| OLD | NEW |
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <set> | 5 #include <set> |
| 6 #include <string> | 6 #include <string> |
| 7 | 7 |
| 8 #include "base/ref_counted.h" | 8 #include "base/ref_counted.h" |
| 9 #include "base/scoped_ptr.h" | 9 #include "base/scoped_ptr.h" |
| 10 #include "base/string_util.h" | 10 #include "base/string_util.h" |
| 11 #include "net/base/net_errors.h" | 11 #include "net/base/net_errors.h" |
| 12 #include "net/http/http_auth.h" | 12 #include "net/http/http_auth.h" |
| 13 #include "net/http/http_auth_filter.h" | 13 #include "net/http/http_auth_filter.h" |
| 14 #include "net/http/http_auth_handler.h" | 14 #include "net/http/http_auth_handler.h" |
| 15 #include "net/http/http_auth_handler_factory.h" | 15 #include "net/http/http_auth_handler_factory.h" |
| 16 #include "net/http/http_auth_handler_mock.h" |
| 16 #include "net/http/http_response_headers.h" | 17 #include "net/http/http_response_headers.h" |
| 17 #include "net/http/http_util.h" | 18 #include "net/http/http_util.h" |
| 18 #include "testing/gtest/include/gtest/gtest.h" | 19 #include "testing/gtest/include/gtest/gtest.h" |
| 19 | 20 |
| 20 namespace net { | 21 namespace net { |
| 21 | 22 |
| 23 namespace { |
| 24 |
| 25 HttpAuthHandlerMock* CreateMockHandler(bool connection_based) { |
| 26 HttpAuthHandlerMock* auth_handler = new HttpAuthHandlerMock(); |
| 27 auth_handler->set_connection_based(connection_based); |
| 28 std::string challenge_text = "Mock"; |
| 29 HttpAuth::ChallengeTokenizer challenge(challenge_text.begin(), |
| 30 challenge_text.end()); |
| 31 GURL origin("www.example.com"); |
| 32 EXPECT_TRUE(auth_handler->InitFromChallenge(&challenge, |
| 33 HttpAuth::AUTH_SERVER, |
| 34 origin, |
| 35 BoundNetLog())); |
| 36 return auth_handler; |
| 37 } |
| 38 |
| 39 HttpResponseHeaders* HeadersFromResponseText(const std::string& response) { |
| 40 return new HttpResponseHeaders( |
| 41 HttpUtil::AssembleRawHeaders(response.c_str(), response.length())); |
| 42 } |
| 43 |
| 44 } // namespace |
| 45 |
| 22 TEST(HttpAuthTest, ChooseBestChallenge) { | 46 TEST(HttpAuthTest, ChooseBestChallenge) { |
| 23 static const struct { | 47 static const struct { |
| 24 const char* headers; | 48 const char* headers; |
| 25 const char* challenge_scheme; | 49 const char* challenge_scheme; |
| 26 const char* challenge_realm; | 50 const char* challenge_realm; |
| 27 } tests[] = { | 51 } tests[] = { |
| 28 { | 52 { |
| 29 "Y: Digest realm=\"X\", nonce=\"aaaaaaaaaa\"\n" | 53 "Y: Digest realm=\"X\", nonce=\"aaaaaaaaaa\"\n" |
| 30 "www-authenticate: Basic realm=\"BasicRealm\"\n", | 54 "www-authenticate: Basic realm=\"BasicRealm\"\n", |
| 31 | 55 |
| (...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 75 URLSecurityManagerAllow url_security_manager; | 99 URLSecurityManagerAllow url_security_manager; |
| 76 scoped_ptr<HttpAuthHandlerRegistryFactory> http_auth_handler_factory( | 100 scoped_ptr<HttpAuthHandlerRegistryFactory> http_auth_handler_factory( |
| 77 HttpAuthHandlerFactory::CreateDefault()); | 101 HttpAuthHandlerFactory::CreateDefault()); |
| 78 http_auth_handler_factory->SetURLSecurityManager( | 102 http_auth_handler_factory->SetURLSecurityManager( |
| 79 "negotiate", &url_security_manager); | 103 "negotiate", &url_security_manager); |
| 80 | 104 |
| 81 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(tests); ++i) { | 105 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(tests); ++i) { |
