[thirdparty/squid.git] / src / tests / testAuth.cc

/*
 * Copyright (C) 1996-2015 The Squid Software Foundation and contributors
 *
 * Squid software is distributed under GPLv2+ license and includes
 * contributions from numerous individuals and organizations.
 * Please see the COPYING and CONTRIBUTORS files for details.
 */

#include "squid.h"

#if USE_AUTH

#include "auth/Config.h"
#include "auth/Gadgets.h"
#include "auth/Scheme.h"
#include "auth/UserRequest.h"
#include "ConfigParser.h"
#include "testAuth.h"
#include "unitTestMain.h"

CPPUNIT_TEST_SUITE_REGISTRATION( testAuth );
CPPUNIT_TEST_SUITE_REGISTRATION( testAuthConfig );
CPPUNIT_TEST_SUITE_REGISTRATION( testAuthUserRequest );
#if HAVE_AUTH_MODULE_BASIC
CPPUNIT_TEST_SUITE_REGISTRATION( testAuthBasicUserRequest );
#endif
#if HAVE_AUTH_MODULE_DIGEST
CPPUNIT_TEST_SUITE_REGISTRATION( testAuthDigestUserRequest );
#endif
#if HAVE_AUTH_MODULE_NTLM
CPPUNIT_TEST_SUITE_REGISTRATION( testAuthNTLMUserRequest );
#endif
#if HAVE_AUTH_MODULE_NEGOTIATE
CPPUNIT_TEST_SUITE_REGISTRATION( testAuthNegotiateUserRequest );
#endif

/* Instantiate all auth framework types */
void
testAuth::instantiate()
{}

char const * stub_config="auth_param digest program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd\n"
                         "auth_param digest children 5\n"
                         "auth_param digest realm Squid proxy-caching web server\n"
                         "auth_param digest nonce_garbage_interval 5 minutes\n"
                         "auth_param digest nonce_max_duration 30 minutes\n"
                         "auth_param digest nonce_max_count 50\n";

static
char const *
find_proxy_auth(char const *type)
{
    char const * proxy_auths[][2]= { {"basic","Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ=="},

        {"digest", "Digest username=\"robertdig\", realm=\"Squid proxy-caching web server\", nonce=\"yy8rQXjEWwixXVBj\", uri=\"/images/bg8.gif\", response=\"f75a7d3edd48d93c681c75dc4fb58700\", qop=auth, nc=00000012, cnonce=\"e2216641961e228e\" "},
        {"ntlm", "NTLM "},
        {"negotiate", "Negotiate "}
    };

    for (unsigned count = 0; count < 4 ; ++count) {
        if (strcasecmp(type, proxy_auths[count][0]) == 0)
            return proxy_auths[count][1];
    }

    return NULL;
}

static
Auth::Config *
getConfig(char const *type_str)
{
    Auth::ConfigVector &config = Auth::TheConfig;
    /* find a configuration for the scheme */
    Auth::Config *scheme = Auth::Config::Find(type_str);

    if (scheme == NULL) {
        /* Create a configuration */
        Auth::Scheme::Pointer theScheme = Auth::Scheme::Find(type_str);

        if (theScheme == NULL) {
            return NULL;
            //fatalf("Unknown authentication scheme '%s'.\n", type_str);
        }

        config.push_back(theScheme->createConfig());
        scheme = config.back();
        assert(scheme);
    }

    return scheme;
}

static
void
setup_scheme(Auth::Config *scheme, char const **params, unsigned param_count)
{
    Auth::ConfigVector &config = Auth::TheConfig;

    for (unsigned position=0; position < param_count; ++position) {
        char *param_str=xstrdup(params[position]);
        strtok(param_str, w_space);
        ConfigParser::SetCfgLine(strtok(NULL, ""));
        scheme->parse(scheme, config.size(), param_str);
    }
}

static
void
fake_auth_setup()
{
    static bool setup(false);

    if (setup)
        return;

    Mem::Init();

