[thirdparty/squid.git] / src / tests / testAuth.cc

#define SQUID_UNIT_TEST 1

#include "squid.h"

#if USE_AUTH

#include "testAuth.h"
#include "auth/Gadgets.h"
#include "auth/UserRequest.h"
#include "auth/Scheme.h"
#include "auth/Config.h"
#include "ConfigParser.h"
#include "Mem.h"

CPPUNIT_TEST_SUITE_REGISTRATION( testAuth );
CPPUNIT_TEST_SUITE_REGISTRATION( testAuthConfig );
CPPUNIT_TEST_SUITE_REGISTRATION( testAuthUserRequest );
#if HAVE_AUTH_MODULE_BASIC
CPPUNIT_TEST_SUITE_REGISTRATION( testAuthBasicUserRequest );
#endif
#if HAVE_AUTH_MODULE_DIGEST
CPPUNIT_TEST_SUITE_REGISTRATION( testAuthDigestUserRequest );
#endif
#if HAVE_AUTH_MODULE_NTLM
CPPUNIT_TEST_SUITE_REGISTRATION( testAuthNTLMUserRequest );
#endif
#if HAVE_AUTH_MODULE_NEGOTIATE
CPPUNIT_TEST_SUITE_REGISTRATION( testAuthNegotiateUserRequest );
#endif

/* Instantiate all auth framework types */
void
testAuth::instantiate()
{}

char const * stub_config="auth_param digest program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd\n"
                         "auth_param digest children 5\n"
                         "auth_param digest realm Squid proxy-caching web server\n"
                         "auth_param digest nonce_garbage_interval 5 minutes\n"
                         "auth_param digest nonce_max_duration 30 minutes\n"
                         "auth_param digest nonce_max_count 50\n";

static
char const *
find_proxy_auth(char const *type)
{
    char const * proxy_auths[][2]= { {"basic","Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ=="},

        {"digest", "Digest username=\"robertdig\", realm=\"Squid proxy-caching web server\", nonce=\"yy8rQXjEWwixXVBj\", uri=\"/images/bg8.gif\", response=\"f75a7d3edd48d93c681c75dc4fb58700\", qop=auth, nc=00000012, cnonce=\"e2216641961e228e\" "},
        {"ntlm", "NTLM "},
        {"negotiate", "Negotiate "}
    };

    for (unsigned count = 0; count < 4 ; ++count) {
        if (strcasecmp(type, proxy_auths[count][0]) == 0)
            return proxy_auths[count][1];
    }

    return NULL;
}

static
Auth::Config *
getConfig(char const *type_str)
{
    Auth::ConfigVector &config = Auth::TheConfig;
    /* find a configuration for the scheme */
    Auth::Config *scheme = Auth::Config::Find(type_str);

    if (scheme == NULL) {
        /* Create a configuration */
        Auth::Scheme::Pointer theScheme = Auth::Scheme::Find(type_str);

        if (theScheme == NULL) {
            return NULL;
            //fatalf("Unknown authentication scheme '%s'.\n", type_str);
        }

        config.push_back(theScheme->createConfig());
        scheme = config.back();
        assert(scheme);
    }

    return scheme;
}

static
void
setup_scheme(Auth::Config *scheme, char const **params, unsigned param_count)
{
    Auth::ConfigVector &config = Auth::TheConfig;

    for (unsigned position=0; position < param_count; ++position) {
        char *param_str=xstrdup(params[position]);
        strtok(param_str, w_space);
        ConfigParser::SetCfgLine(strtok(NULL, ""));
        scheme->parse(scheme, config.size(), param_str);
    }
}

static
void
fake_auth_setup()
{
    static bool setup(false);

    if (setup)
        return;

    Mem::Init();

    Auth::ConfigVector &config = Auth::TheConfig;

    char const *digest_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd",
                                 "realm foo"
                                };

    char const *basic_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd",
                                "realm foo"
                               };

    char const *ntlm_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd"};

    char const *negotiate_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd"};

    struct _scheme_params {
        char const *name;
        char const **params;
        unsigned paramlength;
    }

    params[]={ {"digest", digest_parms, 2},
        {"basic", basic_parms, 2},
        {"ntlm", ntlm_parms, 1},
        {"negotiate", negotiate_parms, 1}
    };

