OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/http/http_auth_handler_negotiate.h" | 5 #include "net/http/http_auth_handler_negotiate.h" |
6 | 6 |
7 #include <string> | |
8 | |
7 #include "base/strings/string_util.h" | 9 #include "base/strings/string_util.h" |
8 #include "base/strings/utf_string_conversions.h" | 10 #include "base/strings/utf_string_conversions.h" |
9 #include "net/base/net_errors.h" | 11 #include "net/base/net_errors.h" |
10 #include "net/base/test_completion_callback.h" | 12 #include "net/base/test_completion_callback.h" |
11 #include "net/dns/mock_host_resolver.h" | 13 #include "net/dns/mock_host_resolver.h" |
12 #include "net/http/http_request_info.h" | 14 #include "net/http/http_request_info.h" |
13 #include "net/http/mock_allow_url_security_manager.h" | 15 #include "net/http/mock_allow_url_security_manager.h" |
14 #if defined(OS_WIN) | 16 #if defined(OS_ANDROID) |
17 #include "net/android/dummy_spnego_authenticator.h" | |
18 #elif defined(OS_WIN) | |
15 #include "net/http/mock_sspi_library_win.h" | 19 #include "net/http/mock_sspi_library_win.h" |
16 #elif defined(OS_POSIX) | 20 #elif defined(OS_POSIX) |
17 #include "net/http/mock_gssapi_library_posix.h" | 21 #include "net/http/mock_gssapi_library_posix.h" |
18 #endif | 22 #endif |
19 #include "testing/gtest/include/gtest/gtest.h" | 23 #include "testing/gtest/include/gtest/gtest.h" |
20 #include "testing/platform_test.h" | 24 #include "testing/platform_test.h" |
21 | 25 |
22 namespace net { | 26 namespace net { |
23 | 27 |
24 #if defined(OS_WIN) | 28 #if defined(OS_ANDROID) |
29 typedef net::android::DummySpnegoAuthenticator MockAuthLibrary; | |
30 #elif defined(OS_WIN) | |
25 typedef MockSSPILibrary MockAuthLibrary; | 31 typedef MockSSPILibrary MockAuthLibrary; |
26 #elif defined(OS_POSIX) | 32 #elif defined(OS_POSIX) |
27 typedef test::MockGSSAPILibrary MockAuthLibrary; | 33 typedef test::MockGSSAPILibrary MockAuthLibrary; |
28 #endif | 34 #endif |
29 | 35 |
30 class HttpAuthHandlerNegotiateTest : public PlatformTest { | 36 class HttpAuthHandlerNegotiateTest : public PlatformTest { |
31 public: | 37 public: |
32 void SetUp() override { | 38 void SetUp() override { |
33 auth_library_ = new MockAuthLibrary(); | 39 auth_library_ = new MockAuthLibrary(); |
34 resolver_.reset(new MockHostResolver()); | 40 resolver_.reset(new MockHostResolver()); |
35 resolver_->rules()->AddIPLiteralRule("alias", "10.0.0.2", | 41 resolver_->rules()->AddIPLiteralRule("alias", "10.0.0.2", |
36 "canonical.example.com"); | 42 "canonical.example.com"); |
37 | 43 |
38 url_security_manager_.reset(new MockAllowURLSecurityManager()); | 44 url_security_manager_.reset(new MockAllowURLSecurityManager()); |
39 factory_.reset(new HttpAuthHandlerNegotiate::Factory()); | 45 factory_.reset(new HttpAuthHandlerNegotiate::Factory()); |
40 factory_->set_url_security_manager(url_security_manager_.get()); | 46 factory_->set_url_security_manager(url_security_manager_.get()); |
47 #if defined(OS_ANDROID) | |
48 factory_->set_account_type("org.chromium.test.DummySpnegoAuthenticator"); | |
49 MockAuthLibrary::EnsureTestAccountExists(); | |
50 #endif | |
51 #if defined(OS_WIN) || (defined(OS_POSIX) && !defined(OS_ANDROID)) | |
41 factory_->set_library(auth_library_); | 52 factory_->set_library(auth_library_); |
53 #endif | |
42 factory_->set_host_resolver(resolver_.get()); | 54 factory_->set_host_resolver(resolver_.get()); |
43 } | 55 } |