| 82 // Make a HttpResponseHeaders object. | 106 // Make a HttpResponseHeaders object. |
| 83 std::string headers_with_status_line("HTTP/1.1 401 Unauthorized\n"); | 107 std::string headers_with_status_line("HTTP/1.1 401 Unauthorized\n"); |
| 84 headers_with_status_line += tests[i].headers; | 108 headers_with_status_line += tests[i].headers; |
| 85 scoped_refptr<net::HttpResponseHeaders> headers( | 109 scoped_refptr<HttpResponseHeaders> headers( |
| 86 new net::HttpResponseHeaders( | 110 HeadersFromResponseText(headers_with_status_line)); |
| 87 net::HttpUtil::AssembleRawHeaders( | |
| 88 headers_with_status_line.c_str(), | |
| 89 headers_with_status_line.length()))); | |
| 90 | 111 |
| 91 scoped_ptr<HttpAuthHandler> handler; | 112 scoped_ptr<HttpAuthHandler> handler; |
| 92 HttpAuth::ChooseBestChallenge(http_auth_handler_factory.get(), | 113 HttpAuth::ChooseBestChallenge(http_auth_handler_factory.get(), |
| 93 headers.get(), | 114 headers.get(), |
| 94 HttpAuth::AUTH_SERVER, | 115 HttpAuth::AUTH_SERVER, |
| 95 origin, | 116 origin, |
| 96 disabled_schemes, | 117 disabled_schemes, |
| 97 BoundNetLog(), | 118 BoundNetLog(), |
| 98 &handler); | 119 &handler); |
| 99 | 120 |
| 100 if (handler.get()) { | 121 if (handler.get()) { |
| 101 EXPECT_STREQ(tests[i].challenge_scheme, handler->scheme().c_str()); | 122 EXPECT_STREQ(tests[i].challenge_scheme, handler->scheme().c_str()); |
| 102 EXPECT_STREQ(tests[i].challenge_realm, handler->realm().c_str()); | 123 EXPECT_STREQ(tests[i].challenge_realm, handler->realm().c_str()); |
| 103 } else { | 124 } else { |
| 104 EXPECT_STREQ("", tests[i].challenge_scheme); | 125 EXPECT_STREQ("", tests[i].challenge_scheme); |
| 105 EXPECT_STREQ("", tests[i].challenge_realm); | 126 EXPECT_STREQ("", tests[i].challenge_realm); |
| 106 } | 127 } |
| 107 } | 128 } |
| 108 } | 129 } |
| 109 | 130 |
| 110 TEST(HttpAuthTest, ChooseBestChallengeConnectionBasedNTLM) { | 131 TEST(HttpAuthTest, HandleChallengeResponse_RequestBased) { |
| 111 static const struct { | 132 scoped_ptr<HttpAuthHandlerMock> mock_handler(CreateMockHandler(false)); |
| 112 const char* headers; | |
| 113 const char* challenge_realm; | |
| 114 } tests[] = { | |
| 115 { | |
| 116 "WWW-Authenticate: NTLM\r\n", | |
| 117 | |
| 118 "", | |
| 119 }, | |
| 120 { | |
| 121 "WWW-Authenticate: NTLM " | |
| 122 "TlRMTVNTUAACAAAADAAMADgAAAAFgokCTroKF1e/DRcAAAAAAAAAALo" | |
| 123 "AugBEAAAABQEoCgAAAA9HAE8ATwBHAEwARQACAAwARwBPAE8ARwBMAE" | |
| 124 "UAAQAaAEEASwBFAEUAUwBBAFIAQQAtAEMATwBSAFAABAAeAGMAbwByA" | |
| 125 "HAALgBnAG8AbwBnAGwAZQAuAGMAbwBtAAMAQABhAGsAZQBlAHMAYQBy" | |
| 126 "AGEALQBjAG8AcgBwAC4AYQBkAC4AYwBvAHIAcAAuAGcAbwBvAGcAbAB" | |
| 127 "lAC4AYwBvAG0ABQAeAGMAbwByAHAALgBnAG8AbwBnAGwAZQAuAGMAbw" | |
| 128 "BtAAAAAAA=\r\n", | |
| 129 | |
| 130 // Realm is empty. | |
| 131 "", | |
| 132 } | |
| 133 }; | |
| 134 GURL origin("http://www.example.com"); | |
| 135 std::set<std::string> disabled_schemes; | 133 std::set<std::string> disabled_schemes; |
| 136 | 134 scoped_refptr<HttpResponseHeaders> headers( |
| 137 scoped_ptr<HttpAuthHandlerFactory> http_auth_handler_factory( | 135 HeadersFromResponseText( |
| 138 HttpAuthHandlerFactory::CreateDefault()); | 136 "HTTP/1.1 401 Unauthorized\n" |
| 139 scoped_ptr<HttpAuthHandler> handler; | 137 "WWW-Authenticate: Mock token_here\n")); |
| 140 | 138 EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_REJECT, |
