HTTPCredentialsTest.cpp source code [POCO/Net/testsuite/src/HTTPCredentialsTest.cpp]

1	//
2	// HTTPCredentialsTest.cpp
3	//
4	// Copyright (c) 2005-2006, Applied Informatics Software Engineering GmbH.
5	// and Contributors.
6	//
7	// SPDX-License-Identifier: BSL-1.0
8	//
9
10
11	#include "HTTPCredentialsTest.h"
12	#include "Poco/CppUnit/TestCaller.h"
13	#include "Poco/CppUnit/TestSuite.h"
14	#include "Poco/Net/HTTPRequest.h"
15	#include "Poco/Net/HTTPResponse.h"
16	#include "Poco/Net/HTTPBasicCredentials.h"
17	#include "Poco/Net/HTTPAuthenticationParams.h"
18	#include "Poco/Net/HTTPDigestCredentials.h"
19	#include "Poco/Net/HTTPCredentials.h"
20	#include "Poco/Net/NetException.h"
21	#include "Poco/URI.h"
22
23
24	using Poco::Net::HTTPRequest;
25	using Poco::Net::HTTPResponse;
26	using Poco::Net::HTTPBasicCredentials;
27	using Poco::Net::HTTPAuthenticationParams;
28	using Poco::Net::HTTPDigestCredentials;
29	using Poco::Net::HTTPCredentials;
30	using Poco::Net::NotAuthenticatedException;
31
32
33	HTTPCredentialsTest::HTTPCredentialsTest(const std::string& name): CppUnit::TestCase (name)
34	{
35	}
36
37
38	HTTPCredentialsTest::~HTTPCredentialsTest()
39	{
40	}
41
42
43	void HTTPCredentialsTest::testBasicCredentials()
44	{
45	HTTPRequest request;
46	assertTrue (!request.hasCredentials());
47
48	HTTPBasicCredentials cred("user", "secret");
49	cred.authenticate(request);
50	assertTrue (request.hasCredentials());
51	std::string scheme;
52	std::string info;
53	request.getCredentials(scheme, info);
54	assertTrue (scheme == "Basic");
55	assertTrue (info == "dXNlcjpzZWNyZXQ=");
56
57	HTTPBasicCredentials cred2(request);
58	assertTrue (cred2.getUsername() == "user");
59	assertTrue (cred2.getPassword() == "secret");
60	}
61
62
63	void HTTPCredentialsTest::testProxyBasicCredentials()
64	{
65	HTTPRequest request;
66	assertTrue (!request.hasProxyCredentials());
67
68	HTTPBasicCredentials cred("user", "secret");
69	cred.proxyAuthenticate(request);
70	assertTrue (request.hasProxyCredentials());
71	std::string scheme;
72	std::string info;
73	request.getProxyCredentials(scheme, info);
74	assertTrue (scheme == "Basic");
75	assertTrue (info == "dXNlcjpzZWNyZXQ=");
76	}
77
78
79	void HTTPCredentialsTest::testBadCredentials()
80	{
81	HTTPRequest request;
82
83	std::string scheme;
84	std::string info;
85	try
86	{
87	request.getCredentials(scheme, info);
88	fail("no credentials - must throw");
89	}
90	catch (NotAuthenticatedException&)
91	{
92	}
93
94	request.setCredentials("Test", "SomeData");
95	request.getCredentials(scheme, info);
96	assertTrue (scheme == "Test");
97	assertTrue (info == "SomeData");
98
99	try
100	{
101	HTTPBasicCredentials cred(request);
102	fail("bad scheme - must throw");
103	}
104	catch (NotAuthenticatedException&)
105	{
106	}
107	}
108
109
110	void HTTPCredentialsTest::testAuthenticationParams()
111	{
112	const std::string authInfo("nonce=\"212573bb90170538efad012978ab811f%lu\", realm=\"TestDigest\", response=\"40e4889cfbd0e561f71e3107a2863bc4\", uri=\"/digest/\", username=\"user\"");
113	HTTPAuthenticationParams params(authInfo);
114
115	assertTrue (params["nonce"] == "212573bb90170538efad012978ab811f%lu");
116	assertTrue (params["realm"] == "TestDigest");
117	assertTrue (params["response"] == "40e4889cfbd0e561f71e3107a2863bc4");
