static void do_clear_credentials_test (void) { SoupSession *session; SoupAuthManager *manager; char *uri; SOUP_TEST_SKIP_IF_NO_APACHE; session = soup_test_session_new (SOUP_TYPE_SESSION, NULL); uri = g_strconcat (base_uri, "Digest/realm1/", NULL); do_digest_nonce_test (session, "First", uri, TRUE, TRUE, TRUE); manager = SOUP_AUTH_MANAGER (soup_session_get_feature (session, SOUP_TYPE_AUTH_MANAGER)); soup_auth_manager_clear_cached_credentials (manager); do_digest_nonce_test (session, "Second", uri, TRUE, TRUE, TRUE); g_free (uri); soup_test_session_abort_unref (session); }
static void do_digest_expiration_test (void) { SoupSession *session; char *uri; SOUP_TEST_SKIP_IF_NO_APACHE; session = soup_test_session_new (SOUP_TYPE_SESSION_ASYNC, NULL); uri = g_strconcat (base_uri, "Digest/realm1/", NULL); do_digest_nonce_test (session, "First", uri, TRUE, TRUE, TRUE); g_free (uri); sleep (2); uri = g_strconcat (base_uri, "Digest/realm1/expire/", NULL); do_digest_nonce_test (session, "Second", uri, TRUE, TRUE, FALSE); sleep (1); do_digest_nonce_test (session, "Third", uri, TRUE, FALSE, FALSE); sleep (1); do_digest_nonce_test (session, "Fourth", uri, TRUE, FALSE, FALSE); g_free (uri); soup_test_session_abort_unref (session); }
static void do_digest_expiration_test (const char *base_uri) { SoupSession *session; char *uri; debug_printf (1, "\nTesting digest nonce expiration:\n"); session = soup_test_session_new (SOUP_TYPE_SESSION_ASYNC, NULL); uri = g_strconcat (base_uri, "Digest/realm1/", NULL); do_digest_nonce_test (session, "First", uri, TRUE, TRUE); g_free (uri); sleep (2); uri = g_strconcat (base_uri, "Digest/realm1/expire/", NULL); do_digest_nonce_test (session, "Second", uri, TRUE, FALSE); sleep (1); do_digest_nonce_test (session, "Third", uri, FALSE, FALSE); sleep (1); do_digest_nonce_test (session, "Fourth", uri, FALSE, FALSE); g_free (uri); soup_test_session_abort_unref (session); }
static void do_message_do_not_use_auth_cache_test (void) { SoupSession *session; SoupAuthManager *manager; SoupURI *soup_uri; char *uri; char *uri_with_credentials; SOUP_TEST_SKIP_IF_NO_APACHE; session = soup_test_session_new (SOUP_TYPE_SESSION, NULL); uri = g_strconcat (base_uri, "Digest/realm1/", NULL); /* First check that cached credentials are not used */ do_digest_nonce_test (session, "First", uri, TRUE, TRUE, TRUE); do_digest_nonce_test (session, "Second", uri, TRUE, FALSE, FALSE); do_digest_nonce_test (session, "Third", uri, FALSE, TRUE, TRUE); /* Passing credentials in the URI should always authenticate * no matter whether the cache is used or not */ soup_uri = soup_uri_new (uri); soup_uri_set_user (soup_uri, "user1"); soup_uri_set_password (soup_uri, "realm1"); uri_with_credentials = soup_uri_to_string (soup_uri, FALSE); soup_uri_free (soup_uri); do_digest_nonce_test (session, "Fourth", uri_with_credentials, FALSE, TRUE, FALSE); g_free (uri_with_credentials); manager = SOUP_AUTH_MANAGER (soup_session_get_feature (session, SOUP_TYPE_AUTH_MANAGER)); soup_auth_manager_clear_cached_credentials (manager); /* Now check that credentials are not stored */ do_digest_nonce_test (session, "First", uri, FALSE, TRUE, TRUE); do_digest_nonce_test (session, "Second", uri, TRUE, TRUE, TRUE); do_digest_nonce_test (session, "Third", uri, TRUE, FALSE, FALSE); g_free (uri); soup_test_session_abort_unref (session); }
