From: Jarno Malmari <jarno@malmari.fi>
To: emacs-devel@gnu.org
Cc: larsi@gnus.org
Subject: [PATCH 1/3] Test for url-auth
Date: Sun, 30 Aug 2015 19:17:05 +0300 [thread overview]
Message-ID: <1440951427-12486-1-git-send-email-jarno@malmari.fi> (raw)
In-Reply-To: <m3a8t9ngcj.fsf@gnus.org>
So far not testing PROMPT and OVERWRITE arguments which would require
faking interactive minibuffer input.
---
test/automated/url-auth-tests.el | 223 +++++++++++++++++++++++++++++++++++++++
1 file changed, 223 insertions(+)
create mode 100644 test/automated/url-auth-tests.el
diff --git a/test/automated/url-auth-tests.el b/test/automated/url-auth-tests.el
new file mode 100644
index 0000000..715308c
--- /dev/null
+++ b/test/automated/url-auth-tests.el
@@ -0,0 +1,223 @@
+;;; url-auth-tests.el --- Test suite for url-auth.
+
+;; Copyright (C) 2015 Free Software Foundation, Inc.
+
+;; Author: Jarno Malmari <jarno@malmari.fi>
+
+;; This program is free software; you can redistribute it and/or modify
+;; it under the terms of the GNU General Public License as published by
+;; the Free Software Foundation, either version 3 of the License, or
+;; (at your option) any later version.
+
+;; This program is distributed in the hope that it will be useful,
+;; but WITHOUT ANY WARRANTY; without even the implied warranty of
+;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;; GNU General Public License for more details.
+
+;; You should have received a copy of the GNU General Public License
+;; along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+;;; Commentary:
+
+;; Test HTTP authentication methods.
+
+;;; Code:
+
+(require 'ert)
+(require 'url-auth)
+
+(defvar url-auth-test-challenges nil
+ "List of challenges for testing.
+Each challenge is a plist. Values are as presented by the
+server's WWW-Authenticate header field.")
+
+;; Set explicitly for easier modification for re-runs.
+(setq url-auth-test-challenges
+ (list
+ (list :nonce "a1be8a3065e00c5bf190ad499299aea5"
+ :opaque "d7c2a27230fc8c74bb6e06be8c9cd189"
+ :realm "The Test Realm"
+ :username "user"
+ :password "passwd"
+ :uri "/digest-auth/auth/user/passwd"
+ :method "GET"
+ :expected-ha1 "19c41161a8720edaeb7922ef8531137d"
+ :expected-ha2 "b44272ea65ee4af7fb26c5dba58f6863"
+ :expected-response "46c47a6d8e1fa95a3efcf49724af3fe7")
+ (list :nonce "servernonce"
+ :username "user"
+ :password "passwd"
+ :realm "The Test Realm 1"
+ :uri "/digest-auth/auth/user/passwd"
+ :method "GET"
+ :expected-ha1 "00f848f943c9a05dd06c932a7334f120"
+ :expected-ha2 "b44272ea65ee4af7fb26c5dba58f6863"
+ :expected-response "b8a48cdc9aa9e514509a5a5c53d4e8cf")
+ (list :nonce "servernonce"
+ :username "user"
+ :password "passwd"
+ :realm "The Test Realm 2"
+ :uri "/digest-auth/auth/user/passwd"
+ :method "GET"
+ :expected-ha1 "74d6abd3651d6b8260733d8a4c37ec1a"
+ :expected-ha2 "b44272ea65ee4af7fb26c5dba58f6863"
+ :expected-response "0d84884d967e04440efc77e9e2b5b561")))
+
+(ert-deftest url-auth-test-digest-create-key ()
+ "Check user credentials in their hashed form."
+ (dolist (challenge url-auth-test-challenges)
+ (let ((key (url-digest-auth-create-key (plist-get challenge :username)
+ (plist-get challenge :password)
+ (plist-get challenge :realm)
+ (plist-get challenge :method)
+ (plist-get challenge :uri))))
+ (should (= (length key) 2))
+ (should (string= (nth 0 key) (plist-get challenge :expected-ha1)))
+ (should (string= (nth 1 key) (plist-get challenge :expected-ha2)))
+ )))
+
+(ert-deftest url-auth-test-digest-auth-retrieve-cache ()
+ "Check how the entry point retrieves cached authentication.
+Essential is how realms and paths are matched."
+
+ (let* ((url-digest-auth-storage
+ '(("example.org:80"
+ ("/path/auth1" "auth1user" "key")
+ ("/path" "pathuser" "key")
+ ("/" "rootuser" "key")
+ ("realm1" "realm1user" "key")
+ ("realm2" "realm2user" "key")
+ ("/path/auth2" "auth2user" "key"))
+ ("example.org:443"
+ ("realm" "secure_user" "key"))
+ ("rootless.org:80" ; no "/" entry for this on purpose
+ ("/path" "pathuser" "key")
+ ("realm" "realmuser" "key"))))
+ (attrs (list (cons "nonce" "servernonce")))
+ auth)
+
+ (dolist (row (list
+ ;; If :expected-user is `nil' it indicates
+ ;; authentication information shouldn't be found.
