2
* Licensed to the Apache Software Foundation (ASF) under one or more
3
* contributor license agreements. See the NOTICE file distributed with
4
* this work for additional information regarding copyright ownership.
5
* The ASF licenses this file to You under the Apache License, Version 2.0
6
* (the "License"); you may not use this file except in compliance with
7
* the License. You may obtain a copy of the License at
9
* http://www.apache.org/licenses/LICENSE-2.0
11
* Unless required by applicable law or agreed to in writing, software
12
* distributed under the License is distributed on an "AS IS" BASIS,
13
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
* See the License for the specific language governing permissions and
15
* limitations under the License.
17
package org.apache.tomcat.util.http.parser;
19
import java.io.StringReader;
22
import org.junit.Assert;
23
import org.junit.Test;
25
public class TestAuthorizationDigest {
28
public void testBug54060a() throws Exception {
29
String header = "Digest username=\"mthornton\", " +
30
"realm=\"optrak.com\", " +
31
"nonce=\"1351427243671:c1d6360150712149bae931a3ed7cb498\", " +
32
"uri=\"/files/junk.txt\", " +
33
"response=\"c5c2410bfc46753e83a8f007888b0d2e\", " +
34
"opaque=\"DB85C1A73933A7EB586D10E4BF2924EF\", " +
37
"cnonce=\"9926cb3c334ede11\"";
39
StringReader input = new StringReader(header);
41
Map<String,String> result = HttpParser.parseAuthorizationDigest(input);
43
Assert.assertEquals("mthornton", result.get("username"));
44
Assert.assertEquals("optrak.com", result.get("realm"));
45
Assert.assertEquals("1351427243671:c1d6360150712149bae931a3ed7cb498",
47
Assert.assertEquals("/files/junk.txt", result.get("uri"));
48
Assert.assertEquals("c5c2410bfc46753e83a8f007888b0d2e",
49
result.get("response"));
50
Assert.assertEquals("DB85C1A73933A7EB586D10E4BF2924EF",
51
result.get("opaque"));
52
Assert.assertEquals("auth", result.get("qop"));
53
Assert.assertEquals("00000001", result.get("nc"));
54
Assert.assertEquals("9926cb3c334ede11", result.get("cnonce"));
58
public void testBug54060b() throws Exception {
59
String header = "Digest username=\"mthornton\", " +
60
"realm=\"optrak.com\", " +
61
"nonce=\"1351427480964:a01c16fed5168d72a2b5267395a2022e\", " +
64
"response=\"f310c44b87efc0bc0a7aab7096fd36b6\", " +
65
"opaque=\"DB85C1A73933A7EB586D10E4BF2924EF\", " +
66
"cnonce=\"MHg3ZjA3ZGMwMTUwMTA6NzI2OToxMzUxNDI3NDgw\", " +
70
StringReader input = new StringReader(header);
72
Map<String,String> result = HttpParser.parseAuthorizationDigest(input);
74
Assert.assertEquals("mthornton", result.get("username"));
75
Assert.assertEquals("optrak.com", result.get("realm"));
76
Assert.assertEquals("1351427480964:a01c16fed5168d72a2b5267395a2022e",
78
Assert.assertEquals("/files", result.get("uri"));
79
Assert.assertEquals("MD5", result.get("algorithm"));
80
Assert.assertEquals("f310c44b87efc0bc0a7aab7096fd36b6",
81
result.get("response"));
82
Assert.assertEquals("DB85C1A73933A7EB586D10E4BF2924EF",
83
result.get("opaque"));
84
Assert.assertEquals("MHg3ZjA3ZGMwMTUwMTA6NzI2OToxMzUxNDI3NDgw",
85
result.get("cnonce"));
86
Assert.assertEquals("00000001", result.get("nc"));
87
Assert.assertEquals("auth", result.get("qop"));
91
public void testBug54060c() throws Exception {
92
String header = "Digest username=\"mthornton\", qop=auth";
94
StringReader input = new StringReader(header);
96
Map<String,String> result = HttpParser.parseAuthorizationDigest(input);
98
Assert.assertEquals("mthornton", result.get("username"));
99
Assert.assertEquals("auth", result.get("qop"));
103
public void testBug54060d() throws Exception {
104
String header = "Digest username=\"mthornton\"," +
106
"cnonce=\"9926cb3c334ede11\"";
108
StringReader input = new StringReader(header);
110
Map<String,String> result = HttpParser.parseAuthorizationDigest(input);
112
Assert.assertEquals("mthornton", result.get("username"));
113
Assert.assertEquals("auth", result.get("qop"));
114
Assert.assertEquals("9926cb3c334ede11", result.get("cnonce"));
118
public void testEndWithLhex() throws Exception {
119
String header = "Digest nc=00000001";
121
StringReader input = new StringReader(header);
123
Map<String,String> result = HttpParser.parseAuthorizationDigest(input);
125
Assert.assertEquals("00000001", result.get("nc"));
129
public void testUnclosedQuotedString1() throws Exception {
130
String header = "Digest username=\"test";
132
StringReader input = new StringReader(header);
134
Map<String,String> result = HttpParser.parseAuthorizationDigest(input);
135
Assert.assertNull(result);
139
public void testUnclosedQuotedString2() throws Exception {
140
String header = "Digest username=\"test\\";
142
StringReader input = new StringReader(header);
144
Map<String,String> result = HttpParser.parseAuthorizationDigest(input);
145
Assert.assertNull(result);
149
public void testNonTokenDirective() throws Exception {
150
String header = "Digest user{name=\"test\"";
152
StringReader input = new StringReader(header);
154
Map<String,String> result = HttpParser.parseAuthorizationDigest(input);
155
Assert.assertNull(result);