[thirdparty/squid.git] / src / tests / testAuth.cc

#define SQUID_UNIT_TEST 1

#include "squid.h"

#if USE_AUTH

#include "testAuth.h"
#include "auth/Gadgets.h"
#include "auth/UserRequest.h"
#include "auth/Scheme.h"
#include "auth/Config.h"
#include "Mem.h"

CPPUNIT_TEST_SUITE_REGISTRATION( testAuth );
CPPUNIT_TEST_SUITE_REGISTRATION( testAuthConfig );
CPPUNIT_TEST_SUITE_REGISTRATION( testAuthUserRequest );
#if HAVE_AUTH_MODULE_BASIC
CPPUNIT_TEST_SUITE_REGISTRATION( testAuthBasicUserRequest );
#endif
#if HAVE_AUTH_MODULE_DIGEST
CPPUNIT_TEST_SUITE_REGISTRATION( testAuthDigestUserRequest );
#endif
#if HAVE_AUTH_MODULE_NTLM
CPPUNIT_TEST_SUITE_REGISTRATION( testAuthNTLMUserRequest );
#endif
#if HAVE_AUTH_MODULE_NEGOTIATE
CPPUNIT_TEST_SUITE_REGISTRATION( testAuthNegotiateUserRequest );
#endif

/* Instantiate all auth framework types */
void
testAuth::instantiate()
{}

char const * stub_config="auth_param digest program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd\n"
                         "auth_param digest children 5\n"
                         "auth_param digest realm Squid proxy-caching web server\n"
                         "auth_param digest nonce_garbage_interval 5 minutes\n"
                         "auth_param digest nonce_max_duration 30 minutes\n"
                         "auth_param digest nonce_max_count 50\n";

static
char const *
find_proxy_auth(char const *type)
{
    char const * proxy_auths[][2]= { {"basic","Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ=="},

        {"digest", "Digest username=\"robertdig\", realm=\"Squid proxy-caching web server\", nonce=\"yy8rQXjEWwixXVBj\", uri=\"/images/bg8.gif\", response=\"f75a7d3edd48d93c681c75dc4fb58700\", qop=auth, nc=00000012, cnonce=\"e2216641961e228e\" "},
        {"ntlm", "NTLM "},
        {"negotiate", "Negotiate "}
    };

    for (unsigned count = 0; count < 4 ; count++) {
        if (strcasecmp(type, proxy_auths[count][0]) == 0)
            return proxy_auths[count][1];
    }

    return NULL;
}

static
AuthConfig *
getConfig(char const *type_str)
{
    Auth::authConfig &config = Auth::TheConfig;
    /* find a configuration for the scheme */
    AuthConfig *scheme = AuthConfig::Find(type_str);

    if (scheme == NULL) {
        /* Create a configuration */
        AuthScheme::Pointer theScheme = AuthScheme::Find(type_str);

        if (theScheme == NULL) {
            return NULL;
            //fatalf("Unknown authentication scheme '%s'.\n", type_str);
        }

        config.push_back(theScheme->createConfig());
        scheme = config.back();
        assert(scheme);
    }

    return scheme;
}

static
void
setup_scheme(AuthConfig *scheme, char const **params, unsigned param_count)
{
    Auth::authConfig &config = Auth::TheConfig;

    for (unsigned position=0; position < param_count; position++) {
        char *param_str=xstrdup(params[position]);
        strtok(param_str, w_space);
        scheme->parse(scheme, config.size(), param_str);
    }
}

static
void
fake_auth_setup()
{
    static bool setup(false);

    if (setup)
        return;

    Mem::Init();

