[thirdparty/squid.git] / src / tests / testAuth.cc

/*
 * Copyright (C) 1996-2023 The Squid Software Foundation and contributors
 *
 * Squid software is distributed under GPLv2+ license and includes
 * contributions from numerous individuals and organizations.
 * Please see the COPYING and CONTRIBUTORS files for details.
 */

#include "squid.h"

#if USE_AUTH

#include "auth/Config.h"
#include "auth/Gadgets.h"
#include "auth/UserRequest.h"
#include "ConfigParser.h"
#include "testAuth.h"
#include "unitTestMain.h"

CPPUNIT_TEST_SUITE_REGISTRATION( testAuth );
CPPUNIT_TEST_SUITE_REGISTRATION( testAuthConfig );
CPPUNIT_TEST_SUITE_REGISTRATION( testAuthUserRequest );
#if HAVE_AUTH_MODULE_BASIC
CPPUNIT_TEST_SUITE_REGISTRATION( testAuthBasicUserRequest );
#endif
#if HAVE_AUTH_MODULE_DIGEST
CPPUNIT_TEST_SUITE_REGISTRATION( testAuthDigestUserRequest );
#endif
#if HAVE_AUTH_MODULE_NTLM
CPPUNIT_TEST_SUITE_REGISTRATION( testAuthNTLMUserRequest );
#endif
#if HAVE_AUTH_MODULE_NEGOTIATE
CPPUNIT_TEST_SUITE_REGISTRATION( testAuthNegotiateUserRequest );
#endif

/* Instantiate all auth framework types */
void
testAuth::instantiate()
{}

char const * stub_config="auth_param digest program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd\n"
                         "auth_param digest children 5\n"
                         "auth_param digest realm Squid proxy-caching web server\n"
                         "auth_param digest nonce_garbage_interval 5 minutes\n"
                         "auth_param digest nonce_max_duration 30 minutes\n"
                         "auth_param digest nonce_max_count 50\n";

static
char const *
find_proxy_auth(char const *type)
{
    char const * proxy_auths[][2]= { {"basic","Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ=="},

        {"digest", "Digest username=\"robertdig\", realm=\"Squid proxy-caching web server\", nonce=\"yy8rQXjEWwixXVBj\", uri=\"/images/bg8.gif\", response=\"f75a7d3edd48d93c681c75dc4fb58700\", qop=auth, nc=00000012, cnonce=\"e2216641961e228e\" "},
        {"ntlm", "NTLM "},
        {"negotiate", "Negotiate "}
    };

    for (unsigned count = 0; count < 4 ; ++count) {
        if (strcasecmp(type, proxy_auths[count][0]) == 0)
            return proxy_auths[count][1];
    }

    return NULL;
}

static
Auth::Config *
getConfig(char const *type_str)
{
    Auth::ConfigVector &config = Auth::TheConfig;
    /* find a configuration for the scheme */
    Auth::Config *scheme = Auth::Config::Find(type_str);

    if (scheme == NULL) {
        /* Create a configuration */
        Auth::Scheme::Pointer theScheme = Auth::Scheme::Find(type_str);

        if (theScheme == NULL) {
            return NULL;
            //fatalf("Unknown authentication scheme '%s'.\n", type_str);
        }

        config.push_back(theScheme->createConfig());
        scheme = config.back();
        assert(scheme);
    }

    return scheme;
}

static
void
setup_scheme(Auth::Config *scheme, char const **params, unsigned param_count)
{
    Auth::ConfigVector &config = Auth::TheConfig;

    for (unsigned position=0; position < param_count; ++position) {
        char *param_str=xstrdup(params[position]);
        strtok(param_str, w_space);
        ConfigParser::SetCfgLine(strtok(NULL, ""));
        scheme->parse(scheme, config.size(), param_str);
    }
}

static
void
fake_auth_setup()
{
    static bool setup(false);

    if (setup)
        return;

    Mem::Init();