44 | 56 |
57 #if defined(OS_ANDROID) | |
58 void TearDown() override { MockAuthLibrary::RemoveTestAccounts(); } | |
59 #endif | |
60 | |
45 void SetupMocks(MockAuthLibrary* mock_library) { | 61 void SetupMocks(MockAuthLibrary* mock_library) { |
46 #if defined(OS_WIN) | 62 #if defined(OS_WIN) |
47 security_package_.reset(new SecPkgInfoW); | 63 security_package_.reset(new SecPkgInfoW); |
48 memset(security_package_.get(), 0x0, sizeof(SecPkgInfoW)); | 64 memset(security_package_.get(), 0x0, sizeof(SecPkgInfoW)); |
49 security_package_->cbMaxToken = 1337; | 65 security_package_->cbMaxToken = 1337; |
50 mock_library->ExpectQuerySecurityPackageInfo( | 66 mock_library->ExpectQuerySecurityPackageInfo( |
51 L"Negotiate", SEC_E_OK, security_package_.get()); | 67 L"Negotiate", SEC_E_OK, security_package_.get()); |
52 #elif defined(OS_POSIX) | 68 #elif defined(OS_POSIX) |
53 // Copied from an actual transaction! | 69 // Copied from an actual transaction! |
54 static const char kAuthResponse[] = | 70 static const char kAuthResponse[] = |
(...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
106 1, // Locally initiated | 122 1, // Locally initiated |
107 0); // Open | 123 0); // Open |
108 test::GssContextMockImpl context2( | 124 test::GssContextMockImpl context2( |
109 "localhost", // Source name | 125 "localhost", // Source name |
110 "example.com", // Target name | 126 "example.com", // Target name |
111 23, // Lifetime | 127 23, // Lifetime |
112 *CHROME_GSS_SPNEGO_MECH_OID_DESC, // Mechanism | 128 *CHROME_GSS_SPNEGO_MECH_OID_DESC, // Mechanism |
113 0, // Context flags | 129 0, // Context flags |
114 1, // Locally initiated | 130 1, // Locally initiated |
115 1); // Open | 131 1); // Open |
116 test::MockGSSAPILibrary::SecurityContextQuery queries[] = { | 132 MockAuthLibrary::SecurityContextQuery queries[] = { |
117 test::MockGSSAPILibrary::SecurityContextQuery( | 133 MockAuthLibrary::SecurityContextQuery( |
118 "Negotiate", // Package name | 134 "Negotiate", // Package name |
119 GSS_S_CONTINUE_NEEDED, // Major response code | 135 GSS_S_CONTINUE_NEEDED, // Major response code |
120 0, // Minor response code | 136 0, // Minor response code |
121 context1, // Context | 137 context1, // Context |
122 NULL, // Expected input token | 138 NULL, // Expected input token |
123 kAuthResponse), // Output token | 139 kAuthResponse), // Output token |
124 test::MockGSSAPILibrary::SecurityContextQuery( | 140 MockAuthLibrary::SecurityContextQuery( |
125 "Negotiate", // Package name | 141 "Negotiate", // Package name |
126 GSS_S_COMPLETE, // Major response code | 142 GSS_S_COMPLETE, // Major response code |
127 0, // Minor response code | 143 0, // Minor response code |
128 context2, // Context | 144 context2, // Context |
129 kAuthResponse, // Expected input token | 145 kAuthResponse, // Expected input token |
130 kAuthResponse) // Output token | 146 kAuthResponse) // Output token |
131 }; | 147 }; |
132 | 148 |
133 for (size_t i = 0; i < arraysize(queries); ++i) { | 149 for (size_t i = 0; i < arraysize(queries); ++i) { |
134 mock_library->ExpectSecurityContext(queries[i].expected_package, | 150 mock_library->ExpectSecurityContext(queries[i].expected_package, |
135 queries[i].response_code, | 151 queries[i].response_code, |
136 queries[i].minor_response_code, | 152 queries[i].minor_response_code, |
137 queries[i].context_info, | 153 queries[i].context_info, |