    Auth::authConfig &config = Auth::TheConfig;

    char const *digest_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd",
                                 "realm foo"
                                };

    char const *basic_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd",
                                "realm foo"
                               };

    char const *ntlm_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd"};

    char const *negotiate_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd"};

    struct _scheme_params {
        char const *name;
        char const **params;
        unsigned paramlength;
    }

    params[]={ {"digest", digest_parms, 2},
        {"basic", basic_parms, 2},
        {"ntlm", ntlm_parms, 1},
        {"negotiate", negotiate_parms, 1}
    };

    for (unsigned scheme=0; scheme < 4; scheme++) {
        AuthConfig *schemeConfig;
        schemeConfig = getConfig(params[scheme].name);
        if (schemeConfig != NULL)
            setup_scheme(schemeConfig, params[scheme].params,
                         params[scheme].paramlength);
        else
            fprintf(stderr,"Skipping unknown authentication scheme '%s'.\n",
                    params[scheme].name);
    }

    authenticateInit(&config);

    setup=true;
}

/* AuthConfig::CreateAuthUser works for all
 * authentication types
 */
void
testAuthConfig::create()
{
    Debug::Levels[29]=9;
    fake_auth_setup();

    for (AuthScheme::iterator i = AuthScheme::GetSchemes().begin(); i != AuthScheme::GetSchemes().end(); ++i) {
        AuthUserRequest::Pointer authRequest = AuthConfig::CreateAuthUser(find_proxy_auth((*i)->type()));
        CPPUNIT_ASSERT(authRequest != NULL);
    }
}

#if HAVE_IOSTREAM
#include <iostream>
#endif

/* AuthUserRequest::scheme returns the correct scheme for all
 * authentication types
 */
void
testAuthUserRequest::scheme()
{
    Debug::Levels[29]=9;
    fake_auth_setup();

    for (AuthScheme::iterator i = AuthScheme::GetSchemes().begin(); i != AuthScheme::GetSchemes().end(); ++i) {
        // create a user request
        // check its scheme matches *i
        AuthUserRequest::Pointer authRequest = AuthConfig::CreateAuthUser(find_proxy_auth((*i)->type()));
        CPPUNIT_ASSERT_EQUAL(authRequest->scheme(), *i);
    }
}

#if HAVE_AUTH_MODULE_BASIC
#include "auth/basic/UserRequest.h"
#include "auth/basic/auth_basic.h"
/* AuthBasicUserRequest::AuthBasicUserRequest works
 */
void
testAuthBasicUserRequest::construction()
{
    AuthBasicUserRequest();
    AuthBasicUserRequest *temp=new AuthBasicUserRequest();
    delete temp;
}

void
testAuthBasicUserRequest::username()
{
    AuthUserRequest::Pointer temp = new AuthBasicUserRequest();
    BasicUser *basic_auth=new BasicUser(AuthConfig::Find("basic"));
    basic_auth->username("John");
    temp->user(basic_auth);
    CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
}
#endif /* HAVE_AUTH_MODULE_BASIC */

#if HAVE_AUTH_MODULE_DIGEST
#include "auth/digest/auth_digest.h"
/* AuthDigestUserRequest::AuthDigestUserRequest works
 */
void
testAuthDigestUserRequest::construction()
{
    AuthDigestUserRequest();
    AuthDigestUserRequest *temp=new AuthDigestUserRequest();
    delete temp;
}

void
testAuthDigestUserRequest::username()
{
    AuthUserRequest::Pointer temp = new AuthDigestUserRequest();
    DigestUser *duser=new DigestUser(AuthConfig::Find("digest"));
    duser->username("John");
    temp->user(duser);
    CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
}
#endif /* HAVE_AUTH_MODULE_DIGEST */

#if HAVE_AUTH_MODULE_NTLM
#include "auth/ntlm/auth_ntlm.h"
/* AuthNTLMUserRequest::AuthNTLMUserRequest works
 */
void
testAuthNTLMUserRequest::construction()
{
    AuthNTLMUserRequest();
    AuthNTLMUserRequest *temp=new AuthNTLMUserRequest();
    delete temp;
}

void
testAuthNTLMUserRequest::username()
{
    AuthUserRequest::Pointer temp = new AuthNTLMUserRequest();
    NTLMUser *nuser=new NTLMUser(AuthConfig::Find("ntlm"));
    nuser->username("John");
    temp->user(nuser);
    CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
}
#endif /* HAVE_AUTH_MODULE_NTLM */

