| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/http/http_auth_handler_negotiate.h" | 5 #include "net/http/http_auth_handler_negotiate.h" |
| 6 | 6 |
| 7 #include <string> |
| 8 |
| 7 #include "base/strings/string_util.h" | 9 #include "base/strings/string_util.h" |
| 8 #include "base/strings/utf_string_conversions.h" | 10 #include "base/strings/utf_string_conversions.h" |
| 9 #include "net/base/net_errors.h" | 11 #include "net/base/net_errors.h" |
| 10 #include "net/base/test_completion_callback.h" | 12 #include "net/base/test_completion_callback.h" |
| 11 #include "net/dns/mock_host_resolver.h" | 13 #include "net/dns/mock_host_resolver.h" |
| 12 #include "net/http/http_request_info.h" | 14 #include "net/http/http_request_info.h" |
| 13 #include "net/http/mock_allow_url_security_manager.h" | 15 #include "net/http/mock_allow_url_security_manager.h" |
| 14 #if defined(OS_WIN) | 16 #if defined(OS_ANDROID) |
| 17 #include "net/android/dummy_spnego_authenticator.h" |
| 18 #elif defined(OS_WIN) |
| 15 #include "net/http/mock_sspi_library_win.h" | 19 #include "net/http/mock_sspi_library_win.h" |
| 16 #elif defined(OS_POSIX) | 20 #elif defined(OS_POSIX) |
| 17 #include "net/http/mock_gssapi_library_posix.h" | 21 #include "net/http/mock_gssapi_library_posix.h" |
| 18 #endif | 22 #endif |
| 19 #include "testing/gtest/include/gtest/gtest.h" | 23 #include "testing/gtest/include/gtest/gtest.h" |
| 20 #include "testing/platform_test.h" | 24 #include "testing/platform_test.h" |
| 21 | 25 |
| 22 namespace net { | 26 namespace net { |
| 23 | 27 |
| 24 #if defined(OS_WIN) | 28 #if defined(OS_ANDROID) |
| 29 typedef net::android::DummySpnegoAuthenticator MockAuthLibrary; |
| 30 #elif defined(OS_WIN) |
| 25 typedef MockSSPILibrary MockAuthLibrary; | 31 typedef MockSSPILibrary MockAuthLibrary; |
| 26 #elif defined(OS_POSIX) | 32 #elif defined(OS_POSIX) |
| 27 typedef test::MockGSSAPILibrary MockAuthLibrary; | 33 typedef test::MockGSSAPILibrary MockAuthLibrary; |
| 28 #endif | 34 #endif |
| 29 | 35 |
| 30 class HttpAuthHandlerNegotiateTest : public PlatformTest { | 36 class HttpAuthHandlerNegotiateTest : public PlatformTest { |
| 31 public: | 37 public: |
| 32 void SetUp() override { | 38 void SetUp() override { |
| 33 auth_library_ = new MockAuthLibrary(); | 39 auth_library_ = new MockAuthLibrary(); |
| 34 resolver_.reset(new MockHostResolver()); | 40 resolver_.reset(new MockHostResolver()); |
| 35 resolver_->rules()->AddIPLiteralRule("alias", "10.0.0.2", | 41 resolver_->rules()->AddIPLiteralRule("alias", "10.0.0.2", |
| 36 "canonical.example.com"); | 42 "canonical.example.com"); |
| 37 | 43 |
| 38 url_security_manager_.reset(new MockAllowURLSecurityManager()); | 44 url_security_manager_.reset(new MockAllowURLSecurityManager()); |
| 39 factory_.reset(new HttpAuthHandlerNegotiate::Factory()); | 45 factory_.reset(new HttpAuthHandlerNegotiate::Factory()); |
| 40 factory_->set_url_security_manager(url_security_manager_.get()); | 46 factory_->set_url_security_manager(url_security_manager_.get()); |
| 47 #if defined(OS_ANDROID) |
| 48 std::string* authenticator = |
| 49 new std::string("org.chromium.test.DummySpnegoAuthenticator"); |
| 50 factory_->set_library(authenticator); |
| 51 MockAuthLibrary::EnsureTestAccountExists(); |
