| Index: net/http/http_auth_unittest.cc
|
| diff --git a/net/http/http_auth_unittest.cc b/net/http/http_auth_unittest.cc
|
| index f75cf023cb919d5a582c27b75414fc8e36fd5572..e229c8da759e748e8d7406b80b21bfc9af87a873 100644
|
| --- a/net/http/http_auth_unittest.cc
|
| +++ b/net/http/http_auth_unittest.cc
|
| @@ -2,244 +2,13 @@
|
| // Use of this source code is governed by a BSD-style license that can be
|
| // found in the LICENSE file.
|
|
|
| -#include <set>
|
| #include <string>
|
|
|
| -#include "base/memory/ref_counted.h"
|
| -#include "base/memory/scoped_ptr.h"
|
| -#include "base/strings/string_util.h"
|
| -#include "net/base/net_errors.h"
|
| -#include "net/dns/mock_host_resolver.h"
|
| #include "net/http/http_auth.h"
|
| -#include "net/http/http_auth_challenge_tokenizer.h"
|
| -#include "net/http/http_auth_filter.h"
|
| -#include "net/http/http_auth_handler.h"
|
| -#include "net/http/http_auth_handler_factory.h"
|
| -#include "net/http/http_auth_handler_mock.h"
|
| -#include "net/http/http_auth_scheme_set.h"
|
| -#include "net/http/http_response_headers.h"
|
| -#include "net/http/http_util.h"
|
| -#include "net/http/mock_allow_url_security_manager.h"
|
| #include "testing/gtest/include/gtest/gtest.h"
|
|
|
| namespace net {
|
|
|
| -namespace {
|
| -
|
| -HttpAuthHandlerMock* CreateMockHandler(bool expect_multiple_challenges) {
|
| - HttpAuthHandlerMock* auth_handler = new HttpAuthHandlerMock();
|
| - auth_handler->set_expect_multiple_challenges(expect_multiple_challenges);
|
| - std::string challenge_text = "Mock";
|
| - HttpAuthChallengeTokenizer challenge(challenge_text.begin(),
|
| - challenge_text.end());
|
| - GURL origin("www.example.com");
|
| - EXPECT_EQ(OK, auth_handler->HandleInitialChallenge(
|
| - challenge, HttpAuth::AUTH_SERVER, origin, BoundNetLog()));
|
| - return auth_handler;
|
| -}
|
| -
|
| -HttpResponseHeaders* HeadersFromResponseText(const std::string& response) {
|
| - return new HttpResponseHeaders(
|
| - HttpUtil::AssembleRawHeaders(response.c_str(), response.length()));
|
| -}
|
| -
|
| -HttpAuth::AuthorizationResult HandleChallengeResponse(
|
| - bool expect_multiple_challenges,
|
| - const std::string& headers_text,
|
| - std::string* challenge_used) {
|
| - scoped_ptr<HttpAuthHandlerMock> mock_handler(
|
| - CreateMockHandler(expect_multiple_challenges));
|
| - HttpAuthSchemeSet disabled_schemes;
|
| - scoped_refptr<HttpResponseHeaders> headers(
|
| - HeadersFromResponseText(headers_text));
|
| - return HttpAuth::HandleChallengeResponse(mock_handler.get(), headers.get(),
|
| - HttpAuth::AUTH_SERVER,
|
| - disabled_schemes, challenge_used);
|
| -}
|
| -
|
| -} // namespace
|
| -
|
| -TEST(HttpAuthTest, ChooseBestChallenge) {
|
| - static const struct {
|
| - const char* headers;
|
| - const char* challenge_scheme;
|
| - const char* challenge_realm;
|
| - } tests[] = {
|
| - {
|
| - // Basic is the only challenge type, pick it.
|
| - "Y: Digest realm=\"X\", nonce=\"aaaaaaaaaa\"\n"
|
| - "www-authenticate: Basic realm=\"BasicRealm\"\n",
|
| -
|
| - "basic", "BasicRealm",
|
| - },
|
| - {
|
| - // Fake is the only challenge type, but it is unsupported.
|
| - "Y: Digest realm=\"FooBar\", nonce=\"aaaaaaaaaa\"\n"
|
| - "www-authenticate: Fake realm=\"FooBar\"\n",
|
| -
|
| - nullptr, "",
|
| - },
|
| - {
|
| - // Pick Digest over Basic.
