diff options
| author | cbentzel@chromium.org <cbentzel@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-09-12 13:12:04 +0000 |
|---|---|---|
| committer | cbentzel@chromium.org <cbentzel@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-09-12 13:12:04 +0000 |
| commit | 79cb5c1739afa979cb0d5aa3701f128c6a50dde5 (patch) | |
| tree | 8e46e6ee56d1b0a8b339a358a2418a83f354a436 /net/http | |
| parent | 89b1769644f8a140ef663db69156a651422f50db (diff) | |
| download | chromium_src-79cb5c1739afa979cb0d5aa3701f128c6a50dde5.zip chromium_src-79cb5c1739afa979cb0d5aa3701f128c6a50dde5.tar.gz chromium_src-79cb5c1739afa979cb0d5aa3701f128c6a50dde5.tar.bz2 | |
Change AuthChallengeInfo to better represent underlying encodings.
* Use a HostPortPair to indicate the challenger info. This may be a punycode-encoded host.
* scheme is always ASCII encoded and a string
* realm is converted to UTF-16 rather than a wstring. Over the wire this is usually ASCII, can be ISO-8859-1 encoded as it's a quoted string, and could potentially be other encodings as specified by RFC 2047.
BUG=95692
TEST=http://greenbytes.de/tech/tc/httpauth/simplebasicrealmiso88591.asis should display an a with an umlaut.
Review URL: http://codereview.chromium.org/7569015
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@100676 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/http')
| -rw-r--r-- | net/http/http_auth_controller.cc | 10 | ||||
| -rw-r--r-- | net/http/http_auth_handler.h | 4 | ||||
| -rw-r--r-- | net/http/http_auth_handler_basic.cc | 48 | ||||
| -rw-r--r-- | net/http/http_auth_handler_basic_unittest.cc | 8 | ||||
| -rw-r--r-- | net/http/http_auth_handler_digest.cc | 20 | ||||
| -rw-r--r-- | net/http/http_auth_handler_digest.h | 5 | ||||
| -rw-r--r-- | net/http/http_auth_handler_digest_unittest.cc | 16 | ||||
| -rw-r--r-- | net/http/http_network_transaction_unittest.cc | 310 |
8 files changed, 195 insertions, 226 deletions
diff --git a/net/http/http_auth_controller.cc b/net/http/http_auth_controller.cc index 477478a..4899a0c 100644 --- a/net/http/http_auth_controller.cc +++ b/net/http/http_auth_controller.cc @@ -511,12 +511,10 @@ void HttpAuthController::PopulateAuthChallenge() { // This info is consumed by URLRequestHttpJob::GetAuthChallengeInfo(). auth_info_ = new AuthChallengeInfo; - auth_info_->is_proxy = target_ == HttpAuth::AUTH_PROXY; - auth_info_->host_and_port = ASCIIToWide(GetHostAndPort(auth_origin_)); - auth_info_->scheme = ASCIIToWide( - HttpAuth::SchemeToString(handler_->auth_scheme())); - // TODO(eroman): decode realm according to RFC 2047. - auth_info_->realm = ASCIIToWide(handler_->realm()); + auth_info_->is_proxy = (target_ == HttpAuth::AUTH_PROXY); + auth_info_->challenger = HostPortPair::FromURL(auth_origin_); + auth_info_->scheme = HttpAuth::SchemeToString(handler_->auth_scheme()); + auth_info_->realm = handler_->realm(); } bool HttpAuthController::DisableOnAuthHandlerResult(int result) { diff --git a/net/http/http_auth_handler.h b/net/http/http_auth_handler.h index 8f237e8..00f45f2 100644 --- a/net/http/http_auth_handler.h +++ b/net/http/http_auth_handler.h @@ -81,7 +81,7 @@ class NET_EXPORT_PRIVATE HttpAuthHandler { return auth_scheme_; } - // The realm value that was parsed during Init(). + // The realm, encoded as UTF-8. This may be empty. const std::string& realm() const { return realm_; } @@ -166,7 +166,7 @@ class NET_EXPORT_PRIVATE HttpAuthHandler { // The auth-scheme as an enumerated value. HttpAuth::Scheme auth_scheme_; - // The realm. Used by "basic" and "digest". + // The realm, encoded as UTF-8. Used by "basic" and "digest". std::string realm_; // The auth challenge. diff --git a/net/http/http_auth_handler_basic.cc b/net/http/http_auth_handler_basic.cc index a51b8ba..a618651 100644 --- a/net/http/http_auth_handler_basic.cc +++ b/net/http/http_auth_handler_basic.