View Javadoc
1   /*
2    * Copyright (C) 2018, Thomas Wolf <thomas.wolf@paranor.ch>
3    * and other copyright owners as documented in the project's IP log.
4    *
5    * This program and the accompanying materials are made available
6    * under the terms of the Eclipse Distribution License v1.0 which
7    * accompanies this distribution, is reproduced below, and is
8    * available at http://www.eclipse.org/org/documents/edl-v10.php
9    *
10   * All rights reserved.
11   *
12   * Redistribution and use in source and binary forms, with or
13   * without modification, are permitted provided that the following
14   * conditions are met:
15   *
16   * - Redistributions of source code must retain the above copyright
17   *   notice, this list of conditions and the following disclaimer.
18   *
19   * - Redistributions in binary form must reproduce the above
20   *   copyright notice, this list of conditions and the following
21   *   disclaimer in the documentation and/or other materials provided
22   *   with the distribution.
23   *
24   * - Neither the name of the Eclipse Foundation, Inc. nor the
25   *   names of its contributors may be used to endorse or promote
26   *   products derived from this software without specific prior
27   *   written permission.
28   *
29   * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
30   * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
31   * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
32   * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
33   * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
34   * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
35   * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
36   * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
37   * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
38   * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
39   * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
40   * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
41   * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
42   */
43  package org.eclipse.jgit.internal.transport.sshd.proxy;
44  
45  import static org.junit.Assert.assertEquals;
46  import static org.junit.Assert.assertNull;
47  import static org.junit.Assert.assertTrue;
48  
49  import java.util.Arrays;
50  import java.util.LinkedHashMap;
51  import java.util.List;
52  import java.util.Map;
53  
54  import org.junit.Test;
55  
56  public class HttpParserTest {
57  
58  	private static final String STATUS_LINE = "HTTP/1.1. 407 Authentication required";
59  
60  	@Test
61  	public void testEmpty() throws Exception {
62  		String[] lines = { STATUS_LINE };
63  		List<AuthenticationChallenge> challenges = HttpParser
64  				.getAuthenticationHeaders(Arrays.asList(lines),
65  						"WWW-Authenticate:");
66  		assertTrue("No challenges expected", challenges.isEmpty());
67  	}
68  
69  	@Test
70  	public void testRFC7235Example() throws Exception {
71  		// The example from RFC 7235, sec. 4.1, slightly modified ("kind"
72  		// argument with whitespace around '=')
73  		String[] lines = { STATUS_LINE,
74  				"WWW-Authenticate: Newauth realm=\"apps\", type=1  , kind = \t2 ",
75  				"   \t  title=\"Login to \\\"apps\\\"\", Basic realm=\"simple\"" };
76  		List<AuthenticationChallenge> challenges = HttpParser
77  				.getAuthenticationHeaders(Arrays.asList(lines),
78  						"WWW-Authenticate:");
79  		assertEquals("Unexpected number of challenges", 2, challenges.size());
80  		assertNull("No token expected", challenges.get(0).getToken());
81  		assertNull("No token expected", challenges.get(1).getToken());
82  		assertEquals("Unexpected mechanism", "Newauth",
83  				challenges.get(0).getMechanism());
84  		assertEquals("Unexpected mechanism", "Basic",
85  				challenges.get(1).getMechanism());
86  		Map<String, String> expectedArguments = new LinkedHashMap<>();
87  		expectedArguments.put("realm", "apps");
88  		expectedArguments.put("type", "1");
89  		expectedArguments.put("kind", "2");
90  		expectedArguments.put("title", "Login to \"apps\"");
91  		assertEquals("Unexpected arguments", expectedArguments,
92  				challenges.get(0).getArguments());
93  		expectedArguments.clear();
94  		expectedArguments.put("realm", "simple");
95  		assertEquals("Unexpected arguments", expectedArguments,
96  				challenges.get(1).getArguments());
97  	}
98  
99  	@Test
100 	public void testMultipleHeaders() {
101 		String[] lines = { STATUS_LINE,
102 				"Server: Apache",
103 				"WWW-Authenticate: Newauth realm=\"apps\", type=1  , kind = \t2 ",
104 				"   \t  title=\"Login to \\\"apps\\\"\", Basic realm=\"simple\"",
105 				"Content-Type: text/plain",
106 				"WWW-Authenticate: Other 0123456789===  , YetAnother, ",
107 				"WWW-Authenticate: Negotiate   ",
108 				"WWW-Authenticate: Negotiate a87421000492aa874209af8bc028" };
109 		List<AuthenticationChallenge> challenges = HttpParser
110 				.getAuthenticationHeaders(Arrays.asList(lines),
111 						"WWW-Authenticate:");
112 		assertEquals("Unexpected number of challenges", 6, challenges.size());
113 		assertEquals("Mismatched challenge", "Other",
114 				challenges.get(2).getMechanism());
115 		assertEquals("Token expected", "0123456789===",
116 				challenges.get(2).getToken());
117 		assertEquals("Mismatched challenge", "YetAnother",
118 				challenges.get(3).getMechanism());
119 		assertNull("No token expected", challenges.get(3).getToken());
120 		assertTrue("No arguments expected",
121 				challenges.get(3).getArguments().isEmpty());
122 		assertEquals("Mismatched challenge", "Negotiate",
123 				challenges.get(4).getMechanism());
124 		assertNull("No token expected", challenges.get(4).getToken());
125 		assertEquals("Mismatched challenge", "Negotiate",
126 				challenges.get(5).getMechanism());
127 		assertEquals("Token expected", "a87421000492aa874209af8bc028",
128 				challenges.get(5).getToken());
129 	}
130 
131 	@Test
132 	public void testStopOnEmptyLine() {
133 		String[] lines = { STATUS_LINE, "Server: Apache",
134 				"WWW-Authenticate: Newauth realm=\"apps\", type=1  , kind = \t2 ",
135 				"   \t  title=\"Login to \\\"apps\\\"\", Basic realm=\"simple\"",
136 				"Content-Type: text/plain",
137 				"WWW-Authenticate: Other 0123456789===", "",
138 				// Not headers anymore; this would be the body
139 				"WWW-Authenticate: Negotiate   ",
140 				"WWW-Authenticate: Negotiate a87421000492aa874209af8bc028" };
141 		List<AuthenticationChallenge> challenges = HttpParser
142 				.getAuthenticationHeaders(Arrays.asList(lines),
143 						"WWW-Authenticate:");
144 		assertEquals("Unexpected number of challenges", 3, challenges.size());
145 	}
146 }