2016-05-16 16:57:37 +00:00
|
|
|
package httputil
|
2015-10-16 15:06:17 +00:00
|
|
|
|
|
|
|
import (
|
|
|
|
"bytes"
|
|
|
|
"encoding/base64"
|
|
|
|
"io/ioutil"
|
|
|
|
"net/http"
|
|
|
|
"strings"
|
|
|
|
"testing"
|
|
|
|
|
2016-05-16 14:29:44 +00:00
|
|
|
"github.com/github/git-lfs/auth"
|
2016-05-13 16:38:06 +00:00
|
|
|
"github.com/github/git-lfs/config"
|
2016-05-25 16:43:10 +00:00
|
|
|
"github.com/stretchr/testify/assert"
|
2015-10-16 15:06:17 +00:00
|
|
|
)
|
|
|
|
|
2015-10-16 15:41:28 +00:00
|
|
|
func TestNtlmClientSession(t *testing.T) {
|
2015-10-16 15:06:17 +00:00
|
|
|
|
|
|
|
//Make sure to clear ntlmSession so test order doesn't matter.
|
2016-05-13 16:38:06 +00:00
|
|
|
config.Config.NtlmSession = nil
|
2015-10-16 15:41:28 +00:00
|
|
|
|
2016-05-16 14:29:44 +00:00
|
|
|
creds := auth.Creds{"username": "MOOSEDOMAIN\\canadian", "password": "MooseAntlersYeah"}
|
2016-05-13 16:38:06 +00:00
|
|
|
_, err := ntlmClientSession(config.Config, creds)
|
2016-05-25 16:43:10 +00:00
|
|
|
assert.Nil(t, err)
|
2015-10-16 15:41:28 +00:00
|
|
|
|
2015-10-16 15:06:17 +00:00
|
|
|
//The second call should ignore creds and give the session we just created.
|
2016-05-16 14:29:44 +00:00
|
|
|
badCreds := auth.Creds{"username": "badusername", "password": "MooseAntlersYeah"}
|
2016-05-13 16:38:06 +00:00
|
|
|
_, err = ntlmClientSession(config.Config, badCreds)
|
2016-05-25 16:43:10 +00:00
|
|
|
assert.Nil(t, err)
|
2015-10-16 15:41:28 +00:00
|
|
|
|
2015-10-16 15:06:17 +00:00
|
|
|
//clean up
|
2016-05-13 16:38:06 +00:00
|
|
|
config.Config.NtlmSession = nil
|
2015-10-16 15:06:17 +00:00
|
|
|
}
|
|
|
|
|
2015-10-16 15:41:28 +00:00
|
|
|
func TestNtlmClientSessionBadCreds(t *testing.T) {
|
|
|
|
|
2015-10-16 15:06:17 +00:00
|
|
|
//Make sure to clear ntlmSession so test order doesn't matter.
|
2016-05-13 16:38:06 +00:00
|
|
|
config.Config.NtlmSession = nil
|
2015-10-16 15:41:28 +00:00
|
|
|
|
2016-05-16 14:29:44 +00:00
|
|
|
creds := auth.Creds{"username": "badusername", "password": "MooseAntlersYeah"}
|
2016-05-13 16:38:06 +00:00
|
|
|
_, err := ntlmClientSession(config.Config, creds)
|
2016-05-25 16:43:10 +00:00
|
|
|
assert.NotNil(t, err)
|
2015-10-16 15:41:28 +00:00
|
|
|
|
2015-10-16 15:06:17 +00:00
|
|
|
//clean up
|
2016-05-13 16:38:06 +00:00
|
|
|
config.Config.NtlmSession = nil
|
2015-10-16 15:06:17 +00:00
|
|
|
}
|
|
|
|
|
2015-10-16 15:41:28 +00:00
|
|
|
func TestNtlmCloneRequest(t *testing.T) {
|
2015-10-16 15:06:17 +00:00
|
|
|
req1, _ := http.NewRequest("Method", "url", nil)
|
|
|
|
cloneOfReq1, err := cloneRequest(req1)
|
2016-05-25 16:43:10 +00:00
|
|
|
assert.Nil(t, err)
|
2015-10-16 15:06:17 +00:00
|
|
|
assertRequestsEqual(t, req1, cloneOfReq1)
|
2015-10-16 15:41:28 +00:00
|
|
|
|
2015-10-16 15:06:17 +00:00
|
|
|
req2, _ := http.NewRequest("Method", "url", bytes.NewReader([]byte("Moose can be request bodies")))
|
|
|
|
cloneOfReq2, err := cloneRequest(req2)
|
2016-05-25 16:43:10 +00:00
|
|
|
assert.Nil(t, err)
|
2015-10-16 15:06:17 +00:00
|
|
|
assertRequestsEqual(t, req2, cloneOfReq2)
|
|
|
|
}
|
|
|
|
|
2015-10-16 15:41:28 +00:00
|
|
|
func assertRequestsEqual(t *testing.T, req1 *http.Request, req2 *http.Request) {
|
2015-10-16 15:06:17 +00:00
|
|
|
assert.Equal(t, req1.Method, req2.Method)
|
2015-10-16 15:41:28 +00:00
|
|
|
|
2015-10-16 15:06:17 +00:00
|
|
|
for k, v := range req1.Header {
|
|
|
|
assert.Equal(t, v, req2.Header[k])
|
|
|
|
}
|
2015-10-16 15:41:28 +00:00
|
|
|
|
|
|
|
if req1.Body == nil {
|