|
| - "www-authenticate: Basic realm=\"FooBar\"\n"
|
| - "www-authenticate: Fake realm=\"FooBar\"\n"
|
| - "www-authenticate: nonce=\"aaaaaaaaaa\"\n"
|
| - "www-authenticate: Digest realm=\"DigestRealm\", "
|
| - "nonce=\"aaaaaaaaaa\"\n",
|
| -
|
| - "digest", "DigestRealm",
|
| - },
|
| - {
|
| - // Handle an empty header correctly.
|
| - "Y: Digest realm=\"X\", nonce=\"aaaaaaaaaa\"\n"
|
| - "www-authenticate:\n",
|
| -
|
| - nullptr, "",
|
| - },
|
| - {
|
| - // NTLM appears earlier in the list, but HttAuth should pick
|
| - // Negotiate.
|
| - "WWW-Authenticate: NTLM\n"
|
| - "WWW-Authenticate: Negotiate\n",
|
| -
|
| -#if defined(USE_KERBEROS) && !defined(OS_ANDROID)
|
| - // Choose Negotiate over NTLM on all platforms.
|
| - // TODO(ahendrickson): This may be flaky on Linux and OSX as it
|
| - // relies on being able to load one of the known .so files
|
| - // for gssapi.
|
| - "negotiate",
|
| -#else
|
| - // On systems that don't use Kerberos fall back to NTLM.
|
| - "ntlm",
|
| -#endif // defined(USE_KERBEROS)
|
| - "",
|
| - }};
|
| - GURL origin("http://www.example.com");
|
| - HttpAuthSchemeSet disabled_schemes;
|
| - MockAllowURLSecurityManager url_security_manager;
|
| - scoped_ptr<HostResolver> host_resolver(new MockHostResolver());
|
| - scoped_ptr<HttpAuthHandlerRegistryFactory> http_auth_handler_factory(
|
| - HttpAuthHandlerFactory::CreateDefault(host_resolver.get()));
|
| - http_auth_handler_factory->SetURLSecurityManager(
|
| - "negotiate", &url_security_manager);
|
| -
|
| - for (size_t i = 0; i < arraysize(tests); ++i) {
|
| - // Make a HttpResponseHeaders object.
|
| - std::string headers_with_status_line("HTTP/1.1 401 Unauthorized\n");
|
| - headers_with_status_line += tests[i].headers;
|
| - scoped_refptr<HttpResponseHeaders> headers(
|
| - HeadersFromResponseText(headers_with_status_line));
|
| -
|
| - scoped_ptr<HttpAuthHandler> handler;
|
| - HttpAuth::ChooseBestChallenge(http_auth_handler_factory.get(),
|
| - headers.get(),
|
| - HttpAuth::AUTH_SERVER,
|
| - origin,
|
| - disabled_schemes,
|
| - BoundNetLog(),
|
| - &handler);
|
| -
|
| - if (handler.get()) {
|
| - EXPECT_EQ(tests[i].challenge_scheme, handler->auth_scheme());
|
| - EXPECT_STREQ(tests[i].challenge_realm, handler->realm().c_str());
|
| - } else {
|
| - EXPECT_EQ(nullptr, tests[i].challenge_scheme);
|
| - EXPECT_STREQ("", tests[i].challenge_realm);
|
| - }
|
| - }
|
| -}
|
| -
|
| -TEST(HttpAuthTest, HandleChallengeResponse) {
|
| - std::string challenge_used;
|
| - const char* const kMockChallenge =
|
| - "HTTP/1.1 401 Unauthorized\n"
|
| - "WWW-Authenticate: Mock token_here\n";
|
| - const char* const kBasicChallenge =
|
| - "HTTP/1.1 401 Unauthorized\n"
|
| - "WWW-Authenticate: Basic realm=\"happy\"\n";
|
| - const char* const kMissingChallenge =
|
| - "HTTP/1.1 401 Unauthorized\n";
|
| - const char* const kEmptyChallenge =
|
| - "HTTP/1.1 401 Unauthorized\n"
|
| - "WWW-Authenticate: \n";
|
| - const char* const kBasicAndMockChallenges =
|
| - "HTTP/1.1 401 Unauthorized\n"
|
| - "WWW-Authenticate: Basic realm=\"happy\"\n"
|
| - "WWW-Authenticate: Mock token_here\n";
|
| - const char* const kTwoMockChallenges =
|
| - "HTTP/1.1 401 Unauthorized\n"
|
| - "WWW-Authenticate: Mock token_a\n"
|
| - "WWW-Authenticate: Mock token_b\n";
|
| -
|
| - // Request based schemes should treat any new challenges as rejections of the
|
| - // previous authentication attempt. (There is a slight exception for digest
|
| - // authentication and the stale parameter, but that is covered in the
|
| - // http_auth_handler_digest_unittests).