#if HAVE_AUTH_MODULE_NEGOTIATE
#include "auth/negotiate/auth_negotiate.h"
/* AuthNegotiateUserRequest::AuthNegotiateUserRequest works
 */
void
testAuthNegotiateUserRequest::construction()
{
    AuthNegotiateUserRequest();
    AuthNegotiateUserRequest *temp=new AuthNegotiateUserRequest();
    delete temp;
}

void
testAuthNegotiateUserRequest::username()
{
    AuthUserRequest::Pointer temp = new AuthNegotiateUserRequest();
    NegotiateUser *nuser=new NegotiateUser(AuthConfig::Find("negotiate"));
    nuser->username("John");
    temp->user(nuser);
    CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
}

#endif /* HAVE_AUTH_MODULE_NEGOTIATE */
#endif /* USE_AUTH */
Commit	Line	Data
ec94e362	1	#define SQUID_UNIT_TEST 1
f5691f9c	2
f5691f9c	3	#include "squid.h"
2f1431ea AJ	4
	5	#if USE_AUTH
	6
aa625860	7	#include "testAuth.h"
3ad63615	8	#include "auth/Gadgets.h"
2d2b0bb7 AR	9	#include "auth/UserRequest.h"
	10	#include "auth/Scheme.h"
	11	#include "auth/Config.h"
f5691f9c	12	#include "Mem.h"
	13
	14	CPPUNIT_TEST_SUITE_REGISTRATION( testAuth );
	15	CPPUNIT_TEST_SUITE_REGISTRATION( testAuthConfig );
	16	CPPUNIT_TEST_SUITE_REGISTRATION( testAuthUserRequest );
a33a428a	17	#if HAVE_AUTH_MODULE_BASIC
f5691f9c	18	CPPUNIT_TEST_SUITE_REGISTRATION( testAuthBasicUserRequest );
0ea5c60c	19	#endif
a33a428a	20	#if HAVE_AUTH_MODULE_DIGEST
f5691f9c	21	CPPUNIT_TEST_SUITE_REGISTRATION( testAuthDigestUserRequest );
0ea5c60c	22	#endif
a33a428a	23	#if HAVE_AUTH_MODULE_NTLM
f5691f9c	24	CPPUNIT_TEST_SUITE_REGISTRATION( testAuthNTLMUserRequest );
0ea5c60c	25	#endif
a33a428a	26	#if HAVE_AUTH_MODULE_NEGOTIATE
f46fe759	27	CPPUNIT_TEST_SUITE_REGISTRATION( testAuthNegotiateUserRequest );
0ea5c60c	28	#endif
f5691f9c	29
	30	/* Instantiate all auth framework types */
	31	void
	32	testAuth::instantiate()
	33	{}
	34
	35	char const * stub_config="auth_param digest program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd\n"
	36	"auth_param digest children 5\n"
	37	"auth_param digest realm Squid proxy-caching web server\n"
	38	"auth_param digest nonce_garbage_interval 5 minutes\n"
	39	"auth_param digest nonce_max_duration 30 minutes\n"
	40	"auth_param digest nonce_max_count 50\n";
	41
	42	static
	43	char const *
	44	find_proxy_auth(char const *type)
	45	{
	46	char const * proxy_auths[][2]= { {"basic","Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ=="},
	47
26ac0430 AJ	48	{"digest", "Digest username=\"robertdig\", realm=\"Squid proxy-caching web server\", nonce=\"yy8rQXjEWwixXVBj\", uri=\"/images/bg8.gif\", response=\"f75a7d3edd48d93c681c75dc4fb58700\", qop=auth, nc=00000012, cnonce=\"e2216641961e228e\" "},
	49	{"ntlm", "NTLM "},
	50	{"negotiate", "Negotiate "}
	51	};
f5691f9c	52
f46fe759	53	for (unsigned count = 0; count < 4 ; count++) {
f5691f9c	54	if (strcasecmp(type, proxy_auths[count][0]) == 0)
	55	return proxy_auths[count][1];
	56	}
	57
	58	return NULL;
	59	}
	60
	61	static
	62	AuthConfig *
	63	getConfig(char const *type_str)
	64	{
5817ee13	65	Auth::authConfig &config = Auth::TheConfig;
f5691f9c	66	/* find a configuration for the scheme */
5817ee13	67	AuthConfig *scheme = AuthConfig::Find(type_str);
f5691f9c	68
	69	if (scheme == NULL) {
	70	/* Create a configuration */
