1 // Copyright 2015 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/http/http_auth_multi_round_parse.h"
6
7 #include <string_view>
8
9 #include "base/strings/string_util.h"
10 #include "net/http/http_auth.h"
11 #include "net/http/http_auth_challenge_tokenizer.h"
12 #include "net/http/http_auth_scheme.h"
13 #include "testing/gtest/include/gtest/gtest.h"
14
15 namespace net {
16
TEST(HttpAuthHandlerNegotiateParseTest,ParseFirstRoundChallenge)17 TEST(HttpAuthHandlerNegotiateParseTest, ParseFirstRoundChallenge) {
18 // The first round should just consist of an unadorned header with the scheme
19 // name.
20 HttpAuthChallengeTokenizer challenge("Negotiate");
21 EXPECT_EQ(
22 HttpAuth::AUTHORIZATION_RESULT_ACCEPT,
23 ParseFirstRoundChallenge(HttpAuth::AUTH_SCHEME_NEGOTIATE, &challenge));
24 }
25
TEST(HttpAuthHandlerNegotiateParseTest,ParseFirstNegotiateChallenge_UnexpectedToken)26 TEST(HttpAuthHandlerNegotiateParseTest,
27 ParseFirstNegotiateChallenge_UnexpectedToken) {
28 // If the first round challenge has an additional authentication token, it
29 // should be treated as an invalid challenge from the server.
30 HttpAuthChallengeTokenizer challenge("Negotiate Zm9vYmFy");
31 EXPECT_EQ(
32 HttpAuth::AUTHORIZATION_RESULT_INVALID,
33 ParseFirstRoundChallenge(HttpAuth::AUTH_SCHEME_NEGOTIATE, &challenge));
34 }
35
TEST(HttpAuthHandlerNegotiateParseTest,ParseFirstNegotiateChallenge_BadScheme)36 TEST(HttpAuthHandlerNegotiateParseTest,
37 ParseFirstNegotiateChallenge_BadScheme) {
38 HttpAuthChallengeTokenizer challenge("DummyScheme");
39 EXPECT_EQ(
40 HttpAuth::AUTHORIZATION_RESULT_INVALID,
41 ParseFirstRoundChallenge(HttpAuth::AUTH_SCHEME_NEGOTIATE, &challenge));
42 }
43
TEST(HttpAuthHandlerNegotiateParseTest,ParseLaterRoundChallenge)44 TEST(HttpAuthHandlerNegotiateParseTest, ParseLaterRoundChallenge) {
45 // Later rounds should always have a Base64 encoded token.
46 HttpAuthChallengeTokenizer challenge("Negotiate Zm9vYmFy");
47 std::string encoded_token;
48 std::string decoded_token;
49 EXPECT_EQ(
50 HttpAuth::AUTHORIZATION_RESULT_ACCEPT,
51 ParseLaterRoundChallenge(HttpAuth::AUTH_SCHEME_NEGOTIATE, &challenge,
52 &encoded_token, &decoded_token));
53 EXPECT_EQ("Zm9vYmFy", encoded_token);
54 EXPECT_EQ("foobar", decoded_token);
55 }
56
TEST(HttpAuthHandlerNegotiateParseTest,ParseAnotherNegotiateChallenge_MissingToken)57 TEST(HttpAuthHandlerNegotiateParseTest,
58 ParseAnotherNegotiateChallenge_MissingToken) {
59 HttpAuthChallengeTokenizer challenge("Negotiate");
60 std::string encoded_token;
61 std::string decoded_token;
62 EXPECT_EQ(
63 HttpAuth::AUTHORIZATION_RESULT_REJECT,
64 ParseLaterRoundChallenge(HttpAuth::AUTH_SCHEME_NEGOTIATE, &challenge,
65 &encoded_token, &decoded_token));
66 }
67
TEST(HttpAuthHandlerNegotiateParseTest,ParseAnotherNegotiateChallenge_InvalidToken)68 TEST(HttpAuthHandlerNegotiateParseTest,
69 ParseAnotherNegotiateChallenge_InvalidToken) {
70 HttpAuthChallengeTokenizer challenge("Negotiate ***");
71 std::string encoded_token;
72 std::string decoded_token;
73 EXPECT_EQ(
74 HttpAuth::AUTHORIZATION_RESULT_INVALID,
75 ParseLaterRoundChallenge(HttpAuth::AUTH_SCHEME_NEGOTIATE, &challenge,
76 &encoded_token, &decoded_token));
77 }
78
79 // The parser assumes that all authentication scheme names are lowercase.
TEST(HttpAuthHandlerNegotiateParseTest,AllSchemesAreCanonical)80 TEST(HttpAuthHandlerNegotiateParseTest, AllSchemesAreCanonical) {
81 EXPECT_EQ(base::ToLowerASCII(kBasicAuthScheme), kBasicAuthScheme);
82 EXPECT_EQ(base::ToLowerASCII(kDigestAuthScheme), kDigestAuthScheme);
83 EXPECT_EQ(base::ToLowerASCII(kNtlmAuthScheme), kNtlmAuthScheme);
84 EXPECT_EQ(base::ToLowerASCII(kNegotiateAuthScheme), kNegotiateAuthScheme);
85 EXPECT_EQ(base::ToLowerASCII(kMockAuthScheme), kMockAuthScheme);
86 }
87
88 } // namespace net
89