138 queries[i].expected_input_token, | 154 queries[i].expected_input_token, |
139 queries[i].output_token); | 155 queries[i].output_token); |
140 } | 156 } |
141 #endif // defined(OS_POSIX) | 157 #endif // defined(OS_POSIX) |
142 } | 158 } |
143 | 159 |
144 #if defined(OS_POSIX) | 160 #if defined(OS_POSIX) |
145 void SetupErrorMocks(MockAuthLibrary* mock_library, | 161 void SetupErrorMocks(MockAuthLibrary* mock_library, |
146 int major_status, | 162 int major_status, |
147 int minor_status) { | 163 int minor_status) { |
148 const gss_OID_desc kDefaultMech = { 0, NULL }; | 164 const gss_OID_desc kDefaultMech = { 0, NULL }; |
149 test::GssContextMockImpl context( | 165 test::GssContextMockImpl context( |
150 "localhost", // Source name | 166 "localhost", // Source name |
151 "example.com", // Target name | 167 "example.com", // Target name |
152 0, // Lifetime | 168 0, // Lifetime |
153 kDefaultMech, // Mechanism | 169 kDefaultMech, // Mechanism |
154 0, // Context flags | 170 0, // Context flags |
155 1, // Locally initiated | 171 1, // Locally initiated |
156 0); // Open | 172 0); // Open |
157 test::MockGSSAPILibrary::SecurityContextQuery query( | 173 MockAuthLibrary::SecurityContextQuery query( |
158 "Negotiate", // Package name | 174 "Negotiate", // Package name |
159 major_status, // Major response code | 175 major_status, // Major response code |
160 minor_status, // Minor response code | 176 minor_status, // Minor response code |
161 context, // Context | 177 context, // Context |
162 NULL, // Expected input token | 178 NULL, // Expected input token |
163 NULL); // Output token | 179 NULL); // Output token |
164 | 180 |
165 mock_library->ExpectSecurityContext(query.expected_package, | 181 mock_library->ExpectSecurityContext(query.expected_package, |
166 query.response_code, | 182 query.response_code, |
167 query.minor_response_code, | 183 query.minor_response_code, |
168 query.context_info, | 184 query.context_info, |
169 query.expected_input_token, | 185 query.expected_input_token, |
170 query.output_token); | 186 query.output_token); |
171 } | 187 } |
172 | 188 |
173 #endif // defined(OS_POSIX) | 189 #endif // defined(OS_POSIX) |
(...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
216 TEST_F(HttpAuthHandlerNegotiateTest, DisableCname) { | 232 TEST_F(HttpAuthHandlerNegotiateTest, DisableCname) { |
217 SetupMocks(AuthLibrary()); | 233 SetupMocks(AuthLibrary()); |
218 scoped_ptr<HttpAuthHandlerNegotiate> auth_handler; | 234 scoped_ptr<HttpAuthHandlerNegotiate> auth_handler; |
219 EXPECT_EQ(OK, CreateHandler( | 235 EXPECT_EQ(OK, CreateHandler( |
220 true, false, true, "http://alias:500", &auth_handler)); | 236 true, false, true, "http://alias:500", &auth_handler)); |
221 | 237 |
222 ASSERT_TRUE(auth_handler.get() != NULL); | 238 ASSERT_TRUE(auth_handler.get() != NULL); |
223 TestCompletionCallback callback; | 239 TestCompletionCallback callback; |
224 HttpRequestInfo request_info; | 240 HttpRequestInfo request_info; |
225 std::string token; | 241 std::string token; |
226 EXPECT_EQ(OK, auth_handler->GenerateAuthToken(NULL, &request_info, | 242 int result = auth_handler->GenerateAuthToken(NULL, &request_info, |
227 callback.callback(), &token)); | 243 callback.callback(), &token); |
244 if (result == ERR_IO_PENDING) { | |
245 result = callback.WaitForResult(); | |
246 } | |
Ryan Sleevi
2015/06/29 13:56:45
nit:
int result = callback.GetResult(auth_handler
aberent
2015/07/02 21:13:37
Done.