+
+ ;; non-existent server
+ (list :url "http://other.com/path" :realm nil :expected-user nil)
+
+ ;; unmatched port
+ (list :url "http://example.org:444/path" :realm nil :expected-user nil)
+
+ ;; root, no realm
+ (list :url "http://example.org/"
+ :realm nil :expected-user "rootuser")
+
+ ;; root, no realm, explicit port
+ (list :url "http://example.org:80/"
+ :realm nil :expected-user "rootuser")
+
+ (list :url "http://example.org/unknown"
+ :realm nil :expected-user "rootuser")
+
+ ;; realm specified, overrides any path
+ (list :url "http://example.org/"
+ :realm "realm1" :expected-user "realm1user")
+
+ ;; realm specified, overrides any path
+ (list :url "http://example.org/"
+ :realm "realm2" :expected-user "realm2user")
+
+ ;; authentication determined by path
+ (list :url "http://example.org/path/auth1/query"
+ :realm nil :expected-user "auth1user")
+
+ ;; /path shadows /path/auth2, hence pathuser is expected
+ (list :url "http://example.org/path/auth2/query"
+ :realm nil :expected-user "pathuser")
+
+ (list :url "https://example.org/path"
+ :realm nil :expected-user "secure_user")
+
+ ;; not really secure user but using the same port
+ (list :url "http://example.org:443/path"
+ :realm nil :expected-user "secure_user")
+
+ ;; preferring realm user over path, even though no
+ ;; realm specified (not sure why)
+ (list :url "http://rootless.org/"
+ :realm nil :expected-user "realmuser")
+ ;; second variant for the same case
+ (list :url "http://rootless.org/unknown/path"
+ :realm nil :expected-user "realmuser")
+
+ ;; path match
+ (list :url "http://rootless.org/path/query?q=a"
+ :realm nil :expected-user "pathuser")
+
+ ;; path match, realm match, prefer realm
+ (list :url "http://rootless.org/path/query?q=a"
+ :realm "realm" :expected-user "realmuser")
+ ))
+ (setq auth (url-digest-auth (plist-get row :url)
+ nil nil
+ (plist-get row :realm) attrs))
+ (if (plist-get row :expected-user)
+ (progn (should auth)
+ (should (string-match ".*username=\"\\(.*?\\)\".*" auth))
+ (should (string= (match-string 1 auth)
+ (plist-get row :expected-user))))
+ (should-not auth)))))
+
+(ert-deftest url-auth-test-digest-auth ()
+ "Check common authorization string contents."
+ (dolist (challenge url-auth-test-challenges)
+ (let* ((attrs (list (cons "nonce" (plist-get challenge :nonce))))
+ (url (concat "http://example.org" (plist-get challenge :uri)))
+ url-digest-auth-storage
+ auth)
+ ;; Add authentication info to cache so `url-digest-auth' can
+ ;; complete without prompting minibuffer input.
+ (setq url-digest-auth-storage
+ (list
+ (list "example.org:80"
+ (cons (or (plist-get challenge :realm) "/")
+ (cons (plist-get challenge :username)
+ (url-digest-auth-create-key (plist-get challenge :username)
+ (plist-get challenge :password)
+ (plist-get challenge :realm)
+ (plist-get challenge :method)
+ (plist-get challenge :uri)))))))
+ (setq auth (url-digest-auth (url-generic-parse-url url) nil nil
+ (plist-get challenge :realm) attrs))
+ (should auth)
+ (should (string-prefix-p "Digest " auth))
+ (should (string-match ".*response=\"\\(.*?\\)\".*" auth))
+ (should (string= (match-string 1 auth)
+ (plist-get challenge :expected-response)))
+ (should (string-match ".*username=\"\\(.*?\\)\".*" auth))
+ (should (string= (match-string 1 auth)
+ (plist-get challenge :username)))
+ (should (string-match ".*realm=\"\\(.*?\\)\".*" auth))
+ (should (string= (match-string 1 auth)
+ (plist-get challenge :realm)))
+ )))
+
+(ert-deftest url-auth-test-digest-auth-opaque ()
+ "Check that `opaque' value is added to result when presented by
+the server."
+ (let* ((url-digest-auth-storage
+ '(("example.org:80" ("/" "user" "key"))))
+ (attrs (list (cons "nonce" "anynonce")))
+ auth)
+ ;; Get authentication info from cache without `opaque'.
