use of io.undertow.testutils.TestHttpClient in project undertow by undertow-io.
the class HttpContinueAcceptingHandlerTestCase method testHttpContinueRejected.
@Test
public void testHttpContinueRejected() throws IOException {
accept = false;
String message = "My HTTP Request!";
HttpParams httpParams = new BasicHttpParams();
httpParams.setParameter("http.protocol.wait-for-continue", Integer.MAX_VALUE);
TestHttpClient client = new TestHttpClient();
client.setParams(httpParams);
try {
HttpPost post = new HttpPost(DefaultServer.getDefaultServerURL() + "/path");
post.addHeader("Expect", "100-continue");
post.setEntity(new StringEntity(message));
HttpResponse result = client.execute(post);
Assert.assertEquals(StatusCodes.EXPECTATION_FAILED, result.getStatusLine().getStatusCode());
} finally {
client.getConnectionManager().shutdown();
}
}
use of io.undertow.testutils.TestHttpClient in project undertow by undertow-io.
the class DigestAuthenticationAuthTestCase method _testNonceCountReUse.
static void _testNonceCountReUse() throws Exception {
TestHttpClient client = new TestHttpClient();
HttpGet get = new HttpGet(DefaultServer.getDefaultServerURL());
HttpResponse result = client.execute(get);
assertEquals(StatusCodes.UNAUTHORIZED, result.getStatusLine().getStatusCode());
Header[] values = result.getHeaders(WWW_AUTHENTICATE.toString());
String value = getAuthHeader(DIGEST, values);
Map<DigestWWWAuthenticateToken, String> parsedHeader = DigestWWWAuthenticateToken.parseHeader(value.substring(7));
assertEquals(REALM_NAME, parsedHeader.get(DigestWWWAuthenticateToken.REALM));
assertEquals(DigestAlgorithm.MD5.getToken(), parsedHeader.get(DigestWWWAuthenticateToken.ALGORITHM));
assertEquals(DigestQop.AUTH.getToken(), parsedHeader.get(DigestWWWAuthenticateToken.MESSAGE_QOP));
String clientNonce = createNonce();
int nonceCount = 1;
String nonce = parsedHeader.get(DigestWWWAuthenticateToken.NONCE);
String opaque = parsedHeader.get(DigestWWWAuthenticateToken.OPAQUE);
assertNotNull(opaque);
// Send 5 requests with an incrementing nonce count on each call.
for (int i = 0; i < 2; i++) {
client = new TestHttpClient();
get = new HttpGet(DefaultServer.getDefaultServerURL());
// Note - No increment
int thisNonceCount = nonceCount;
String authorization = createAuthorizationLine("userOne", "passwordOne", "GET", "/", nonce, thisNonceCount, clientNonce, opaque);
get.addHeader(AUTHORIZATION.toString(), authorization);
result = client.execute(get);
if (i == 0) {
assertEquals(StatusCodes.OK, result.getStatusLine().getStatusCode());
assertSingleNotificationType(EventType.AUTHENTICATED);
values = result.getHeaders("ProcessedBy");
assertEquals(1, values.length);
assertEquals("ResponseHandler", values[0].getValue());
values = result.getHeaders("Authentication-Info");
assertEquals(1, values.length);
Map<AuthenticationInfoToken, String> parsedAuthInfo = AuthenticationInfoToken.parseHeader(values[0].getValue());
assertEquals("Didn't expect a new nonce.", nonce, parsedAuthInfo.get(AuthenticationInfoToken.NEXT_NONCE));
assertEquals(DigestQop.AUTH.getToken(), parsedAuthInfo.get(AuthenticationInfoToken.MESSAGE_QOP));
String nonceCountString = toHex(thisNonceCount);
assertEquals(createRspAuth("userOne", REALM_NAME, "passwordOne", "/", nonce, nonceCountString, clientNonce), parsedAuthInfo.get(AuthenticationInfoToken.RESPONSE_AUTH));
assertEquals(clientNonce, parsedAuthInfo.get(AuthenticationInfoToken.CNONCE));
assertEquals(nonceCountString, parsedAuthInfo.get(AuthenticationInfoToken.NONCE_COUNT));
} else {
assertEquals(StatusCodes.UNAUTHORIZED, result.getStatusLine().getStatusCode());
}
}
}
use of io.undertow.testutils.TestHttpClient in project undertow by undertow-io.
