@Test public void digestAuthNegativeTest() throws IOException, ExecutionException, TimeoutException, InterruptedException { try (AsyncHttpClient client = asyncHttpClient()) { Future<Response> f = client.prepareGet("http://localhost:" + port1 + "/") .setRealm(digestAuthRealm("fake", ADMIN).build()) .execute(); Response resp = f.get(20, TimeUnit.SECONDS); assertNotNull(resp); assertEquals(resp.getStatusCode(), 401); } }
@Test public void digestAuthTestWithoutScheme() throws IOException, ExecutionException, TimeoutException, InterruptedException { try (AsyncHttpClient client = asyncHttpClient()) { Future<Response> f = client.prepareGet("http://localhost:" + port1 + "/") .setRealm(digestAuthRealm(USER, ADMIN).setRealmName("MyRealm").build()) .execute(); Response resp = f.get(60, TimeUnit.SECONDS); assertNotNull(resp); assertEquals(resp.getStatusCode(), HttpServletResponse.SC_OK); assertNotNull(resp.getHeader("X-Auth")); } }
@Test public void digestAuthTest() throws IOException, ExecutionException, TimeoutException, InterruptedException { try (AsyncHttpClient client = asyncHttpClient()) { Future<Response> f = client.prepareGet("http://localhost:" + port1 + "/") .setRealm(digestAuthRealm(USER, ADMIN).setRealmName("MyRealm").build()) .execute(); Response resp = f.get(60, TimeUnit.SECONDS); assertNotNull(resp); assertEquals(resp.getStatusCode(), HttpServletResponse.SC_OK); assertNotNull(resp.getHeader("X-Auth")); } }
@Test public void testStrongDigest() throws Exception { String user = "user"; String pass = "pass"; String realm = "realm"; String nonce = "nonce"; String method = "GET"; Uri uri = Uri.create("http://ahc.io/foo"); String qop = "auth"; Realm orig = digestAuthRealm(user, pass) .setNonce(nonce) .setUri(uri) .setMethodName(method) .setRealmName(realm) .setQop(qop) .build(); String nc = orig.getNc(); String cnonce = orig.getCnonce(); String ha1 = getMd5(user + ":" + realm + ":" + pass); String ha2 = getMd5(method + ":" + uri.getPath()); String expectedResponse = getMd5(ha1 + ":" + nonce + ":" + nc + ":" + cnonce + ":" + qop + ":" + ha2); assertEquals(orig.getResponse(), expectedResponse); }
private void testOldDigest(String qop) throws Exception { String user = "user"; String pass = "pass"; String realm = "realm"; String nonce = "nonce"; String method = "GET"; Uri uri = Uri.create("http://ahc.io/foo"); Realm orig = digestAuthRealm(user, pass) .setNonce(nonce) .setUri(uri) .setMethodName(method) .setRealmName(realm) .setQop(qop) .build(); String ha1 = getMd5(user + ":" + realm + ":" + pass); String ha2 = getMd5(method + ":" + uri.getPath()); String expectedResponse = getMd5(ha1 + ":" + nonce + ":" + ha2); assertEquals(orig.getResponse(), expectedResponse); }
protected Future<Response> execute(AsyncHttpClient client, boolean basic, boolean preemptive) { Realm.Builder realm; String url; if (basic) { realm = basicAuthRealm(USER, ADMIN); url = getTargetUrl(); } else { realm = digestAuthRealm(USER, ADMIN); url = getTargetUrl2(); if (preemptive) { realm.setRealmName("MyRealm"); realm.setAlgorithm("MD5"); realm.setQop("auth"); realm.setNonce("fFDVc60re9zt8fFDvht0tNrYuvqrcchN"); } } return client.prepareGet(url).setRealm(realm.setUsePreemptiveAuth(preemptive).build()).execute(); }