    for (unsigned scheme=0; scheme < 4; ++scheme) {
        Auth::Config *schemeConfig;
        schemeConfig = getConfig(params[scheme].name);
        if (schemeConfig != NULL)
            setup_scheme(schemeConfig, params[scheme].params,
                         params[scheme].paramlength);
        else
            fprintf(stderr,"Skipping unknown authentication scheme '%s'.\n",
                    params[scheme].name);
    }

    authenticateInit(&config);

    setup=true;
}

/* Auth::Config::CreateAuthUser works for all
 * authentication types
 */
void
testAuthConfig::create()
{
    Debug::Levels[29]=9;
    fake_auth_setup();

    for (Auth::Scheme::iterator i = Auth::Scheme::GetSchemes().begin(); i != Auth::Scheme::GetSchemes().end(); ++i) {
        AuthUserRequest::Pointer authRequest = Auth::Config::CreateAuthUser(find_proxy_auth((*i)->type()));
        CPPUNIT_ASSERT(authRequest != NULL);
    }
}

#if HAVE_IOSTREAM
#include <iostream>
#endif

/* AuthUserRequest::scheme returns the correct scheme for all
 * authentication types
 */
void
testAuthUserRequest::scheme()
{
    Debug::Levels[29]=9;
    fake_auth_setup();

    for (Auth::Scheme::iterator i = Auth::Scheme::GetSchemes().begin(); i != Auth::Scheme::GetSchemes().end(); ++i) {
        // create a user request
        // check its scheme matches *i
        AuthUserRequest::Pointer authRequest = Auth::Config::CreateAuthUser(find_proxy_auth((*i)->type()));
        CPPUNIT_ASSERT_EQUAL(authRequest->scheme(), *i);
    }
}

#if HAVE_AUTH_MODULE_BASIC
#include "auth/basic/User.h"
#include "auth/basic/UserRequest.h"
/* AuthBasicUserRequest::AuthBasicUserRequest works
 */
void
testAuthBasicUserRequest::construction()
{
    AuthBasicUserRequest();
    AuthBasicUserRequest *temp=new AuthBasicUserRequest();
    delete temp;
}

void
testAuthBasicUserRequest::username()
{
    AuthUserRequest::Pointer temp = new AuthBasicUserRequest();
    Auth::Basic::User *basic_auth=new Auth::Basic::User(Auth::Config::Find("basic"));
    basic_auth->username("John");
    temp->user(basic_auth);
    CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
}
#endif /* HAVE_AUTH_MODULE_BASIC */

#if HAVE_AUTH_MODULE_DIGEST
#include "auth/digest/User.h"
#include "auth/digest/UserRequest.h"
/* AuthDigestUserRequest::AuthDigestUserRequest works
 */
void
testAuthDigestUserRequest::construction()
{
    AuthDigestUserRequest();
    AuthDigestUserRequest *temp=new AuthDigestUserRequest();
    delete temp;
}

void
testAuthDigestUserRequest::username()
{
    AuthUserRequest::Pointer temp = new AuthDigestUserRequest();
    Auth::Digest::User *duser=new Auth::Digest::User(Auth::Config::Find("digest"));
    duser->username("John");
    temp->user(duser);
    CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
}
#endif /* HAVE_AUTH_MODULE_DIGEST */

#if HAVE_AUTH_MODULE_NTLM
#include "auth/ntlm/User.h"
#include "auth/ntlm/UserRequest.h"
/* AuthNTLMUserRequest::AuthNTLMUserRequest works
 */
void
testAuthNTLMUserRequest::construction()
{
    AuthNTLMUserRequest();
    AuthNTLMUserRequest *temp=new AuthNTLMUserRequest();
    delete temp;
}

void
testAuthNTLMUserRequest::username()
{
    AuthUserRequest::Pointer temp = new AuthNTLMUserRequest();
    Auth::Ntlm::User *nuser=new Auth::Ntlm::User(Auth::Config::Find("ntlm"));
    nuser->username("John");
    temp->user(nuser);
    CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
}
#endif /* HAVE_AUTH_MODULE_NTLM */

#if HAVE_AUTH_MODULE_NEGOTIATE
#include "auth/negotiate/User.h"
#include "auth/negotiate/UserRequest.h"
/* AuthNegotiateUserRequest::AuthNegotiateUserRequest works
 */
void
testAuthNegotiateUserRequest::construction()
{
    AuthNegotiateUserRequest();
    AuthNegotiateUserRequest *temp=new AuthNegotiateUserRequest();
    delete temp;
}

void
testAuthNegotiateUserRequest::username()
{
    AuthUserRequest::Pointer temp = new AuthNegotiateUserRequest();
    Auth::Negotiate::User *nuser=new Auth::Negotiate::User(Auth::Config::Find("negotiate"));
    nuser->username("John");
    temp->user(nuser);
    CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
}