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -7,6 +7,7 @@ #include <string> #include "base/base64.h" +#include "base/i18n/icu_string_conversions.h" #include "base/string_util.h" #include "base/utf_string_conversions.h" #include "net/base/net_errors.h" @@ -14,6 +15,11 @@ namespace net { +namespace { + +// Parses a realm from an auth challenge, and converts to UTF8-encoding. +// Returns whether the realm is invalid or the parameters are invalid. +// // Note that if a realm was not specified, we will default it to ""; // so specifying 'Basic realm=""' is equivalent to 'Basic'. // @@ -22,6 +28,29 @@ namespace net { // // We allow it to be compatibility with certain embedded webservers that don't // include a realm (see http://crbug.com/20984.) +// +// The over-the-wire realm is encoded as ISO-8859-1 (aka Latin-1). +// +// TODO(cbentzel): Realm may need to be decoded using RFC 2047 rules as +// well, see http://crbug.com/25790. +bool ParseRealm(const HttpAuth::ChallengeTokenizer& tokenizer, + std::string* realm) { + CHECK(realm); + realm->clear(); + HttpUtil::NameValuePairsIterator parameters = tokenizer.param_pairs(); + while (parameters.GetNext()) { + if (!LowerCaseEqualsASCII(parameters.name(), "realm")) + continue; + + if (!base::ConvertToUtf8AndNormalize( + parameters.value(), base::kCodepageLatin1, realm)) + return false; + } + return parameters.valid(); +} + +} // namespace + bool HttpAuthHandlerBasic::Init(HttpAuth::ChallengeTokenizer* challenge) { auth_scheme_ = HttpAuth::AUTH_SCHEME_BASIC; score_ = 1; @@ -35,16 +64,8 @@ bool HttpAuthHandlerBasic::ParseChallenge( if (!LowerCaseEqualsASCII(challenge->scheme(), "basic")) return false; - HttpUtil::NameValuePairsIterator parameters = challenge->param_pairs(); - - // Extract the realm (may be missing). std::string realm; - while (parameters.GetNext()) { - if (LowerCaseEqualsASCII(parameters.name(), "realm")) - realm = parameters.value(); - } - - if (!parameters.valid()) + if (!ParseRealm(*challenge, &realm)) return false; realm_ = realm; @@ -56,12 +77,9 @@ HttpAuth::AuthorizationResult HttpAuthHandlerBasic::HandleAnotherChallenge( // Basic authentication is always a single round, so any responses // should be treated as a rejection. However, if the new challenge // is for a different realm, then indicate the realm change. - HttpUtil::NameValuePairsIterator parameters = challenge->param_pairs(); std::string realm; - while (parameters.GetNext()) { - if (LowerCaseEqualsASCII(parameters.name(), "realm")) - realm = parameters.value(); - } + if (!ParseRealm(*challenge, &realm)) + return HttpAuth::AUTHORIZATION_RESULT_INVALID; return (realm_ != realm)? HttpAuth::AUTHORIZATION_RESULT_DIFFERENT_REALM: HttpAuth::AUTHORIZATION_RESULT_REJECT; diff --git a/net/http/http_auth_handler_basic_unittest.cc b/net/http/http_auth_handler_basic_unittest.cc index b75e2c9..74d8800 100644 --- a/net/http/http_auth_handler_basic_unittest.cc +++ b/net/http/http_auth_handler_basic_unittest.cc @@ -171,6 +171,14 @@ TEST(HttpAuthHandlerBasicTest, InitFromChallenge) { OK, "bar", }, + + // Handle ISO-8859-1 character as part of the realm. The realm is converted + // to UTF-8. + { + "Basic realm=\"foo-\xE5\"", + OK, + "foo-\xC3\xA5", + }, }; HttpAuthHandlerBasic::Factory factory; GURL origin("http://www.example.com"); diff --git a/net/http/http_auth_handler_digest.cc b/net/http/http_auth_handler_digest.cc index da7a601..fe93479 100644 --- a/net/http/http_auth_handler_digest.cc +++ b/net/http/http_auth_handler_digest.cc @@ -6,6 +6,7 @@ #include <string> +#include "base/i18n/icu_string_conversions.h" #include "base/logging.h" #include "base/md5.h" #include "base/rand_util.h" @@ -114,19 +115,19 @@ HttpAuth::AuthorizationResult HttpAuthHandlerDigest::HandleAnotherChallenge( return HttpAuth::AUTHORIZATION_RESULT_INVALID; HttpUtil::NameValuePairsIterator parameters = challenge->param_pairs(); - std::string realm; // Try to find the "stale" value, and also keep track of the realm // for the new challenge. + std::string original_realm; while (parameters.GetNext()) { if (LowerCaseEqualsASCII(parameters.name(), "stale")) { if (LowerCaseEqualsASCII(parameters.value(), "true")) return HttpAuth::AUTHORIZATION_RESULT_STALE; } else if (LowerCaseEqualsASCII(parameters.name(), "realm")) { - realm = parameters.value(); + original_realm = parameters.value(); } } - return (realm_ != realm) ? + return (original_realm_ != original_realm) ? HttpAuth::AUTHORIZATION_RESULT_DIFFERENT_REALM : HttpAuth::AUTHORIZATION_RESULT_REJECT; } @@ -198,7 +199,7 @@ bool HttpAuthHandlerDigest::ParseChallenge( stale_ = false; algorithm_ = ALGORITHM_UNSPECIFIED; qop_ = QOP_UNSPECIFIED; - realm_ = nonce_ = domain_ = opaque_ = std::string(); + realm_ = original_realm_ = nonce_ = domain_ = opaque_ = std::string(); // FAIL -- Couldn't match auth-scheme. if (!LowerCaseEqualsASCII(challenge->scheme(), "digest")) @@ -228,7 +229,11 @@ bool HttpAuthHandlerDigest::ParseChallenge( bool HttpAuthHandlerDigest::ParseChallengeProperty(const std::string& name, const std::string& value) { if (LowerCaseEqualsASCII(name, "realm")) { - realm_ = value; + std::string realm; + if (!base::ConvertToUtf8AndNormalize(value, base::kCodepageLatin1, &realm)) + return false; + realm_ = realm; + original_realm_ = value; } else if (LowerCaseEqualsASCII(name, "nonce")) { nonce_ = value; } else if (LowerCaseEqualsASCII(name, "domain")) { @@ -321,7 +326,8 @@ std::string HttpAuthHandlerDigest::AssembleResponseDigest( const std::string& nc) const { // ha1 = MD5(A1) // TODO(eroman): is this the right encoding? - std::string ha1 = base::MD5String(UTF16ToUTF8(username) + ":" + realm_ + ":" + + std::string ha1 = base::MD5String(UTF16ToUTF8(username) + ":" + + original_realm_ + ":" + UTF16ToUTF8(password)); if (algorithm_ == HttpAuthHandlerDigest::ALGORITHM_MD5_SESS) ha1 = base::MD5String(ha1 + ":" + nonce_ + ":" + cnonce); @@ -351,7 +357,7 @@ std::string HttpAuthHandlerDigest::AssembleCredentials( // TODO(eroman): is this the right encoding? std::string authorization = (std::string("Digest username=") + HttpUtil::Quote(UTF16ToUTF8(username))); - authorization += ", realm=" + HttpUtil::Quote(realm_); + authorization += ", realm=" + HttpUtil::Quote(original_realm_); authorization += ", nonce=" + HttpUtil::Quote(nonce_); authorization += ", uri=" + HttpUtil::Quote(path); diff --git a/net/http/http_auth_handler_digest.h b/net/http/http_auth_handler_digest.h index 809e346..c1c5a21 100644 --- a/net/http/http_auth_handler_digest.h +++ b/net/http/http_auth_handler_digest.h @@ -169,6 +169,11 @@ class NET_EXPORT_PRIVATE HttpAuthHandlerDigest : public HttpAuthHandler { DigestAlgorithm algorithm_; QualityOfProtection qop_; + // The realm as initially encoded over-the-wire. This is used in the + // challenge text, rather than |realm_| which has been converted to + // UTF-8. + std::string original_realm_; + int nonce_count_; const NonceGenerator* nonce_generator_; }; diff --git a/net/http/http_auth_handler_digest_unittest.cc b/net/http/http_auth_handler_digest_unittest.cc index 8464a53..302eaa1 100644 --- a/net/http/http_auth_handler_digest_unittest.cc +++ b/net/http/http_auth_handler_digest_unittest.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -146,6 +146,20 @@ TEST(HttpAuthHandlerDigestTest, ParseChallenge) { HttpAuthHandlerDigest::QOP_UNSPECIFIED }, + // Handle ISO-8859-1 character as part of the realm. The realm is converted + // to UTF-8. However, the credentials will still use the original encoding. + { + "Digest nonce=\"xyz\", realm=\"foo-\xE5\"", + true, + "foo-\xC3\xA5", + "xyz", + "", + "", + false, + HttpAuthHandlerDigest::ALGORITHM_UNSPECIFIED, + HttpAuthHandlerDigest::QOP_UNSPECIFIED, + }, + { // At a minimum, a nonce must be provided. "Digest realm=\"Thunder Bluff\"", false, diff --git a/net/http/http_network_transaction_unittest.cc b/net/http/http_network_transaction_unittest.cc index 44b6759..ba6fee9 100644 --- a/net/http/http_network_transaction_unittest.cc +++ b/net/http/http_network_transaction_unittest.cc @@ -334,6 +334,48 @@ static const char kExpectedNPNString[] = "\x08http/1.1\x06spdy/2"; static const char kAlternateProtocolHttpHeader[] = "Alternate-Protocol: 443:npn-spdy/2\r\n\r\n"; +// Helper functions for validating that AuthChallengeInfo's are correctly +// configured for common cases. +bool CheckBasicServerAuth(const AuthChallengeInfo* auth_challenge) { + if (!auth_challenge) + return false; + EXPECT_FALSE(auth_challenge->is_proxy); + EXPECT_EQ("www.google.com:80", auth_challenge->challenger.ToString()); + EXPECT_EQ("MyRealm1", auth_challenge->realm); + EXPECT_EQ("basic", auth_challenge->scheme); + return true; +} + +bool CheckBasicProxyAuth(const AuthChallengeInfo* auth_challenge) { + if (!auth_challenge) + return false; + EXPECT_TRUE(auth_challenge->is_proxy); + EXPECT_EQ("myproxy:70", auth_challenge->challenger.ToString()); + EXPECT_EQ("MyRealm1", auth_challenge->realm); + EXPECT_EQ("basic", auth_challenge->scheme); + return true; +} + +bool CheckDigestServerAuth(const AuthChallengeInfo* auth_challenge) { + if (!auth_challenge) + return false; + EXPECT_FALSE(auth_challenge->is_proxy); + EXPECT_EQ("www.google.com:80", auth_challenge->challenger.ToString()); + EXPECT_EQ("digestive", auth_challenge->realm); + EXPECT_EQ("digest", auth_challenge->scheme); + return true; +} + +bool CheckNTLMServerAuth(const AuthChallengeInfo* auth_challenge) { + if (!auth_challenge) + return false; + EXPECT_FALSE(auth_challenge->is_proxy); + EXPECT_EQ("172.22.68.17:80", auth_challenge->challenger.ToString()); + EXPECT_EQ(std::string(), auth_challenge->realm); + EXPECT_EQ("ntlm", auth_challenge->scheme); + return true; +} + TEST_F(HttpNetworkTransactionTest, Basic) { SessionDependencies session_deps; scoped_ptr<HttpTransaction> trans( @@ -1091,14 +1133,8 @@ TEST_F(HttpNetworkTransactionTest, BasicAuth) { EXPECT_EQ(OK, rv); const HttpResponseInfo* response = trans->GetResponseInfo(); - EXPECT_FALSE(response == NULL); - - // The password prompt info should have been set in response->auth_challenge. - EXPECT_FALSE(response->auth_challenge.get() == NULL); - - EXPECT_EQ(L"www.google.com:80", response->auth_challenge->host_and_port); - EXPECT_EQ(L"MyRealm1", response->auth_challenge->realm); - EXPECT_EQ(L"basic", response->auth_challenge->scheme); + ASSERT_FALSE(response == NULL); + EXPECT_TRUE(CheckBasicServerAuth(response->auth_challenge.get())); TestCompletionCallback callback2; @@ -1216,14 +1252,8 @@ TEST_F(HttpNetworkTransactionTest, BasicAuthKeepAlive) { EXPECT_EQ(OK, rv); const HttpResponseInfo* response = trans->GetResponseInfo(); - EXPECT_FALSE(response == NULL); - - // The password prompt info should have been set in response->auth_challenge. - EXPECT_FALSE(response->auth_challenge.get() == NULL); - - EXPECT_EQ(L"www.google.com:80", response->auth_challenge->host_and_port); - EXPECT_EQ(L"MyRealm1", response->auth_challenge->realm); - EXPECT_EQ(L"basic", response->auth_challenge->scheme); + ASSERT_FALSE(response == NULL); + EXPECT_TRUE(CheckBasicServerAuth(response->auth_challenge.get())); TestCompletionCallback callback2; @@ -1297,14 +1327,8 @@ TEST_F(HttpNetworkTransactionTest, BasicAuthKeepAliveNoBody) { EXPECT_EQ(OK, rv); const HttpResponseInfo* response = trans->GetResponseInfo(); - EXPECT_FALSE(response == NULL); - - // The password prompt info should have been set in response->auth_challenge. - EXPECT_FALSE(response->auth_challenge.get() == NULL); - - EXPECT_EQ(L"www.google.com:80", response->auth_challenge->host_and_port); - EXPECT_EQ(L"MyRealm1", response->auth_challenge->realm); - EXPECT_EQ(L"basic", response->auth_challenge->scheme); + ASSERT_FALSE(response == NULL); + EXPECT_TRUE(CheckBasicServerAuth(response->auth_challenge.get())); TestCompletionCallback callback2; @@ -1386,14 +1410,8 @@ TEST_F(HttpNetworkTransactionTest, BasicAuthKeepAliveLargeBody) { EXPECT_EQ(OK, rv); const HttpResponseInfo* response = trans->GetResponseInfo(); - EXPECT_FALSE(response == NULL); - - // The password prompt info should have been set in response->auth_challenge. - EXPECT_FALSE(response->auth_challenge.get() == NULL); - - EXPECT_EQ(L"www.google.com:80", response->auth_challenge->host_and_port); - EXPECT_EQ(L"MyRealm1", response->auth_challenge->realm); - EXPECT_EQ(L"basic", response->auth_challenge->scheme); + ASSERT_FALSE(response == NULL); + EXPECT_TRUE(CheckBasicServerAuth(response->auth_challenge.get())); TestCompletionCallback callback2; @@ -1477,14 +1495,8 @@ TEST_F(HttpNetworkTransactionTest, BasicAuthKeepAliveImpatientServer) { EXPECT_EQ(OK, rv); const HttpResponseInfo* response = trans->GetResponseInfo(); - EXPECT_FALSE(response == NULL); - - // The password prompt info should have been set in response->auth_challenge. - EXPECT_FALSE(response->auth_challenge.get() == NULL); - - EXPECT_EQ(L"www.google.com:80", response->auth_challenge->host_and_port); - EXPECT_EQ(L"MyRealm1", response->auth_challenge->realm); - EXPECT_EQ(L"basic", response->auth_challenge->scheme); + ASSERT_FALSE(response == NULL); + EXPECT_TRUE(CheckBasicServerAuth(response->auth_challenge.get())); TestCompletionCallback callback2; @@ -1576,16 +1588,10 @@ TEST_F(HttpNetworkTransactionTest, BasicAuthProxyNoKeepAlive) { const HttpResponseInfo* response = trans->GetResponseInfo(); ASSERT_FALSE(response == NULL); - + ASSERT_FALSE(response->headers == NULL); EXPECT_EQ(407, response->headers->response_code()); EXPECT_TRUE(HttpVersion(1, 1) == response->headers->GetHttpVersion()); - - // The password prompt info should have been set in response->auth_challenge. - ASSERT_FALSE(response->auth_challenge.get() == NULL); - - EXPECT_EQ(L"myproxy:70", response->auth_challenge->host_and_port); - EXPECT_EQ(L"MyRealm1", response->auth_challenge->realm); - EXPECT_EQ(L"basic", response->auth_challenge->scheme); + EXPECT_TRUE(CheckBasicProxyAuth(response->auth_challenge.get())); TestCompletionCallback callback2; @@ -1681,19 +1687,13 @@ TEST_F(HttpNetworkTransactionTest, BasicAuthProxyKeepAlive) { NetLog::PHASE_NONE); const HttpResponseInfo* response = trans->GetResponseInfo(); - EXPECT_FALSE(response == NULL); - + ASSERT_FALSE(response == NULL); + ASSERT_FALSE(response->headers == NULL); EXPECT_TRUE(response->headers->IsKeepAlive()); EXPECT_EQ(407, response->headers->response_code()); EXPECT_EQ(10, response->headers->GetContentLength()); EXPECT_TRUE(HttpVersion(1, 1) == response->headers->GetHttpVersion()); - - // The password prompt info should have been set in response->auth_challenge. - EXPECT_FALSE(response->auth_challenge.get() == NULL); - - EXPECT_EQ(L"myproxy:70", response->auth_challenge->host_and_port); - EXPECT_EQ(L"MyRealm1", response->auth_challenge->realm); - EXPECT_EQ(L"basic", response->auth_challenge->scheme); + EXPECT_TRUE(CheckBasicProxyAuth(response->auth_challenge.get())); TestCompletionCallback callback2; @@ -1705,19 +1705,13 @@ TEST_F(HttpNetworkTransactionTest, BasicAuthProxyKeepAlive) { EXPECT_EQ(OK, rv); response = trans->GetResponseInfo(); - EXPECT_FALSE(response == NULL); - + ASSERT_FALSE(response == NULL); + ASSERT_FALSE(response->headers == NULL); EXPECT_TRUE(response->headers->IsKeepAlive()); EXPECT_EQ(407, response->headers->response_code()); EXPECT_EQ(10, response->headers->GetContentLength()); EXPECT_TRUE(HttpVersion(1, 1) == response->headers->GetHttpVersion()); - - // The password prompt info should have been set in response->auth_challenge. - EXPECT_FALSE(response->auth_challenge.get() == NULL); - - EXPECT_EQ(L"myproxy:70", response->auth_challenge->host_and_port); - EXPECT_EQ(L"MyRealm1", response->auth_challenge->realm); - EXPECT_EQ(L"basic", response->auth_challenge->scheme); + EXPECT_TRUE(CheckBasicProxyAuth(response->auth_challenge.get())); // Flush the idle socket before the NetLog and HttpNetworkTransaction go // out of scope. @@ -2005,9 +1999,9 @@ TEST_F(HttpNetworkTransactionTest, HttpsProxySpdyGetWithProxyAuth) { request.url = GURL("http://www.google.com/"); request.load_flags = 0; - // Configure against https proxy server "proxy:70". + // Configure against https proxy server "myproxy:70". SessionDependencies session_deps( - ProxyService::CreateFixed("https://proxy:70")); + ProxyService::CreateFixed("https://myproxy:70")); CapturingBoundNetLog log(CapturingNetLog::kUnbounded); session_deps.net_log = log.bound().net_log(); scoped_refptr<HttpNetworkSession> session(CreateSession(&session_deps)); @@ -2080,13 +2074,7 @@ TEST_F(HttpNetworkTransactionTest, HttpsProxySpdyGetWithProxyAuth) { ASSERT_TRUE(response->headers != NULL); EXPECT_EQ(407, response->headers->response_code()); EXPECT_TRUE(response->was_fetched_via_spdy); - - // The password prompt info should have been set in response->auth_challenge. - ASSERT_TRUE(response->auth_challenge.get() != NULL); - EXPECT_TRUE(response->auth_challenge->is_proxy); - EXPECT_EQ(L"proxy:70", response->auth_challenge->host_and_port); - EXPECT_EQ(L"MyRealm1", response->auth_challenge->realm); - EXPECT_EQ(L"basic", response->auth_challenge->scheme); + EXPECT_TRUE(CheckBasicProxyAuth(response->auth_challenge.get())); TestCompletionCallback callback2; @@ -2326,8 +2314,9 @@ TEST_F(HttpNetworkTransactionTest, HttpsProxyAuthRetry) { // when the no authentication data flag is set. request.load_flags = net::LOAD_DO_NOT_SEND_AUTH_DATA; - // Configure against https proxy server "proxy:70". - SessionDependencies session_deps(ProxyService::CreateFixed("https://proxy:70")); + // Configure against https proxy server "myproxy:70". + SessionDependencies session_deps( + ProxyService::CreateFixed("https://myproxy:70")); CapturingBoundNetLog log(CapturingNetLog::kUnbounded); session_deps.net_log = log.bound().net_log(); scoped_refptr<HttpNetworkSession> session(CreateSession(&session_deps)); @@ -2379,16 +2368,10 @@ TEST_F(HttpNetworkTransactionTest, HttpsProxyAuthRetry) { const HttpResponseInfo* response = trans->GetResponseInfo(); ASSERT_FALSE(response == NULL); - + ASSERT_FALSE(response->headers == NULL); EXPECT_EQ(407, response->headers->response_code()); EXPECT_TRUE(HttpVersion(1, 1) == response->headers->GetHttpVersion()); - - // The password prompt info should have been set in response->auth_challenge. - ASSERT_FALSE(response->auth_challenge.get() == NULL); - - EXPECT_EQ(L"proxy:70", response->auth_challenge->host_and_port); - EXPECT_EQ(L"MyRealm1", response->auth_challenge->realm); - EXPECT_EQ(L"basic", response->auth_challenge->scheme); + EXPECT_TRUE(CheckBasicProxyAuth(response->auth_challenge.get())); TestCompletionCallback callback2; @@ -2713,14 +2696,8 @@ TEST_F(HttpNetworkTransactionTest, BasicAuthProxyThenServer) { EXPECT_EQ(OK, rv); const HttpResponseInfo* response = trans->GetResponseInfo(); - EXPECT_FALSE(response == NULL); - - // The password prompt info should have been set in response->auth_challenge. - EXPECT_FALSE(response->auth_challenge.get() == NULL); - - EXPECT_EQ(L"myproxy:70", response->auth_challenge->host_and_port); - EXPECT_EQ(L"MyRealm1", response->auth_challenge->realm); - EXPECT_EQ(L"basic", response->auth_challenge->scheme); + ASSERT_FALSE(response == NULL); + EXPECT_TRUE(CheckBasicProxyAuth(response->auth_challenge.get())); TestCompletionCallback callback2; @@ -2731,12 +2708,8 @@ TEST_F(HttpNetworkTransactionTest, BasicAuthProxyThenServer) { EXPECT_EQ(OK, rv); response = trans->GetResponseInfo(); - EXPECT_FALSE(response == NULL); - EXPECT_FALSE(response->auth_challenge.get() == NULL); - - EXPECT_EQ(L"www.google.com:80", response->auth_challenge->host_and_port); - EXPECT_EQ(L"MyRealm1", response->auth_challenge->realm); - EXPECT_EQ(L"basic", response->auth_challenge->scheme); + ASSERT_FALSE(response == NULL); + EXPECT_TRUE(CheckBasicServerAuth(response->auth_challenge.get())); TestCompletionCallback callback3; @@ -2856,15 +2829,8 @@ TEST_F(HttpNetworkTransactionTest, NTLMAuth1) { EXPECT_FALSE(trans->IsReadyToRestartForAuth()); const HttpResponseInfo* response = trans->GetResponseInfo(); - ASSERT_TRUE(response != NULL); - - // The password prompt info should have been set in - // response->auth_challenge. - ASSERT_FALSE(response->auth_challenge.get() == NULL); - - EXPECT_EQ(L"172.22.68.17:80", response->auth_challenge->host_and_port); - EXPECT_EQ(L"", response->auth_challenge->realm); - EXPECT_EQ(L"ntlm", response->auth_challenge->scheme); + ASSERT_FALSE(response == NULL); + EXPECT_TRUE(CheckNTLMServerAuth(response->auth_challenge.get())); TestCompletionCallback callback2; @@ -2878,7 +2844,6 @@ TEST_F(HttpNetworkTransactionTest, NTLMAuth1) { response = trans->GetResponseInfo(); ASSERT_TRUE(response != NULL); - EXPECT_TRUE(response->auth_challenge.get() == NULL); TestCompletionCallback callback3; @@ -3043,14 +3008,8 @@ TEST_F(HttpNetworkTransactionTest, NTLMAuth2) { EXPECT_FALSE(trans->IsReadyToRestartForAuth()); const HttpResponseInfo* response = trans->GetResponseInfo(); - EXPECT_FALSE(response == NULL); - - // The password prompt info should have been set in response->auth_challenge. - EXPECT_FALSE(response->auth_challenge.get() == NULL); - - EXPECT_EQ(L"172.22.68.17:80", response->auth_challenge->host_and_port); - EXPECT_EQ(L"", response->auth_challenge->realm); - EXPECT_EQ(L"ntlm", response->auth_challenge->scheme); + ASSERT_FALSE(response == NULL); + EXPECT_TRUE(CheckNTLMServerAuth(response->auth_challenge.get())); TestCompletionCallback callback2; @@ -3070,14 +3029,8 @@ TEST_F(HttpNetworkTransactionTest, NTLMAuth2) { EXPECT_FALSE(trans->IsReadyToRestartForAuth()); response = trans->GetResponseInfo(); - ASSERT_TRUE(response != NULL); - - // The password prompt info should have been set in response->auth_challenge. - EXPECT_FALSE(response->auth_challenge.get() == NULL); - - EXPECT_EQ(L"172.22.68.17:80", response->auth_challenge->host_and_port); - EXPECT_EQ(L"", response->auth_challenge->realm); - EXPECT_EQ(L"ntlm", response->auth_challenge->scheme); + ASSERT_FALSE(response == NULL); + EXPECT_TRUE(CheckNTLMServerAuth(response->auth_challenge.get())); TestCompletionCallback callback4; @@ -3725,13 +3678,8 @@ TEST_F(HttpNetworkTransactionTest, WrongAuthIdentityInURL) { EXPECT_FALSE(trans->IsReadyToRestartForAuth()); const HttpResponseInfo* response = trans->GetResponseInfo(); - EXPECT_FALSE(response == NULL); - // The password prompt info should have been set in response->auth_challenge. - EXPECT_FALSE(response->auth_challenge.get() == NULL); - - EXPECT_EQ(L"www.google.com:80", response->auth_challenge->host_and_port); - EXPECT_EQ(L"MyRealm1", response->auth_challenge->realm); - EXPECT_EQ(L"basic", response->auth_challenge->scheme); + ASSERT_FALSE(response == NULL); + EXPECT_TRUE(CheckBasicServerAuth(response->auth_challenge.get())); TestCompletionCallback callback3; rv = trans->RestartWithAuth(kFoo, kBar, &callback3); @@ -3810,15 +3758,8 @@ TEST_F(HttpNetworkTransactionTest, BasicAuthCacheAndPreauth) { EXPECT_EQ(OK, rv); const HttpResponseInfo* response = trans->GetResponseInfo(); - EXPECT_FALSE(response == NULL); - - // The password prompt info should have been set in - // response->auth_challenge. - EXPECT_FALSE(response->auth_challenge.get() == NULL); - - EXPECT_EQ(L"www.google.com:80", response->auth_challenge->host_and_port); - EXPECT_EQ(L"MyRealm1", response->auth_challenge->realm); - EXPECT_EQ(L"basic", response->auth_challenge->scheme); + ASSERT_FALSE(response == NULL); + EXPECT_TRUE(CheckBasicServerAuth(response->auth_challenge.get())); TestCompletionCallback callback2; @@ -3895,15 +3836,13 @@ TEST_F(HttpNetworkTransactionTest, BasicAuthCacheAndPreauth) { EXPECT_EQ(OK, rv); const HttpResponseInfo* response = trans->GetResponseInfo(); - EXPECT_FALSE(response == NULL); - - // The password prompt info should have been set in - // response->auth_challenge. - EXPECT_FALSE(response->auth_challenge.get() == NULL); - - EXPECT_EQ(L"www.google.com:80", response->auth_challenge->host_and_port); - EXPECT_EQ(L"MyRealm2", response->auth_challenge->realm); - EXPECT_EQ(L"basic", response->auth_challenge->scheme); + ASSERT_FALSE(response == NULL); + ASSERT_TRUE(response->auth_challenge.get()); + EXPECT_FALSE(response->auth_challenge->is_proxy); + EXPECT_EQ("www.google.com:80", + response->auth_challenge->challenger.ToString()); + EXPECT_EQ("MyRealm2", response->auth_challenge->realm); + EXPECT_EQ("basic", response->auth_challenge->scheme); TestCompletionCallback callback2; @@ -4119,15 +4058,8 @@ TEST_F(HttpNetworkTransactionTest, BasicAuthCacheAndPreauth) { EXPECT_FALSE(trans->IsReadyToRestartForAuth()); const HttpResponseInfo* response = trans->GetResponseInfo(); - EXPECT_FALSE(response == NULL); - - // The password prompt info should have been set in - // response->auth_challenge. - EXPECT_FALSE(response->auth_challenge.get() == NULL); - - EXPECT_EQ(L"www.google.com:80", response->auth_challenge->host_and_port); - EXPECT_EQ(L"MyRealm1", response->auth_challenge->realm); - EXPECT_EQ(L"basic", response->auth_challenge->scheme); + ASSERT_FALSE(response == NULL); + EXPECT_TRUE(CheckBasicServerAuth(response->auth_challenge.get())); TestCompletionCallback callback3; @@ -4212,14 +4144,7 @@ TEST_F(HttpNetworkTransactionTest, DigestPreAuthNonceCount) { const HttpResponseInfo* response = trans->GetResponseInfo(); ASSERT_FALSE(response == NULL); - - // The password prompt info should have been set in - // response->auth_challenge. - ASSERT_FALSE(response->auth_challenge.get() == NULL); - - EXPECT_EQ(L"www.google.com:80", response->auth_challenge->host_and_port); - EXPECT_EQ(L"digestive", response->auth_challenge->realm); - EXPECT_EQ(L"digest", response->auth_challenge->scheme); + EXPECT_TRUE(CheckDigestServerAuth(response->auth_challenge.get())); TestCompletionCallback