# HG changeset patch # User Maxim Dounin # Date 1302283420 -14400 # Node ID 6b73d6c8f26c13d93f1806a83f1ebebf8acb8be5 # Parent 2178954eee5d8aab21f44006cc78029e2672629d Tests: add some auth basic module tests. diff --git a/auth_basic.t b/auth_basic.t new file mode 100644 --- /dev/null +++ b/auth_basic.t @@ -0,0 +1,105 @@ +#!/usr/bin/perl + +# (C) Maxim Dounin + +# Tests for auth basic module. + +############################################################################### + +use warnings; +use strict; + +use Test::More; + +use MIME::Base64; + +BEGIN { use FindBin; chdir($FindBin::Bin); } + +use lib 'lib'; +use Test::Nginx; + +############################################################################### + +select STDERR; $| = 1; +select STDOUT; $| = 1; + +my $t = Test::Nginx->new()->has(qw/http auth_basic/)->plan(11) + ->write_file_expand('nginx.conf', <<'EOF'); + +%%TEST_GLOBALS%% + +master_process off; +daemon off; + +events { +} + +http { + %%TEST_GLOBALS_HTTP%% + + server { + listen 127.0.0.1:8080; + server_name localhost; + + location / { + auth_basic "closed site"; + auth_basic_user_file %%TESTDIR%%/htpasswd; + } + } +} + +EOF + +my $d = $t->testdir(); + +$t->write_file('index.html', 'SEETHIS'); + +$t->write_file( + 'htpasswd', + 'crypt:' . crypt('password', 'salt') . "\n" . + 'crypt1:' . crypt('password', '$1$salt$') . "\n" . + 'apr1:' . '$apr1$salt$Xxd1irWT9ycqoYxGFn4cb.' . "\n" . + 'plain:' . '{PLAIN}password' . "\n" . + 'ssha:' . '{SSHA}yI6cZwQadOA1e+/f+T+H3eCQQhRzYWx0' . "\n" +); + +$t->run(); + +############################################################################### + +like(http_get('/'), qr!401 Unauthorized!ms, 'rejects unathorized'); + +like(http_get_auth('/', 'crypt', 'password'), qr!SEETHIS!, 'normal crypt'); +unlike(http_get_auth('/', 'crypt', '123'), qr!SEETHIS!, 'normal wrong'); + +like(http_get_auth('/', 'crypt1', 'password'), qr!SEETHIS!, 'crypt $1$ (md5)'); +unlike(http_get_auth('/', 'crypt1', '123'), qr!SEETHIS!, 'crypt $1$ wrong'); + +TODO: { +local $TODO = 'not yet'; + +like(http_get_auth('/', 'apr1', 'password'), qr!SEETHIS!, 'apr1 md5'); +like(http_get_auth('/', 'plain', 'password'), qr!SEETHIS!, 'plain password'); +like(http_get_auth('/', 'ssha', 'password'), qr!SEETHIS!, 'ssha'); +} + +unlike(http_get_auth('/', 'apr1', '123'), qr!SEETHIS!, 'apr1 md5 wrong'); +unlike(http_get_auth('/', 'plain', '123'), qr!SEETHIS!, 'plain wrong'); +unlike(http_get_auth('/', 'ssha', '123'), qr!SEETHIS!, 'ssha wrong'); + +############################################################################### + +sub http_get_auth { + my ($url, $user, $password) = @_; + + my $auth = encode_base64($user . ':' . $password); + + my $r = http(<