#endif /* HAVE_AUTH_MODULE_NEGOTIATE */
#endif /* USE_AUTH */
Commit	Line	Data
ec94e362	1	#define SQUID_UNIT_TEST 1
f5691f9c	2
582c2af2	3	#include "squid.h"
2f1431ea AJ	4
	5	#if USE_AUTH
	6
aa625860	7	#include "testAuth.h"
3ad63615	8	#include "auth/Gadgets.h"
2d2b0bb7 AR	9	#include "auth/UserRequest.h"
	10	#include "auth/Scheme.h"
	11	#include "auth/Config.h"
2eceb328	12	#include "ConfigParser.h"
f5691f9c	13	#include "Mem.h"
	14
	15	CPPUNIT_TEST_SUITE_REGISTRATION( testAuth );
	16	CPPUNIT_TEST_SUITE_REGISTRATION( testAuthConfig );
	17	CPPUNIT_TEST_SUITE_REGISTRATION( testAuthUserRequest );
a33a428a	18	#if HAVE_AUTH_MODULE_BASIC
f5691f9c	19	CPPUNIT_TEST_SUITE_REGISTRATION( testAuthBasicUserRequest );
0ea5c60c	20	#endif
a33a428a	21	#if HAVE_AUTH_MODULE_DIGEST
f5691f9c	22	CPPUNIT_TEST_SUITE_REGISTRATION( testAuthDigestUserRequest );
0ea5c60c	23	#endif
a33a428a	24	#if HAVE_AUTH_MODULE_NTLM
f5691f9c	25	CPPUNIT_TEST_SUITE_REGISTRATION( testAuthNTLMUserRequest );
0ea5c60c	26	#endif
a33a428a	27	#if HAVE_AUTH_MODULE_NEGOTIATE
f46fe759	28	CPPUNIT_TEST_SUITE_REGISTRATION( testAuthNegotiateUserRequest );
0ea5c60c	29	#endif
f5691f9c	30
	31	/* Instantiate all auth framework types */
	32	void
	33	testAuth::instantiate()
	34	{}
	35
	36	char const * stub_config="auth_param digest program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd\n"
	37	"auth_param digest children 5\n"
	38	"auth_param digest realm Squid proxy-caching web server\n"
	39	"auth_param digest nonce_garbage_interval 5 minutes\n"
	40	"auth_param digest nonce_max_duration 30 minutes\n"
	41	"auth_param digest nonce_max_count 50\n";
	42
	43	static
	44	char const *
	45	find_proxy_auth(char const *type)
	46	{
	47	char const * proxy_auths[][2]= { {"basic","Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ=="},
	48
26ac0430 AJ	49	{"digest", "Digest username=\"robertdig\", realm=\"Squid proxy-caching web server\", nonce=\"yy8rQXjEWwixXVBj\", uri=\"/images/bg8.gif\", response=\"f75a7d3edd48d93c681c75dc4fb58700\", qop=auth, nc=00000012, cnonce=\"e2216641961e228e\" "},
	50	{"ntlm", "NTLM "},
	51	{"negotiate", "Negotiate "}
	52	};
f5691f9c	53
d7ae3534	54	for (unsigned count = 0; count < 4 ; ++count) {
f5691f9c	55	if (strcasecmp(type, proxy_auths[count][0]) == 0)
	56	return proxy_auths[count][1];
	57	}
	58
	59	return NULL;
	60	}
	61
	62	static
9f3d2b2e	63	Auth::Config *
f5691f9c	64	getConfig(char const *type_str)
f5691f9c	65	{
9f3d2b2e	66	Auth::ConfigVector &config = Auth::TheConfig;
f5691f9c	67	/* find a configuration for the scheme */
9f3d2b2e	68	Auth::Config *scheme = Auth::Config::Find(type_str);
f5691f9c	69
	70	if (scheme == NULL) {
	71	/* Create a configuration */
c6cf8dee	72	Auth::Scheme::Pointer theScheme = Auth::Scheme::Find(type_str);
f5691f9c	73
5817ee13	74	if (theScheme == NULL) {
0ea5c60c FC	75	return NULL;
0ea5c60c FC	76	//fatalf("Unknown authentication scheme '%s'.\n", type_str);
f5691f9c	77	}
	78
	79	config.push_back(theScheme->createConfig());
	80	scheme = config.back();
a33a428a	81	assert(scheme);
f5691f9c	82	}
	83
	84	return scheme;
	85	}
	86
	87	static
	88	void
9f3d2b2e	89	setup_scheme(Auth::Config scheme, char const *params, unsigned param_count)
f5691f9c	90	{
9f3d2b2e	91	Auth::ConfigVector &config = Auth::TheConfig;