    Auth::ConfigVector &config = Auth::TheConfig;

    char const *digest_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd",
                                 "realm foo"
                                };

    char const *basic_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd",
                                "realm foo"
                               };

    char const *ntlm_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd"};

    char const *negotiate_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd"};

    struct _scheme_params {
        char const *name;
        char const **params;
        unsigned paramlength;
    }

    params[]= { {"digest", digest_parms, 2},
        {"basic", basic_parms, 2},
        {"ntlm", ntlm_parms, 1},
        {"negotiate", negotiate_parms, 1}
    };

    for (unsigned scheme=0; scheme < 4; ++scheme) {
        Auth::Config *schemeConfig;
        schemeConfig = getConfig(params[scheme].name);
        if (schemeConfig != NULL)
            setup_scheme(schemeConfig, params[scheme].params,
                         params[scheme].paramlength);
        else
            fprintf(stderr,"Skipping unknown authentication scheme '%s'.\n",
                    params[scheme].name);
    }

    authenticateInit(&config);

    setup=true;
}

/* Auth::Config::CreateAuthUser works for all
 * authentication types
 */
void
testAuthConfig::create()
{
    Debug::Levels[29]=9;
    fake_auth_setup();

    for (Auth::Scheme::iterator i = Auth::Scheme::GetSchemes().begin(); i != Auth::Scheme::GetSchemes().end(); ++i) {
        AuthUserRequest::Pointer authRequest = Auth::Config::CreateAuthUser(find_proxy_auth((*i)->type()));
        CPPUNIT_ASSERT(authRequest != NULL);
    }
}

#include <iostream>

/* AuthUserRequest::scheme returns the correct scheme for all
 * authentication types
 */
void
testAuthUserRequest::scheme()
{
    Debug::Levels[29]=9;
    fake_auth_setup();

    for (Auth::Scheme::iterator i = Auth::Scheme::GetSchemes().begin(); i != Auth::Scheme::GetSchemes().end(); ++i) {
        // create a user request
        // check its scheme matches *i
        AuthUserRequest::Pointer authRequest = Auth::Config::CreateAuthUser(find_proxy_auth((*i)->type()));
        CPPUNIT_ASSERT_EQUAL(authRequest->scheme(), *i);
    }
}

#if HAVE_AUTH_MODULE_BASIC
#include "auth/basic/User.h"
#include "auth/basic/UserRequest.h"
/* AuthBasicUserRequest::AuthBasicUserRequest works
 */
void
testAuthBasicUserRequest::construction()
{
    AuthBasicUserRequest();
    AuthBasicUserRequest *temp=new AuthBasicUserRequest();
    delete temp;
}

void
testAuthBasicUserRequest::username()
{
    AuthUserRequest::Pointer temp = new AuthBasicUserRequest();
    Auth::Basic::User *basic_auth=new Auth::Basic::User(Auth::Config::Find("basic"));
    basic_auth->username("John");
    temp->user(basic_auth);
    CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
}
#endif /* HAVE_AUTH_MODULE_BASIC */

#if HAVE_AUTH_MODULE_DIGEST
#include "auth/digest/User.h"
#include "auth/digest/UserRequest.h"
/* AuthDigestUserRequest::AuthDigestUserRequest works
 */
void
testAuthDigestUserRequest::construction()
{
    AuthDigestUserRequest();
    AuthDigestUserRequest *temp=new AuthDigestUserRequest();
    delete temp;
}

void
testAuthDigestUserRequest::username()
{
    AuthUserRequest::Pointer temp = new AuthDigestUserRequest();
    Auth::Digest::User *duser=new Auth::Digest::User(Auth::Config::Find("digest"));
    duser->username("John");
    temp->user(duser);
    CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
}
#endif /* HAVE_AUTH_MODULE_DIGEST */

#if HAVE_AUTH_MODULE_NTLM
#include "auth/ntlm/User.h"
#include "auth/ntlm/UserRequest.h"
/* AuthNTLMUserRequest::AuthNTLMUserRequest works
 */
void
testAuthNTLMUserRequest::construction()
{
    AuthNTLMUserRequest();
    AuthNTLMUserRequest *temp=new AuthNTLMUserRequest();
    delete temp;
}

void
testAuthNTLMUserRequest::username()
{
    AuthUserRequest::Pointer temp = new AuthNTLMUserRequest();
    Auth::Ntlm::User *nuser=new Auth::Ntlm::User(Auth::Config::Find("ntlm"));
    nuser->username("John");
    temp->user(nuser);
    CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
}
#endif /* HAVE_AUTH_MODULE_NTLM */

#if HAVE_AUTH_MODULE_NEGOTIATE
#include "auth/negotiate/User.h"
#include "auth/negotiate/UserRequest.h"
/* AuthNegotiateUserRequest::AuthNegotiateUserRequest works
 */
void
testAuthNegotiateUserRequest::construction()
{
    AuthNegotiateUserRequest();
    AuthNegotiateUserRequest *temp=new AuthNegotiateUserRequest();
    delete temp;
}

void
testAuthNegotiateUserRequest::username()
{
    AuthUserRequest::Pointer temp = new AuthNegotiateUserRequest();
    Auth::Negotiate::User *nuser=new Auth::Negotiate::User(Auth::Config::Find("negotiate"));
    nuser->username("John");
    temp->user(nuser);
    CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
}