int main (int argc, char **argv) { SoupSession *session; SoupMessage *msg; const char *base_uri; char *uri; gboolean authenticated; int i, ntests; test_init (argc, argv, NULL); apache_init (); base_uri = "http://127.0.0.1:47524/"; /* Main tests */ current_tests = main_tests; ntests = G_N_ELEMENTS (main_tests); do_batch_tests (base_uri, ntests); /* Re-login tests */ current_tests = relogin_tests; ntests = G_N_ELEMENTS (relogin_tests); do_batch_tests (base_uri, ntests); /* And now for some regression tests */ loop = g_main_loop_new (NULL, TRUE); debug_printf (1, "Testing pipelined auth (bug 271540):\n"); session = soup_test_session_new (SOUP_TYPE_SESSION_ASYNC, NULL); authenticated = FALSE; g_signal_connect (session, "authenticate", G_CALLBACK (bug271540_authenticate), &authenticated); uri = g_strconcat (base_uri, "Basic/realm1/", NULL); for (i = 0; i < 10; i++) { msg = soup_message_new (SOUP_METHOD_GET, uri); g_object_set_data (G_OBJECT (msg), "#", GINT_TO_POINTER (i + 1)); g_signal_connect (msg, "wrote_headers", G_CALLBACK (bug271540_sent), &authenticated); soup_session_queue_message (session, msg, bug271540_finished, &i); } g_free (uri); g_main_loop_run (loop); soup_test_session_abort_unref (session); debug_printf (1, "\nTesting digest nonce expiration:\n"); /* We test two different things here: * * 1. If we get a 401 response with * "WWW-Authenticate: Digest stale=true...", we should * retry and succeed *without* the session asking for a * password again. * * 2. If we get a successful response with * "Authentication-Info: nextnonce=...", we should update * the nonce automatically so as to avoid getting a * stale nonce error on the next request. * * In our Apache config, /Digest/realm1 and * /Digest/realm1/expire are set up to use the same auth info, * but only the latter has an AuthDigestNonceLifetime (of 2 * seconds). The way nonces work in Apache, a nonce received * from /Digest/realm1 will still expire in * /Digest/realm1/expire, but it won't issue a nextnonce for a * request in /Digest/realm1. This lets us test both * behaviors. * * The expected conversation is: * * First message * GET /Digest/realm1 * * 401 Unauthorized * WWW-Authenticate: Digest nonce=A * * [emit 'authenticate'] * * GET /Digest/realm1 * Authorization: Digest nonce=A * * 200 OK * [No Authentication-Info] * * [sleep 2 seconds: nonce A is no longer valid, but we have no * way of knowing that] * * Second message * GET /Digest/realm1/expire/ * Authorization: Digest nonce=A * * 401 Unauthorized * WWW-Authenticate: Digest stale=true nonce=B * * GET /Digest/realm1/expire/ * Authorization: Digest nonce=B * * 200 OK * Authentication-Info: nextnonce=C * * [sleep 1 second] * * Third message * GET /Digest/realm1/expire/ * Authorization: Digest nonce=C * [nonce=B would work here too] * * 200 OK * Authentication-Info: nextnonce=D * * [sleep 1 second; nonces B and C are no longer valid, but D is] * * Fourth message * GET /Digest/realm1/expire/ * Authorization: Digest nonce=D * * 200 OK * Authentication-Info: nextnonce=D * */ session = soup_test_session_new (SOUP_TYPE_SESSION_ASYNC, NULL); uri = g_strconcat (base_uri, "Digest/realm1/", NULL); do_digest_nonce_test (session, "First", uri, TRUE, TRUE); g_free (uri); sleep (2); uri = g_strconcat (base_uri, "Digest/realm1/expire/", NULL); do_digest_nonce_test (session, "Second", uri, TRUE, FALSE); sleep (1); do_digest_nonce_test (session, "Third", uri, FALSE, FALSE); sleep (1); do_digest_nonce_test (session, "Fourth", uri, FALSE, FALSE); g_free (uri); soup_test_session_abort_unref (session); /* Async auth */ do_async_auth_test (base_uri); /* Selecting correct auth when multiple auth types are available */ do_select_auth_test (); g_main_loop_unref (loop); test_cleanup (); return errors != 0; }