xref: /aosp_15_r20/external/cronet/net/http/http_auth_multi_round_parse_unittest.cc (revision 6777b5387eb2ff775bb5750e3f5d96f37fb7352b) 
1 // Copyright 2015 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #include "net/http/http_auth_multi_round_parse.h"
6 
7 #include "base/strings/string_util.h"
8 #include "net/http/http_auth.h"
9 #include "net/http/http_auth_challenge_tokenizer.h"
10 #include "net/http/http_auth_scheme.h"
11 #include "testing/gtest/include/gtest/gtest.h"
12 
13 namespace net {
14 
TEST(HttpAuthHandlerNegotiateParseTest,ParseFirstRoundChallenge)15 TEST(HttpAuthHandlerNegotiateParseTest, ParseFirstRoundChallenge) {
16   // The first round should just consist of an unadorned header with the scheme
17   // name.
18   std::string challenge_text = "Negotiate";
19   HttpAuthChallengeTokenizer challenge(challenge_text.begin(),
20                                        challenge_text.end());
21   EXPECT_EQ(
22       HttpAuth::AUTHORIZATION_RESULT_ACCEPT,
23       ParseFirstRoundChallenge(HttpAuth::AUTH_SCHEME_NEGOTIATE, &challenge));
24 }
25 
TEST(HttpAuthHandlerNegotiateParseTest,ParseFirstNegotiateChallenge_UnexpectedToken)26 TEST(HttpAuthHandlerNegotiateParseTest,
27      ParseFirstNegotiateChallenge_UnexpectedToken) {
28   // If the first round challenge has an additional authentication token, it
29   // should be treated as an invalid challenge from the server.
30   std::string challenge_text = "Negotiate Zm9vYmFy";
31   HttpAuthChallengeTokenizer challenge(challenge_text.begin(),
32                                        challenge_text.end());
33   EXPECT_EQ(
34       HttpAuth::AUTHORIZATION_RESULT_INVALID,
35       ParseFirstRoundChallenge(HttpAuth::AUTH_SCHEME_NEGOTIATE, &challenge));
36 }
37 
TEST(HttpAuthHandlerNegotiateParseTest,ParseFirstNegotiateChallenge_BadScheme)38 TEST(HttpAuthHandlerNegotiateParseTest,
39      ParseFirstNegotiateChallenge_BadScheme) {
40   std::string challenge_text = "DummyScheme";
41   HttpAuthChallengeTokenizer challenge(challenge_text.begin(),
42                                        challenge_text.end());
43   EXPECT_EQ(
44       HttpAuth::AUTHORIZATION_RESULT_INVALID,
45       ParseFirstRoundChallenge(HttpAuth::AUTH_SCHEME_NEGOTIATE, &challenge));
46 }
47 
TEST(HttpAuthHandlerNegotiateParseTest,ParseLaterRoundChallenge)48 TEST(HttpAuthHandlerNegotiateParseTest, ParseLaterRoundChallenge) {
49   // Later rounds should always have a Base64 encoded token.
50   std::string challenge_text = "Negotiate Zm9vYmFy";
51   HttpAuthChallengeTokenizer challenge(challenge_text.begin(),
52                                        challenge_text.end());
53   std::string encoded_token;
54   std::string decoded_token;
55   EXPECT_EQ(
56       HttpAuth::AUTHORIZATION_RESULT_ACCEPT,
57       ParseLaterRoundChallenge(HttpAuth::AUTH_SCHEME_NEGOTIATE, &challenge,
58                                &encoded_token, &decoded_token));
59   EXPECT_EQ("Zm9vYmFy", encoded_token);
60   EXPECT_EQ("foobar", decoded_token);
61 }
62 
TEST(HttpAuthHandlerNegotiateParseTest,ParseAnotherNegotiateChallenge_MissingToken)63 TEST(HttpAuthHandlerNegotiateParseTest,
64      ParseAnotherNegotiateChallenge_MissingToken) {
65   std::string challenge_text = "Negotiate";
66   HttpAuthChallengeTokenizer challenge(challenge_text.begin(),
67                                        challenge_text.end());
68   std::string encoded_token;
69   std::string decoded_token;
70   EXPECT_EQ(
71       HttpAuth::AUTHORIZATION_RESULT_REJECT,
72       ParseLaterRoundChallenge(HttpAuth::AUTH_SCHEME_NEGOTIATE, &challenge,
73                                &encoded_token, &decoded_token));
74 }
75 
TEST(HttpAuthHandlerNegotiateParseTest,ParseAnotherNegotiateChallenge_InvalidToken)76 TEST(HttpAuthHandlerNegotiateParseTest,
77      ParseAnotherNegotiateChallenge_InvalidToken) {
78   std::string challenge_text = "Negotiate ***";
79   HttpAuthChallengeTokenizer challenge(challenge_text.begin(),
80                                        challenge_text.end());
81   std::string encoded_token;
82   std::string decoded_token;
83   EXPECT_EQ(
84       HttpAuth::AUTHORIZATION_RESULT_INVALID,
85       ParseLaterRoundChallenge(HttpAuth::AUTH_SCHEME_NEGOTIATE, &challenge,
86                                &encoded_token, &decoded_token));
87 }
88 
89 // The parser assumes that all authentication scheme names are lowercase.
TEST(HttpAuthHandlerNegotiateParseTest,AllSchemesAreCanonical)90 TEST(HttpAuthHandlerNegotiateParseTest, AllSchemesAreCanonical) {
91   EXPECT_EQ(base::ToLowerASCII(kBasicAuthScheme), kBasicAuthScheme);
92   EXPECT_EQ(base::ToLowerASCII(kDigestAuthScheme), kDigestAuthScheme);
93   EXPECT_EQ(base::ToLowerASCII(kNtlmAuthScheme), kNtlmAuthScheme);
94   EXPECT_EQ(base::ToLowerASCII(kNegotiateAuthScheme), kNegotiateAuthScheme);
95   EXPECT_EQ(base::ToLowerASCII(kMockAuthScheme), kMockAuthScheme);
96 }
97 
98 }  // namespace net
99