#endif /* HAVE_AUTH_MODULE_NEGOTIATE */
#endif /* USE_AUTH */
Commit	Line	Data
4e0938ef	1	/*
bde978a6	2	* Copyright (C) 1996-2015 The Squid Software Foundation and contributors
4e0938ef AJ	3	*
	4	* Squid software is distributed under GPLv2+ license and includes
	5	* contributions from numerous individuals and organizations.
	6	* Please see the COPYING and CONTRIBUTORS files for details.
	7	*/
	8
582c2af2	9	#include "squid.h"
2f1431ea AJ	10
	11	#if USE_AUTH
	12
602d9612	13	#include "auth/Config.h"
3ad63615	14	#include "auth/Gadgets.h"
2d2b0bb7	15	#include "auth/Scheme.h"
602d9612	16	#include "auth/UserRequest.h"
2eceb328	17	#include "ConfigParser.h"
602d9612	18	#include "testAuth.h"
7f861c77	19	#include "unitTestMain.h"
f5691f9c	20
	21	CPPUNIT_TEST_SUITE_REGISTRATION( testAuth );
	22	CPPUNIT_TEST_SUITE_REGISTRATION( testAuthConfig );
	23	CPPUNIT_TEST_SUITE_REGISTRATION( testAuthUserRequest );
a33a428a	24	#if HAVE_AUTH_MODULE_BASIC
f5691f9c	25	CPPUNIT_TEST_SUITE_REGISTRATION( testAuthBasicUserRequest );
0ea5c60c	26	#endif
a33a428a	27	#if HAVE_AUTH_MODULE_DIGEST
f5691f9c	28	CPPUNIT_TEST_SUITE_REGISTRATION( testAuthDigestUserRequest );
0ea5c60c	29	#endif
a33a428a	30	#if HAVE_AUTH_MODULE_NTLM
f5691f9c	31	CPPUNIT_TEST_SUITE_REGISTRATION( testAuthNTLMUserRequest );
0ea5c60c	32	#endif
a33a428a	33	#if HAVE_AUTH_MODULE_NEGOTIATE
f46fe759	34	CPPUNIT_TEST_SUITE_REGISTRATION( testAuthNegotiateUserRequest );
0ea5c60c	35	#endif
f5691f9c	36
	37	/* Instantiate all auth framework types */
	38	void
	39	testAuth::instantiate()
	40	{}
	41
	42	char const * stub_config="auth_param digest program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd\n"
	43	"auth_param digest children 5\n"
	44	"auth_param digest realm Squid proxy-caching web server\n"
	45	"auth_param digest nonce_garbage_interval 5 minutes\n"
	46	"auth_param digest nonce_max_duration 30 minutes\n"
	47	"auth_param digest nonce_max_count 50\n";
	48
	49	static
	50	char const *
	51	find_proxy_auth(char const *type)
	52	{
	53	char const * proxy_auths[][2]= { {"basic","Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ=="},
	54
26ac0430 AJ	55	{"digest", "Digest username=\"robertdig\", realm=\"Squid proxy-caching web server\", nonce=\"yy8rQXjEWwixXVBj\", uri=\"/images/bg8.gif\", response=\"f75a7d3edd48d93c681c75dc4fb58700\", qop=auth, nc=00000012, cnonce=\"e2216641961e228e\" "},
	56	{"ntlm", "NTLM "},
	57	{"negotiate", "Negotiate "}
	58	};
f5691f9c	59
d7ae3534	60	for (unsigned count = 0; count < 4 ; ++count) {
f5691f9c	61	if (strcasecmp(type, proxy_auths[count][0]) == 0)
	62	return proxy_auths[count][1];
	63	}
	64
	65	return NULL;
	66	}
	67
	68	static
9f3d2b2e	69	Auth::Config *
f5691f9c	70	getConfig(char const *type_str)
f5691f9c	71	{
9f3d2b2e	72	Auth::ConfigVector &config = Auth::TheConfig;
f5691f9c	73	/* find a configuration for the scheme */
9f3d2b2e	74	Auth::Config *scheme = Auth::Config::Find(type_str);
f5691f9c	75
	76	if (scheme == NULL) {
	77	/* Create a configuration */
c6cf8dee	78	Auth::Scheme::Pointer theScheme = Auth::Scheme::Find(type_str);
f5691f9c	79
5817ee13	80	if (theScheme == NULL) {
0ea5c60c FC	81	return NULL;
0ea5c60c FC	82	//fatalf("Unknown authentication scheme '%s'.\n", type_str);
f5691f9c	83	}
	84
	85	config.push_back(theScheme->createConfig());
	86	scheme = config.back();
a33a428a	87	assert(scheme);