f5691f9c	92
d7ae3534	93	for (unsigned position=0; position < param_count; ++position) {
f5691f9c	94	char *param_str=xstrdup(params[position]);
f5691f9c	95	strtok(param_str, w_space);
2eceb328	96	ConfigParser::SetCfgLine(strtok(NULL, ""));
f5691f9c	97	scheme->parse(scheme, config.size(), param_str);
	98	}
	99	}
	100
	101	static
	102	void
	103	fake_auth_setup()
	104	{
	105	static bool setup(false);
	106
	107	if (setup)
	108	return;
	109
	110	Mem::Init();
	111
9f3d2b2e	112	Auth::ConfigVector &config = Auth::TheConfig;
f5691f9c	113
	114	char const *digest_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd",
	115	"realm foo"
	116	};
	117
	118	char const *basic_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd",
	119	"realm foo"
	120	};
	121
	122	char const *ntlm_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd"};
	123
f46fe759	124	char const *negotiate_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd"};
f46fe759	125
f5691f9c	126	struct _scheme_params {
	127	char const *name;
	128	char const **params;
	129	unsigned paramlength;
	130	}
	131
	132	params[]={ {"digest", digest_parms, 2},
26ac0430 AJ	133	{"basic", basic_parms, 2},
	134	{"ntlm", ntlm_parms, 1},
	135	{"negotiate", negotiate_parms, 1}
	136	};
f5691f9c	137
d7ae3534	138	for (unsigned scheme=0; scheme < 4; ++scheme) {
9f3d2b2e	139	Auth::Config *schemeConfig;
0ea5c60c FC	140	schemeConfig = getConfig(params[scheme].name);
0ea5c60c FC	141	if (schemeConfig != NULL)
9e008dda	142	setup_scheme(schemeConfig, params[scheme].params,
af6a12ee	143	params[scheme].paramlength);
9e008dda AJ	144	else
	145	fprintf(stderr,"Skipping unknown authentication scheme '%s'.\n",
	146	params[scheme].name);
0ea5c60c	147	}
f5691f9c	148
	149	authenticateInit(&config);
	150
	151	setup=true;
	152	}
	153
9f3d2b2e	154	/* Auth::Config::CreateAuthUser works for all
f5691f9c	155	* authentication types
	156	*/
	157	void
	158	testAuthConfig::create()
	159	{
	160	Debug::Levels[29]=9;
	161	fake_auth_setup();
	162
c6cf8dee	163	for (Auth::Scheme::iterator i = Auth::Scheme::GetSchemes().begin(); i != Auth::Scheme::GetSchemes().end(); ++i) {
9f3d2b2e	164	AuthUserRequest::Pointer authRequest = Auth::Config::CreateAuthUser(find_proxy_auth((*i)->type()));
f5691f9c	165	CPPUNIT_ASSERT(authRequest != NULL);
	166	}
	167	}
	168
27e059d4	169	#if HAVE_IOSTREAM
f5691f9c	170	#include <iostream>
27e059d4	171	#endif
f5691f9c	172
	173	/* AuthUserRequest::scheme returns the correct scheme for all
	174	* authentication types
	175	*/
	176	void
	177	testAuthUserRequest::scheme()
	178	{
	179	Debug::Levels[29]=9;
	180	fake_auth_setup();
	181
c6cf8dee	182	for (Auth::Scheme::iterator i = Auth::Scheme::GetSchemes().begin(); i != Auth::Scheme::GetSchemes().end(); ++i) {
f5691f9c	183	// create a user request
f5691f9c	184	// check its scheme matches *i
9f3d2b2e	185	AuthUserRequest::Pointer authRequest = Auth::Config::CreateAuthUser(find_proxy_auth((*i)->type()));
f5691f9c	186	CPPUNIT_ASSERT_EQUAL(authRequest->scheme(), *i);
	187	}
	188	}
	189
a33a428a	190	#if HAVE_AUTH_MODULE_BASIC
aa110616	191	#include "auth/basic/User.h"
616cfc4c	192	#include "auth/basic/UserRequest.h"
f5691f9c	193	/* AuthBasicUserRequest::AuthBasicUserRequest works
	194	*/
	195	void
