| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/http/http_network_transaction.h" | 5 #include "net/http/http_network_transaction.h" |
| 6 | 6 |
| 7 #include <math.h> // ceil | 7 #include <math.h> // ceil |
| 8 #include <stdarg.h> | 8 #include <stdarg.h> |
| 9 #include <string> | 9 #include <string> |
| 10 #include <vector> | 10 #include <vector> |
| (...skipping 3709 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3720 | 3720 |
| 3721 std::string response_data; | 3721 std::string response_data; |
| 3722 rv = ReadTransaction(trans.get(), &response_data); | 3722 rv = ReadTransaction(trans.get(), &response_data); |
| 3723 EXPECT_EQ(OK, rv); | 3723 EXPECT_EQ(OK, rv); |
| 3724 EXPECT_EQ(kExpectedResponseData[i], response_data); | 3724 EXPECT_EQ(kExpectedResponseData[i], response_data); |
| 3725 } | 3725 } |
| 3726 } | 3726 } |
| 3727 | 3727 |
| 3728 // Test the request-challenge-retry sequence for basic auth when there is | 3728 // Test the request-challenge-retry sequence for basic auth when there is |
| 3729 // an identity in the URL. The request should be sent as normal, but when | 3729 // an identity in the URL. The request should be sent as normal, but when |
| 3730 // it fails the identity from the URL is used to answer the challenge. | 3730 // it fails the identity from the URL is no longer used. |
| 3731 TEST_F(HttpNetworkTransactionSpdy3Test, AuthIdentityInURL) { | 3731 TEST_F(HttpNetworkTransactionSpdy3Test, IgnoreAuthIdentityInURL) { |
| 3732 HttpRequestInfo request; | 3732 HttpRequestInfo request; |
| 3733 request.method = "GET"; | 3733 request.method = "GET"; |
| 3734 request.url = GURL("http://foo:b@r@www.google.com/"); | 3734 request.url = GURL("http://foo:b@r@www.google.com/"); |
| 3735 request.load_flags = LOAD_NORMAL; | 3735 request.load_flags = LOAD_NORMAL; |
| 3736 | 3736 |
| 3737 SessionDependencies session_deps; | 3737 SessionDependencies session_deps; |
| 3738 scoped_ptr<HttpTransaction> trans( | 3738 scoped_ptr<HttpTransaction> trans( |
| 3739 new HttpNetworkTransaction(CreateSession(&session_deps))); | 3739 new HttpNetworkTransaction(CreateSession(&session_deps))); |
| 3740 | 3740 |
| 3741 // The password contains an escaped character -- for this test to pass it | 3741 // The password contains an escaped character -- for this test to pass it |
| 3742 // will need to be unescaped by HttpNetworkTransaction. | 3742 // will need to be unescaped by HttpNetworkTransaction. |
| 3743 EXPECT_EQ("b%40r", request.url.password()); | 3743 EXPECT_EQ("b%40r", request.url.password()); |
| 3744 | 3744 |
| 3745 MockWrite data_writes1[] = { | 3745 MockWrite data_writes1[] = { |
| 3746 MockWrite("GET / HTTP/1.1\r\n" | 3746 MockWrite("GET / HTTP/1.1\r\n" |
| 3747 "Host: www.google.com\r\n" | 3747 "Host: www.google.com\r\n" |
| 3748 "Connection: keep-alive\r\n\r\n"), | 3748 "Connection: keep-alive\r\n\r\n"), |
| 3749 }; | 3749 }; |
| 3750 | 3750 |
| 3751 MockRead data_reads1[] = { | 3751 MockRead data_reads1[] = { |
| 3752 MockRead("HTTP/1.0 401 Unauthorized\r\n"), | 3752 MockRead("HTTP/1.0 401 Unauthorized\r\n"), |