    Auth::ConfigVector &config = Auth::TheConfig;

    char const *digest_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd",
                                 "realm foo"
                                };

    char const *basic_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd",
                                "realm foo"
                               };

    char const *ntlm_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd"};

    char const *negotiate_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd"};

    struct _scheme_params {
        char const *name;
        char const **params;
        unsigned paramlength;
    }

    params[]= { {"digest", digest_parms, 2},
        {"basic", basic_parms, 2},
        {"ntlm", ntlm_parms, 1},
        {"negotiate", negotiate_parms, 1}
    };

    for (unsigned scheme=0; scheme < 4; ++scheme) {
        Auth::Config *schemeConfig;
        schemeConfig = getConfig(params[scheme].name);
        if (schemeConfig != NULL)
            setup_scheme(schemeConfig, params[scheme].params,
                         params[scheme].paramlength);
        else
            fprintf(stderr,"Skipping unknown authentication scheme '%s'.\n",
                    params[scheme].name);
    }

    authenticateInit(&config);

    setup=true;
}

/* Auth::Config::CreateAuthUser works for all
 * authentication types
 */
void
testAuthConfig::create()
{
    Debug::Levels[29]=9;
    fake_auth_setup();

    for (Auth::Scheme::iterator i = Auth::Scheme::GetSchemes().begin(); i != Auth::Scheme::GetSchemes().end(); ++i) {
        AuthUserRequest::Pointer authRequest = Auth::Config::CreateAuthUser(find_proxy_auth((*i)->type()));
        CPPUNIT_ASSERT(authRequest != NULL);
    }
}

#include <iostream>

/* AuthUserRequest::scheme returns the correct scheme for all
 * authentication types
 */
void
testAuthUserRequest::scheme()
{
    Debug::Levels[29]=9;
    fake_auth_setup();

    for (Auth::Scheme::iterator i = Auth::Scheme::GetSchemes().begin(); i != Auth::Scheme::GetSchemes().end(); ++i) {
        // create a user request
        // check its scheme matches *i
        AuthUserRequest::Pointer authRequest = Auth::Config::CreateAuthUser(find_proxy_auth((*i)->type()));
        CPPUNIT_ASSERT_EQUAL(authRequest->scheme(), *i);
    }
}

#if HAVE_AUTH_MODULE_BASIC
#include "auth/basic/User.h"
#include "auth/basic/UserRequest.h"
/* AuthBasicUserRequest::AuthBasicUserRequest works
 */
void
testAuthBasicUserRequest::construction()
{
    AuthBasicUserRequest();
    AuthBasicUserRequest *temp=new AuthBasicUserRequest();
    delete temp;
}

void
testAuthBasicUserRequest::username()
{
    AuthUserRequest::Pointer temp = new AuthBasicUserRequest();
    Auth::Basic::User *basic_auth=new Auth::Basic::User(Auth::Config::Find("basic"));
    basic_auth->username("John");
    temp->user(basic_auth);
    CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
}
#endif /* HAVE_AUTH_MODULE_BASIC */

#if HAVE_AUTH_MODULE_DIGEST
#include "auth/digest/User.h"
#include "auth/digest/UserRequest.h"
/* AuthDigestUserRequest::AuthDigestUserRequest works
 */
void
testAuthDigestUserRequest::construction()
{
    AuthDigestUserRequest();
    AuthDigestUserRequest *temp=new AuthDigestUserRequest();
    delete temp;
}

void
testAuthDigestUserRequest::username()
{
    AuthUserRequest::Pointer temp = new AuthDigestUserRequest();
    Auth::Digest::User *duser=new Auth::Digest::User(Auth::Config::Find("digest"));
    duser->username("John");
    temp->user(duser);
    CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
}
#endif /* HAVE_AUTH_MODULE_DIGEST */

#if HAVE_AUTH_MODULE_NTLM
#include "auth/ntlm/User.h"
#include "auth/ntlm/UserRequest.h"
/* AuthNTLMUserRequest::AuthNTLMUserRequest works
 */
void
testAuthNTLMUserRequest::construction()
{
    AuthNTLMUserRequest();
    AuthNTLMUserRequest *temp=new AuthNTLMUserRequest();
    delete temp;
}

void
testAuthNTLMUserRequest::username()
{
    AuthUserRequest::Pointer temp = new AuthNTLMUserRequest();
    Auth::Ntlm::User *nuser=new Auth::Ntlm::User(Auth::Config::Find("ntlm"));
    nuser->username("John");
    temp->user(nuser);
    CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
}
#endif /* HAVE_AUTH_MODULE_NTLM */

#if HAVE_AUTH_MODULE_NEGOTIATE
#include "auth/negotiate/User.h"
#include "auth/negotiate/UserRequest.h"
/* AuthNegotiateUserRequest::AuthNegotiateUserRequest works
 */
void
testAuthNegotiateUserRequest::construction()
{
    AuthNegotiateUserRequest();
    AuthNegotiateUserRequest *temp=new AuthNegotiateUserRequest();
    delete temp;
}

void
testAuthNegotiateUserRequest::username()
{
    AuthUserRequest::Pointer temp = new AuthNegotiateUserRequest();
    Auth::Negotiate::User *nuser=new Auth::Negotiate::User(Auth::Config::Find("negotiate"));
    nuser->username("John");
    temp->user(nuser);
    CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
}