| 141 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(tests); ++i) { | 139 HttpAuth::HandleChallengeResponse( |
| 142 // Make a HttpResponseHeaders object. | 140 mock_handler.get(), |
| 143 std::string headers_with_status_line("HTTP/1.1 401 Unauthorized\n"); | 141 headers.get(), |
| 144 headers_with_status_line += tests[i].headers; | 142 HttpAuth::AUTH_SERVER, |
| 145 scoped_refptr<net::HttpResponseHeaders> headers( | 143 disabled_schemes)); |
| 146 new net::HttpResponseHeaders( | |
| 147 net::HttpUtil::AssembleRawHeaders( | |
| 148 headers_with_status_line.c_str(), | |
| 149 headers_with_status_line.length()))); | |
| 150 | |
| 151 // possibly_deleted_old_handler may point to deleted memory | |
| 152 // after ChooseBestChallenge has been called, and should not | |
| 153 // be dereferenced. | |
| 154 HttpAuthHandler* possibly_deleted_old_handler = handler.get(); | |
| 155 HttpAuth::ChooseBestChallenge(http_auth_handler_factory.get(), | |
| 156 headers.get(), | |
| 157 HttpAuth::AUTH_SERVER, | |
| 158 origin, | |
| 159 disabled_schemes, | |
| 160 BoundNetLog(), | |
| 161 &handler); | |
| 162 EXPECT_TRUE(handler != NULL); | |
| 163 // Since NTLM is connection-based, we should continue to use the existing | |
| 164 // handler rather than creating a new one. | |
| 165 if (i != 0) | |
| 166 EXPECT_EQ(possibly_deleted_old_handler, handler.get()); | |
| 167 ASSERT_NE(reinterpret_cast<net::HttpAuthHandler *>(NULL), handler.get()); | |
| 168 EXPECT_STREQ(tests[i].challenge_realm, handler->realm().c_str()); | |
| 169 } | |
| 170 } | 144 } |
| 171 | 145 |
| 172 TEST(HttpAuthTest, ChooseBestChallengeConnectionBasedNegotiate) { | 146 TEST(HttpAuthTest, HandleChallengeResponse_ConnectionBased) { |
| 173 static const struct { | 147 scoped_ptr<HttpAuthHandlerMock> mock_handler(CreateMockHandler(true)); |
| 174 const char* headers; | 148 std::set<std::string> disabled_schemes; |
| 175 const char* challenge_realm; | 149 scoped_refptr<HttpResponseHeaders> headers( |
| 176 } tests[] = { | 150 HeadersFromResponseText( |
| 177 { | 151 "HTTP/1.1 401 Unauthorized\n" |
| 178 "WWW-Authenticate: Negotiate\r\n", | 152 "WWW-Authenticate: Mock token_here\n")); |
| 153 EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_ACCEPT, |
| 154 HttpAuth::HandleChallengeResponse( |
| 155 mock_handler.get(), |
| 156 headers.get(), |
| 157 HttpAuth::AUTH_SERVER, |
| 158 disabled_schemes)); |
| 159 } |
| 179 | 160 |
| 180 "", | 161 TEST(HttpAuthTest, HandleChallengeResponse_ConnectionBasedNoMatch) { |
| 181 }, | 162 scoped_ptr<HttpAuthHandlerMock> mock_handler(CreateMockHandler(true)); |
| 182 { | |
| 183 "WWW-Authenticate: Negotiate " | |
| 184 "TlRMTVNTUAACAAAADAAMADgAAAAFgokCTroKF1e/DRcAAAAAAAAAALo" | |
| 185 "AugBEAAAABQEoCgAAAA9HAE8ATwBHAEwARQACAAwARwBPAE8ARwBMAE" | |
| 186 "UAAQAaAEEASwBFAEUAUwBBAFIAQQAtAEMATwBSAFAABAAeAGMAbwByA" | |
| 187 "HAALgBnAG8AbwBnAGwAZQAuAGMAbwBtAAMAQABhAGsAZQBlAHMAYQBy" | |
| 188 "AGEALQBjAG8AcgBwAC4AYQBkAC4AYwBvAHIAcAAuAGcAbwBvAGcAbAB" | |
| 189 "lAC4AYwBvAG0ABQAeAGMAbwByAHAALgBnAG8AbwBnAGwAZQAuAGMAbw" | |
| 190 "BtAAAAAAA=\r\n", | |
| 191 | |
| 192 // Realm is empty. | |
| 193 "", | |
| 194 } | |
| 195 }; | |
| 196 GURL origin("http://www.example.com"); | |
| 197 std::set<std::string> disabled_schemes; | 163 std::set<std::string> disabled_schemes; |
| 198 URLSecurityManagerAllow url_security_manager; | 164 scoped_refptr<HttpResponseHeaders> headers( |