| |
247 EXPECT_EQ(OK, result); | |
228 #if defined(OS_WIN) | 248 #if defined(OS_WIN) |
229 EXPECT_EQ("HTTP/alias", auth_handler->spn()); | 249 EXPECT_EQ("HTTP/alias", auth_handler->spn()); |
230 #elif defined(OS_POSIX) | 250 #elif defined(OS_POSIX) |
231 EXPECT_EQ("HTTP@alias", auth_handler->spn()); | 251 EXPECT_EQ("HTTP@alias", auth_handler->spn()); |
232 #endif | 252 #endif |
233 } | 253 } |
234 | 254 |
235 TEST_F(HttpAuthHandlerNegotiateTest, DisableCnameStandardPort) { | 255 TEST_F(HttpAuthHandlerNegotiateTest, DisableCnameStandardPort) { |
236 SetupMocks(AuthLibrary()); | 256 SetupMocks(AuthLibrary()); |
237 scoped_ptr<HttpAuthHandlerNegotiate> auth_handler; | 257 scoped_ptr<HttpAuthHandlerNegotiate> auth_handler; |
238 EXPECT_EQ(OK, CreateHandler( | 258 EXPECT_EQ(OK, CreateHandler( |
239 true, true, true, "http://alias:80", &auth_handler)); | 259 true, true, true, "http://alias:80", &auth_handler)); |
240 ASSERT_TRUE(auth_handler.get() != NULL); | 260 ASSERT_TRUE(auth_handler.get() != NULL); |
241 TestCompletionCallback callback; | 261 TestCompletionCallback callback; |
242 HttpRequestInfo request_info; | 262 HttpRequestInfo request_info; |
243 std::string token; | 263 std::string token; |
244 EXPECT_EQ(OK, auth_handler->GenerateAuthToken(NULL, &request_info, | 264 int result = auth_handler->GenerateAuthToken(NULL, &request_info, |
245 callback.callback(), &token)); | 265 callback.callback(), &token); |
266 if (result == ERR_IO_PENDING) { | |
267 result = callback.WaitForResult(); | |
268 } | |
Ryan Sleevi
2015/06/29 13:56:45
ditto
aberent
2015/07/02 21:13:37
Done.
| |
269 EXPECT_EQ(OK, result); | |
246 #if defined(OS_WIN) | 270 #if defined(OS_WIN) |
247 EXPECT_EQ("HTTP/alias", auth_handler->spn()); | 271 EXPECT_EQ("HTTP/alias", auth_handler->spn()); |
248 #elif defined(OS_POSIX) | 272 #elif defined(OS_POSIX) |
249 EXPECT_EQ("HTTP@alias", auth_handler->spn()); | 273 EXPECT_EQ("HTTP@alias", auth_handler->spn()); |
250 #endif | 274 #endif |
251 } | 275 } |
252 | 276 |
253 TEST_F(HttpAuthHandlerNegotiateTest, DisableCnameNonstandardPort) { | 277 TEST_F(HttpAuthHandlerNegotiateTest, DisableCnameNonstandardPort) { |
254 SetupMocks(AuthLibrary()); | 278 SetupMocks(AuthLibrary()); |
255 scoped_ptr<HttpAuthHandlerNegotiate> auth_handler; | 279 scoped_ptr<HttpAuthHandlerNegotiate> auth_handler; |
256 EXPECT_EQ(OK, CreateHandler( | 280 EXPECT_EQ(OK, CreateHandler( |
257 true, true, true, "http://alias:500", &auth_handler)); | 281 true, true, true, "http://alias:500", &auth_handler)); |
258 ASSERT_TRUE(auth_handler.get() != NULL); | 282 ASSERT_TRUE(auth_handler.get() != NULL); |
259 TestCompletionCallback callback; | 283 TestCompletionCallback callback; |
260 HttpRequestInfo request_info; | 284 HttpRequestInfo request_info; |
261 std::string token; | 285 std::string token; |
262 EXPECT_EQ(OK, auth_handler->GenerateAuthToken(NULL, &request_info, | 286 int result = auth_handler->GenerateAuthToken(NULL, &request_info, |
263 callback.callback(), &token)); | 287 callback.callback(), &token); |
288 if (result == ERR_IO_PENDING) { | |
289 result = callback.WaitForResult(); | |
290 } | |
Ryan Sleevi
2015/06/29 13:56:45
ditto
aberent
2015/07/02 21:13:37
Done.