the class DigestAuthenticationAuthTestCase method _testBadUsername.
static void _testBadUsername() throws Exception {
TestHttpClient client = new TestHttpClient();
HttpGet get = new HttpGet(DefaultServer.getDefaultServerURL());
HttpResponse result = client.execute(get);
assertEquals(StatusCodes.UNAUTHORIZED, result.getStatusLine().getStatusCode());
Header[] values = result.getHeaders(WWW_AUTHENTICATE.toString());
String value = getAuthHeader(DIGEST, values);
Map<DigestWWWAuthenticateToken, String> parsedHeader = DigestWWWAuthenticateToken.parseHeader(value.substring(7));
assertEquals(REALM_NAME, parsedHeader.get(DigestWWWAuthenticateToken.REALM));
assertEquals(DigestAlgorithm.MD5.getToken(), parsedHeader.get(DigestWWWAuthenticateToken.ALGORITHM));
assertEquals(DigestQop.AUTH.getToken(), parsedHeader.get(DigestWWWAuthenticateToken.MESSAGE_QOP));
String clientNonce = createNonce();
int nonceCount = 1;
String nonce = parsedHeader.get(DigestWWWAuthenticateToken.NONCE);
String opaque = parsedHeader.get(DigestWWWAuthenticateToken.OPAQUE);
assertNotNull(opaque);
client = new TestHttpClient();
get = new HttpGet(DefaultServer.getDefaultServerURL());
int thisNonceCount = nonceCount++;
String authorization = createAuthorizationLine("noUser", "passwordOne", "GET", "/", nonce, thisNonceCount, clientNonce, opaque);
get.addHeader(AUTHORIZATION.toString(), authorization);
result = client.execute(get);
assertEquals(StatusCodes.UNAUTHORIZED, result.getStatusLine().getStatusCode());
assertSingleNotificationType(EventType.FAILED_AUTHENTICATION);
}
use of io.undertow.testutils.TestHttpClient in project undertow by undertow-io.
the class DigestAuthenticationAuthTestCase method _testBadPassword.
static void _testBadPassword() throws Exception {
TestHttpClient client = new TestHttpClient();
HttpGet get = new HttpGet(DefaultServer.getDefaultServerURL());
HttpResponse result = client.execute(get);
assertEquals(StatusCodes.UNAUTHORIZED, result.getStatusLine().getStatusCode());
Header[] values = result.getHeaders(WWW_AUTHENTICATE.toString());
String value = getAuthHeader(DIGEST, values);
Map<DigestWWWAuthenticateToken, String> parsedHeader = DigestWWWAuthenticateToken.parseHeader(value.substring(7));
assertEquals(REALM_NAME, parsedHeader.get(DigestWWWAuthenticateToken.REALM));
assertEquals(DigestAlgorithm.MD5.getToken(), parsedHeader.get(DigestWWWAuthenticateToken.ALGORITHM));
assertEquals(DigestQop.AUTH.getToken(), parsedHeader.get(DigestWWWAuthenticateToken.MESSAGE_QOP));
String clientNonce = createNonce();
int nonceCount = 1;
String nonce = parsedHeader.get(DigestWWWAuthenticateToken.NONCE);
String opaque = parsedHeader.get(DigestWWWAuthenticateToken.OPAQUE);
assertNotNull(opaque);
client = new TestHttpClient();
get = new HttpGet(DefaultServer.getDefaultServerURL());
int thisNonceCount = nonceCount++;
String authorization = createAuthorizationLine("userOne", "badPassword", "GET", "/", nonce, thisNonceCount, clientNonce, opaque);
get.addHeader(AUTHORIZATION.toString(), authorization);
result = client.execute(get);
assertEquals(StatusCodes.UNAUTHORIZED, result.getStatusLine().getStatusCode());
assertSingleNotificationType(EventType.FAILED_AUTHENTICATION);
}
use of io.undertow.testutils.TestHttpClient in project undertow by undertow-io.
the class SimpleConfidentialRedirectTestCase method simpleRedirectTestCase.
@Test
public void simpleRedirectTestCase() throws IOException, GeneralSecurityException {
TestHttpClient client = new TestHttpClient();
client.setSSLContext(DefaultServer.getClientSSLContext());
try {
sendRequest(client, "/foo");
sendRequest(client, "/foo+bar");
sendRequest(client, "/foo+bar;aa");
} finally {
client.getConnectionManager().shutdown();
}
}
Aggregations