| 199 scoped_ptr<HttpAuthHandlerRegistryFactory> http_auth_handler_factory( | 165 HeadersFromResponseText( |
| 200 HttpAuthHandlerFactory::CreateDefault()); | 166 "HTTP/1.1 401 Unauthorized\n" |
| 201 http_auth_handler_factory->SetURLSecurityManager( | 167 "WWW-Authenticate: Basic realm=\"happy\"\n")); |
| 202 "negotiate", &url_security_manager); | 168 EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_REJECT, |
| 203 | 169 HttpAuth::HandleChallengeResponse( |
| 204 scoped_ptr<HttpAuthHandler> handler; | 170 mock_handler.get(), |
| 205 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(tests); ++i) { | 171 headers.get(), |
| 206 // Make a HttpResponseHeaders object. | 172 HttpAuth::AUTH_SERVER, |
| 207 std::string headers_with_status_line("HTTP/1.1 401 Unauthorized\n"); | 173 disabled_schemes)); |
| 208 headers_with_status_line += tests[i].headers; | |
| 209 scoped_refptr<net::HttpResponseHeaders> headers( | |
| 210 new net::HttpResponseHeaders( | |
| 211 net::HttpUtil::AssembleRawHeaders( | |
| 212 headers_with_status_line.c_str(), | |
| 213 headers_with_status_line.length()))); | |
| 214 | |
| 215 HttpAuthHandler* old_handler = handler.get(); | |
| 216 HttpAuth::ChooseBestChallenge(http_auth_handler_factory.get(), | |
| 217 headers.get(), | |
| 218 HttpAuth::AUTH_SERVER, | |
| 219 origin, | |
| 220 disabled_schemes, | |
| 221 BoundNetLog(), | |
| 222 &handler); | |
| 223 | |
| 224 EXPECT_TRUE(handler != NULL); | |
| 225 // Since Negotiate is connection-based, we should continue to use the | |
| 226 // existing handler rather than creating a new one. | |
| 227 if (i != 0) | |
| 228 EXPECT_EQ(old_handler, handler.get()); | |
| 229 | |
| 230 ASSERT_NE(reinterpret_cast<net::HttpAuthHandler *>(NULL), handler.get()); | |
| 231 | |
| 232 EXPECT_STREQ(tests[i].challenge_realm, handler->realm().c_str()); | |
| 233 } | |
| 234 } | 174 } |
| 235 | 175 |
| 236 TEST(HttpAuthTest, ChallengeTokenizer) { | 176 TEST(HttpAuthTest, ChallengeTokenizer) { |
| 237 std::string challenge_str = "Basic realm=\"foobar\""; | 177 std::string challenge_str = "Basic realm=\"foobar\""; |
| 238 HttpAuth::ChallengeTokenizer challenge(challenge_str.begin(), | 178 HttpAuth::ChallengeTokenizer challenge(challenge_str.begin(), |
| 239 challenge_str.end()); | 179 challenge_str.end()); |
| 240 EXPECT_TRUE(challenge.valid()); | 180 EXPECT_TRUE(challenge.valid()); |
| 241 EXPECT_EQ(std::string("Basic"), challenge.scheme()); | 181 EXPECT_EQ(std::string("Basic"), challenge.scheme()); |
| 242 EXPECT_TRUE(challenge.GetNext()); | 182 EXPECT_TRUE(challenge.GetNext()); |
| 243 EXPECT_TRUE(challenge.valid()); | 183 EXPECT_TRUE(challenge.valid()); |
| (...skipping 175 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 419 std::string name; | 359 std::string name; |
| 420 | 360 |
| 421 name = HttpAuth::GetAuthorizationHeaderName(HttpAuth::AUTH_SERVER); | 361 name = HttpAuth::GetAuthorizationHeaderName(HttpAuth::AUTH_SERVER); |
| 422 EXPECT_STREQ("Authorization", name.c_str()); | 362 EXPECT_STREQ("Authorization", name.c_str()); |
| 423 | 363 |
| 424 name = HttpAuth::GetAuthorizationHeaderName(HttpAuth::AUTH_PROXY); | 364 name = HttpAuth::GetAuthorizationHeaderName(HttpAuth::AUTH_PROXY); |
| 425 EXPECT_STREQ("Proxy-Authorization", name.c_str()); | 365 EXPECT_STREQ("Proxy-Authorization", name.c_str()); |
| 426 } | 366 } |
| 427 | 367 |
| 428 } // namespace net | 368 } // namespace net |
| OLD | NEW |