5817ee13	71	AuthScheme::Pointer theScheme = AuthScheme::Find(type_str);
f5691f9c	72
5817ee13	73	if (theScheme == NULL) {
0ea5c60c FC	74	return NULL;
0ea5c60c FC	75	//fatalf("Unknown authentication scheme '%s'.\n", type_str);
f5691f9c	76	}
	77
	78	config.push_back(theScheme->createConfig());
	79	scheme = config.back();
a33a428a	80	assert(scheme);
f5691f9c	81	}
	82
	83	return scheme;
	84	}
	85
	86	static
	87	void
	88	setup_scheme(AuthConfig scheme, char const *params, unsigned param_count)
	89	{
5817ee13	90	Auth::authConfig &config = Auth::TheConfig;
f5691f9c	91
	92	for (unsigned position=0; position < param_count; position++) {
	93	char *param_str=xstrdup(params[position]);
	94	strtok(param_str, w_space);
	95	scheme->parse(scheme, config.size(), param_str);
	96	}
	97	}
	98
	99	static
	100	void
	101	fake_auth_setup()
	102	{
	103	static bool setup(false);
	104
	105	if (setup)
	106	return;
	107
	108	Mem::Init();
	109
5817ee13	110	Auth::authConfig &config = Auth::TheConfig;
f5691f9c	111
	112	char const *digest_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd",
	113	"realm foo"
	114	};
	115
	116	char const *basic_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd",
	117	"realm foo"
	118	};
	119
	120	char const *ntlm_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd"};
	121
f46fe759	122	char const *negotiate_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd"};
f46fe759	123
f5691f9c	124	struct _scheme_params {
	125	char const *name;
	126	char const **params;
	127	unsigned paramlength;
	128	}
	129
	130	params[]={ {"digest", digest_parms, 2},
26ac0430 AJ	131	{"basic", basic_parms, 2},
	132	{"ntlm", ntlm_parms, 1},
	133	{"negotiate", negotiate_parms, 1}
	134	};
f5691f9c	135
0ea5c60c FC	136	for (unsigned scheme=0; scheme < 4; scheme++) {
	137	AuthConfig *schemeConfig;
	138	schemeConfig = getConfig(params[scheme].name);
	139	if (schemeConfig != NULL)
9e008dda	140	setup_scheme(schemeConfig, params[scheme].params,
af6a12ee	141	params[scheme].paramlength);
9e008dda AJ	142	else
	143	fprintf(stderr,"Skipping unknown authentication scheme '%s'.\n",
	144	params[scheme].name);
0ea5c60c	145	}
f5691f9c	146
	147	authenticateInit(&config);
	148
	149	setup=true;
	150	}
	151
	152	/* AuthConfig::CreateAuthUser works for all
	153	* authentication types
	154	*/
	155	void
	156	testAuthConfig::create()
	157	{
	158	Debug::Levels[29]=9;
	159	fake_auth_setup();
	160
5817ee13	161	for (AuthScheme::iterator i = AuthScheme::GetSchemes().begin(); i != AuthScheme::GetSchemes().end(); ++i) {
a33a428a	162	AuthUserRequest::Pointer authRequest = AuthConfig::CreateAuthUser(find_proxy_auth((*i)->type()));
f5691f9c	163	CPPUNIT_ASSERT(authRequest != NULL);
	164	}
	165	}
	166
27e059d4	167	#if HAVE_IOSTREAM
f5691f9c	168	#include <iostream>
27e059d4	169	#endif
f5691f9c	170
	171	/* AuthUserRequest::scheme returns the correct scheme for all
	172	* authentication types
	173	*/
	174	void
	175	testAuthUserRequest::scheme()
	176	{
	177	Debug::Levels[29]=9;
	178	fake_auth_setup();
	179
5817ee13	180	for (AuthScheme::iterator i = AuthScheme::GetSchemes().begin(); i != AuthScheme::GetSchemes().end(); ++i) {
f5691f9c	181	// create a user request
f5691f9c	182	// check its scheme matches *i
a33a428a	183	AuthUserRequest::Pointer authRequest = AuthConfig::CreateAuthUser(find_proxy_auth((*i)->type()));