| 52 #endif |
| 53 #if defined(OS_WIN) || (defined(OS_POSIX) && !defined(OS_ANDROID)) |
| 41 factory_->set_library(auth_library_); | 54 factory_->set_library(auth_library_); |
| 55 #endif |
| 42 factory_->set_host_resolver(resolver_.get()); | 56 factory_->set_host_resolver(resolver_.get()); |
| 43 } | 57 } |
| 44 | 58 |
| 59 #if defined(OS_ANDROID) |
| 60 void TearDown() override { MockAuthLibrary::RemoveTestAccounts(); } |
| 61 #endif |
| 62 |
| 45 void SetupMocks(MockAuthLibrary* mock_library) { | 63 void SetupMocks(MockAuthLibrary* mock_library) { |
| 46 #if defined(OS_WIN) | 64 #if defined(OS_WIN) |
| 47 security_package_.reset(new SecPkgInfoW); | 65 security_package_.reset(new SecPkgInfoW); |
| 48 memset(security_package_.get(), 0x0, sizeof(SecPkgInfoW)); | 66 memset(security_package_.get(), 0x0, sizeof(SecPkgInfoW)); |
| 49 security_package_->cbMaxToken = 1337; | 67 security_package_->cbMaxToken = 1337; |
| 50 mock_library->ExpectQuerySecurityPackageInfo( | 68 mock_library->ExpectQuerySecurityPackageInfo( |
| 51 L"Negotiate", SEC_E_OK, security_package_.get()); | 69 L"Negotiate", SEC_E_OK, security_package_.get()); |
| 52 #elif defined(OS_POSIX) | 70 #elif defined(OS_POSIX) |
| 53 // Copied from an actual transaction! | 71 // Copied from an actual transaction! |
| 54 static const char kAuthResponse[] = | 72 static const char kAuthResponse[] = |
| (...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 106 1, // Locally initiated | 124 1, // Locally initiated |
| 107 0); // Open | 125 0); // Open |
| 108 test::GssContextMockImpl context2( | 126 test::GssContextMockImpl context2( |
| 109 "localhost", // Source name | 127 "localhost", // Source name |
| 110 "example.com", // Target name | 128 "example.com", // Target name |
| 111 23, // Lifetime | 129 23, // Lifetime |
| 112 *CHROME_GSS_SPNEGO_MECH_OID_DESC, // Mechanism | 130 *CHROME_GSS_SPNEGO_MECH_OID_DESC, // Mechanism |
| 113 0, // Context flags | 131 0, // Context flags |
| 114 1, // Locally initiated | 132 1, // Locally initiated |
| 115 1); // Open | 133 1); // Open |
| 116 test::MockGSSAPILibrary::SecurityContextQuery queries[] = { | 134 MockAuthLibrary::SecurityContextQuery queries[] = { |
| 117 test::MockGSSAPILibrary::SecurityContextQuery( | 135 MockAuthLibrary::SecurityContextQuery( |
| 118 "Negotiate", // Package name | 136 "Negotiate", // Package name |
| 119 GSS_S_CONTINUE_NEEDED, // Major response code | 137 GSS_S_CONTINUE_NEEDED, // Major response code |
| 120 0, // Minor response code | 138 0, // Minor response code |
| 121 context1, // Context | 139 context1, // Context |
| 122 NULL, // Expected input token | 140 NULL, // Expected input token |
| 123 kAuthResponse), // Output token | 141 kAuthResponse), // Output token |
| 124 test::MockGSSAPILibrary::SecurityContextQuery( | 142 MockAuthLibrary::SecurityContextQuery( |
| 125 "Negotiate", // Package name | 143 "Negotiate", // Package name |
| 126 GSS_S_COMPLETE, // Major response code | 144 GSS_S_COMPLETE, // Major response code |
| 127 0, // Minor response code | 145 0, // Minor response code |
| 128 context2, // Context | 146 context2, // Context |
| 129 kAuthResponse, // Expected input token | 147 kAuthResponse, // Expected input token |
| 130 kAuthResponse) // Output token | 148 kAuthResponse) // Output token |
| 131 }; | 149 }; |
| 132 | 150 |
| 133 for (size_t i = 0; i < arraysize(queries); ++i) { | 151 for (size_t i = 0; i < arraysize(queries); ++i) { |
| 134 mock_library->ExpectSecurityContext(queries[i].expected_package, | 152 mock_library->ExpectSecurityContext(queries[i].expected_package, |
| 135 queries[i].response_code, | 153 queries[i].response_code, |
| 136 queries[i].minor_response_code, | 154 queries[i].minor_response_code, |
| 137 queries[i].context_info, | 155 queries[i].context_info, |
| 138 queries[i].expected_input_token, | 156 queries[i].expected_input_token, |
| 139 queries[i].output_token); | 157 queries[i].output_token); |
| 140 } | 158 } |
| 141 #endif // defined(OS_POSIX) | 159 #endif // defined(OS_POSIX) |
| 142 } | 160 } |
| 143 | 161 |
| 144 #if defined(OS_POSIX) | 162 #if defined(OS_POSIX) |
| 145 void SetupErrorMocks(MockAuthLibrary* mock_library, | 163 void SetupErrorMocks(MockAuthLibrary* mock_library, |
| 146 int major_status, | 164 int major_status, |
| 147 int minor_status) { | 165 int minor_status) { |
| 148 const gss_OID_desc kDefaultMech = { 0, NULL }; | 166 const gss_OID_desc kDefaultMech = { 0, NULL }; |
| 149 test::GssContextMockImpl context( | 167 test::GssContextMockImpl context( |
| 150 "localhost", // Source name | 168 "localhost", // Source name |
| 151 "example.com", // Target name | 169 "example.com", // Target name |
| 152 0, // Lifetime | 170 0, // Lifetime |
| 153 kDefaultMech, // Mechanism | 171 kDefaultMech, // Mechanism |
| 154 0, // Context flags | 172 0, // Context flags |
| 155 1, // Locally initiated | 173 1, // Locally initiated |
| 156 0); // Open | 174 0); // Open |
| 157 test::MockGSSAPILibrary::SecurityContextQuery query( | 175 MockAuthLibrary::SecurityContextQuery query( |
| 158 "Negotiate", // Package name | 176 "Negotiate", // Package name |
| 159 major_status, // Major response code | 177 major_status, // Major response code |
| 160 minor_status, // Minor response code | 178 minor_status, // Minor response code |
| 161 context, // Context | 179 context, // Context |
| 162 NULL, // Expected input token | 180 NULL, // Expected input token |
| 163 NULL); // Output token | 181 NULL); // Output token |
| 164 | 182 |
| 165 mock_library->ExpectSecurityContext(query.expected_package, | 183 mock_library->ExpectSecurityContext(query.expected_package, |
| 166 query.response_code, | 184 query.response_code, |
| 167 query.minor_response_code, | 185 query.minor_response_code, |
| 168 query.context_info, | 186 query.context_info, |
| 169 query.expected_input_token, | 187 query.expected_input_token, |
| 170 query.output_token); | 188 query.output_token); |
| 171 } | 189 } |
| 172 | 190 |
| 173 #endif // defined(OS_POSIX) | 191 #endif // defined(OS_POSIX) |
| (...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 216 TEST_F(HttpAuthHandlerNegotiateTest, DisableCname) { | 234 TEST_F(HttpAuthHandlerNegotiateTest, DisableCname) { |
| 217 SetupMocks(AuthLibrary()); | 235 SetupMocks(AuthLibrary()); |
| 218 scoped_ptr<HttpAuthHandlerNegotiate> auth_handler; | 236 scoped_ptr<HttpAuthHandlerNegotiate> auth_handler; |
| 219 EXPECT_EQ(OK, CreateHandler( | 237 EXPECT_EQ(OK, CreateHandler( |
