Index: net/http/http_auth_gssapi_posix_unittest.cc |
diff --git a/net/http/http_auth_gssapi_posix_unittest.cc b/net/http/http_auth_gssapi_posix_unittest.cc |
index 6f933349d7e5b4f6d48a70c04ccd656bf4571e6f..0ca6799cc742a386b56f2f9dd77f3a4b8aef0f52 100644 |
--- a/net/http/http_auth_gssapi_posix_unittest.cc |
+++ b/net/http/http_auth_gssapi_posix_unittest.cc |
@@ -71,6 +71,12 @@ void EstablishInitialContext(test::MockGSSAPILibrary* library) { |
out_buffer); |
} |
+void UnexpectedCallback(int result) { |
+ // At present getting tokens from gssapi is fully synchronous, so the callback |
+ // should never be called. |
+ ADD_FAILURE(); |
+} |
+ |
} // namespace |
TEST(HttpAuthGSSAPIPOSIXTest, GSSAPIStartup) { |
@@ -176,100 +182,4 @@ TEST(HttpAuthGSSAPIPOSIXTest, GSSAPICycle) { |
EXPECT_EQ(static_cast<OM_uint32>(GSS_S_COMPLETE), major_status); |
} |
-TEST(HttpAuthGSSAPITest, ParseChallenge_FirstRound) { |
- // The first round should just consist of an unadorned "Negotiate" header. |
- test::MockGSSAPILibrary mock_library; |
- HttpAuthGSSAPI auth_gssapi(&mock_library, "Negotiate", |
- CHROME_GSS_SPNEGO_MECH_OID_DESC); |
- std::string challenge_text = "Negotiate"; |
- HttpAuthChallengeTokenizer challenge(challenge_text.begin(), |
- challenge_text.end()); |
- EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_ACCEPT, |
- auth_gssapi.ParseChallenge(&challenge)); |
-} |
- |
-TEST(HttpAuthGSSAPITest, ParseChallenge_TwoRounds) { |
- // The first round should just have "Negotiate", and the second round should |
- // have a valid base64 token associated with it. |
- test::MockGSSAPILibrary mock_library; |
- HttpAuthGSSAPI auth_gssapi(&mock_library, "Negotiate", |
- CHROME_GSS_SPNEGO_MECH_OID_DESC); |
- std::string first_challenge_text = "Negotiate"; |
- HttpAuthChallengeTokenizer first_challenge(first_challenge_text.begin(), |
- first_challenge_text.end()); |
- EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_ACCEPT, |
- auth_gssapi.ParseChallenge(&first_challenge)); |
- |
- // Generate an auth token and create another thing. |
- EstablishInitialContext(&mock_library); |
- std::string auth_token; |
- EXPECT_EQ(OK, auth_gssapi.GenerateAuthToken(NULL, "HTTP/intranet.google.com", |
- &auth_token)); |
- |
- std::string second_challenge_text = "Negotiate Zm9vYmFy"; |
- HttpAuthChallengeTokenizer second_challenge(second_challenge_text.begin(), |
- second_challenge_text.end()); |
- EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_ACCEPT, |
- auth_gssapi.ParseChallenge(&second_challenge)); |
-} |
- |
-TEST(HttpAuthGSSAPITest, ParseChallenge_UnexpectedTokenFirstRound) { |
- // If the first round challenge has an additional authentication token, it |
- // should be treated as an invalid challenge from the server. |
- test::MockGSSAPILibrary mock_library; |
- HttpAuthGSSAPI auth_gssapi(&mock_library, "Negotiate", |
- CHROME_GSS_SPNEGO_MECH_OID_DESC); |
- std::string challenge_text = "Negotiate Zm9vYmFy"; |
- HttpAuthChallengeTokenizer challenge(challenge_text.begin(), |
- challenge_text.end()); |
- EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_INVALID, |
- auth_gssapi.ParseChallenge(&challenge)); |
-} |
- |
-TEST(HttpAuthGSSAPITest, ParseChallenge_MissingTokenSecondRound) { |
- // If a later-round challenge is simply "Negotiate", it should be treated as |
- // an authentication challenge rejection from the server or proxy. |
- test::MockGSSAPILibrary mock_library; |
- HttpAuthGSSAPI auth_gssapi(&mock_library, "Negotiate", |
- CHROME_GSS_SPNEGO_MECH_OID_DESC); |
- std::string first_challenge_text = "Negotiate"; |
- HttpAuthChallengeTokenizer first_challenge(first_challenge_text.begin(), |
- first_challenge_text.end()); |
- EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_ACCEPT, |
- auth_gssapi.ParseChallenge(&first_challenge)); |
- |
- EstablishInitialContext(&mock_library); |
- std::string auth_token; |
- EXPECT_EQ(OK, auth_gssapi.GenerateAuthToken(NULL, "HTTP/intranet.google.com", |
- &auth_token)); |
- std::string second_challenge_text = "Negotiate"; |
- HttpAuthChallengeTokenizer second_challenge(second_challenge_text.begin(), |
- second_challenge_text.end()); |
- EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_REJECT, |
- auth_gssapi.ParseChallenge(&second_challenge)); |
-} |
- |
-TEST(HttpAuthGSSAPITest, ParseChallenge_NonBase64EncodedToken) { |
- // If a later-round challenge has an invalid base64 encoded token, it should |
- // be treated as an invalid challenge. |
- test::MockGSSAPILibrary mock_library; |
- HttpAuthGSSAPI auth_gssapi(&mock_library, "Negotiate", |
- CHROME_GSS_SPNEGO_MECH_OID_DESC); |
- std::string first_challenge_text = "Negotiate"; |
- HttpAuthChallengeTokenizer first_challenge(first_challenge_text.begin(), |
- first_challenge_text.end()); |
- EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_ACCEPT, |
- auth_gssapi.ParseChallenge(&first_challenge)); |
- |
- EstablishInitialContext(&mock_library); |
- std::string auth_token; |
- EXPECT_EQ(OK, auth_gssapi.GenerateAuthToken(NULL, "HTTP/intranet.google.com", |
- &auth_token)); |
- std::string second_challenge_text = "Negotiate =happyjoy="; |
- HttpAuthChallengeTokenizer second_challenge(second_challenge_text.begin(), |
- second_challenge_text.end()); |
- EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_INVALID, |
- auth_gssapi.ParseChallenge(&second_challenge)); |
-} |
- |
} // namespace net |