View Javadoc
1   /*
2    * MIT License
3    *
4    * Copyright (c) 2010-2023 The Waffle Project Contributors: https://github.com/Waffle/waffle/graphs/contributors
5    *
6    * Permission is hereby granted, free of charge, to any person obtaining a copy
7    * of this software and associated documentation files (the "Software"), to deal
8    * in the Software without restriction, including without limitation the rights
9    * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10   * copies of the Software, and to permit persons to whom the Software is
11   * furnished to do so, subject to the following conditions:
12   *
13   * The above copyright notice and this permission notice shall be included in all
14   * copies or substantial portions of the Software.
15   *
16   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
19   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
22   * SOFTWARE.
23   */
24  package waffle.shiro.negotiate;
25  
26  import java.util.Base64;
27  import java.util.HashMap;
28  
29  import javax.servlet.http.HttpServletResponse;
30  
31  import mockit.Tested;
32  
33  import org.junit.jupiter.api.Assertions;
34  import org.junit.jupiter.api.BeforeEach;
35  import org.junit.jupiter.api.Test;
36  import org.junit.jupiter.api.condition.DisabledOnJre;
37  import org.junit.jupiter.api.condition.JRE;
38  import org.mockito.Mockito;
39  import org.powermock.reflect.Whitebox;
40  
41  /**
42   * The Class NegotiateAuthenticationFilterTest.
43   */
44  @DisabledOnJre(JRE.JAVA_21)
45  class NegotiateAuthenticationFilterTest {
46  
47      /** The neg auth filter. */
48      @Tested
49      private NegotiateAuthenticationFilter negAuthFilter;
50  
51      /** The response. */
52      MockServletResponse response;
53  
54      /** The out. */
55      private byte[] out;
56  
57      /**
58       * Sets the up.
59       */
60      @BeforeEach
61      void setUp() {
62          this.response = Mockito.mock(MockServletResponse.class, Mockito.CALLS_REAL_METHODS);
63          Whitebox.setInternalState(this.response, "headers", new HashMap<>());
64          Whitebox.setInternalState(this.response, "headersAdded", new HashMap<>());
65      }
66  
67      /**
68       * Test is login attempt.
69       */
70      @Test
71      void testIsLoginAttempt() {
72          Assertions.assertFalse(this.negAuthFilter.isLoginAttempt(""));
73          Assertions.assertTrue(this.negAuthFilter.isLoginAttempt("NEGOTIATe"));
74          Assertions.assertTrue(this.negAuthFilter.isLoginAttempt("ntlm"));
75      }
76  
77      /**
78       * Test send challenge during negotiate.
79       */
80      @Test
81      void testSendChallengeDuringNegotiate() {
82  
83          final String myProtocol = "myProtocol";
84  
85          this.out = new byte[1];
86          this.out[0] = -1;
87  
88          this.negAuthFilter.sendChallengeDuringNegotiate(myProtocol, this.response, this.out);
89  
90          Assertions.assertEquals(String.join(" ", myProtocol, Base64.getEncoder().encodeToString(this.out)),
91                  this.response.headers.get("WWW-Authenticate"));
92  
93          Assertions.assertEquals("keep-alive", this.response.headers.get("Connection"));
94  
95          Assertions.assertEquals(HttpServletResponse.SC_UNAUTHORIZED, this.response.sc);
96          Assertions.assertEquals(0, this.response.errorCode);
97  
98          Assertions.assertFalse(this.response.isFlushed);
99      }
100 
101     /**
102      * Test send challenge initiate negotiate.
103      */
104     @Test
105     void testSendChallengeInitiateNegotiate() {
106 
107         this.out = new byte[1];
108         this.out[0] = -1;
109 
110         this.negAuthFilter.sendChallengeInitiateNegotiate(this.response);
111 
112         Assertions.assertEquals("Negotiate", this.response.headersAdded.get("WWW-Authenticate").get(0));
113         Assertions.assertEquals("NTLM", this.response.headersAdded.get("WWW-Authenticate").get(1));
114 
115         Assertions.assertEquals("keep-alive", this.response.headers.get("Connection"));
116 
117         Assertions.assertEquals(HttpServletResponse.SC_UNAUTHORIZED, this.response.sc);
118         Assertions.assertEquals(0, this.response.errorCode);
119 
120         Assertions.assertFalse(this.response.isFlushed);
121     }
122 
123     /**
124      * Test send challenge on failure.
125      */
126     @Test
127     void testSendChallengeOnFailure() {
128 
129         this.negAuthFilter.sendChallengeOnFailure(this.response);
130 
131         Assertions.assertEquals("Negotiate", this.response.headersAdded.get("WWW-Authenticate").get(0));
132         Assertions.assertEquals("NTLM", this.response.headersAdded.get("WWW-Authenticate").get(1));
133 
134         Assertions.assertEquals("close", this.response.headers.get("Connection"));
135 
136         Assertions.assertEquals(0, this.response.sc);
137         Assertions.assertEquals(HttpServletResponse.SC_UNAUTHORIZED, this.response.errorCode);
138 
139         Assertions.assertTrue(this.response.isFlushed);
140     }
141 
142 }