0
|
1 #!/usr/bin/perl
|
|
2
|
|
3 # (C) Maxim Dounin
|
|
4
|
|
5 # Tests for auth request module.
|
|
6
|
|
7 ###############################################################################
|
|
8
|
|
9 use warnings;
|
|
10 use strict;
|
|
11
|
|
12 use Test::More;
|
|
13 use Test::Nginx;
|
|
14
|
|
15 ###############################################################################
|
|
16
|
|
17 select STDERR; $| = 1;
|
|
18 select STDOUT; $| = 1;
|
|
19
|
|
20 my $t = Test::Nginx->new()->has(qw/http rewrite proxy fastcgi auth_basic/)
|
|
21 ->plan(13);
|
|
22
|
|
23 $t->write_file_expand('nginx.conf', <<'EOF');
|
|
24
|
|
25 master_process off;
|
|
26 daemon off;
|
|
27
|
|
28 events {
|
|
29 }
|
|
30
|
|
31 http {
|
|
32 %%TEST_GLOBALS_HTTP%%
|
|
33
|
|
34 server {
|
|
35 listen 127.0.0.1:8080;
|
|
36 server_name localhost;
|
|
37
|
|
38 location / {
|
|
39 return 444;
|
|
40 }
|
|
41
|
|
42 location /open {
|
|
43 auth_request /auth-open;
|
|
44 }
|
|
45 location = /auth-open {
|
|
46 return 204;
|
|
47 }
|
|
48
|
|
49 location /open-static {
|
|
50 auth_request /auth-open-static;
|
|
51 }
|
|
52 location = /auth-open-static {
|
|
53 # nothing, use static file
|
|
54 }
|
|
55
|
|
56 location /unauthorized {
|
|
57 auth_request /auth-unauthorized;
|
|
58 }
|
|
59 location = /auth-unauthorized {
|
|
60 return 401;
|
|
61 }
|
|
62
|
|
63 location /forbidden {
|
|
64 auth_request /auth-forbidden;
|
|
65 }
|
|
66 location = /auth-forbidden {
|
|
67 return 403;
|
|
68 }
|
|
69
|
|
70 location /error {
|
|
71 auth_request /auth-error;
|
|
72 }
|
|
73 location = /auth-error {
|
|
74 return 404;
|
|
75 }
|
|
76
|
|
77 location /proxy {
|
|
78 auth_request /auth-proxy;
|
|
79 }
|
|
80 location = /auth-proxy {
|
|
81 proxy_pass http://127.0.0.1:8080/auth-basic;
|
|
82 }
|
|
83 location = /auth-basic {
|
|
84 auth_basic "restricted";
|
|
85 auth_basic_user_file %%TESTDIR%%/htpasswd;
|
|
86 }
|
|
87
|
|
88 location /fastcgi {
|
|
89 auth_request /auth-fastcgi;
|
|
90 }
|
|
91 location = /auth-fastcgi {
|
|
92 fastcgi_pass 127.0.0.1:8081;
|
|
93 }
|
|
94 }
|
|
95 }
|
|
96
|
|
97 EOF
|
|
98
|
|
99 $t->write_file('htpasswd', 'user:zz1T8N4tWvmbE' . "\n");
|
|
100 $t->write_file('auth-basic', 'INVISIBLE');
|
|
101 $t->write_file('auth-open-static', 'INVISIBLE');
|
|
102 $t->run();
|
|
103
|
|
104 ###############################################################################
|
|
105
|
|
106 pass('runs');
|
|
107
|
|
108 like(http_get('/open'), qr/ 404 /, 'auth open');
|
|
109 like(http_get('/unauthorized'), qr/ 401 /, 'auth unauthorized');
|
|
110 like(http_get('/forbidden'), qr/ 403 /, 'auth forbidden');
|
|
111 like(http_get('/error'), qr/ 500 /, 'auth error');
|
|
112
|
|
113 like(http_get('/open-static'), qr/ 404 /, 'auth open static');
|
|
114 unlike(http_get('/open-static'), qr/INVISIBLE/, 'auth static no content');
|
|
115
|
|
116 like(http_get('/proxy'), qr/ 401 /, 'proxy auth unauthorized');
|
|
117 like(http_get('/proxy'), qr/WWW-Authenticate: Basic realm="restricted"/,
|
|
118 'proxy auth has www-authenticate');
|
|
119 like(http_get_auth('/proxy'), qr/ 404 /, 'proxy auth pass');
|
|
120 unlike(http_get_auth('/proxy'), qr/INVISIBLE/, 'proxy auth no content');
|
|
121
|
|
122 SKIP: {
|
|
123 eval { require FCGI; };
|
|
124 skip 'FCGI not installed', 2 if $@;
|
|
125
|
|
126 $t->run_daemon(\&fastcgi_daemon);
|
|
127 $t->waitforsocket('127.0.0.1:8081');
|
|
128
|
|
129 like(http_get('/fastcgi'), qr/ 404 /, 'fastcgi auth open');
|
|
130 unlike(http_get('/fastcgi'), qr/INVISIBLE/, 'fastcgi auth no content');
|
|
131 }
|
|
132
|
|
133 ###############################################################################
|
|
134
|
|
135 sub http_get_auth {
|
|
136 my ($url, %extra) = @_;
|
|
137 return http(<<EOF, %extra);
|
|
138 GET $url HTTP/1.0
|
|
139 Host: localhost
|
|
140 Authorization: Basic dXNlcjpzZWNyZXQ=
|
|
141
|
|
142 EOF
|
|
143 }
|
|
144
|
|
145 ###############################################################################
|
|
146
|
|
147 sub fastcgi_daemon {
|
|
148 my $socket = FCGI::OpenSocket('127.0.0.1:8081', 5);
|
|
149 my $request = FCGI::Request(\*STDIN, \*STDOUT, \*STDERR, \%ENV,
|
|
150 $socket);
|
|
151
|
|
152 while ($request->Accept() >= 0) {
|
|
153 print <<EOF;
|
|
154 Content-Type: text/html
|
|
155
|
|
156 INVISIBLE
|
|
157 EOF
|
|
158 }
|
|
159
|
|
160 FCGI::CloseSocket($socket);
|
|
161 }
|
|
162
|
|
163 ###############################################################################
|