	196	testAuthBasicUserRequest::construction()
	197	{
	198	AuthBasicUserRequest();
	199	AuthBasicUserRequest *temp=new AuthBasicUserRequest();
	200	delete temp;
	201	}
	202
	203	void
	204	testAuthBasicUserRequest::username()
	205	{
a33a428a	206	AuthUserRequest::Pointer temp = new AuthBasicUserRequest();
aa110616	207	Auth::Basic::User *basic_auth=new Auth::Basic::User(Auth::Config::Find("basic"));
f5691f9c	208	basic_auth->username("John");
f5691f9c	209	temp->user(basic_auth);
f5691f9c	210	CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
f5691f9c	211	}
0ea5c60c	212	#endif /* HAVE_AUTH_MODULE_BASIC */
f5691f9c	213
a33a428a	214	#if HAVE_AUTH_MODULE_DIGEST
aa110616 AJ	215	#include "auth/digest/User.h"
aa110616 AJ	216	#include "auth/digest/UserRequest.h"
f5691f9c	217	/* AuthDigestUserRequest::AuthDigestUserRequest works
	218	*/
	219	void
	220	testAuthDigestUserRequest::construction()
	221	{
	222	AuthDigestUserRequest();
	223	AuthDigestUserRequest *temp=new AuthDigestUserRequest();
	224	delete temp;
	225	}
	226
	227	void
	228	testAuthDigestUserRequest::username()
	229	{
a33a428a	230	AuthUserRequest::Pointer temp = new AuthDigestUserRequest();
aa110616	231	Auth::Digest::User *duser=new Auth::Digest::User(Auth::Config::Find("digest"));
a33a428a AJ	232	duser->username("John");
a33a428a AJ	233	temp->user(duser);
f5691f9c	234	CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
f5691f9c	235	}
0ea5c60c	236	#endif /* HAVE_AUTH_MODULE_DIGEST */
f5691f9c	237
a33a428a	238	#if HAVE_AUTH_MODULE_NTLM
aa110616 AJ	239	#include "auth/ntlm/User.h"
aa110616 AJ	240	#include "auth/ntlm/UserRequest.h"
f5691f9c	241	/* AuthNTLMUserRequest::AuthNTLMUserRequest works
	242	*/
	243	void
	244	testAuthNTLMUserRequest::construction()
	245	{
	246	AuthNTLMUserRequest();
	247	AuthNTLMUserRequest *temp=new AuthNTLMUserRequest();
	248	delete temp;
	249	}
	250
	251	void
	252	testAuthNTLMUserRequest::username()
	253	{
a33a428a	254	AuthUserRequest::Pointer temp = new AuthNTLMUserRequest();
aa110616	255	Auth::Ntlm::User *nuser=new Auth::Ntlm::User(Auth::Config::Find("ntlm"));
a33a428a AJ	256	nuser->username("John");
a33a428a AJ	257	temp->user(nuser);
f5691f9c	258	CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
f5691f9c	259	}
0ea5c60c	260	#endif /* HAVE_AUTH_MODULE_NTLM */
f46fe759	261
a33a428a	262	#if HAVE_AUTH_MODULE_NEGOTIATE
aa110616 AJ	263	#include "auth/negotiate/User.h"
aa110616 AJ	264	#include "auth/negotiate/UserRequest.h"
f46fe759	265	/* AuthNegotiateUserRequest::AuthNegotiateUserRequest works
	266	*/
	267	void
	268	testAuthNegotiateUserRequest::construction()
	269	{
	270	AuthNegotiateUserRequest();
	271	AuthNegotiateUserRequest *temp=new AuthNegotiateUserRequest();
	272	delete temp;
	273	}
	274
	275	void
	276	testAuthNegotiateUserRequest::username()
	277	{
a33a428a	278	AuthUserRequest::Pointer temp = new AuthNegotiateUserRequest();
aa110616	279	Auth::Negotiate::User *nuser=new Auth::Negotiate::User(Auth::Config::Find("negotiate"));
a33a428a AJ	280	nuser->username("John");
a33a428a AJ	281	temp->user(nuser);
f46fe759	282	CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
f46fe759	283	}
0ea5c60c FC	284
0ea5c60c FC	285	#endif /* HAVE_AUTH_MODULE_NEGOTIATE */
2f1431ea	286	#endif /* USE_AUTH */