manager);
80 104
81 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(tests); ++i) { 105 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(tests); ++i) {
82 // Make a HttpResponseHeaders object. 106 // Make a HttpResponseHeaders object.
83 std::string headers_with_status_line("HTTP/1.1 401 Unauthorized\n"); 107 std::string headers_with_status_line("HTTP/1.1 401 Unauthorized\n");
84 headers_with_status_line += tests[i].headers; 108 headers_with_status_line += tests[i].headers;
85 scoped_refptr<net::HttpResponseHeaders> headers( 109 scoped_refptr<HttpResponseHeaders> headers(
86 new net::HttpResponseHeaders( 110 HeadersFromResponseText(headers_with_status_line));
87 net::HttpUtil::AssembleRawHeaders(
88 headers_with_status_line.c_str(),
89 headers_with_status_line.length())));
90 111
91 scoped_ptr<HttpAuthHandler> handler; 112 scoped_ptr<HttpAuthHandler> handler;
92 HttpAuth::ChooseBestChallenge(http_auth_handler_factory.get(), 113 HttpAuth::ChooseBestChallenge(http_auth_handler_factory.get(),
93 headers.get(), 114 headers.get(),
94 HttpAuth::AUTH_SERVER, 115 HttpAuth::AUTH_SERVER,
95 origin, 116 origin,
96 disabled_schemes, 117 disabled_schemes,
97 BoundNetLog(), 118 BoundNetLog(),
98 &handler); 119 &handler);
99 120
100 if (handler.get()) { 121 if (handler.get()) {
101 EXPECT_STREQ(tests[i].challenge_scheme, handler->scheme().c_str()); 122 EXPECT_STREQ(tests[i].challenge_scheme, handler->scheme().c_str());
102 EXPECT_STREQ(tests[i].challenge_realm, handler->realm().c_str()); 123 EXPECT_STREQ(tests[i].challenge_realm, handler->realm().c_str());
103 } else { 124 } else {
104 EXPECT_STREQ("", tests[i].challenge_scheme); 125 EXPECT_STREQ("", tests[i].challenge_scheme);
105 EXPECT_STREQ("", tests[i].challenge_realm); 126 EXPECT_STREQ("", tests[i].challenge_realm);
106 } 127 }
107 } 128 }
108 } 129 }
109 130
110 TEST(HttpAuthTest, ChooseBestChallengeConnectionBasedNTLM) { 131 TEST(HttpAuthTest, HandleChallengeResponse_RequestBased) {
111 static const struct { 132 scoped_ptr<HttpAuthHandlerMock> mock_handler(CreateMockHandler(false));
112 const char* headers;
113 const char* challenge_realm;
114 } tests[] = {
115 {
116 "WWW-Authenticate: NTLM\r\n",
117
118 "",
119 },
120 {
121 "WWW-Authenticate: NTLM "
122 "TlRMTVNTUAACAAAADAAMADgAAAAFgokCTroKF1e/DRcAAAAAAAAAALo"
123 "AugBEAAAABQEoCgAAAA9HAE8ATwBHAEwARQACAAwARwBPAE8ARwBMAE"
124 "UAAQAaAEEASwBFAEUAUwBBAFIAQQAtAEMATwBSAFAABAAeAGMAbwByA"
125 "HAALgBnAG8AbwBnAGwAZQAuAGMAbwBtAAMAQABhAGsAZQBlAHMAYQBy"
126 "AGEALQBjAG8AcgBwAC4AYQBkAC4AYwBvAHIAcAAuAGcAbwBvAGcAbAB"
127 "lAC4AYwBvAG0ABQAeAGMAbwByAHAALgBnAG8AbwBnAGwAZQAuAGMAbw"
128 "BtAAAAAAA=\r\n",
129
130 // Realm is empty.
