MAC Cookies (patch 2 of N)

net/http/http_mac_signature_unittest.cc

+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "testing/gtest/include/gtest/gtest.h"
+#include "net/http/http_mac_signature.h"
+
+namespace net {
+
+TEST(HttpMacSignatureTest, BogusAddStateInfo) {

[cbentzel, 2011/04/29 14:44:49]

Add other tests, such as empty string. 

[abarth-chromium, 2011/04/29 18:16:01]

Done.

+  HttpMacSignature signature;
+  EXPECT_FALSE(signature.AddStateInfo("exciting-id",
+                                      "the-mac-key",
+                                      "bogus-mac-algorithm",
+                                      "the-issuer"));
+}
+
+TEST(HttpMacSignatureTest, BogusAddHttpInfo) {
+  HttpMacSignature signature;
+  EXPECT_FALSE(signature.AddHttpInfo("GET",
+                                     "/requested",
+                                     "example.com",
+                                     0));
+}
+
+TEST(HttpMacSignatureTest, GenerateNormalizedRequest) {
+  HttpMacSignature signature;
+  EXPECT_TRUE(signature.AddStateInfo("dfoi30j0qnf",
+                                     "adiMf03j0f3nOenc003r",
+                                     "hmac-sha-1",
+                                     "login.eXampLe.com:443"));
+  EXPECT_TRUE(signature.AddHttpInfo("GeT",
+                                     "/pAth?to=%22enlightenment%22&dest=magic",

[cbentzel, 2011/04/29 14:44:49]

Nit: line these up

[abarth-chromium, 2011/04/29 18:16:01]

Done.

+                                     "eXaMple.com",
+                                     80));
+
+  std::string timestame = "239034";

[cbentzel, 2011/04/29 14:44:49]

timestamp, not timestame

[abarth-chromium, 2011/04/29 18:16:01]

Done.

+  std::string nonce = "mn4302j0n+32r2/f3r=";
+
+  EXPECT_EQ("dfoi30j0qnf\n"
+            "login.eXampLe.com:443\n"
+            "239034\n"
+            "mn4302j0n+32r2/f3r=\n"
+            "GET\n"
+            "/pAth?to=%22enlightenment%22&dest=magic\n"
+            "example.com\n"
+            "80\n",
+            signature.GenerateNormalizedRequest(timestame, nonce));
+}
+
+TEST(HttpMacSignatureTest, GenerateMAC) {
+  HttpMacSignature signature;
+  EXPECT_TRUE(signature.AddStateInfo("dfoi30j0qnf",
+                                     "adiMf03j0f3nOenc003r",
+                                     "hmac-sha-1",
+                                     "login.eXampLe.com:443"));
+  EXPECT_TRUE(signature.AddHttpInfo("GeT",
+                                     "/pAth?to=%22enlightenment%22&dest=magic",
+                                     "eXaMple.com",
+                                     80));
+
+  std::string timestame = "239034";
+  std::string nonce = "mn4302j0n+32r2/f3r=";
+
+  EXPECT_EQ("zQWLNI5eHOfY5/wCJ6yzZ8bXDw==",
+            signature.GenerateMAC(timestame, nonce));
+}

[cbentzel, 2011/04/29 14:44:49]

Add a test for GenerateAuthorizationHeader. You'd unfortunately need to hack how
timestamp is generated, though.

The tests of GenerateNormalizedRequests/GenerateMAC would get covered by that as
well, so you could always remove the FRIEND_TEST's as well. 

[abarth-chromium, 2011/04/29 18:16:01]

Yeah, that's why I did things this way.  I can split off the string generation
into its own test and have GenerateAuthorizationHeader just do the
stamptime/nonce aspect.  There will be more tests, of course, once this code is
called elsewhere.
They're still useful is something goes wrong because they'll help you debug
which layer is causing the problem.

+}