| 220 true, false, true, "http://alias:500", &auth_handler)); | 238 true, false, true, "http://alias:500", &auth_handler)); |
| 221 | 239 |
| 222 ASSERT_TRUE(auth_handler.get() != NULL); | 240 ASSERT_TRUE(auth_handler.get() != NULL); |
| 223 TestCompletionCallback callback; | 241 TestCompletionCallback callback; |
| 224 HttpRequestInfo request_info; | 242 HttpRequestInfo request_info; |
| 225 std::string token; | 243 std::string token; |
| 226 EXPECT_EQ(OK, auth_handler->GenerateAuthToken(NULL, &request_info, | 244 EXPECT_EQ(OK, callback.GetResult(auth_handler->GenerateAuthToken( |
| 227 callback.callback(), &token)); | 245 NULL, &request_info, callback.callback(), &token))); |
| 228 #if defined(OS_WIN) | 246 #if defined(OS_WIN) |
| 229 EXPECT_EQ("HTTP/alias", auth_handler->spn()); | 247 EXPECT_EQ("HTTP/alias", auth_handler->spn()); |
| 230 #elif defined(OS_POSIX) | 248 #elif defined(OS_POSIX) |
| 231 EXPECT_EQ("HTTP@alias", auth_handler->spn()); | 249 EXPECT_EQ("HTTP@alias", auth_handler->spn()); |
| 232 #endif | 250 #endif |
| 233 } | 251 } |
| 234 | 252 |
| 235 TEST_F(HttpAuthHandlerNegotiateTest, DisableCnameStandardPort) { | 253 TEST_F(HttpAuthHandlerNegotiateTest, DisableCnameStandardPort) { |
| 236 SetupMocks(AuthLibrary()); | 254 SetupMocks(AuthLibrary()); |
| 237 scoped_ptr<HttpAuthHandlerNegotiate> auth_handler; | 255 scoped_ptr<HttpAuthHandlerNegotiate> auth_handler; |
| 238 EXPECT_EQ(OK, CreateHandler( | 256 EXPECT_EQ(OK, CreateHandler( |
| 239 true, true, true, "http://alias:80", &auth_handler)); | 257 true, true, true, "http://alias:80", &auth_handler)); |
| 240 ASSERT_TRUE(auth_handler.get() != NULL); | 258 ASSERT_TRUE(auth_handler.get() != NULL); |
| 241 TestCompletionCallback callback; | 259 TestCompletionCallback callback; |
| 242 HttpRequestInfo request_info; | 260 HttpRequestInfo request_info; |
| 243 std::string token; | 261 std::string token; |
| 244 EXPECT_EQ(OK, auth_handler->GenerateAuthToken(NULL, &request_info, | 262 EXPECT_EQ(OK, callback.GetResult(auth_handler->GenerateAuthToken( |
| 245 callback.callback(), &token)); | 263 NULL, &request_info, callback.callback(), &token))); |
| 246 #if defined(OS_WIN) | 264 #if defined(OS_WIN) |
| 247 EXPECT_EQ("HTTP/alias", auth_handler->spn()); | 265 EXPECT_EQ("HTTP/alias", auth_handler->spn()); |
| 248 #elif defined(OS_POSIX) | 266 #elif defined(OS_POSIX) |
| 249 EXPECT_EQ("HTTP@alias", auth_handler->spn()); | 267 EXPECT_EQ("HTTP@alias", auth_handler->spn()); |
| 250 #endif | 268 #endif |
| 251 } | 269 } |
| 252 | 270 |
| 253 TEST_F(HttpAuthHandlerNegotiateTest, DisableCnameNonstandardPort) { | 271 TEST_F(HttpAuthHandlerNegotiateTest, DisableCnameNonstandardPort) { |
| 254 SetupMocks(AuthLibrary()); | 272 SetupMocks(AuthLibrary()); |
| 255 scoped_ptr<HttpAuthHandlerNegotiate> auth_handler; | 273 scoped_ptr<HttpAuthHandlerNegotiate> auth_handler; |
| 256 EXPECT_EQ(OK, CreateHandler( | 274 EXPECT_EQ(OK, CreateHandler( |
| 257 true, true, true, "http://alias:500", &auth_handler)); | 275 true, true, true, "http://alias:500", &auth_handler)); |
| 258 ASSERT_TRUE(auth_handler.get() != NULL); | 276 ASSERT_TRUE(auth_handler.get() != NULL); |
| 259 TestCompletionCallback callback; | 277 TestCompletionCallback callback; |
| 260 HttpRequestInfo request_info; | 278 HttpRequestInfo request_info; |