f5691f9c	88	}
	89
	90	return scheme;
	91	}
	92
	93	static
	94	void
9f3d2b2e	95	setup_scheme(Auth::Config scheme, char const *params, unsigned param_count)
f5691f9c	96	{
9f3d2b2e	97	Auth::ConfigVector &config = Auth::TheConfig;
f5691f9c	98
d7ae3534	99	for (unsigned position=0; position < param_count; ++position) {
f5691f9c	100	char *param_str=xstrdup(params[position]);
f5691f9c	101	strtok(param_str, w_space);
2eceb328	102	ConfigParser::SetCfgLine(strtok(NULL, ""));
f5691f9c	103	scheme->parse(scheme, config.size(), param_str);
	104	}
	105	}
	106
	107	static
	108	void
	109	fake_auth_setup()
	110	{
	111	static bool setup(false);
	112
	113	if (setup)
	114	return;
	115
	116	Mem::Init();
	117
9f3d2b2e	118	Auth::ConfigVector &config = Auth::TheConfig;
f5691f9c	119
	120	char const *digest_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd",
	121	"realm foo"
	122	};
	123
	124	char const *basic_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd",
	125	"realm foo"
	126	};
	127
	128	char const *ntlm_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd"};
	129
f46fe759	130	char const *negotiate_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd"};
f46fe759	131
f5691f9c	132	struct _scheme_params {
	133	char const *name;
	134	char const **params;
	135	unsigned paramlength;
	136	}
	137
f53969cc	138	params[]= { {"digest", digest_parms, 2},
26ac0430 AJ	139	{"basic", basic_parms, 2},
	140	{"ntlm", ntlm_parms, 1},
	141	{"negotiate", negotiate_parms, 1}
	142	};
f5691f9c	143
d7ae3534	144	for (unsigned scheme=0; scheme < 4; ++scheme) {
9f3d2b2e	145	Auth::Config *schemeConfig;
0ea5c60c FC	146	schemeConfig = getConfig(params[scheme].name);
0ea5c60c FC	147	if (schemeConfig != NULL)
9e008dda	148	setup_scheme(schemeConfig, params[scheme].params,
af6a12ee	149	params[scheme].paramlength);
9e008dda AJ	150	else
	151	fprintf(stderr,"Skipping unknown authentication scheme '%s'.\n",
	152	params[scheme].name);
0ea5c60c	153	}
f5691f9c	154
	155	authenticateInit(&config);
	156
	157	setup=true;
	158	}
	159
9f3d2b2e	160	/* Auth::Config::CreateAuthUser works for all
f5691f9c	161	* authentication types
	162	*/
	163	void
	164	testAuthConfig::create()
	165	{
	166	Debug::Levels[29]=9;
	167	fake_auth_setup();
	168
c6cf8dee	169	for (Auth::Scheme::iterator i = Auth::Scheme::GetSchemes().begin(); i != Auth::Scheme::GetSchemes().end(); ++i) {
9f3d2b2e	170	AuthUserRequest::Pointer authRequest = Auth::Config::CreateAuthUser(find_proxy_auth((*i)->type()));
f5691f9c	171	CPPUNIT_ASSERT(authRequest != NULL);
	172	}
	173	}
	174
	175	#include <iostream>
	176
	177	/* AuthUserRequest::scheme returns the correct scheme for all
	178	* authentication types
	179	*/
	180	void
	181	testAuthUserRequest::scheme()
	182	{
	183	Debug::Levels[29]=9;
	184	fake_auth_setup();
	185
c6cf8dee	186	for (Auth::Scheme::iterator i = Auth::Scheme::GetSchemes().begin(); i != Auth::Scheme::GetSchemes().end(); ++i) {
f5691f9c	187	// create a user request
f5691f9c	188	// check its scheme matches *i
9f3d2b2e	189	AuthUserRequest::Pointer authRequest = Auth::Config::CreateAuthUser(find_proxy_auth((*i)->type()));
f5691f9c	190	CPPUNIT_ASSERT_EQUAL(authRequest->scheme(), *i);
	191	}
	192	}
	193
a33a428a	194	#if HAVE_AUTH_MODULE_BASIC
aa110616	195	#include "auth/basic/User.h"
616cfc4c	196	#include "auth/basic/UserRequest.h"