|
| - EXPECT_EQ(
|
| - HttpAuth::AUTHORIZATION_RESULT_REJECT,
|
| - HandleChallengeResponse(false, kMockChallenge, &challenge_used));
|
| - EXPECT_EQ("Mock token_here", challenge_used);
|
| -
|
| - EXPECT_EQ(
|
| - HttpAuth::AUTHORIZATION_RESULT_REJECT,
|
| - HandleChallengeResponse(false, kBasicChallenge, &challenge_used));
|
| - EXPECT_EQ("", challenge_used);
|
| -
|
| - EXPECT_EQ(
|
| - HttpAuth::AUTHORIZATION_RESULT_REJECT,
|
| - HandleChallengeResponse(false, kMissingChallenge, &challenge_used));
|
| - EXPECT_EQ("", challenge_used);
|
| -
|
| - EXPECT_EQ(
|
| - HttpAuth::AUTHORIZATION_RESULT_REJECT,
|
| - HandleChallengeResponse(false, kEmptyChallenge, &challenge_used));
|
| - EXPECT_EQ("", challenge_used);
|
| -
|
| - EXPECT_EQ(
|
| - HttpAuth::AUTHORIZATION_RESULT_REJECT,
|
| - HandleChallengeResponse(false, kBasicAndMockChallenges, &challenge_used));
|
| - EXPECT_EQ("Mock token_here", challenge_used);
|
| -
|
| - EXPECT_EQ(
|
| - HttpAuth::AUTHORIZATION_RESULT_REJECT,
|
| - HandleChallengeResponse(false, kTwoMockChallenges, &challenge_used));
|
| - EXPECT_EQ("Mock token_a", challenge_used);
|
| -
|
| - // Connection based schemes will treat new auth challenges for the same scheme
|
| - // as acceptance (and continuance) of the current approach. If there are
|
| - // no auth challenges for the same scheme, the response will be treated as
|
| - // a rejection.
|
| - EXPECT_EQ(
|
| - HttpAuth::AUTHORIZATION_RESULT_ACCEPT,
|
| - HandleChallengeResponse(true, kMockChallenge, &challenge_used));
|
| - EXPECT_EQ("Mock token_here", challenge_used);
|
| -
|
| - EXPECT_EQ(
|
| - HttpAuth::AUTHORIZATION_RESULT_REJECT,
|
| - HandleChallengeResponse(true, kBasicChallenge, &challenge_used));
|
| - EXPECT_EQ("", challenge_used);
|
| -
|
| - EXPECT_EQ(
|
| - HttpAuth::AUTHORIZATION_RESULT_REJECT,
|
| - HandleChallengeResponse(true, kMissingChallenge, &challenge_used));
|
| - EXPECT_EQ("", challenge_used);
|
| -
|
| - EXPECT_EQ(
|
| - HttpAuth::AUTHORIZATION_RESULT_REJECT,
|
| - HandleChallengeResponse(true, kEmptyChallenge, &challenge_used));
|
| - EXPECT_EQ("", challenge_used);
|
| -
|
| - EXPECT_EQ(
|
| - HttpAuth::AUTHORIZATION_RESULT_ACCEPT,
|
| - HandleChallengeResponse(true, kBasicAndMockChallenges, &challenge_used));
|
| - EXPECT_EQ("Mock token_here", challenge_used);
|
| -
|
| - EXPECT_EQ(
|
| - HttpAuth::AUTHORIZATION_RESULT_ACCEPT,
|
| - HandleChallengeResponse(true, kTwoMockChallenges, &challenge_used));
|
| - EXPECT_EQ("Mock token_a", challenge_used);
|
| -}
|
| -
|
| TEST(HttpAuthTest, GetChallengeHeaderName) {
|
| std::string name;
|
|
|
|
|
Chromium Code Reviews
Issue 1391053002:
[net/http auth] Make HttpAuthHandler challenge handling asynchronous.
Base URL: https://chromium.googlesource.com/chromium/src.git@auth-handler-init-split