| 3753 MockRead("WWW-Authenticate: Basic realm=\"MyRealm1\"\r\n"), | 3753 MockRead("WWW-Authenticate: Basic realm=\"MyRealm1\"\r\n"), |
| 3754 MockRead("Content-Length: 10\r\n\r\n"), | 3754 MockRead("Content-Length: 10\r\n\r\n"), |
| 3755 MockRead(SYNCHRONOUS, ERR_FAILED), | 3755 MockRead(SYNCHRONOUS, ERR_FAILED), |
| 3756 }; | 3756 }; |
| 3757 | 3757 |
| 3758 // After the challenge above, the transaction will be restarted using the | |
| 3759 // identity from the url (foo, b@r) to answer the challenge. | |
| 3760 MockWrite data_writes2[] = { | |
| 3761 MockWrite("GET / HTTP/1.1\r\n" | |
| 3762 "Host: www.google.com\r\n" | |
| 3763 "Connection: keep-alive\r\n" | |
| 3764 "Authorization: Basic Zm9vOmJAcg==\r\n\r\n"), | |
| 3765 }; | |
| 3766 | |
| 3767 MockRead data_reads2[] = { | |
| 3768 MockRead("HTTP/1.0 200 OK\r\n"), | |
| 3769 MockRead("Content-Length: 100\r\n\r\n"), | |
| 3770 MockRead(SYNCHRONOUS, OK), | |
| 3771 }; | |
| 3772 | |
| 3773 StaticSocketDataProvider data1(data_reads1, arraysize(data_reads1), | 3758 StaticSocketDataProvider data1(data_reads1, arraysize(data_reads1), |
| 3774 data_writes1, arraysize(data_writes1)); | 3759 data_writes1, arraysize(data_writes1)); |
| 3775 StaticSocketDataProvider data2(data_reads2, arraysize(data_reads2), | |
| 3776 data_writes2, arraysize(data_writes2)); | |
| 3777 session_deps.socket_factory.AddSocketDataProvider(&data1); | 3760 session_deps.socket_factory.AddSocketDataProvider(&data1); |
| 3778 session_deps.socket_factory.AddSocketDataProvider(&data2); | |
| 3779 | 3761 |
| 3780 TestCompletionCallback callback1; | 3762 TestCompletionCallback callback1; |
| 3781 int rv = trans->Start(&request, callback1.callback(), BoundNetLog()); | 3763 int rv = trans->Start(&request, callback1.callback(), BoundNetLog()); |
| 3782 EXPECT_EQ(ERR_IO_PENDING, rv); | 3764 EXPECT_EQ(ERR_IO_PENDING, rv); |
| 3783 rv = callback1.WaitForResult(); | 3765 rv = callback1.WaitForResult(); |
| 3784 EXPECT_EQ(OK, rv); | 3766 EXPECT_EQ(OK, rv); |
| 3785 EXPECT_TRUE(trans->IsReadyToRestartForAuth()); | |
| 3786 | |
| 3787 TestCompletionCallback callback2; | |
| 3788 rv = trans->RestartWithAuth(AuthCredentials(), callback2.callback()); | |
| 3789 EXPECT_EQ(ERR_IO_PENDING, rv); | |
| 3790 rv = callback2.WaitForResult(); | |
| 3791 EXPECT_EQ(OK, rv); | |
| 3792 EXPECT_FALSE(trans->IsReadyToRestartForAuth()); | 3767 EXPECT_FALSE(trans->IsReadyToRestartForAuth()); |
| 3793 | 3768 |
| 3794 const HttpResponseInfo* response = trans->GetResponseInfo(); | |
| 3795 ASSERT_TRUE(response != NULL); | |
| 3796 | |
| 3797 // There is no challenge info, since the identity in URL worked. | |
| 3798 EXPECT_TRUE(response->auth_challenge.get() == NULL); | |
| 3799 | |
| 3800 EXPECT_EQ(100, response->headers->GetContentLength()); | |
| 3801 | |
| 3802 // Empty the current queue. | |
| 3803 MessageLoop::current()->RunAllPending(); | |
| 3804 } | |
| 3805 | |
| 3806 // Test the request-challenge-retry sequence for basic auth when there is an | |
| 3807 // incorrect identity in the URL. The identity from the URL should be used only | |
| 3808 // once. | |
| 3809 TEST_F(HttpNetworkTransactionSpdy3Test, WrongAuthIdentityInURL) { | |