f5691f9c	197	/* AuthBasicUserRequest::AuthBasicUserRequest works
	198	*/
	199	void
	200	testAuthBasicUserRequest::construction()
	201	{
	202	AuthBasicUserRequest();
	203	AuthBasicUserRequest *temp=new AuthBasicUserRequest();
	204	delete temp;
	205	}
	206
	207	void
	208	testAuthBasicUserRequest::username()
	209	{
a33a428a	210	AuthUserRequest::Pointer temp = new AuthBasicUserRequest();
aa110616	211	Auth::Basic::User *basic_auth=new Auth::Basic::User(Auth::Config::Find("basic"));
f5691f9c	212	basic_auth->username("John");
f5691f9c	213	temp->user(basic_auth);
f5691f9c	214	CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
f5691f9c	215	}
0ea5c60c	216	#endif /* HAVE_AUTH_MODULE_BASIC */
f5691f9c	217
a33a428a	218	#if HAVE_AUTH_MODULE_DIGEST
aa110616 AJ	219	#include "auth/digest/User.h"
aa110616 AJ	220	#include "auth/digest/UserRequest.h"
f5691f9c	221	/* AuthDigestUserRequest::AuthDigestUserRequest works
	222	*/
	223	void
	224	testAuthDigestUserRequest::construction()
	225	{
	226	AuthDigestUserRequest();
	227	AuthDigestUserRequest *temp=new AuthDigestUserRequest();
	228	delete temp;
	229	}
	230
	231	void
	232	testAuthDigestUserRequest::username()
	233	{
a33a428a	234	AuthUserRequest::Pointer temp = new AuthDigestUserRequest();
aa110616	235	Auth::Digest::User *duser=new Auth::Digest::User(Auth::Config::Find("digest"));
a33a428a AJ	236	duser->username("John");
a33a428a AJ	237	temp->user(duser);
f5691f9c	238	CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
f5691f9c	239	}
0ea5c60c	240	#endif /* HAVE_AUTH_MODULE_DIGEST */
f5691f9c	241
a33a428a	242	#if HAVE_AUTH_MODULE_NTLM
aa110616 AJ	243	#include "auth/ntlm/User.h"
aa110616 AJ	244	#include "auth/ntlm/UserRequest.h"
f5691f9c	245	/* AuthNTLMUserRequest::AuthNTLMUserRequest works
	246	*/
	247	void
	248	testAuthNTLMUserRequest::construction()
	249	{
	250	AuthNTLMUserRequest();
	251	AuthNTLMUserRequest *temp=new AuthNTLMUserRequest();
	252	delete temp;
	253	}
	254
	255	void
	256	testAuthNTLMUserRequest::username()
	257	{
a33a428a	258	AuthUserRequest::Pointer temp = new AuthNTLMUserRequest();
aa110616	259	Auth::Ntlm::User *nuser=new Auth::Ntlm::User(Auth::Config::Find("ntlm"));
a33a428a AJ	260	nuser->username("John");
a33a428a AJ	261	temp->user(nuser);
f5691f9c	262	CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
f5691f9c	263	}
0ea5c60c	264	#endif /* HAVE_AUTH_MODULE_NTLM */
f46fe759	265
a33a428a	266	#if HAVE_AUTH_MODULE_NEGOTIATE
aa110616 AJ	267	#include "auth/negotiate/User.h"
aa110616 AJ	268	#include "auth/negotiate/UserRequest.h"
f46fe759	269	/* AuthNegotiateUserRequest::AuthNegotiateUserRequest works
	270	*/
	271	void
	272	testAuthNegotiateUserRequest::construction()
	273	{
	274	AuthNegotiateUserRequest();
	275	AuthNegotiateUserRequest *temp=new AuthNegotiateUserRequest();
	276	delete temp;
	277	}
	278
	279	void
	280	testAuthNegotiateUserRequest::username()
	281	{
a33a428a	282	AuthUserRequest::Pointer temp = new AuthNegotiateUserRequest();
aa110616	283	Auth::Negotiate::User *nuser=new Auth::Negotiate::User(Auth::Config::Find("negotiate"));
a33a428a AJ	284	nuser->username("John");
a33a428a AJ	285	temp->user(nuser);
f46fe759	286	CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
f46fe759	287	}
0ea5c60c FC	288
0ea5c60c FC	289	#endif /* HAVE_AUTH_MODULE_NEGOTIATE */
2f1431ea	290	#endif /* USE_AUTH */
f53969cc	291