2016-05-25 16:43:10 +00:00
|
|
|
assert.Nil(t, req2.Body)
|
2015-10-16 15:06:17 +00:00
|
|
|
} else {
|
|
|
|
bytes1, _ := ioutil.ReadAll(req1.Body)
|
|
|
|
bytes2, _ := ioutil.ReadAll(req2.Body)
|
2016-05-25 16:43:10 +00:00
|
|
|
assert.Equal(t, bytes1, bytes2)
|
2015-10-16 15:06:17 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestNtlmHeaderParseValid(t *testing.T) {
|
|
|
|
res := http.Response{}
|
|
|
|
res.Header = make(map[string][]string)
|
2015-10-16 15:41:28 +00:00
|
|
|
res.Header.Add("Www-Authenticate", "NTLM "+base64.StdEncoding.EncodeToString([]byte("I am a moose")))
|
|
|
|
bytes, err := parseChallengeResponse(&res)
|
2016-05-25 16:43:10 +00:00
|
|
|
assert.Nil(t, err)
|
|
|
|
assert.False(t, strings.HasPrefix(string(bytes), "NTLM"))
|
2015-10-16 15:06:17 +00:00
|
|
|
}
|
|
|
|
|
2015-10-16 15:41:28 +00:00
|
|
|
func TestNtlmHeaderParseInvalidLength(t *testing.T) {
|
2015-10-16 15:06:17 +00:00
|
|
|
res := http.Response{}
|
|
|
|
res.Header = make(map[string][]string)
|
2015-10-16 15:41:28 +00:00
|
|
|
res.Header.Add("Www-Authenticate", "NTL")
|
2015-11-06 18:26:35 +00:00
|
|
|
ret, err := parseChallengeResponse(&res)
|
|
|
|
if ret != nil {
|
|
|
|
t.Errorf("Unexpected challenge response: %v", ret)
|
|
|
|
}
|
|
|
|
|
|
|
|
if err == nil {
|
|
|
|
t.Errorf("Expected error, got none!")
|
|
|
|
}
|
2015-10-16 15:06:17 +00:00
|
|
|
}
|
|
|
|
|
2015-10-16 15:41:28 +00:00
|
|
|
func TestNtlmHeaderParseInvalid(t *testing.T) {
|
2015-10-16 15:06:17 +00:00
|
|
|
res := http.Response{}
|
|
|
|
res.Header = make(map[string][]string)
|
2015-10-16 15:41:28 +00:00
|
|
|
res.Header.Add("Www-Authenticate", base64.StdEncoding.EncodeToString([]byte("NTLM I am a moose")))
|
2015-10-16 15:06:17 +00:00
|
|
|
_, err := parseChallengeResponse(&res)
|
2016-05-25 16:43:10 +00:00
|
|
|
assert.NotNil(t, err)
|
2015-10-16 15:41:28 +00:00
|
|
|
}
|
2015-11-06 20:47:45 +00:00
|
|
|
|
|
|
|
func TestCloneSmallBody(t *testing.T) {
|
|
|
|
cloneable1, err := newCloneableBody(strings.NewReader("abc"), 5)
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
cloneable2, err := cloneable1.CloneBody()
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
assertCloneableBody(t, cloneable2, "abc", "abc")
|
|
|
|
assertCloneableBody(t, cloneable1, "abc", "abc")
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestCloneBigBody(t *testing.T) {
|
|
|
|
cloneable1, err := newCloneableBody(strings.NewReader("abc"), 2)
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
cloneable2, err := cloneable1.CloneBody()
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
assertCloneableBody(t, cloneable2, "abc", "ab")
|
|
|
|
assertCloneableBody(t, cloneable1, "abc", "ab")
|
|
|
|
}
|
|
|
|
|
|
|
|
func assertCloneableBody(t *testing.T, cloneable *cloneableBody, expectedBody, expectedBuffer string) {
|
2015-11-16 18:46:28 +00:00
|
|
|
buffer := string(cloneable.bytes)
|
2015-11-06 20:47:45 +00:00
|
|
|
if buffer != expectedBuffer {
|
|
|
|
t.Errorf("Expected buffer %q, got %q", expectedBody, buffer)
|
|
|
|
}
|
|
|
|
|
|
|
|
if cloneable.closed {
|
|
|
|
t.Errorf("already closed?")
|
|
|
|
}
|
|
|
|
|
|
|
|
by, err := ioutil.ReadAll(cloneable)
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
if err := cloneable.Close(); err != nil {
|
|
|
|
t.Errorf("Error closing: %v", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
actual := string(by)
|
|
|
|
if actual != expectedBody {
|
|
|
|
t.Errorf("Expected to read %q, got %q", expectedBody, actual)
|
|
|
|
}
|
|
|
|
}
|