118	assertTrue (params["uri"] == "/digest/");
119	assertTrue (params["username"] == "user");
120	assertTrue (params.size() == `5`);
121	assertTrue (params.toString() == authInfo);
122
123	params.clear();
124	HTTPRequest request;
125	request.set("Authorization", "Digest " + authInfo);
126	params.fromRequest(request);
127
128	assertTrue (params["nonce"] == "212573bb90170538efad012978ab811f%lu");
129	assertTrue (params["realm"] == "TestDigest");
130	assertTrue (params["response"] == "40e4889cfbd0e561f71e3107a2863bc4");
131	assertTrue (params["uri"] == "/digest/");
132	assertTrue (params["username"] == "user");
133	assertTrue (params.size() == `5`);
134
135	params.clear();
136	HTTPResponse response;
137	response.set("WWW-Authenticate", "Digest realm=\"TestDigest\", nonce=\"212573bb90170538efad012978ab811f%lu\"");
138	params.fromResponse(response);
139
140	assertTrue (params["realm"] == "TestDigest");
141	assertTrue (params["nonce"] == "212573bb90170538efad012978ab811f%lu");
142	assertTrue (params.size() == `2`);
143	}
144
145
146	void HTTPCredentialsTest::testAuthenticationParamsMultipleHeaders()
147	{
148	HTTPResponse response;
149	response.add("WWW-Authenticate", "Unsupported realm=\"TestUnsupported\"");
150	response.add("WWW-Authenticate", "Digest realm=\"TestDigest\", nonce=\"212573bb90170538efad012978ab811f%lu\"");
151	HTTPAuthenticationParams params(response);
152
153	assertTrue (params["realm"] == "TestDigest");
154	assertTrue (params["nonce"] == "212573bb90170538efad012978ab811f%lu");
155	assertTrue (params.size() == `2`);
156	}
157
158
159	void HTTPCredentialsTest::testDigestCredentials()
160	{
161	HTTPDigestCredentials creds("user", "s3cr3t");
162	HTTPRequest request(HTTPRequest::HTTP_GET, "/digest/");
163	HTTPResponse response;
164	response.set("WWW-Authenticate", "Digest realm=\"TestDigest\", nonce=\"212573bb90170538efad012978ab811f%lu\"");
165	creds.authenticate(request, response);
166	std::string auth = request.get("Authorization");
167	assertTrue (auth == "Digest username=\"user\", nonce=\"212573bb90170538efad012978ab811f%lu\", realm=\"TestDigest\", uri=\"/digest/\", response=\"40e4889cfbd0e561f71e3107a2863bc4\"");
168	}
169
170
171	void HTTPCredentialsTest::testDigestCredentialsQoP()
172	{
173	HTTPDigestCredentials creds("user", "s3cr3t");
174	HTTPRequest request(HTTPRequest::HTTP_GET, "/digest/");
175	HTTPResponse response;
176	response.set("WWW-Authenticate", "Digest realm=\"TestDigest\", nonce=\"212573bb90170538efad012978ab811f%lu\", opaque=\"opaque\", qop=\"auth,auth-int\"");
177	creds.authenticate(request, response);
178
179	HTTPAuthenticationParams params(request);
180	assertTrue (params["nonce"] == "212573bb90170538efad012978ab811f%lu");
181	assertTrue (params["realm"] == "TestDigest");
182	assertTrue (params["response"] != "40e4889cfbd0e561f71e3107a2863bc4");
183	assertTrue (params["uri"] == "/digest/");
184	assertTrue (params["username"] == "user");
185	assertTrue (params["opaque"] == "opaque");
186	assertTrue (params["cnonce"] != "");
187	assertTrue (params["nc"] == "00000001");
188	assertTrue (params["qop"] == "auth");
189	assertTrue (params.size() == `9`);
190
191	std::string cnonce = params ["cnonce"];
192	std::string aresp = params ["response"];
193
194	params.clear();
195