callback2; @@ -5990,14 +5915,8 @@ TEST_F(HttpNetworkTransactionTest, DrainResetOK) { EXPECT_EQ(OK, rv); const HttpResponseInfo* response = trans->GetResponseInfo(); - EXPECT_FALSE(response == NULL); - - // The password prompt info should have been set in response->auth_challenge. - EXPECT_FALSE(response->auth_challenge.get() == NULL); - - EXPECT_EQ(L"www.google.com:80", response->auth_challenge->host_and_port); - EXPECT_EQ(L"MyRealm1", response->auth_challenge->realm); - EXPECT_EQ(L"basic", response->auth_challenge->scheme); + ASSERT_FALSE(response == NULL); + EXPECT_TRUE(CheckBasicServerAuth(response->auth_challenge.get())); TestCompletionCallback callback2; @@ -6254,15 +6173,10 @@ TEST_F(HttpNetworkTransactionTest, UnreadableUploadFileAfterAuthRestart) { EXPECT_EQ(OK, rv); const HttpResponseInfo* response = trans->GetResponseInfo(); - EXPECT_TRUE(response != NULL); - EXPECT_TRUE(response->headers != NULL); + ASSERT_TRUE(response != NULL); + ASSERT_TRUE(response->headers != NULL); EXPECT_EQ("HTTP/1.1 401 Unauthorized", response->headers->GetStatusLine()); - - // The password prompt info should have been set in response->auth_challenge. - EXPECT_TRUE(response->auth_challenge.get() != NULL); - EXPECT_EQ(L"www.google.com:80", response->auth_challenge->host_and_port); - EXPECT_EQ(L"MyRealm1", response->auth_challenge->realm); - EXPECT_EQ(L"basic", response->auth_challenge->scheme); + EXPECT_TRUE(CheckBasicServerAuth(response->auth_challenge.get())); // Now make the file unreadable and try again. ASSERT_TRUE(file_util::MakeFileUnreadable(temp_file)); @@ -6381,10 +6295,12 @@ TEST_F(HttpNetworkTransactionTest, ChangeAuthRealms) { EXPECT_EQ(OK, rv); const HttpResponseInfo* response = trans->GetResponseInfo(); ASSERT_FALSE(response == NULL); - ASSERT_FALSE(response->auth_challenge.get() == NULL); - EXPECT_EQ(L"www.google.com:80", response->auth_challenge->host_and_port); - EXPECT_EQ(L"first_realm", response->auth_challenge->realm); - EXPECT_EQ(L"basic", response->auth_challenge->scheme); + const AuthChallengeInfo* challenge = response->auth_challenge.get(); + ASSERT_FALSE(challenge == NULL); + EXPECT_FALSE(challenge->is_proxy); + EXPECT_EQ("www.google.com:80", challenge->challenger.ToString()); + EXPECT_EQ("first_realm", challenge->realm); + EXPECT_EQ("basic", challenge->scheme); // Issue the second request with an incorrect password. There should be a // password prompt for second_realm waiting to be filled in after the @@ -6396,10 +6312,12 @@ TEST_F(HttpNetworkTransactionTest, ChangeAuthRealms) { EXPECT_EQ(OK, rv); response = trans->GetResponseInfo(); ASSERT_FALSE(response == NULL); - ASSERT_FALSE(response->auth_challenge.get() == NULL); - EXPECT_EQ(L"www.google.com:80", response->auth_challenge->host_and_port); - EXPECT_EQ(L"second_realm", response->auth_challenge->realm); - EXPECT_EQ(L"basic", response->auth_challenge->scheme); + challenge = response->auth_challenge.get(); + ASSERT_FALSE(challenge == NULL); + EXPECT_FALSE(challenge->is_proxy); + EXPECT_EQ("www.google.com:80", challenge->challenger.ToString()); + EXPECT_EQ("second_realm", challenge->realm); + EXPECT_EQ("basic", challenge->scheme); // Issue the third request with another incorrect password. There should be // a password prompt for first_realm waiting to be filled in. If the password @@ -6412,10 +6330,12 @@ TEST_F(HttpNetworkTransactionTest, ChangeAuthRealms) { EXPECT_EQ(OK, rv); response = trans->GetResponseInfo(); ASSERT_FALSE(response == NULL); - ASSERT_FALSE(response->auth_challenge.get() == NULL); - EXPECT_EQ(L"www.google.com:80", response->auth_challenge->host_and_port); - EXPECT_EQ(L"first_realm", response->auth_challenge->realm); - EXPECT_EQ(L"basic", response->auth_challenge->scheme); + challenge = response->auth_challenge.get(); + ASSERT_FALSE(challenge == NULL); + EXPECT_FALSE(challenge->is_proxy); + EXPECT_EQ("www.google.com:80", challenge->challenger.ToString()); + EXPECT_EQ("first_realm", challenge->realm); + EXPECT_EQ("basic", challenge->scheme); // Issue the fourth request with the correct password and username. TestCompletionCallback callback4; |