1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24 package waffle.shiro.negotiate;
25
26 import java.util.Base64;
27 import java.util.HashMap;
28
29 import javax.servlet.http.HttpServletResponse;
30
31 import mockit.Tested;
32
33 import org.junit.jupiter.api.Assertions;
34 import org.junit.jupiter.api.BeforeEach;
35 import org.junit.jupiter.api.Test;
36 import org.junit.jupiter.api.condition.DisabledOnJre;
37 import org.junit.jupiter.api.condition.JRE;
38 import org.mockito.Mockito;
39 import org.powermock.reflect.Whitebox;
40
41
42
43
44 @DisabledOnJre(JRE.JAVA_21)
45 class NegotiateAuthenticationFilterTest {
46
47
48 @Tested
49 private NegotiateAuthenticationFilter negAuthFilter;
50
51
52 MockServletResponse response;
53
54
55 private byte[] out;
56
57
58
59
60 @BeforeEach
61 void setUp() {
62 this.response = Mockito.mock(MockServletResponse.class, Mockito.CALLS_REAL_METHODS);
63 Whitebox.setInternalState(this.response, "headers", new HashMap<>());
64 Whitebox.setInternalState(this.response, "headersAdded", new HashMap<>());
65 }
66
67
68
69
70 @Test
71 void testIsLoginAttempt() {
72 Assertions.assertFalse(this.negAuthFilter.isLoginAttempt(""));
73 Assertions.assertTrue(this.negAuthFilter.isLoginAttempt("NEGOTIATe"));
74 Assertions.assertTrue(this.negAuthFilter.isLoginAttempt("ntlm"));
75 }
76
77
78
79
80 @Test
81 void testSendChallengeDuringNegotiate() {
82
83 final String myProtocol = "myProtocol";
84
85 this.out = new byte[1];
86 this.out[0] = -1;
87
88 this.negAuthFilter.sendChallengeDuringNegotiate(myProtocol, this.response, this.out);
89
90 Assertions.assertEquals(String.join(" ", myProtocol, Base64.getEncoder().encodeToString(this.out)),
91 this.response.headers.get("WWW-Authenticate"));
92
93 Assertions.assertEquals("keep-alive", this.response.headers.get("Connection"));
94
95 Assertions.assertEquals(HttpServletResponse.SC_UNAUTHORIZED, this.response.sc);
96 Assertions.assertEquals(0, this.response.errorCode);
97
98 Assertions.assertFalse(this.response.isFlushed);
99 }
100
101
102
103
104 @Test
105 void testSendChallengeInitiateNegotiate() {
106
107 this.out = new byte[1];
108 this.out[0] = -1;
109
110 this.negAuthFilter.sendChallengeInitiateNegotiate(this.response);
111
112 Assertions.assertEquals("Negotiate", this.response.headersAdded.get("WWW-Authenticate").get(0));
113 Assertions.assertEquals("NTLM", this.response.headersAdded.get("WWW-Authenticate").get(1));
114
115 Assertions.assertEquals("keep-alive", this.response.headers.get("Connection"));
116
117 Assertions.assertEquals(HttpServletResponse.SC_UNAUTHORIZED, this.response.sc);
118 Assertions.assertEquals(0, this.response.errorCode);
119
120 Assertions.assertFalse(this.response.isFlushed);
121 }
122
123
124
125
126 @Test
127 void testSendChallengeOnFailure() {
128
129 this.negAuthFilter.sendChallengeOnFailure(this.response);
130
131 Assertions.assertEquals("Negotiate", this.response.headersAdded.get("WWW-Authenticate").get(0));
132 Assertions.assertEquals("NTLM", this.response.headersAdded.get("WWW-Authenticate").get(1));
133
134 Assertions.assertEquals("close", this.response.headers.get("Connection"));
135
136 Assertions.assertEquals(0, this.response.sc);
137 Assertions.assertEquals(HttpServletResponse.SC_UNAUTHORIZED, this.response.errorCode);
138
139 Assertions.assertTrue(this.response.isFlushed);
140 }
141
142 }