131 "",
132 }
133 };
134 GURL origin("http://www.example.com");
135 std::set<std::string> disabled_schemes; 133 std::set<std::string> disabled_schemes;
136 134 scoped_refptr<HttpResponseHeaders> headers(
137 scoped_ptr<HttpAuthHandlerFactory> http_auth_handler_factory( 135 HeadersFromResponseText(
138 HttpAuthHandlerFactory::CreateDefault()); 136 "HTTP/1.1 401 Unauthorized\n"
139 scoped_ptr<HttpAuthHandler> handler; 137 "WWW-Authenticate: Mock token_here\n"));
140 138 EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_REJECT,
141 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(tests); ++i) { 139 HttpAuth::HandleChallengeResponse(
142 // Make a HttpResponseHeaders object. 140 mock_handler.get(),
143 std::string headers_with_status_line("HTTP/1.1 401 Unauthorized\n"); 141 headers.get(),
144 headers_with_status_line += tests[i].headers; 142 HttpAuth::AUTH_SERVER,
145 scoped_refptr<net::HttpResponseHeaders> headers( 143 disabled_schemes));
146 new net::HttpResponseHeaders(
147 net::HttpUtil::AssembleRawHeaders(
148 headers_with_status_line.c_str(),
149 headers_with_status_line.length())));
150
151 // possibly_deleted_old_handler may point to deleted memory
152 // after ChooseBestChallenge has been called, and should not
153 // be dereferenced.
154 HttpAuthHandler* possibly_deleted_old_handler = handler.get();
155 HttpAuth::ChooseBestChallenge(http_auth_handler_factory.get(),
156 headers.get(),
157 HttpAuth::AUTH_SERVER,
158 origin,
159 disabled_schemes,
160 BoundNetLog(),
161 &handler);
162 EXPECT_TRUE(handler != NULL);
163 // Since NTLM is connection-based, we should continue to use the existing
164 // handler rather than creating a new one.
165 if (i != 0)
166 EXPECT_EQ(possibly_deleted_old_handler, handler.get());
167 ASSERT_NE(reinterpret_cast<net::HttpAuthHandler *>(NULL), handler.get());
168 EXPECT_STREQ(tests[i].challenge_realm, handler->realm().c_str());
169 }
170 } 144 }
171 145
172 TEST(HttpAuthTest, ChooseBestChallengeConnectionBasedNegotiate) { 146 TEST(HttpAuthTest, HandleChallengeResponse_ConnectionBased) {
173 static const struct { 147 scoped_ptr<HttpAuthHandlerMock> mock_handler(CreateMockHandler(true));
174 const char* headers; 148 std::set<std::string> disabled_schemes;
175 const char* challenge_realm; 149 scoped_refptr<HttpResponseHeaders> headers(
176 } tests[] = { 150 HeadersFromResponseText(
177 { 151 "HTTP/1.1 401 Unauthorized\n"
178 "WWW-Authenticate: Negotiate\r\n", 152 "WWW-Authenticate: Mock token_here\n"));
153 EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_ACCEPT,
154 HttpAuth::HandleChallengeResponse(
155 mock_handler.get(),
156 headers.get(),
157 HttpAuth::AUTH_SERVER,
158 disabled_schemes));
159 }
179 160
180 "", 161 TEST(HttpAuthTest, HandleChallengeResponse_ConnectionBasedNoMatch) {
181 }, 162 scoped_ptr<HttpAuthHandlerMock> mock_handler(CreateMockHandler(true));
182 {
183 "WWW-Authenticate: Negotiate "
184 "TlRMTVNTUAACAAAADAAMADgAAAAFgokCTroKF1e/DRcAAAAAAAAAALo"
185 "AugBEAAAABQEoCgAAAA9HAE8ATwBHAEwARQACAAwARwBPAE8ARwBMAE"
186 "UAAQAaAEEASwBFAEUAUwBBAFIAQQAtAEMATwBSAFAABAAeAGMAbwByA"
187 "HAALgBnAG8AbwBnAGwAZQAuAGMAbwBtAAMAQABhAGsAZQBlAHMAYQBy"
188 "AGEALQBjAG8AcgBwAC4AYQBkAC4AYwBvAHIAcAAuAGcAbwBvAGcAbAB"
189 "lAC4AYwBvAG0ABQAeAGMAbwByAHAALgBnAG8AbwBnAGwAZQAuAGMAbw"
190 "BtAAAAAAA=\r\n",
191
192 // Realm is empty.