#endif /* HAVE_AUTH_MODULE_NEGOTIATE */
#endif /* USE_AUTH */
Commit	Line	Data
4e0938ef	1	/*
b8ae064d	2	* Copyright (C) 1996-2023 The Squid Software Foundation and contributors
4e0938ef AJ	3	*
	4	* Squid software is distributed under GPLv2+ license and includes
	5	* contributions from numerous individuals and organizations.
	6	* Please see the COPYING and CONTRIBUTORS files for details.
	7	*/
	8
582c2af2	9	#include "squid.h"
2f1431ea AJ	10
	11	#if USE_AUTH
	12
d382ccbd	13	#include "auth/Config.h"
3ad63615	14	#include "auth/Gadgets.h"
602d9612	15	#include "auth/UserRequest.h"
2eceb328	16	#include "ConfigParser.h"
602d9612	17	#include "testAuth.h"
7f861c77	18	#include "unitTestMain.h"
f5691f9c	19
	20	CPPUNIT_TEST_SUITE_REGISTRATION( testAuth );
	21	CPPUNIT_TEST_SUITE_REGISTRATION( testAuthConfig );
	22	CPPUNIT_TEST_SUITE_REGISTRATION( testAuthUserRequest );
a33a428a	23	#if HAVE_AUTH_MODULE_BASIC
f5691f9c	24	CPPUNIT_TEST_SUITE_REGISTRATION( testAuthBasicUserRequest );
0ea5c60c	25	#endif
a33a428a	26	#if HAVE_AUTH_MODULE_DIGEST
f5691f9c	27	CPPUNIT_TEST_SUITE_REGISTRATION( testAuthDigestUserRequest );
0ea5c60c	28	#endif
a33a428a	29	#if HAVE_AUTH_MODULE_NTLM
f5691f9c	30	CPPUNIT_TEST_SUITE_REGISTRATION( testAuthNTLMUserRequest );
0ea5c60c	31	#endif
a33a428a	32	#if HAVE_AUTH_MODULE_NEGOTIATE
f46fe759	33	CPPUNIT_TEST_SUITE_REGISTRATION( testAuthNegotiateUserRequest );
0ea5c60c	34	#endif
f5691f9c	35
	36	/* Instantiate all auth framework types */
	37	void
	38	testAuth::instantiate()
	39	{}
	40
	41	char const * stub_config="auth_param digest program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd\n"
	42	"auth_param digest children 5\n"
	43	"auth_param digest realm Squid proxy-caching web server\n"
	44	"auth_param digest nonce_garbage_interval 5 minutes\n"
	45	"auth_param digest nonce_max_duration 30 minutes\n"
	46	"auth_param digest nonce_max_count 50\n";
	47
	48	static
	49	char const *
	50	find_proxy_auth(char const *type)
	51	{
	52	char const * proxy_auths[][2]= { {"basic","Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ=="},
	53
26ac0430 AJ	54	{"digest", "Digest username=\"robertdig\", realm=\"Squid proxy-caching web server\", nonce=\"yy8rQXjEWwixXVBj\", uri=\"/images/bg8.gif\", response=\"f75a7d3edd48d93c681c75dc4fb58700\", qop=auth, nc=00000012, cnonce=\"e2216641961e228e\" "},
	55	{"ntlm", "NTLM "},
	56	{"negotiate", "Negotiate "}
	57	};
f5691f9c	58
d7ae3534	59	for (unsigned count = 0; count < 4 ; ++count) {
f5691f9c	60	if (strcasecmp(type, proxy_auths[count][0]) == 0)
	61	return proxy_auths[count][1];
	62	}
	63
	64	return NULL;
	65	}
	66
	67	static
9f3d2b2e	68	Auth::Config *
f5691f9c	69	getConfig(char const *type_str)
f5691f9c	70	{
9f3d2b2e	71	Auth::ConfigVector &config = Auth::TheConfig;
f5691f9c	72	/* find a configuration for the scheme */
9f3d2b2e	73	Auth::Config *scheme = Auth::Config::Find(type_str);
f5691f9c	74
	75	if (scheme == NULL) {
	76	/* Create a configuration */
c6cf8dee	77	Auth::Scheme::Pointer theScheme = Auth::Scheme::Find(type_str);
f5691f9c	78
5817ee13	79	if (theScheme == NULL) {
0ea5c60c FC	80	return NULL;
0ea5c60c FC	81	//fatalf("Unknown authentication scheme '%s'.\n", type_str);
f5691f9c	82	}
	83
	84	config.push_back(theScheme->createConfig());
	85	scheme = config.back();
a33a428a	86	assert(scheme);
f5691f9c	87	}
	88