196	creds.updateAuthInfo(request);
197	params.fromRequest(request);
198	assertTrue (params["nonce"] == "212573bb90170538efad012978ab811f%lu");
199	assertTrue (params["realm"] == "TestDigest");
200	assertTrue (params["response"] != aresp);
201	assertTrue (params["uri"] == "/digest/");
202	assertTrue (params["username"] == "user");
203	assertTrue (params["opaque"] == "opaque");
204	assertTrue (params["cnonce"] == cnonce);
205	assertTrue (params["nc"] == "00000002");
206	assertTrue (params["qop"] == "auth");
207	assertTrue (params.size() == `9`);
208	}
209
210
211	void HTTPCredentialsTest::testCredentialsBasic()
212	{
213	HTTPCredentials creds("user", "s3cr3t");
214	HTTPRequest request(HTTPRequest::HTTP_GET, "/basic/");
215	HTTPResponse response;
216	response.set("WWW-Authenticate", "Basic realm=\"TestBasic\"");
217	creds.authenticate(request, response);
218	assertTrue (request.get("Authorization") == "Basic dXNlcjpzM2NyM3Q=");
219	}
220
221
222	void HTTPCredentialsTest::testProxyCredentialsBasic()
223	{
224	HTTPCredentials creds("user", "s3cr3t");
225	HTTPRequest request(HTTPRequest::HTTP_GET, "/basic/");
226	HTTPResponse response;
227	response.set("Proxy-Authenticate", "Basic realm=\"TestBasic\"");
228	creds.proxyAuthenticate(request, response);
229	assertTrue (request.get("Proxy-Authorization") == "Basic dXNlcjpzM2NyM3Q=");
230	}
231
232
233	void HTTPCredentialsTest::testCredentialsDigest()
234	{
235	HTTPCredentials creds("user", "s3cr3t");
236	HTTPRequest request(HTTPRequest::HTTP_GET, "/digest/");
237	HTTPResponse response;
238	response.set("WWW-Authenticate", "Digest realm=\"TestDigest\", nonce=\"212573bb90170538efad012978ab811f%lu\"");
239	creds.authenticate(request, response);
240	std::string auth = request.get("Authorization");
241	assertTrue (auth == "Digest username=\"user\", nonce=\"212573bb90170538efad012978ab811f%lu\", realm=\"TestDigest\", uri=\"/digest/\", response=\"40e4889cfbd0e561f71e3107a2863bc4\"");
242	}
243
244
245	void HTTPCredentialsTest::testCredentialsDigestMultipleHeaders()
246	{
247	HTTPCredentials creds("user", "s3cr3t");
248	HTTPRequest request(HTTPRequest::HTTP_GET, "/digest/");
249	HTTPResponse response;
250	response.add("WWW-Authenticate", "Unsupported realm=\"TestUnsupported\"");
251	response.add("WWW-Authenticate", "Digest realm=\"TestDigest\", nonce=\"212573bb90170538efad012978ab811f%lu\"");
252	creds.authenticate(request, response);
253	std::string auth = request.get("Authorization");
254	assertTrue (auth == "Digest username=\"user\", nonce=\"212573bb90170538efad012978ab811f%lu\", realm=\"TestDigest\", uri=\"/digest/\", response=\"40e4889cfbd0e561f71e3107a2863bc4\"");
255	}
256
257
258	void HTTPCredentialsTest::testProxyCredentialsDigest()
259	{
260	HTTPCredentials creds("user", "s3cr3t");
261	HTTPRequest request(HTTPRequest::HTTP_GET, "/digest/");
262	HTTPResponse response;
263	response.set("Proxy-Authenticate", "Digest realm=\"TestDigest\", nonce=\"212573bb90170538efad012978ab811f%lu\"");
264	creds.proxyAuthenticate(request, response);
265	assertTrue (request.get("Proxy-Authorization") == "Digest username=\"user\", nonce=\"212573bb90170538efad012978ab811f%lu\", realm=\"TestDigest\", uri=\"/digest/\", response=\"40e4889cfbd0e561f71e3107a2863bc4\"");
266	}
267
268