| 3810 HttpRequestInfo request; | |
| 3811 request.method = "GET"; | |
| 3812 // Note: the URL has a username:password in it. The password "baz" is | |
| 3813 // wrong (should be "bar"). | |
| 3814 request.url = GURL("http://foo:baz@www.google.com/"); | |
| 3815 | |
| 3816 request.load_flags = LOAD_NORMAL; | |
| 3817 | |
| 3818 SessionDependencies session_deps; | |
| 3819 scoped_ptr<HttpTransaction> trans( | |
| 3820 new HttpNetworkTransaction(CreateSession(&session_deps))); | |
| 3821 | |
| 3822 MockWrite data_writes1[] = { | |
| 3823 MockWrite("GET / HTTP/1.1\r\n" | |
| 3824 "Host: www.google.com\r\n" | |
| 3825 "Connection: keep-alive\r\n\r\n"), | |
| 3826 }; | |
| 3827 | |
| 3828 MockRead data_reads1[] = { | |
| 3829 MockRead("HTTP/1.0 401 Unauthorized\r\n"), | |
| 3830 MockRead("WWW-Authenticate: Basic realm=\"MyRealm1\"\r\n"), | |
| 3831 MockRead("Content-Length: 10\r\n\r\n"), | |
| 3832 MockRead(SYNCHRONOUS, ERR_FAILED), | |
| 3833 }; | |
| 3834 | |
| 3835 // After the challenge above, the transaction will be restarted using the | |
| 3836 // identity from the url (foo, baz) to answer the challenge. | |
| 3837 MockWrite data_writes2[] = { | |
| 3838 MockWrite("GET / HTTP/1.1\r\n" | |
| 3839 "Host: www.google.com\r\n" | |
| 3840 "Connection: keep-alive\r\n" | |
| 3841 "Authorization: Basic Zm9vOmJheg==\r\n\r\n"), | |
| 3842 }; | |
| 3843 | |
| 3844 MockRead data_reads2[] = { | |
| 3845 MockRead("HTTP/1.0 401 Unauthorized\r\n"), | |
| 3846 MockRead("WWW-Authenticate: Basic realm=\"MyRealm1\"\r\n"), | |
| 3847 MockRead("Content-Length: 10\r\n\r\n"), | |
| 3848 MockRead(SYNCHRONOUS, ERR_FAILED), | |
| 3849 }; | |
| 3850 | |
| 3851 // After the challenge above, the transaction will be restarted using the | |
| 3852 // identity supplied by the user (foo, bar) to answer the challenge. | |
| 3853 MockWrite data_writes3[] = { | |
| 3854 MockWrite("GET / HTTP/1.1\r\n" | |
| 3855 "Host: www.google.com\r\n" | |
| 3856 "Connection: keep-alive\r\n" | |
| 3857 "Authorization: Basic Zm9vOmJhcg==\r\n\r\n"), | |
| 3858 }; | |
| 3859 | |
| 3860 MockRead data_reads3[] = { | |
| 3861 MockRead("HTTP/1.0 200 OK\r\n"), | |
| 3862 MockRead("Content-Length: 100\r\n\r\n"), | |
| 3863 MockRead(SYNCHRONOUS, OK), | |
| 3864 }; | |
| 3865 | |
| 3866 StaticSocketDataProvider data1(data_reads1, arraysize(data_reads1), | |
| 3867 data_writes1, arraysize(data_writes1)); | |
| 3868 StaticSocketDataProvider data2(data_reads2, arraysize(data_reads2), | |
| 3869 data_writes2, arraysize(data_writes2)); | |
| 3870 StaticSocketDataProvider data3(data_reads3, arraysize(data_reads3), | |
| 3871 data_writes3, arraysize(data_writes3)); | |
| 3872 session_deps.socket_factory.AddSocketDataProvider(&data1); | |
| 3873 session_deps.socket_factory.AddSocketDataProvider(&data2); | |
| 3874 session_deps.socket_factory.AddSocketDataProvider(&data3); | |
| 3875 | |
| 3876 TestCompletionCallback callback1; | |
| 3877 | |
| 3878 int rv = trans->Start(&request, callback1.callback(), BoundNetLog()); | |
| 3879 EXPECT_EQ(ERR_IO_PENDING, rv); | |
| 3880 | |
| 3881 rv = callback1.WaitForResult(); | |