	89	return scheme;
	90	}
	91
	92	static
	93	void
9f3d2b2e	94	setup_scheme(Auth::Config scheme, char const *params, unsigned param_count)
f5691f9c	95	{
9f3d2b2e	96	Auth::ConfigVector &config = Auth::TheConfig;
f5691f9c	97
d7ae3534	98	for (unsigned position=0; position < param_count; ++position) {
f5691f9c	99	char *param_str=xstrdup(params[position]);
f5691f9c	100	strtok(param_str, w_space);
2eceb328	101	ConfigParser::SetCfgLine(strtok(NULL, ""));
f5691f9c	102	scheme->parse(scheme, config.size(), param_str);
	103	}
	104	}
	105
	106	static
	107	void
	108	fake_auth_setup()
	109	{
	110	static bool setup(false);
	111
	112	if (setup)
	113	return;
	114
	115	Mem::Init();
	116
9f3d2b2e	117	Auth::ConfigVector &config = Auth::TheConfig;
f5691f9c	118
	119	char const *digest_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd",
	120	"realm foo"
	121	};
	122
	123	char const *basic_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd",
	124	"realm foo"
	125	};
	126
	127	char const *ntlm_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd"};
	128
f46fe759	129	char const *negotiate_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd"};
f46fe759	130
f5691f9c	131	struct _scheme_params {
	132	char const *name;
	133	char const **params;
	134	unsigned paramlength;
	135	}
	136
f53969cc	137	params[]= { {"digest", digest_parms, 2},
26ac0430 AJ	138	{"basic", basic_parms, 2},
	139	{"ntlm", ntlm_parms, 1},
	140	{"negotiate", negotiate_parms, 1}
	141	};
f5691f9c	142
d7ae3534	143	for (unsigned scheme=0; scheme < 4; ++scheme) {
9f3d2b2e	144	Auth::Config *schemeConfig;
0ea5c60c FC	145	schemeConfig = getConfig(params[scheme].name);
0ea5c60c FC	146	if (schemeConfig != NULL)
9e008dda	147	setup_scheme(schemeConfig, params[scheme].params,
af6a12ee	148	params[scheme].paramlength);
9e008dda AJ	149	else
	150	fprintf(stderr,"Skipping unknown authentication scheme '%s'.\n",
	151	params[scheme].name);
0ea5c60c	152	}
f5691f9c	153
	154	authenticateInit(&config);
	155
	156	setup=true;
	157	}
	158
9f3d2b2e	159	/* Auth::Config::CreateAuthUser works for all
f5691f9c	160	* authentication types
	161	*/
	162	void
	163	testAuthConfig::create()
	164	{
	165	Debug::Levels[29]=9;
	166	fake_auth_setup();
	167
c6cf8dee	168	for (Auth::Scheme::iterator i = Auth::Scheme::GetSchemes().begin(); i != Auth::Scheme::GetSchemes().end(); ++i) {
9f3d2b2e	169	AuthUserRequest::Pointer authRequest = Auth::Config::CreateAuthUser(find_proxy_auth((*i)->type()));
f5691f9c	170	CPPUNIT_ASSERT(authRequest != NULL);
	171	}
	172	}
	173
	174	#include <iostream>
	175
	176	/* AuthUserRequest::scheme returns the correct scheme for all
	177	* authentication types
	178	*/
	179	void
	180	testAuthUserRequest::scheme()
	181	{
	182	Debug::Levels[29]=9;
	183	fake_auth_setup();
	184
c6cf8dee	185	for (Auth::Scheme::iterator i = Auth::Scheme::GetSchemes().begin(); i != Auth::Scheme::GetSchemes().end(); ++i) {
f5691f9c	186	// create a user request
f5691f9c	187	// check its scheme matches *i
9f3d2b2e	188	AuthUserRequest::Pointer authRequest = Auth::Config::CreateAuthUser(find_proxy_auth((*i)->type()));
f5691f9c	189	CPPUNIT_ASSERT_EQUAL(authRequest->scheme(), *i);
	190	}
	191	}
	192
a33a428a	193	#if HAVE_AUTH_MODULE_BASIC
aa110616	194	#include "auth/basic/User.h"
616cfc4c	195	#include "auth/basic/UserRequest.h"