+ (setq auth (url-digest-auth "http://example.org/path" nil nil nil attrs))
+ (should auth)
+ (should-not (string-match-p "opaque=" auth))
+
+ ;; Add `opaque' to attributes.
+ (push (cons "opaque" "opaque-value") attrs)
+ (setq auth (url-digest-auth "http://example.org/path" nil nil nil attrs))
+ (should auth)
+ (should (string-match ".*opaque=\"\\(.*?\\)\".*" auth))
+ (should (string= (match-string 1 auth) "opaque-value"))))
+
+(provide 'url-auth-tests)
+;;; url-auth-tests.el ends here
--
2.5.0.330.g130be8e
next prev parent reply other threads:[~2015-08-30 16:17 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-05-09 12:25 url-digest-auth QOP implementation Jarno Malmari
2015-05-10 17:10 ` Lars Magne Ingebrigtsen
2015-05-11 19:17 ` Patches for qop=auth implementation for url-digest-auth Jarno Malmari
2015-05-11 19:17 ` [PATCH 1/3] Test for url-auth Jarno Malmari
2015-05-11 19:17 ` [PATCH 2/3] Refactor digest authentication in url-auth Jarno Malmari
2015-05-11 19:17 ` [PATCH 3/3] Initial implementation for HTTP Digest qop for url Jarno Malmari
2015-05-18 15:47 ` Patches for qop=auth implementation for url-digest-auth Lars Magne Ingebrigtsen
2015-05-26 17:13 ` Jarno Malmari
2015-08-08 8:14 ` Jarno Malmari
2015-08-30 11:52 ` Lars Magne Ingebrigtsen
2015-08-30 16:17 ` Jarno Malmari [this message]
2015-08-30 16:17 ` [PATCH 2/3] Refactor digest authentication in url-auth Jarno Malmari
2015-08-30 16:17 ` [PATCH 3/3] Initial implementation for HTTP Digest qop for url Jarno Malmari
2016-02-07 5:35 ` [PATCH 1/3] Test for url-auth Lars Ingebrigtsen
2016-02-07 15:57 ` Eli Zaretskii
2016-02-08 4:57 ` Lars Ingebrigtsen
2016-02-08 5:29 ` Lars Ingebrigtsen
2016-09-08 19:51 ` Jarno Malmari
2016-09-08 19:51 ` [PATCH 1/3] Revert parts of url-auth test Jarno Malmari
2016-09-08 19:51 ` [PATCH 2/3] Refactor digest authentication in url-auth Jarno Malmari
2016-09-08 19:51 ` [PATCH 3/3] Initial implementation for HTTP Digest qop for url Jarno Malmari
2016-11-12 22:03 ` [PATCH 1/3] Test for url-auth Jarno Malmari
2016-11-12 22:03 ` [PATCH 1/2] Refactor digest authentication in url-auth Jarno Malmari
2016-11-12 22:03 ` [PATCH 2/2] Initial implementation for HTTP Digest qop for url Jarno Malmari
2016-11-13 11:36 ` [PATCH 1/3] Test for url-auth Jarno Malmari
2016-11-13 11:36 ` [PATCH 1/2] Refactor digest authentication in url-auth Jarno Malmari
2016-11-13 15:53 ` Eli Zaretskii
2016-11-13 21:57 ` Jarno Malmari
2016-11-14 3:42 ` Eli Zaretskii
2016-11-14 4:34 ` Yuri Khan
2016-11-14 15:28 ` Eli Zaretskii
2017-02-14 21:12 ` Jarno Malmari
2017-02-14 21:12 ` [PATCH 1/2] " Jarno Malmari
2017-02-14 21:12 ` [PATCH 2/2] Initial implementation for HTTP Digest qop for url Jarno Malmari
2017-02-18 11:11 ` Refactor digest authentication in url-auth Eli Zaretskii
2017-02-25 8:54 ` Eli Zaretskii
2017-03-05 15:54 ` Jarno Malmari
2017-03-05 16:06 ` Eli Zaretskii
2017-03-11 10:08 ` Eli Zaretskii
2017-03-25 16:08 ` Eli Zaretskii
2017-03-27 19:47 ` Jarno Malmari
2017-03-27 19:47 ` [PATCH 1/2] " Jarno Malmari
2017-03-27 19:47 ` [PATCH 2/2] Initial implementation for HTTP Digest qop for url Jarno Malmari
2017-04-01 6:24 ` Refactor digest authentication in url-auth Eli Zaretskii
2016-11-13 11:36 ` [PATCH 2/2] Initial implementation for HTTP Digest qop for url Jarno Malmari
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1440951427-12486-1-git-send-email-jarno@malmari.fi \
--to=jarno@malmari.fi \
--cc=emacs-devel@gnu.org \
--cc=larsi@gnus.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).