269	void HTTPCredentialsTest::testExtractCredentials()
270	{
271	Poco::URI uri("http://user:s3cr3t@host.com/");
272	std::string username;
273	std::string password;
274	HTTPCredentials::extractCredentials(uri, username, password);
275	assertTrue (username == "user");
276	assertTrue (password == "s3cr3t");
277	}
278
279
280	void HTTPCredentialsTest::testVerifyAuthInfo()
281	{
282	HTTPDigestCredentials creds("user", "s3cr3t");
283	HTTPRequest request(HTTPRequest::HTTP_GET, "/digest/");
284	HTTPResponse response;
285	response.set("WWW-Authenticate", "Digest realm=\"TestDigest\", nonce=\"212573bb90170538efad012978ab811f%lu\"");
286	creds.authenticate(request, response);
287	assertTrue (creds.verifyAuthInfo(request));
288
289	request.set("Authorization", "Digest nonce=\"212573bb90170538efad012978ab811f%lu\", realm=\"TestDigest\", response=\"xxe4889cfbd0e561f71e3107a2863bc4\", uri=\"/digest/\", username=\"user\"");
290	assertTrue (!creds.verifyAuthInfo(request));
291	}
292
293
294	void HTTPCredentialsTest::testVerifyAuthInfoQoP()
295	{
296	HTTPDigestCredentials creds("user", "s3cr3t");
297	HTTPRequest request(HTTPRequest::HTTP_GET, "/digest/");
298	HTTPResponse response;
299	response.set("WWW-Authenticate", "Digest realm=\"TestDigest\", nonce=\"212573bb90170538efad012978ab811f%lu\", opaque=\"opaque\", qop=\"auth,auth-int\"");
300	creds.authenticate(request, response);
301	assertTrue (creds.verifyAuthInfo(request));
302
303	request.set("Authorization", "Digest cnonce=\"f9c80ffd1c3bc4ee47ed92b704ba75a4\", nc=00000001, nonce=\"212573bb90170538efad012978ab811f%lu\", opaque=\"opaque\", qop=\"auth\", realm=\"TestDigest\", response=\"ff0e90b9aa019120ea0ed6e23ce95d9a\", uri=\"/digest/\", username=\"user\"");
304	assertTrue (!creds.verifyAuthInfo(request));
305	}
306
307
308	void HTTPCredentialsTest::setUp()
309	{
310	}
311
312
313	void HTTPCredentialsTest::tearDown()
314	{
315	}
316
317
318	CppUnit::Test* HTTPCredentialsTest::suite()
319	{
320	CppUnit::TestSuite* pSuite = new CppUnit::TestSuite ("HTTPCredentialsTest");
321
322	CppUnit_addTest(pSuite, HTTPCredentialsTest, testBasicCredentials);
323	CppUnit_addTest(pSuite, HTTPCredentialsTest, testProxyBasicCredentials);
324	CppUnit_addTest(pSuite, HTTPCredentialsTest, testBadCredentials);
325	CppUnit_addTest(pSuite, HTTPCredentialsTest, testAuthenticationParams);
326	CppUnit_addTest(pSuite, HTTPCredentialsTest, testAuthenticationParamsMultipleHeaders);
327	CppUnit_addTest(pSuite, HTTPCredentialsTest, testDigestCredentials);
328	CppUnit_addTest(pSuite, HTTPCredentialsTest, testDigestCredentialsQoP);
329	CppUnit_addTest(pSuite, HTTPCredentialsTest, testCredentialsBasic);
330	CppUnit_addTest(pSuite, HTTPCredentialsTest, testProxyCredentialsBasic);
331	CppUnit_addTest(pSuite, HTTPCredentialsTest, testCredentialsDigest);
332	CppUnit_addTest(pSuite, HTTPCredentialsTest, testCredentialsDigestMultipleHeaders);
333	CppUnit_addTest(pSuite, HTTPCredentialsTest, testProxyCredentialsDigest);
334	CppUnit_addTest(pSuite, HTTPCredentialsTest, testExtractCredentials);
335	CppUnit_addTest(pSuite, HTTPCredentialsTest, testVerifyAuthInfo);
336	CppUnit_addTest(pSuite, HTTPCredentialsTest, testVerifyAuthInfoQoP);
337
338	return pSuite;
339	}
340

Browse the source code of POCO/Net/testsuite/src/HTTPCredentialsTest.cpp