Commit | Line | Data |
007935b8 |
1 | #!/usr/bin/perl |
2 | |
3 | use strict; |
4 | use warnings; |
5 | |
6 | use Test::More; |
7 | |
8 | BEGIN { |
9 | eval { require Test::WWW::Mechanize::Catalyst } |
10 | or plan skip_all => |
11 | "Test::WWW::Mechanize::Catalyst is needed for this test"; |
12 | eval { require Catalyst::Plugin::Cache::FileCache } |
13 | or plan skip_all => |
14 | "Catalyst::Plugin::Cache::FileCache is needed for this test"; |
15 | plan tests => 4; |
16 | } |
17 | |
18 | use HTTP::Request; |
19 | |
20 | { |
21 | |
22 | package AuthTestApp; |
23 | use Catalyst qw/ |
24 | Authentication |
25 | Authentication::Store::Minimal |
26 | Authentication::Credential::HTTP |
27 | Cache::FileCache |
28 | /; |
29 | |
30 | use Test::More; |
31 | |
32 | our $users; |
33 | |
34 | sub moose : Local { |
35 | my ( $self, $c ) = @_; |
36 | |
37 | $c->authorization_required( realm => 'testrealm@host.com' ); |
38 | |
39 | $c->res->body( $c->user->id ); |
40 | } |
41 | __PACKAGE__->config->{authentication}{http}{type} = 'digest'; |
42 | __PACKAGE__->config->{authentication}{users} = $users = { |
43 | Mufasa => { password => "Circle Of Life", }, |
44 | }; |
45 | |
46 | __PACKAGE__->setup; |
47 | } |
48 | |
49 | use Test::WWW::Mechanize::Catalyst qw/AuthTestApp/; |
50 | |
51 | my $mech = Test::WWW::Mechanize::Catalyst->new; |
52 | |
53 | $mech->get("http://localhost/moose"); |
54 | is( $mech->status, 401, "status is 401" ); |
55 | |
56 | my $www_auth = $mech->res->headers->header('WWW-Authenticate'); |
57 | my %www_auth_params = map {\r |
58 | my @key_val = split /=/, $_, 2;\r |
59 | $key_val[0] = lc $key_val[0];\r |
60 | $key_val[1] =~ s{"}{}g; # remove the quotes\r |
61 | @key_val;\r |
62 | } split /, /, substr( $www_auth, 7 ); #7 == length "Digest " |
63 | |
64 | $mech->content_lacks( "foo", "no output" ); |
65 | |
66 | my $response = ''; |
67 | { |
68 | my $username = 'Mufasa';\r |
69 | my $password = 'Circle Of Life';\r |
70 | my $realm = $www_auth_params{realm};\r |
71 | my $nonce = $www_auth_params{nonce};\r |
72 | my $cnonce = '0a4f113b';\r |
73 | my $opaque = $www_auth_params{opaque};\r |
74 | my $nc = '00000001';\r |
75 | my $method = 'GET';\r |
76 | my $qop = 'auth';\r |
77 | my $uri = '/moose'; |
78 | |
79 | my $ctx = Digest::MD5->new;\r |
80 | $ctx->add( join( ':', $username, $realm, $password ) );\r |
81 | my $A1_digest = $ctx->hexdigest; |
82 | |
83 | $ctx = Digest::MD5->new;\r |
84 | $ctx->add( join( ':', $method, $uri ) );\r |
85 | my $A2_digest = $ctx->hexdigest; |
86 | |
87 | my $digest = Digest::MD5::md5_hex(\r |
88 | join( ':',\r |
89 | $A1_digest, $nonce, $qop ? ( $nc, $cnonce, $qop ) : (), $A2_digest )\r |
90 | );\r |
91 | |
92 | $response = qq{Digest username="$username", realm="$realm", nonce="$nonce", uri="$uri", qop=$qop, nc=$nc, cnonce="$cnonce", response="$digest", opaque="$opaque"}; |
93 | } |
94 | |
95 | my $r = HTTP::Request->new( GET => "http://localhost/moose" ); |
96 | $mech->request($r); |
97 | |
98 | $r->headers->push_header( Authorization => $response ); |
99 | $mech->request($r); |
100 | |
101 | is( $mech->status, 200, "status is 200" ); |
102 | $mech->content_contains( "Mufasa", "Mufasa output" ); |
103 | |