f5691f9c	184	CPPUNIT_ASSERT_EQUAL(authRequest->scheme(), *i);
	185	}
	186	}
	187
a33a428a	188	#if HAVE_AUTH_MODULE_BASIC
616cfc4c	189	#include "auth/basic/UserRequest.h"
f5691f9c	190	#include "auth/basic/auth_basic.h"
	191	/* AuthBasicUserRequest::AuthBasicUserRequest works
	192	*/
	193	void
	194	testAuthBasicUserRequest::construction()
	195	{
	196	AuthBasicUserRequest();
	197	AuthBasicUserRequest *temp=new AuthBasicUserRequest();
	198	delete temp;
	199	}
	200
	201	void
	202	testAuthBasicUserRequest::username()
	203	{
a33a428a	204	AuthUserRequest::Pointer temp = new AuthBasicUserRequest();
f5691f9c	205	BasicUser *basic_auth=new BasicUser(AuthConfig::Find("basic"));
	206	basic_auth->username("John");
	207	temp->user(basic_auth);
f5691f9c	208	CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
f5691f9c	209	}
0ea5c60c	210	#endif /* HAVE_AUTH_MODULE_BASIC */
f5691f9c	211
a33a428a	212	#if HAVE_AUTH_MODULE_DIGEST
f5691f9c	213	#include "auth/digest/auth_digest.h"
	214	/* AuthDigestUserRequest::AuthDigestUserRequest works
	215	*/
	216	void
	217	testAuthDigestUserRequest::construction()
	218	{
	219	AuthDigestUserRequest();
	220	AuthDigestUserRequest *temp=new AuthDigestUserRequest();
	221	delete temp;
	222	}
	223
	224	void
	225	testAuthDigestUserRequest::username()
	226	{
a33a428a AJ	227	AuthUserRequest::Pointer temp = new AuthDigestUserRequest();
	228	DigestUser *duser=new DigestUser(AuthConfig::Find("digest"));
	229	duser->username("John");
	230	temp->user(duser);
f5691f9c	231	CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
f5691f9c	232	}
0ea5c60c	233	#endif /* HAVE_AUTH_MODULE_DIGEST */
f5691f9c	234
a33a428a	235	#if HAVE_AUTH_MODULE_NTLM
f5691f9c	236	#include "auth/ntlm/auth_ntlm.h"
	237	/* AuthNTLMUserRequest::AuthNTLMUserRequest works
	238	*/
	239	void
	240	testAuthNTLMUserRequest::construction()
	241	{
	242	AuthNTLMUserRequest();
	243	AuthNTLMUserRequest *temp=new AuthNTLMUserRequest();
	244	delete temp;
	245	}
	246
	247	void
	248	testAuthNTLMUserRequest::username()
	249	{
a33a428a AJ	250	AuthUserRequest::Pointer temp = new AuthNTLMUserRequest();
	251	NTLMUser *nuser=new NTLMUser(AuthConfig::Find("ntlm"));
	252	nuser->username("John");
	253	temp->user(nuser);
f5691f9c	254	CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
f5691f9c	255	}
0ea5c60c	256	#endif /* HAVE_AUTH_MODULE_NTLM */
f46fe759	257
a33a428a	258	#if HAVE_AUTH_MODULE_NEGOTIATE
f46fe759	259	#include "auth/negotiate/auth_negotiate.h"
	260	/* AuthNegotiateUserRequest::AuthNegotiateUserRequest works
	261	*/
	262	void
	263	testAuthNegotiateUserRequest::construction()
	264	{
	265	AuthNegotiateUserRequest();
	266	AuthNegotiateUserRequest *temp=new AuthNegotiateUserRequest();
	267	delete temp;
	268	}
	269
	270	void
	271	testAuthNegotiateUserRequest::username()
	272	{
a33a428a AJ	273	AuthUserRequest::Pointer temp = new AuthNegotiateUserRequest();
	274	NegotiateUser *nuser=new NegotiateUser(AuthConfig::Find("negotiate"));
	275	nuser->username("John");
	276	temp->user(nuser);
f46fe759	277	CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
f46fe759	278	}
0ea5c60c FC	279
0ea5c60c FC	280	#endif /* HAVE_AUTH_MODULE_NEGOTIATE */
2f1431ea	281	#endif /* USE_AUTH */