Fix realm selection when handling Basic authentication.

Clarify comments and fix realm selection in
HttpAuthHandlerBasic::HandleAnotherChallenge() to match the selection in
HttpAuthHandlerBasic::ParseChallenge().

This is cleanup for r75390.

BUG=none
TEST=net_unittests --gtest_filter=HttpAuthHandlerBasicTest.*

Review URL: http://codereview.chromium.org/6574003

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@75889 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 52 insertions, 12 deletions

diff --git a/net/http/http_auth_handler_basic_unittest.cc b/net/http/http_auth_handler_basic_unittest.cc
index 0150579..51352da 100644
--- a/net/http/http_auth_handler_basic_unittest.cc
+++ b/net/http/http_auth_handler_basic_unittest.cc
@@ -5,6 +5,7 @@
 #include <string>
 
 #include "base/basictypes.h"
+#include "base/scoped_ptr.h"
 #include "base/string_util.h"
 #include "base/utf_string_conversions.h"
 #include "net/base/net_errors.h"
@@ -47,22 +48,53 @@ TEST(HttpAuthHandlerBasicTest, GenerateAuthToken) {
 }
 
 TEST(HttpAuthHandlerBasicTest, HandleAnotherChallenge) {
+  static const struct {
+    const char* challenge;
+    HttpAuth::AuthorizationResult expected_rv;
+  } tests[] = {
+    // The handler is initialized using this challenge.  The first
+    // time HandleAnotherChallenge is called with it should cause it
+    // to treat the second challenge as a rejection since it is for
+    // the same realm.
+    {
+      "Basic realm=\"First\"",
+      HttpAuth::AUTHORIZATION_RESULT_REJECT
+    },
+
+    // A challenge for a different realm.
+    {
+      "Basic realm=\"Second\"",
+      HttpAuth::AUTHORIZATION_RESULT_DIFFERENT_REALM
+    },
+
+    // Although RFC 2617 isn't explicit about this case, if there is
+    // more than one realm directive, we pick the last one.  So this
+    // challenge should be treated as being for "First" realm.
+    {
+      "Basic realm=\"Second\",realm=\"First\"",
+      HttpAuth::AUTHORIZATION_RESULT_REJECT
+    },
+
+    // And this one should be treated as if it was for "Second."
+    {
+      "basic realm=\"First\",realm=\"Second\"",
+      HttpAuth::AUTHORIZATION_RESULT_DIFFERENT_REALM
+    }
+  };
+
   GURL origin("http://www.example.com");
-  std::string challenge1 = "Basic realm=\"First\"";
-  std::string challenge2 = "Basic realm=\"Second\"";
   HttpAuthHandlerBasic::Factory factory;
   scoped_ptr<HttpAuthHandler> basic;
   EXPECT_EQ(OK, factory.CreateAuthHandlerFromString(
-      challenge1, HttpAuth::AUTH_SERVER, origin, BoundNetLog(), &basic));
-  HttpAuth::ChallengeTokenizer tok_first(challenge1.begin(),
-                                         challenge1.end());
-  EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_REJECT,
-            basic->HandleAnotherChallenge(&tok_first));
-
-  HttpAuth::ChallengeTokenizer tok_second(challenge2.begin(),
-                                          challenge2.end());
-  EXPECT_EQ(HttpAuth::AUTHORIZATION_RESULT_DIFFERENT_REALM,
-            basic->HandleAnotherChallenge(&tok_second));
+      tests[0].challenge, HttpAuth::AUTH_SERVER, origin,
+      BoundNetLog(), &basic));
+
+  for (size_t i = 0; i < ARRAYSIZE_UNSAFE(tests); ++i) {
+    std::string challenge(tests[i].challenge);
+    HttpAuth::ChallengeTokenizer tok(challenge.begin(),
+                                     challenge.end());
+    EXPECT_EQ(tests[i].expected_rv, basic->HandleAnotherChallenge(&tok));
+  }
 }
 
 TEST(HttpAuthHandlerBasicTest, InitFromChallenge) {
@@ -131,6 +163,14 @@ TEST(HttpAuthHandlerBasicTest, InitFromChallenge) {
       ERR_INVALID_RESPONSE,
       ""
     },
+
+    // Although RFC 2617 isn't explicit about this case, if there is
+    // more than one realm directive, we pick the last one.
+    {
+      "Basic realm=\"foo\",realm=\"bar\"",
+      OK,
+      "bar",
+    },
   };
   HttpAuthHandlerBasic::Factory factory;
   GURL origin("http://www.example.com");