Commit | Line | Data |
007935b8 |
1 | #!/usr/bin/perl |
2 | |
3 | use strict; |
4 | use warnings; |
5 | |
6 | use Test::More; |
7 | |
8 | BEGIN { |
9 | eval { require Test::WWW::Mechanize::Catalyst } |
10 | or plan skip_all => |
11 | "Test::WWW::Mechanize::Catalyst is needed for this test"; |
12 | eval { require Catalyst::Plugin::Cache::FileCache } |
13 | or plan skip_all => |
14 | "Catalyst::Plugin::Cache::FileCache is needed for this test"; |
15 | plan tests => 4; |
16 | } |
17 | |
18 | use HTTP::Request; |
19 | |
20 | { |
21 | |
22 | package AuthTestApp; |
23 | use Catalyst qw/ |
24 | Authentication |
25 | Authentication::Store::Minimal |
26 | Authentication::Credential::HTTP |
27 | Cache::FileCache |
28 | /; |
29 | |
30 | use Test::More; |
31 | |
32 | our $users; |
33 | |
34 | sub moose : Local { |
35 | my ( $self, $c ) = @_; |
36 | |
37 | $c->authorization_required( realm => 'testrealm@host.com' ); |
38 | |
39 | $c->res->body( $c->user->id ); |
40 | } |
41 | __PACKAGE__->config->{authentication}{http}{type} = 'digest'; |
42 | __PACKAGE__->config->{authentication}{users} = $users = { |
43 | Mufasa => { password => "Circle Of Life", }, |
44 | }; |
45 | |
46 | __PACKAGE__->setup; |
47 | } |
48 | |
49 | use Test::WWW::Mechanize::Catalyst qw/AuthTestApp/; |
50 | |
51 | my $mech = Test::WWW::Mechanize::Catalyst->new; |
52 | |
53 | $mech->get("http://localhost/moose"); |
54 | is( $mech->status, 401, "status is 401" ); |
55 | |
56 | my $www_auth = $mech->res->headers->header('WWW-Authenticate'); |
a14203f8 |
57 | my %www_auth_params = map { |
58 | |
59 | my @key_val = split /=/, $_, 2; |
60 | |
61 | $key_val[0] = lc $key_val[0]; |
62 | |
63 | $key_val[1] =~ s{"}{}g; # remove the quotes |
64 | |
65 | @key_val; |
66 | |
007935b8 |
67 | } split /, /, substr( $www_auth, 7 ); #7 == length "Digest " |
68 | |
69 | $mech->content_lacks( "foo", "no output" ); |
70 | |
71 | my $response = ''; |
72 | { |
a14203f8 |
73 | my $username = 'Mufasa'; |
74 | |
75 | my $password = 'Circle Of Life'; |
76 | |
77 | my $realm = $www_auth_params{realm}; |
78 | |
79 | my $nonce = $www_auth_params{nonce}; |
80 | |
81 | my $cnonce = '0a4f113b'; |
82 | |
83 | my $opaque = $www_auth_params{opaque}; |
84 | |
85 | my $nc = '00000001'; |
86 | |
87 | my $method = 'GET'; |
88 | |
89 | my $qop = 'auth'; |
90 | |
007935b8 |
91 | my $uri = '/moose'; |
92 | |
a14203f8 |
93 | my $ctx = Digest::MD5->new; |
94 | |
95 | $ctx->add( join( ':', $username, $realm, $password ) ); |
96 | |
007935b8 |
97 | my $A1_digest = $ctx->hexdigest; |
98 | |
a14203f8 |
99 | $ctx = Digest::MD5->new; |
100 | |
101 | $ctx->add( join( ':', $method, $uri ) ); |
102 | |
007935b8 |
103 | my $A2_digest = $ctx->hexdigest; |
104 | |
a14203f8 |
105 | my $digest = Digest::MD5::md5_hex( |
106 | |
107 | join( ':', |
108 | |
109 | $A1_digest, $nonce, $qop ? ( $nc, $cnonce, $qop ) : (), $A2_digest ) |
110 | |
111 | ); |
112 | |
007935b8 |
113 | |
114 | $response = qq{Digest username="$username", realm="$realm", nonce="$nonce", uri="$uri", qop=$qop, nc=$nc, cnonce="$cnonce", response="$digest", opaque="$opaque"}; |
115 | } |
116 | |
117 | my $r = HTTP::Request->new( GET => "http://localhost/moose" ); |
118 | $mech->request($r); |
119 | |
120 | $r->headers->push_header( Authorization => $response ); |
121 | $mech->request($r); |
122 | |
123 | is( $mech->status, 200, "status is 200" ); |
124 | $mech->content_contains( "Mufasa", "Mufasa output" ); |
125 | |