| 3882 EXPECT_EQ(OK, rv); | |
| 3883 | |
| 3884 EXPECT_TRUE(trans->IsReadyToRestartForAuth()); | |
| 3885 TestCompletionCallback callback2; | |
| 3886 rv = trans->RestartWithAuth(AuthCredentials(), callback2.callback()); | |
| 3887 EXPECT_EQ(ERR_IO_PENDING, rv); | |
| 3888 rv = callback2.WaitForResult(); | |
| 3889 EXPECT_EQ(OK, rv); | |
| 3890 EXPECT_FALSE(trans->IsReadyToRestartForAuth()); | |
| 3891 | |
| 3892 const HttpResponseInfo* response = trans->GetResponseInfo(); | |
| 3893 ASSERT_TRUE(response != NULL); | |
| 3894 EXPECT_TRUE(CheckBasicServerAuth(response->auth_challenge.get())); | |
| 3895 | |
| 3896 TestCompletionCallback callback3; | |
| 3897 rv = trans->RestartWithAuth( | |
| 3898 AuthCredentials(kFoo, kBar), callback3.callback()); | |
| 3899 EXPECT_EQ(ERR_IO_PENDING, rv); | |
| 3900 rv = callback3.WaitForResult(); | |
| 3901 EXPECT_EQ(OK, rv); | |
| 3902 EXPECT_FALSE(trans->IsReadyToRestartForAuth()); | |
| 3903 | |
| 3904 response = trans->GetResponseInfo(); | |
| 3905 ASSERT_TRUE(response != NULL); | |
| 3906 | |
| 3907 // There is no challenge info, since the identity worked. | |
| 3908 EXPECT_TRUE(response->auth_challenge.get() == NULL); | |
| 3909 | |
| 3910 EXPECT_EQ(100, response->headers->GetContentLength()); | |
| 3911 | |
| 3912 // Empty the current queue. | 3769 // Empty the current queue. |
| 3913 MessageLoop::current()->RunAllPending(); | 3770 MessageLoop::current()->RunAllPending(); |
| 3914 } | 3771 } |
| 3915 | 3772 |
| 3916 // Test that previously tried username/passwords for a realm get re-used. | 3773 // Test that previously tried username/passwords for a realm get re-used. |
| 3917 TEST_F(HttpNetworkTransactionSpdy3Test, BasicAuthCacheAndPreauth) { | 3774 TEST_F(HttpNetworkTransactionSpdy3Test, BasicAuthCacheAndPreauth) { |
| 3918 SessionDependencies session_deps; | 3775 SessionDependencies session_deps; |
| 3919 scoped_refptr<HttpNetworkSession> session(CreateSession(&session_deps)); | 3776 scoped_refptr<HttpNetworkSession> session(CreateSession(&session_deps)); |
| 3920 | 3777 |
| 3921 // Transaction 1: authenticate (foo, bar) on MyRealm1 | 3778 // Transaction 1: authenticate (foo, bar) on MyRealm1 |
| (...skipping 5769 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 9691 StaticSocketDataProvider* data[] = { &data1, &data2 }; | 9548 StaticSocketDataProvider* data[] = { &data1, &data2 }; |
| 9692 | 9549 |
| 9693 SimpleGetHelperResult out = SimpleGetHelperForData(data, arraysize(data)); | 9550 SimpleGetHelperResult out = SimpleGetHelperForData(data, arraysize(data)); |
| 9694 | 9551 |
| 9695 EXPECT_EQ(OK, out.rv); | 9552 EXPECT_EQ(OK, out.rv); |
| 9696 EXPECT_EQ("HTTP/1.0 200 OK", out.status_line); | 9553 EXPECT_EQ("HTTP/1.0 200 OK", out.status_line); |
| 9697 EXPECT_EQ("hello world", out.response_data); | 9554 EXPECT_EQ("hello world", out.response_data); |
| 9698 } | 9555 } |
| 9699 | 9556 |
| 9700 } // namespace net | 9557 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10446024:
Revert 138890 - Merge 138264 - Re-enable embedded identities in URLs for HTTP authentication. (Closed)
Base URL: svn://svn.chromium.org/chrome/branches/1132/src/