| |
291 EXPECT_EQ(OK, result); | |
264 #if defined(OS_WIN) | 292 #if defined(OS_WIN) |
265 EXPECT_EQ("HTTP/alias:500", auth_handler->spn()); | 293 EXPECT_EQ("HTTP/alias:500", auth_handler->spn()); |
266 #elif defined(OS_POSIX) | 294 #elif defined(OS_POSIX) |
267 EXPECT_EQ("HTTP@alias:500", auth_handler->spn()); | 295 EXPECT_EQ("HTTP@alias:500", auth_handler->spn()); |
268 #endif | 296 #endif |
269 } | 297 } |
270 | 298 |
271 TEST_F(HttpAuthHandlerNegotiateTest, CnameSync) { | 299 TEST_F(HttpAuthHandlerNegotiateTest, CnameSync) { |
272 SetupMocks(AuthLibrary()); | 300 SetupMocks(AuthLibrary()); |
273 scoped_ptr<HttpAuthHandlerNegotiate> auth_handler; | 301 scoped_ptr<HttpAuthHandlerNegotiate> auth_handler; |
274 EXPECT_EQ(OK, CreateHandler( | 302 EXPECT_EQ(OK, CreateHandler( |
275 false, false, true, "http://alias:500", &auth_handler)); | 303 false, false, true, "http://alias:500", &auth_handler)); |
276 ASSERT_TRUE(auth_handler.get() != NULL); | 304 ASSERT_TRUE(auth_handler.get() != NULL); |
277 TestCompletionCallback callback; | 305 TestCompletionCallback callback; |
278 HttpRequestInfo request_info; | 306 HttpRequestInfo request_info; |
279 std::string token; | 307 std::string token; |
280 EXPECT_EQ(OK, auth_handler->GenerateAuthToken(NULL, &request_info, | 308 int result = auth_handler->GenerateAuthToken(NULL, &request_info, |
281 callback.callback(), &token)); | 309 callback.callback(), &token); |
310 if (result == ERR_IO_PENDING) { | |
311 result = callback.WaitForResult(); | |
312 } | |
Ryan Sleevi
2015/06/29 13:56:45
ditto
aberent
2015/07/02 21:13:37
Done.
| |
313 EXPECT_EQ(OK, result); | |
282 #if defined(OS_WIN) | 314 #if defined(OS_WIN) |
283 EXPECT_EQ("HTTP/canonical.example.com", auth_handler->spn()); | 315 EXPECT_EQ("HTTP/canonical.example.com", auth_handler->spn()); |
284 #elif defined(OS_POSIX) | 316 #elif defined(OS_POSIX) |
285 EXPECT_EQ("HTTP@canonical.example.com", auth_handler->spn()); | 317 EXPECT_EQ("HTTP@canonical.example.com", auth_handler->spn()); |
286 #endif | 318 #endif |
287 } | 319 } |
288 | 320 |
289 TEST_F(HttpAuthHandlerNegotiateTest, CnameAsync) { | 321 TEST_F(HttpAuthHandlerNegotiateTest, CnameAsync) { |
290 SetupMocks(AuthLibrary()); | 322 SetupMocks(AuthLibrary()); |
291 scoped_ptr<HttpAuthHandlerNegotiate> auth_handler; | 323 scoped_ptr<HttpAuthHandlerNegotiate> auth_handler; |
(...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
359 BoundNetLog(), | 391 BoundNetLog(), |
360 &generic_handler); | 392 &generic_handler); |
361 EXPECT_EQ(ERR_UNSUPPORTED_AUTH_SCHEME, rv); | 393 EXPECT_EQ(ERR_UNSUPPORTED_AUTH_SCHEME, rv); |
362 EXPECT_TRUE(generic_handler.get() == NULL); | 394 EXPECT_TRUE(generic_handler.get() == NULL); |
363 } | 395 } |
364 #endif // defined(DLOPEN_KERBEROS) | 396 #endif // defined(DLOPEN_KERBEROS) |
365 | 397 |
366 #endif // defined(OS_POSIX) | 398 #endif // defined(OS_POSIX) |
367 | 399 |
368 } // namespace net | 400 } // namespace net |
OLD | NEW |