| 261 std::string token; | 279 std::string token; |
| 262 EXPECT_EQ(OK, auth_handler->GenerateAuthToken(NULL, &request_info, | 280 EXPECT_EQ(OK, callback.GetResult(auth_handler->GenerateAuthToken( |
| 263 callback.callback(), &token)); | 281 NULL, &request_info, callback.callback(), &token))); |
| 264 #if defined(OS_WIN) | 282 #if defined(OS_WIN) |
| 265 EXPECT_EQ("HTTP/alias:500", auth_handler->spn()); | 283 EXPECT_EQ("HTTP/alias:500", auth_handler->spn()); |
| 266 #elif defined(OS_POSIX) | 284 #elif defined(OS_POSIX) |
| 267 EXPECT_EQ("HTTP@alias:500", auth_handler->spn()); | 285 EXPECT_EQ("HTTP@alias:500", auth_handler->spn()); |
| 268 #endif | 286 #endif |
| 269 } | 287 } |
| 270 | 288 |
| 271 TEST_F(HttpAuthHandlerNegotiateTest, CnameSync) { | 289 TEST_F(HttpAuthHandlerNegotiateTest, CnameSync) { |
| 272 SetupMocks(AuthLibrary()); | 290 SetupMocks(AuthLibrary()); |
| 273 scoped_ptr<HttpAuthHandlerNegotiate> auth_handler; | 291 scoped_ptr<HttpAuthHandlerNegotiate> auth_handler; |
| 274 EXPECT_EQ(OK, CreateHandler( | 292 EXPECT_EQ(OK, CreateHandler( |
| 275 false, false, true, "http://alias:500", &auth_handler)); | 293 false, false, true, "http://alias:500", &auth_handler)); |
| 276 ASSERT_TRUE(auth_handler.get() != NULL); | 294 ASSERT_TRUE(auth_handler.get() != NULL); |
| 277 TestCompletionCallback callback; | 295 TestCompletionCallback callback; |
| 278 HttpRequestInfo request_info; | 296 HttpRequestInfo request_info; |
| 279 std::string token; | 297 std::string token; |
| 280 EXPECT_EQ(OK, auth_handler->GenerateAuthToken(NULL, &request_info, | 298 EXPECT_EQ(OK, callback.GetResult(auth_handler->GenerateAuthToken( |
| 281 callback.callback(), &token)); | 299 NULL, &request_info, callback.callback(), &token))); |
| 282 #if defined(OS_WIN) | 300 #if defined(OS_WIN) |
| 283 EXPECT_EQ("HTTP/canonical.example.com", auth_handler->spn()); | 301 EXPECT_EQ("HTTP/canonical.example.com", auth_handler->spn()); |
| 284 #elif defined(OS_POSIX) | 302 #elif defined(OS_POSIX) |
| 285 EXPECT_EQ("HTTP@canonical.example.com", auth_handler->spn()); | 303 EXPECT_EQ("HTTP@canonical.example.com", auth_handler->spn()); |
| 286 #endif | 304 #endif |
| 287 } | 305 } |
| 288 | 306 |
| 289 TEST_F(HttpAuthHandlerNegotiateTest, CnameAsync) { | 307 TEST_F(HttpAuthHandlerNegotiateTest, CnameAsync) { |
| 290 SetupMocks(AuthLibrary()); | 308 SetupMocks(AuthLibrary()); |
| 291 scoped_ptr<HttpAuthHandlerNegotiate> auth_handler; | 309 scoped_ptr<HttpAuthHandlerNegotiate> auth_handler; |
| (...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 359 BoundNetLog(), | 377 BoundNetLog(), |
| 360 &generic_handler); | 378 &generic_handler); |
| 361 EXPECT_EQ(ERR_UNSUPPORTED_AUTH_SCHEME, rv); | 379 EXPECT_EQ(ERR_UNSUPPORTED_AUTH_SCHEME, rv); |
| 362 EXPECT_TRUE(generic_handler.get() == NULL); | 380 EXPECT_TRUE(generic_handler.get() == NULL); |
| 363 } | 381 } |
| 364 #endif // defined(DLOPEN_KERBEROS) | 382 #endif // defined(DLOPEN_KERBEROS) |
| 365 | 383 |
| 366 #endif // defined(OS_POSIX) | 384 #endif // defined(OS_POSIX) |
| 367 | 385 |
| 368 } // namespace net | 386 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1128043007:
Support Kerberos on Android (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master