xref: /aosp_15_r20/external/cronet/net/android/http_auth_negotiate_android_unittest.cc (revision 6777b5387eb2ff775bb5750e3f5d96f37fb7352b) 
1 // Copyright 2014 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #include "net/android/http_auth_negotiate_android.h"
6 
7 #include "base/run_loop.h"
8 #include "base/test/task_environment.h"
9 #include "net/android/dummy_spnego_authenticator.h"
10 #include "net/base/net_errors.h"
11 #include "net/base/test_completion_callback.h"
12 #include "net/http/http_auth_challenge_tokenizer.h"
13 #include "net/http/mock_allow_http_auth_preferences.h"
14 #include "net/log/net_log_with_source.h"
15 #include "testing/gtest/include/gtest/gtest.h"
16 
17 namespace net::android {
18 
TEST(HttpAuthNegotiateAndroidTest,GenerateAuthToken)19 TEST(HttpAuthNegotiateAndroidTest, GenerateAuthToken) {
20   base::test::TaskEnvironment task_environment;
21 
22   DummySpnegoAuthenticator::EnsureTestAccountExists();
23 
24   std::string auth_token;
25 
26   DummySpnegoAuthenticator authenticator;
27   net::test::GssContextMockImpl mockContext;
28   authenticator.ExpectSecurityContext("Negotiate", GSS_S_COMPLETE, 0,
29                                       mockContext, "", "DummyToken");
30 
31   MockAllowHttpAuthPreferences prefs;
32   prefs.set_auth_android_negotiate_account_type(
33       "org.chromium.test.DummySpnegoAuthenticator");
34   HttpAuthNegotiateAndroid auth(&prefs);
35   EXPECT_TRUE(auth.Init(NetLogWithSource()));
36 
37   TestCompletionCallback callback;
38   EXPECT_EQ(OK, callback.GetResult(auth.GenerateAuthToken(
39                     nullptr, "Dummy", std::string(), &auth_token,
40                     NetLogWithSource(), callback.callback())));
41 
42   EXPECT_EQ("Negotiate DummyToken", auth_token);
43 
44   DummySpnegoAuthenticator::RemoveTestAccounts();
45 }
46 
TEST(HttpAuthNegotiateAndroidTest,ParseChallenge_FirstRound)47 TEST(HttpAuthNegotiateAndroidTest, ParseChallenge_FirstRound) {
48   // The first round should just consist of an unadorned "Negotiate" header.
49   MockAllowHttpAuthPreferences prefs;
50   prefs.set_auth_android_negotiate_account_type(
51       "org.chromium.test.DummySpnegoAuthenticator");
52   HttpAuthNegotiateAndroid auth(&prefs);
53   std::string challenge_text = "Negotiate";
54   HttpAuthChallengeTokenizer challenge(challenge_text.begin(),
55                                        challenge_text.end());
56   EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_ACCEPT,
57             auth.ParseChallenge(&challenge));
58 }
59 
TEST(HttpAuthNegotiateAndroidTest,ParseChallenge_UnexpectedTokenFirstRound)60 TEST(HttpAuthNegotiateAndroidTest, ParseChallenge_UnexpectedTokenFirstRound) {
61   // If the first round challenge has an additional authentication token, it
62   // should be treated as an invalid challenge from the server.
63   MockAllowHttpAuthPreferences prefs;
64   prefs.set_auth_android_negotiate_account_type(
65       "org.chromium.test.DummySpnegoAuthenticator");
66   HttpAuthNegotiateAndroid auth(&prefs);
67   std::string challenge_text = "Negotiate Zm9vYmFy";
68   HttpAuthChallengeTokenizer challenge(challenge_text.begin(),
69                                        challenge_text.end());
70   EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_INVALID,
71             auth.ParseChallenge(&challenge));
72 }
73 
TEST(HttpAuthNegotiateAndroidTest,ParseChallenge_TwoRounds)74 TEST(HttpAuthNegotiateAndroidTest, ParseChallenge_TwoRounds) {
75   // The first round should just have "Negotiate", and the second round should
76   // have a valid base64 token associated with it.
77   MockAllowHttpAuthPreferences prefs;
78   prefs.set_auth_android_negotiate_account_type(
79       "org.chromium.test.DummySpnegoAuthenticator");
80   HttpAuthNegotiateAndroid auth(&prefs);
81   std::string first_challenge_text = "Negotiate";
82   HttpAuthChallengeTokenizer first_challenge(first_challenge_text.begin(),
83                                              first_challenge_text.end());
84   EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_ACCEPT,
85             auth.ParseChallenge(&first_challenge));
86 
87   std::string second_challenge_text = "Negotiate Zm9vYmFy";
88   HttpAuthChallengeTokenizer second_challenge(second_challenge_text.begin(),
89                                               second_challenge_text.end());
90   EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_ACCEPT,
91             auth.ParseChallenge(&second_challenge));
92 }
93 
TEST(HttpAuthNegotiateAndroidTest,ParseChallenge_MissingTokenSecondRound)94 TEST(HttpAuthNegotiateAndroidTest, ParseChallenge_MissingTokenSecondRound) {
95   // If a later-round challenge is simply "Negotiate", it should be treated as
96   // an authentication challenge rejection from the server or proxy.
97   MockAllowHttpAuthPreferences prefs;
98   prefs.set_auth_android_negotiate_account_type(
99       "org.chromium.test.DummySpnegoAuthenticator");
100   HttpAuthNegotiateAndroid auth(&prefs);
101   std::string first_challenge_text = "Negotiate";
102   HttpAuthChallengeTokenizer first_challenge(first_challenge_text.begin(),
103                                              first_challenge_text.end());
104   EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_ACCEPT,
105             auth.ParseChallenge(&first_challenge));
106 
107   std::string second_challenge_text = "Negotiate";
108   HttpAuthChallengeTokenizer second_challenge(second_challenge_text.begin(),
109                                               second_challenge_text.end());
110   EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_REJECT,
111             auth.ParseChallenge(&second_challenge));
112 }
113 
114 }  // namespace net::android
115