commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jsde...@apache.org
Subject cvs commit: jakarta-commons/httpclient/src/test/org/apache/commons/httpclient TestAuthenticator.java
Date Tue, 16 Jul 2002 13:52:57 GMT
jsdever     2002/07/16 06:52:57

  Modified:    httpclient/src/java/org/apache/commons/httpclient
                        Authenticator.java
               httpclient/src/test/org/apache/commons/httpclient
                        TestAuthenticator.java
  Log:
  Added tests and a few tweaks for Digest authentication.
  
  Submitted by: Davanum Srinivas
  
  Revision  Changes    Path
  1.17      +8 -8      jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/Authenticator.java
  
  Index: Authenticator.java
  ===================================================================
  RCS file: /home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/Authenticator.java,v
  retrieving revision 1.16
  retrieving revision 1.17
  diff -u -r1.16 -r1.17
  --- Authenticator.java	16 Jul 2002 03:46:53 -0000	1.16
  +++ Authenticator.java	16 Jul 2002 13:52:57 -0000	1.17
  @@ -334,8 +334,7 @@
               method.addRequestHeader(new Header("cnonce","\""+createCnonce()+"\""));
               method.addRequestHeader(new Header("nc", "00000001"));
               Hashtable headers = getHTTPDigestCredentials(method);
  -            String digest = createDigest(cred.getUserName(), cred.getPassword(), headers);
  -            return new Header(respHeader, Authenticator.digest(cred, headers, digest));
  +            return new Header(respHeader, Authenticator.digest(cred, headers));
           }
       }
   
  @@ -343,7 +342,8 @@
        * Return a Digest <tt>Authorization</tt> header value for the
        * given {@link UsernamePasswordCredentials}.
        */
  -    static String digest(UsernamePasswordCredentials cred, Hashtable headers, String digest)
throws HttpException {
  +    static String digest(UsernamePasswordCredentials cred, Hashtable headers) throws HttpException
{
  +        String digest = createDigest(cred.getUserName(), cred.getPassword(), headers);
           return "Digest " + createDigestHeader(cred.getUserName(), headers, digest);
       }
   
  @@ -359,7 +359,7 @@
        * @return The created digest as string. This will be the response tag's
        * value in the Authentication HTTP header.
        */
  -    private static String createDigest(String uname, String pwd, Hashtable dCreds) throws
HttpException {
  +    public static String createDigest(String uname, String pwd, Hashtable dCreds) throws
HttpException {
           String digAlg = "MD5";
           String method = "POST";
   
  
  
  
  1.9       +125 -6    jakarta-commons/httpclient/src/test/org/apache/commons/httpclient/TestAuthenticator.java
  
  Index: TestAuthenticator.java
  ===================================================================
  RCS file: /home/cvs/jakarta-commons/httpclient/src/test/org/apache/commons/httpclient/TestAuthenticator.java,v
  retrieving revision 1.8
  retrieving revision 1.9
  diff -u -r1.8 -r1.9
  --- TestAuthenticator.java	16 Jul 2002 12:41:16 -0000	1.8
  +++ TestAuthenticator.java	16 Jul 2002 13:52:57 -0000	1.9
  @@ -62,7 +62,12 @@
   
   package org.apache.commons.httpclient;
   
  -import junit.framework.*;
  +import junit.framework.Test;
  +import junit.framework.TestCase;
  +import junit.framework.TestSuite;
  +
  +import java.util.Hashtable;
  +import java.util.StringTokenizer;
   
   /**
    * Unit tests for {@link Authenticator}.
  @@ -115,7 +120,7 @@
           }
       }
   
  -    // ----------------------------------------------------------- Test Methods
  +    // ---------------------------------- Test Methods for Basic Authentication
   
       public void testBasicAuthenticationWithNoCreds() {
           HttpState state = new HttpState();
  @@ -239,5 +244,119 @@
               String expected = "Basic " + new String(Base64.encode("uname2:password2".getBytes()));
               assertEquals(expected,method.getRequestHeader("Authorization").getValue());
           }
  +    }
  +
  +    // --------------------------------- Test Methods for Digest Authentication
  +
  +    public void testDigestAuthenticationWithNoCreds() {
  +        HttpState state = new HttpState();
  +        HttpMethod method = new SimpleHttpMethod(new Header("WWW-Authenticate","Digest
realm=\"realm1\""));
  +        try {
  +            Authenticator.authenticate(method,state);
  +            fail("Should have thrown HttpException");
  +        } catch(HttpException e) {
  +            // expected
  +        }
  +    }
  +
  +    public void testDigestAuthenticationWithNoRealm() {
  +        HttpState state = new HttpState();
  +        HttpMethod method = new SimpleHttpMethod(new Header("WWW-Authenticate","Digest"));
  +        try {
  +            Authenticator.authenticate(method,state);
  +            fail("Should have thrown HttpException");
  +        } catch(HttpException e) {
  +            // expected
  +        }
  +    }
  +
  +    public void testDigestAuthenticationWithNoRealm2() {
  +        HttpState state = new HttpState();
  +        HttpMethod method = new SimpleHttpMethod(new Header("WWW-Authenticate","Digest
"));
  +        try {
  +            Authenticator.authenticate(method,state);
  +            fail("Should have thrown HttpException");
  +        } catch(HttpException e) {
  +            // expected
  +        }
  +    }
  +
  +    public void testDigestAuthenticationWithNullHttpState() throws Exception {
  +        HttpMethod method = new SimpleHttpMethod(new Header("WWW-Authenticate","Digest
realm=\"realm1\""));
  +        try {
  +            Authenticator.authenticate(method,(HttpState)null);
  +            fail("Should have thrown NullPointerException");
  +        } catch(NullPointerException e) {
  +            // expected
  +        }
  +    }
  +
  +    public void testDigestAuthenticationCaseInsensitivity() throws Exception {
  +        HttpState state = new HttpState();
  +        UsernamePasswordCredentials cred = new UsernamePasswordCredentials("username","password");
  +        state.setCredentials(null, cred);
  +        HttpMethod method = new SimpleHttpMethod(new Header("WwW-AuThEnTiCaTe","dIgEsT
ReAlM=\"realm1\""));
  +        assertTrue(Authenticator.authenticate(method,state));
  +        assertTrue(null != method.getRequestHeader("Authorization"));
  +    }
  +
  +
  +    public void testDigestAuthenticationWithDefaultCreds() throws Exception {
  +        HttpState state = new HttpState();
  +        UsernamePasswordCredentials cred = new UsernamePasswordCredentials("username","password");
  +        state.setCredentials(null, cred);
  +        HttpMethod method = new SimpleHttpMethod(new Header("WWW-Authenticate","Digest
realm=\"realm1\""));
  +        assertTrue(Authenticator.authenticate(method,state));
  +        assertTrue(null != method.getRequestHeader("Authorization"));
  +        checkAuthorization(cred, method.getRequestHeader("Authorization").getValue());
  +    }
  +
  +    public void testDigestAuthentication() throws Exception {
  +        HttpState state = new HttpState();
  +        UsernamePasswordCredentials cred = new UsernamePasswordCredentials("username","password");
  +        state.setCredentials(null, cred);
  +        HttpMethod method = new SimpleHttpMethod(new Header("WWW-Authenticate","Digest
realm=\"realm1\""));
  +        assertTrue(Authenticator.authenticate(method,state));
  +        assertTrue(null != method.getRequestHeader("Authorization"));
  +        checkAuthorization(cred, method.getRequestHeader("Authorization").getValue());
  +    }
  +
  +    public void testDigestAuthenticationWithMutlipleRealms() throws Exception {
  +        HttpState state = new HttpState();
  +        UsernamePasswordCredentials cred = new UsernamePasswordCredentials("username","password");
  +        state.setCredentials("realm1", cred);
  +        UsernamePasswordCredentials cred2 = new UsernamePasswordCredentials("uname2","password2");
  +        state.setCredentials("realm2", cred2);
  +        {
  +            HttpMethod method = new SimpleHttpMethod(new Header("WWW-Authenticate","Digest
realm=\"realm1\""));
  +            assertTrue(Authenticator.authenticate(method,state));
  +            assertTrue(null != method.getRequestHeader("Authorization"));
  +            checkAuthorization(cred, method.getRequestHeader("Authorization").getValue());
  +        }
  +        {
  +            HttpMethod method = new SimpleHttpMethod(new Header("WWW-Authenticate","Digest
realm=\"realm2\""));
  +            assertTrue(Authenticator.authenticate(method,state));
  +            assertTrue(null != method.getRequestHeader("Authorization"));
  +            checkAuthorization(cred2, method.getRequestHeader("Authorization").getValue());
  +        }
  +    }
  +
  +    private void checkAuthorization(UsernamePasswordCredentials cred, String auth) throws
Exception {
  +        Hashtable table = new Hashtable();
  +        StringTokenizer tokenizer = new StringTokenizer(auth, ",=\"");
  +        while(tokenizer.hasMoreTokens()){
  +            String key = null;
  +            String value = null;
  +            if(tokenizer.hasMoreTokens())
  +                key = tokenizer.nextToken();
  +            if(tokenizer.hasMoreTokens())
  +                value = tokenizer.nextToken();
  +            if(key != null && value != null){
  +                table.put(key.trim(),value.trim());
  +            }
  +        }
  +        String response = (String) table.get("response");
  +        String digest = Authenticator.createDigest(cred.getUserName(),cred.getPassword(),
table);
  +        assertEquals(response, digest);
       }
   }
  
  
  

--
To unsubscribe, e-mail:   <mailto:commons-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:commons-dev-help@jakarta.apache.org>


Mime
View raw message