f5691f9c	196	/* AuthBasicUserRequest::AuthBasicUserRequest works
	197	*/
	198	void
	199	testAuthBasicUserRequest::construction()
	200	{
	201	AuthBasicUserRequest();
	202	AuthBasicUserRequest *temp=new AuthBasicUserRequest();
	203	delete temp;
	204	}
	205
	206	void
	207	testAuthBasicUserRequest::username()
	208	{
a33a428a	209	AuthUserRequest::Pointer temp = new AuthBasicUserRequest();
aa110616	210	Auth::Basic::User *basic_auth=new Auth::Basic::User(Auth::Config::Find("basic"));
f5691f9c	211	basic_auth->username("John");
f5691f9c	212	temp->user(basic_auth);
f5691f9c	213	CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
f5691f9c	214	}
0ea5c60c	215	#endif /* HAVE_AUTH_MODULE_BASIC */
f5691f9c	216
a33a428a	217	#if HAVE_AUTH_MODULE_DIGEST
aa110616 AJ	218	#include "auth/digest/User.h"
aa110616 AJ	219	#include "auth/digest/UserRequest.h"
f5691f9c	220	/* AuthDigestUserRequest::AuthDigestUserRequest works
	221	*/
	222	void
	223	testAuthDigestUserRequest::construction()
	224	{
	225	AuthDigestUserRequest();
	226	AuthDigestUserRequest *temp=new AuthDigestUserRequest();
	227	delete temp;
	228	}
	229
	230	void
	231	testAuthDigestUserRequest::username()
	232	{
a33a428a	233	AuthUserRequest::Pointer temp = new AuthDigestUserRequest();
aa110616	234	Auth::Digest::User *duser=new Auth::Digest::User(Auth::Config::Find("digest"));
a33a428a AJ	235	duser->username("John");
a33a428a AJ	236	temp->user(duser);
f5691f9c	237	CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
f5691f9c	238	}
0ea5c60c	239	#endif /* HAVE_AUTH_MODULE_DIGEST */
f5691f9c	240
a33a428a	241	#if HAVE_AUTH_MODULE_NTLM
aa110616 AJ	242	#include "auth/ntlm/User.h"
aa110616 AJ	243	#include "auth/ntlm/UserRequest.h"
f5691f9c	244	/* AuthNTLMUserRequest::AuthNTLMUserRequest works
	245	*/
	246	void
	247	testAuthNTLMUserRequest::construction()
	248	{
	249	AuthNTLMUserRequest();
	250	AuthNTLMUserRequest *temp=new AuthNTLMUserRequest();
	251	delete temp;
	252	}
	253
	254	void
	255	testAuthNTLMUserRequest::username()
	256	{
a33a428a	257	AuthUserRequest::Pointer temp = new AuthNTLMUserRequest();
aa110616	258	Auth::Ntlm::User *nuser=new Auth::Ntlm::User(Auth::Config::Find("ntlm"));
a33a428a AJ	259	nuser->username("John");
a33a428a AJ	260	temp->user(nuser);
f5691f9c	261	CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
f5691f9c	262	}
0ea5c60c	263	#endif /* HAVE_AUTH_MODULE_NTLM */
f46fe759	264
a33a428a	265	#if HAVE_AUTH_MODULE_NEGOTIATE
aa110616 AJ	266	#include "auth/negotiate/User.h"
aa110616 AJ	267	#include "auth/negotiate/UserRequest.h"
f46fe759	268	/* AuthNegotiateUserRequest::AuthNegotiateUserRequest works
	269	*/
	270	void
	271	testAuthNegotiateUserRequest::construction()
	272	{
	273	AuthNegotiateUserRequest();
	274	AuthNegotiateUserRequest *temp=new AuthNegotiateUserRequest();
	275	delete temp;
	276	}
	277
	278	void
	279	testAuthNegotiateUserRequest::username()
	280	{
a33a428a	281	AuthUserRequest::Pointer temp = new AuthNegotiateUserRequest();
aa110616	282	Auth::Negotiate::User *nuser=new Auth::Negotiate::User(Auth::Config::Find("negotiate"));
a33a428a AJ	283	nuser->username("John");
a33a428a AJ	284	temp->user(nuser);
f46fe759	285	CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
f46fe759	286	}
0ea5c60c FC	287
0ea5c60c FC	288	#endif /* HAVE_AUTH_MODULE_NEGOTIATE */
2f1431ea	289	#endif /* USE_AUTH */
f53969cc	290