[catagits/Catalyst-Authentication-Credential-HTTP.git] / t / live_app_digest.t

#!/usr/bin/perl
use strict;
use warnings;
use Test::More;
BEGIN {
    eval { require Test::WWW::Mechanize::Catalyst }
      or plan skip_all =>
      "Test::WWW::Mechanize::Catalyst is needed for this test";
    eval { require Catalyst::Plugin::Cache::FileCache }
      or plan skip_all =>
      "Catalyst::Plugin::Cache::FileCache is needed for this test";
    plan tests => 4;
}
use HTTP::Request;
{
    package AuthTestApp;
    use Catalyst qw/
      Authentication
      Authentication::Store::Minimal
      Authentication::Credential::HTTP
      Cache::FileCache
      /;
    use Test::More;
    our $users;
    sub moose : Local {
        my ( $self, $c ) = @_;
        $c->authorization_required( realm => 'testrealm@host.com' );
        $c->res->body( $c->user->id );
    }
    __PACKAGE__->config->{authentication}{http}{type} = 'digest';
    __PACKAGE__->config->{authentication}{users} = $users = {
        Mufasa => { password         => "Circle Of Life", },
    };
    __PACKAGE__->setup;
}
use Test::WWW::Mechanize::Catalyst qw/AuthTestApp/;
my $mech = Test::WWW::Mechanize::Catalyst->new;
$mech->get("http://localhost/moose");
is( $mech->status, 401, "status is 401" );
my $www_auth = $mech->res->headers->header('WWW-Authenticate');
my %www_auth_params = map {
    my @key_val = split /=/, $_, 2;
    $key_val[0] = lc $key_val[0];
    $key_val[1] =~ s{"}{}g;    # remove the quotes
    @key_val;
} split /, /, substr( $www_auth, 7 );    #7 == length "Digest "
$mech->content_lacks( "foo", "no output" );
my $response = '';
{
    my $username = 'Mufasa';
    my $password = 'Circle Of Life';
    my $realm    = $www_auth_params{realm};
    my $nonce    = $www_auth_params{nonce};
    my $cnonce   = '0a4f113b';
    my $opaque   = $www_auth_params{opaque};
    my $nc       = '00000001';
    my $method   = 'GET';
    my $qop      = 'auth';
    my $uri      = '/moose';
    my $ctx = Digest::MD5->new;
    $ctx->add( join( ':', $username, $realm, $password ) );
    my $A1_digest = $ctx->hexdigest;
    $ctx = Digest::MD5->new;
    $ctx->add( join( ':', $method, $uri ) );
    my $A2_digest = $ctx->hexdigest;
    my $digest = Digest::MD5::md5_hex(
        join( ':',
            $A1_digest, $nonce, $qop ? ( $nc, $cnonce, $qop ) : (), $A2_digest )
    );

    $response = qq{Digest username="$username", realm="$realm", nonce="$nonce", uri="$uri", qop=$qop, nc=$nc, cnonce="$cnonce", response="$digest", opaque="$opaque"};
}
my $r = HTTP::Request->new( GET => "http://localhost/moose" );
$mech->request($r);
$r->headers->push_header( Authorization => $response );
$mech->request($r);
is( $mech->status, 200, "status is 200" );
$mech->content_contains( "Mufasa", "Mufasa output" );
Commit	Line	Data
007935b8	1	#!/usr/bin/perl
007935b8	2	use strict;
007935b8	3	use warnings;
007935b8	4	use Test::More;
007935b8	5	BEGIN {
	6	eval { require Test::WWW::Mechanize::Catalyst }
	7	or plan skip_all =>
	8	"Test::WWW::Mechanize::Catalyst is needed for this test";
d99b7693	9	eval { require Catalyst::Plugin::Cache::FileCache }
007935b8	10	or plan skip_all =>
d99b7693	11	"Catalyst::Plugin::Cache::FileCache is needed for this test";
007935b8	12	plan tests => 4;
007935b8	13	}
007935b8	14	use HTTP::Request;
007935b8	15	{
007935b8	16	package AuthTestApp;
	17	use Catalyst qw/
	18	Authentication
	19	Authentication::Store::Minimal
	20	Authentication::Credential::HTTP
d99b7693	21	Cache::FileCache
007935b8	22	/;
007935b8	23	use Test::More;
007935b8	24	our $users;
007935b8	25	sub moose : Local {
007935b8	26	my ( $self, $c ) = @_;
007935b8	27	$c->authorization_required( realm => 'testrealm@host.com' );
007935b8	28	$c->res->body( $c->user->id );
	29	}
	30	__PACKAGE__->config->{authentication}{http}{type} = 'digest';
	31	__PACKAGE__->config->{authentication}{users} = $users = {
	32	Mufasa => { password => "Circle Of Life", },
	33	};
007935b8	34	__PACKAGE__->setup;
007935b8	35	}
007935b8	36	use Test::WWW::Mechanize::Catalyst qw/AuthTestApp/;
007935b8	37	my $mech = Test::WWW::Mechanize::Catalyst->new;
007935b8	38	$mech->get("http://localhost/moose");
007935b8	39	is( $mech->status, 401, "status is 401" );
007935b8	40	my $www_auth = $mech->res->headers->header('WWW-Authenticate');
a14203f8	41	my %www_auth_params = map {
a14203f8	42	my @key_val = split /=/, $_, 2;
a14203f8	43	$key_val[0] = lc $key_val[0];
a14203f8	44	$key_val[1] =~ s{"}{}g; # remove the quotes
a14203f8	45	@key_val;
007935b8	46	} split /, /, substr( $www_auth, 7 ); #7 == length "Digest "
007935b8	47	$mech->content_lacks( "foo", "no output" );
007935b8	48	my $response = '';
007935b8	49	{
a14203f8	50	my $username = 'Mufasa';
a14203f8	51	my $password = 'Circle Of Life';
a14203f8	52	my $realm = $www_auth_params{realm};
a14203f8	53	my $nonce = $www_auth_params{nonce};
a14203f8	54	my $cnonce = '0a4f113b';
a14203f8	55	my $opaque = $www_auth_params{opaque};
a14203f8	56	my $nc = '00000001';
a14203f8	57	my $method = 'GET';
a14203f8	58	my $qop = 'auth';
007935b8	59	my $uri = '/moose';
a14203f8	60	my $ctx = Digest::MD5->new;
a14203f8	61	$ctx->add( join( ':', $username, $realm, $password ) );
007935b8	62	my $A1_digest = $ctx->hexdigest;
a14203f8	63	$ctx = Digest::MD5->new;
a14203f8	64	$ctx->add( join( ':', $method, $uri ) );
007935b8	65	my $A2_digest = $ctx->hexdigest;
a14203f8	66	my $digest = Digest::MD5::md5_hex(
a14203f8	67	join( ':',
a14203f8	68	$A1_digest, $nonce, $qop ? ( $nc, $cnonce, $qop ) : (), $A2_digest )
a14203f8	69	);
a14203f8	70
007935b8	71	$response = qq{Digest username="$username", realm="$realm", nonce="$nonce", uri="$uri", qop=$qop, nc=$nc, cnonce="$cnonce", response="$digest", opaque="$opaque"};
007935b8	72	}
007935b8	73	my $r = HTTP::Request->new( GET => "http://localhost/moose" );
007935b8	74	$mech->request($r);
007935b8	75	$r->headers->push_header( Authorization => $response );
007935b8	76	$mech->request($r);
007935b8	77	is( $mech->status, 200, "status is 200" );
007935b8	78	$mech->content_contains( "Mufasa", "Mufasa output" );