193 "",
194 }
195 };
196 GURL origin("http://www.example.com");
197 std::set<std::string> disabled_schemes; 163 std::set<std::string> disabled_schemes;
198 URLSecurityManagerAllow url_security_manager; 164 scoped_refptr<HttpResponseHeaders> headers(
199 scoped_ptr<HttpAuthHandlerRegistryFactory> http_auth_handler_factory( 165 HeadersFromResponseText(
200 HttpAuthHandlerFactory::CreateDefault()); 166 "HTTP/1.1 401 Unauthorized\n"
201 http_auth_handler_factory->SetURLSecurityManager( 167 "WWW-Authenticate: Basic realm=\"happy\"\n"));
202 "negotiate", &url_security_manager); 168 EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_REJECT,
203 169 HttpAuth::HandleChallengeResponse(
204 scoped_ptr<HttpAuthHandler> handler; 170 mock_handler.get(),
205 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(tests); ++i) { 171 headers.get(),
206 // Make a HttpResponseHeaders object. 172 HttpAuth::AUTH_SERVER,
207 std::string headers_with_status_line("HTTP/1.1 401 Unauthorized\n"); 173 disabled_schemes));
208 headers_with_status_line += tests[i].headers;
209 scoped_refptr<net::HttpResponseHeaders> headers(
210 new net::HttpResponseHeaders(
211 net::HttpUtil::AssembleRawHeaders(
212 headers_with_status_line.c_str(),
213 headers_with_status_line.length())));
214
215 HttpAuthHandler* old_handler = handler.get();
216 HttpAuth::ChooseBestChallenge(http_auth_handler_factory.get(),
217 headers.get(),
218 HttpAuth::AUTH_SERVER,
219 origin,
220 disabled_schemes,
221 BoundNetLog(),
222 &handler);
223
224 EXPECT_TRUE(handler != NULL);
225 // Since Negotiate is connection-based, we should continue to use the
226 // existing handler rather than creating a new one.
227 if (i != 0)
228 EXPECT_EQ(old_handler, handler.get());
229
230 ASSERT_NE(reinterpret_cast<net::HttpAuthHandler *>(NULL), handler.get());
231
232 EXPECT_STREQ(tests[i].challenge_realm, handler->realm().c_str());
233 }
234 } 174 }
235 175
236 TEST(HttpAuthTest, ChallengeTokenizer) { 176 TEST(HttpAuthTest, ChallengeTokenizer) {
237 std::string challenge_str = "Basic realm=\"foobar\""; 177 std::string challenge_str = "Basic realm=\"foobar\"";
238 HttpAuth::ChallengeTokenizer challenge(challenge_str.begin(), 178 HttpAuth::ChallengeTokenizer challenge(challenge_str.begin(),
239 challenge_str.end()); 179 challenge_str.end());
240 EXPECT_TRUE(challenge.valid()); 180 EXPECT_TRUE(challenge.valid());
241 EXPECT_EQ(std::string("Basic"), challenge.scheme()); 181 EXPECT_EQ(std::string("Basic"), challenge.scheme());
242 EXPECT_TRUE(challenge.GetNext()); 182 EXPECT_TRUE(challenge.GetNext());
243 EXPECT_TRUE(challenge.valid()); 183 EXPECT_TRUE(challenge.valid());
(...skipping 175 matching lines...) Expand 10 before | Expand all | Expand 10 after
419 std::string name; 359 std::string name;
420 360
421 name = HttpAuth::GetAuthorizationHeaderName(HttpAuth::AUTH_SERVER); 361 name = HttpAuth::GetAuthorizationHeaderName(HttpAuth::AUTH_SERVER);
422 EXPECT_STREQ("Authorization", name.c_str()); 362 EXPECT_STREQ("Authorization", name.c_str());
423 363
424 name = HttpAuth::GetAuthorizationHeaderName(HttpAuth::AUTH_PROXY); 364 name = HttpAuth::GetAuthorizationHeaderName(HttpAuth::AUTH_PROXY);
425 EXPECT_STREQ("Proxy-Authorization", name.c_str()); 365 EXPECT_STREQ("Proxy-Authorization", name.c_str());
426 } 366 }
427 367
428 } // namespace net 368 } // namespace net
OLDNEW
« no previous file with comments | « net/http/http_auth_sspi_win_unittest.cc ('k') | net/http/http_network_transaction_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698