Bug 1338876 - Test for a digest auth. r=mcmanus
authorDragana Damjanovic <dd.mozilla@gmail.com>
Fri, 17 Feb 2017 10:44:36 -0500
changeset 372636 40a559d547319034db251ca2a98dc0a8004ad592
parent 372635 28f9476b0dc32e087f651cbcd428f5382b52fd14
child 372637 d969984119715338b83795bf93c72bf6564dc08c
push id10863
push userjlorenzo@mozilla.com
push dateMon, 06 Mar 2017 23:02:23 +0000
treeherdermozilla-aurora@0931190cd725 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersmcmanus
bugs1338876
milestone54.0a1
Bug 1338876 - Test for a digest auth. r=mcmanus
netwerk/test/unit/test_authentication.js
--- a/netwerk/test/unit/test_authentication.js
+++ b/netwerk/test/unit/test_authentication.js
@@ -17,16 +17,17 @@ XPCOMUtils.defineLazyGetter(this, "PORT"
   return httpserv.identity.primaryPort;
 });
 
 const FLAG_RETURN_FALSE   = 1 << 0;
 const FLAG_WRONG_PASSWORD = 1 << 1;
 const FLAG_BOGUS_USER = 1 << 2;
 const FLAG_PREVIOUS_FAILED = 1 << 3;
 const CROSS_ORIGIN = 1 << 4;
+const FLAG_NO_REALM = 1 << 5;
 
 const nsIAuthPrompt2 = Components.interfaces.nsIAuthPrompt2;
 const nsIAuthInformation = Components.interfaces.nsIAuthInformation;
 
 
 function AuthPrompt1(flags) {
   this.flags = flags;
 }
@@ -46,18 +47,20 @@ AuthPrompt1.prototype = {
 
   prompt: function ap1_prompt(title, text, realm, save, defaultText, result) {
     do_throw("unexpected prompt call");
   },
 
   promptUsernameAndPassword:
     function ap1_promptUP(title, text, realm, savePW, user, pw)
   {
-    // Note that the realm here isn't actually the realm. it's a pw mgr key.
-    do_check_eq(URL + " (" + this.expectedRealm + ")", realm);
+    if (this.flags & FLAG_NO_REALM) {
+      // Note that the realm here isn't actually the realm. it's a pw mgr key.
+      do_check_eq(URL + " (" + this.expectedRealm + ")", realm);
+    }
     if (!(this.flags & CROSS_ORIGIN)) {
       if (text.indexOf(this.expectedRealm) == -1) {
         do_throw("Text must indicate the realm");
       }
     } else {
       if (text.indexOf(this.expectedRealm) != -1) {
         do_throw("There should not be realm for cross origin");
       }
@@ -110,18 +113,19 @@ AuthPrompt2.prototype = {
   },
 
   promptAuth:
     function ap2_promptAuth(channel, level, authInfo)
   {
     var isNTLM = channel.URI.path.indexOf("ntlm") != -1;
     var isDigest = channel.URI.path.indexOf("digest") != -1;
 
-    if (isNTLM)
+    if (isNTLM || (this.flags & FLAG_NO_REALM)) {
       this.expectedRealm = ""; // NTLM knows no realms
+    }
 
     do_check_eq(this.expectedRealm, authInfo.realm);
 
     var expectedLevel = (isNTLM || isDigest) ?
                         nsIAuthPrompt2.LEVEL_PW_ENCRYPTED :
                         nsIAuthPrompt2.LEVEL_NONE;
     do_check_eq(expectedLevel, level);
 
@@ -297,29 +301,31 @@ function makeChan(url, loadingUrl) {
       contentPolicyType: Components.interfaces.nsIContentPolicy.TYPE_OTHER
     });
 }
 
 var tests = [test_noauth, test_returnfalse1, test_wrongpw1, test_prompt1,
              test_prompt1CrossOrigin, test_prompt2CrossOrigin,
              test_returnfalse2, test_wrongpw2, test_prompt2, test_ntlm,
              test_basicrealm, test_digest_noauth, test_digest,
-             test_digest_bogus_user, test_large_realm, test_large_domain];
+             test_digest_bogus_user, test_short_digest, test_large_realm,
+             test_large_domain];
 
 var current_test = 0;
 
 var httpserv = null;
 
 function run_test() {
   httpserv = new HttpServer();
 
   httpserv.registerPathHandler("/auth", authHandler);
   httpserv.registerPathHandler("/auth/ntlm/simple", authNtlmSimple);
   httpserv.registerPathHandler("/auth/realm", authRealm);
   httpserv.registerPathHandler("/auth/digest", authDigest);
+  httpserv.registerPathHandler("/auth/short_digest", authShortDigest);
   httpserv.registerPathHandler("/largeRealm", largeRealm);
   httpserv.registerPathHandler("/largeDomain", largeDomain);
 
   httpserv.start(-1);
 
   tests[0]();
 }
 
@@ -456,16 +462,26 @@ function test_digest_bogus_user() {
   var chan = makeChan(URL + "/auth/digest", URL);
   chan.notificationCallbacks =  new Requestor(FLAG_BOGUS_USER, 2);
   listener.expectedCode = 401; // unauthorized
   chan.asyncOpen2(listener);
 
   do_test_pending();
 }
 
+// Test header "WWW-Authenticate: Digest" - bug 1338876.
+function test_short_digest() {
+  var chan = makeChan(URL + "/auth/short_digest", URL);
+  chan.notificationCallbacks =  new Requestor(FLAG_NO_REALM, 2);
+  listener.expectedCode = 401; // OK
+  chan.asyncOpen2(listener);
+
+  do_test_pending();
+}
+
 // PATH HANDLERS
 
 // /auth
 function authHandler(metadata, response) {
   // btoa("guest:guest"), but that function is not available here
   var expectedHeader = "Basic Z3Vlc3Q6Z3Vlc3Q=";
 
   var body;
@@ -584,16 +600,23 @@ function authDigest(metadata, response) 
    response.setStatusLine(metadata.httpVersion, 401, "Unauthorized");
    response.setHeader("WWW-Authenticate", authenticate, false);
    body = "failed, no header";
  }
  
  response.bodyOutputStream.write(body, body.length);
 }
 
+function authShortDigest(metadata, response) {
+  // no header, send one
+  response.setStatusLine(metadata.httpVersion, 401, "Unauthorized");
+  response.setHeader("WWW-Authenticate", 'Digest', false);
+  body = "failed, no header";
+}
+
 function largeRealm(metadata, response) {
  // test > 32KB realm tokens
   var body;
 
   response.setStatusLine(metadata.httpVersion, 401, "Unauthorized");
   response.setHeader("WWW-Authenticate",
 		     'Digest realm="' +
 		     "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +