8 eval { require Test::WWW::Mechanize::Catalyst }
10 Test::WWW::Mechanize::Catalyst->VERSION('0.51')
13 "Test::WWW::Mechanize::Catalyst is needed for this test";
14 eval { require Catalyst::Plugin::Cache }
16 "Catalyst::Plugin::Cache is needed for this test";
17 eval { require Cache::FileCache }
19 "Cache::FileCache is needed for this test";
25 use Test::WWW::Mechanize::Catalyst;
28 my ($username, $uri, $emulate_dotnet, $fail) = @_;
29 my $app = $fail ? 'AuthDigestTestApp' : 'AuthDigestDotnetTestApp';
30 my $mech = Test::WWW::Mechanize::Catalyst->new(catalyst_app => $app);
31 $mech->get("http://localhost/moose");
32 is( $mech->status, 401, "status is 401" );
33 my $www_auth = $mech->res->headers->header('WWW-Authenticate');
34 my %www_auth_params = map {
35 my @key_val = split /=/, $_, 2;
36 $key_val[0] = lc $key_val[0];
37 $key_val[1] =~ s{"}{}g; # remove the quotes
39 } split /, /, substr( $www_auth, 7 ); #7 == length "Digest "
40 $mech->content_lacks( "foo", "no output" );
43 my $password = 'Circle Of Life';
44 my $realm = $www_auth_params{realm};
45 my $nonce = $www_auth_params{nonce};
46 my $cnonce = '0a4f113b';
47 my $opaque = $www_auth_params{opaque};
53 if ($emulate_dotnet) {
54 $auth_uri =~ s/\?.*//;
56 my $ctx = Digest::MD5->new;
57 $ctx->add( join( ':', $username, $realm, $password ) );
58 my $A1_digest = $ctx->hexdigest;
59 $ctx = Digest::MD5->new;
60 $ctx->add( join( ':', $method, $auth_uri ) );
61 my $A2_digest = $ctx->hexdigest;
62 my $digest = Digest::MD5::md5_hex(
64 $A1_digest, $nonce, $qop ? ( $nc, $cnonce, $qop ) : (), $A2_digest )
67 $response = qq{Digest username="$username", realm="$realm", nonce="$nonce", uri="$auth_uri", qop=$qop, nc=$nc, cnonce="$cnonce", response="$digest", opaque="$opaque"};
69 my $r = HTTP::Request->new( GET => "http://localhost" . $uri );
71 $r->headers->push_header( Authorization => $response );
74 is( $mech->status, 400, "status is 400" );
76 is( $mech->status, 200, "status is 200" );
77 $mech->content_contains( $username, "Mufasa output" );
83 # Test with query string
84 do_test('Mufasa2', '/moose?moose_id=1');
85 # Test with query string, emulating .NET, which omits the query string
86 # from the Authorization header
87 do_test('Mufasa2', '/moose?moose_id=1', 1);
89 # Test with query string, emulating .NET, against app without .NET setting;
90 # authorization should fail
91 do_test('Mufasa2', '/moose?moose_id=1', 1, 1);