#!/usr/bin/perl
use strict;
use warnings;
-use Test::More tests => 28;
+use Test::More tests => 35;
use Test::MockObject::Extends;
use Test::MockObject;
use Test::Exception;
my $res_headers = HTTP::Headers->new;
$res->set_always( headers => $res_headers );
my $user = Test::MockObject->new;
+$user->set_isa('Catalyst::Authentication::User');
$user->mock(get => sub { return shift->{$_[0]} });
my $find_user_opts;
my $realm = Test::MockObject->new;
my $cache = Test::MockObject->new;
$cache->mock(set => sub { shift->{$_[0]} = $_[1] });
$cache->mock(get => sub { return shift->{$_[0]} });
+my $uri_for_called = 0;
+$c->mock(uri_for => sub { my ($c, $uri) = @_; $uri_for_called++; return 'uri_for:' . $uri} );
$c->mock(cache => sub { $cache });
$c->mock(debug => sub { 0 });
my @login_info;
# Correct credentials
$req_headers->authorization_basic( qw/foo bar/ );
-ok($self->authenticate($c, $realm), "auth successful with header");
-is($authenticated, 1, 'authenticated once');
+{
+ my $user = $self->authenticate($c, $realm);
+ ok($user, "auth successful with header");
+ isa_ok $user, 'Catalyst::Authentication::User';
+}
+is($authenticated, 0, 'Not called set_authenticated');
is_deeply( $find_user_opts, { username => 'foo'}, "login delegated");
# Test all the headers look good.
is( $body, 'foobar', 'Body is supplied auth message');
}
+# Check undef authorization_required_message suppresses crapping in
+# the body.
$req_headers->clear;
$res_headers->clear;
$c->clear;
+$body = 'quuux';
{
my $self = new_self( type => 'any', password_type => 'clear',
authorization_required_message => undef
throws_ok {
$self->authenticate( $c, $realm );
} qr/^ $Catalyst::DETACH $/x, "detached";
- is( $body, undef, 'Body is not set - user overrode auth message');
+ is( $body, 'quuux', 'Body is not set - user overrode auth message');
+}
+
+# Check domain config works
+$req_headers->clear;
+$res_headers->clear;
+$c->clear;
+{
+ my $self = new_self( type => 'any', password_type => 'clear');
+ throws_ok {
+ $self->authenticate( $c, $realm, {domain => [qw/dom1 dom2/]} );
+ } qr/^ $Catalyst::DETACH $/x, "detached";
+ like( ($res_headers->header('WWW-Authenticate'))[0], qr/domain="dom1 dom2"/, "WWW-Authenticate header set: digest domains set");
+ like( ($res_headers->header('WWW-Authenticate'))[1], qr/domain="dom1 dom2"/, "WWW-Authenticate header set: basic domains set");
+}
+
+# Check domain config works with use_uri_for option
+$req_headers->clear;
+$res_headers->clear;
+$c->clear;
+{
+ my $self = new_self( type => 'any', password_type => 'clear', use_uri_for => 1);
+ throws_ok {
+ $self->authenticate( $c, $realm, {domain => [qw/dom1 dom2/]} );
+ } qr/^ $Catalyst::DETACH $/x, "detached";
+ like( ($res_headers->header('WWW-Authenticate'))[0], qr/domain="uri_for:dom1 uri_for:dom2"/,
+ "WWW-Authenticate header set: digest domains set with use_uri_for");
+ like( ($res_headers->header('WWW-Authenticate'))[1], qr/domain="uri_for:dom1 uri_for:dom2"/,
+ "WWW-Authenticate header set: basic domains set with use_uri_for");
}
\ No newline at end of file