| 1 | var needle = require('../'),
|
|---|
| 2 | auth = require('../lib/auth'),
|
|---|
| 3 | sinon = require('sinon'),
|
|---|
| 4 | should = require('should'),
|
|---|
| 5 | http = require('http'),
|
|---|
| 6 | helpers = require('./helpers');
|
|---|
| 7 |
|
|---|
| 8 | var createHash = require('crypto').createHash;
|
|---|
| 9 |
|
|---|
| 10 | function md5(string) {
|
|---|
| 11 | return createHash('md5').update(string).digest('hex');
|
|---|
| 12 | }
|
|---|
| 13 |
|
|---|
| 14 | function parse_header(header) {
|
|---|
| 15 | var challenge = {},
|
|---|
| 16 | matches = header.match(/([a-z0-9_-]+)="?([a-z0-9=\/\.@\s-\+]+)"?/gi);
|
|---|
| 17 |
|
|---|
| 18 | for (var i = 0, l = matches.length; i < l; i++) {
|
|---|
| 19 | var parts = matches[i].split('='),
|
|---|
| 20 | key = parts.shift(),
|
|---|
| 21 | val = parts.join('=').replace(/^"/, '').replace(/"$/, '');
|
|---|
| 22 |
|
|---|
| 23 | challenge[key] = val;
|
|---|
| 24 | }
|
|---|
| 25 |
|
|---|
| 26 | return challenge;
|
|---|
| 27 | }
|
|---|
| 28 |
|
|---|
| 29 | describe('auth_digest', function() {
|
|---|
| 30 | describe('With qop (RFC 2617)', function() {
|
|---|
| 31 | it('should generate a proper header', function() {
|
|---|
| 32 | // from https://tools.ietf.org/html/rfc2617
|
|---|
| 33 | var performDigest = function() {
|
|---|
| 34 | var header = 'Digest realm="testrealm@host.com", qop="auth,auth-int", nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093", opaque="5ccc069c403ebaf9f0171e9517f40e41"';
|
|---|
| 35 | var user = 'Mufasa';
|
|---|
| 36 | var pass = 'Circle Of Life';
|
|---|
| 37 | var method = 'get';
|
|---|
| 38 | var path = '/dir/index.html';
|
|---|
| 39 |
|
|---|
| 40 | var updatedHeader = auth.digest(header, user, pass, method, path);
|
|---|
| 41 | var parsedUpdatedHeader = parse_header(updatedHeader);
|
|---|
| 42 |
|
|---|
| 43 | var ha1 = md5(user + ':' + parsedUpdatedHeader.realm + ':' + pass);
|
|---|
| 44 | var ha2 = md5(method.toUpperCase() + ':' + path);
|
|---|
| 45 | var expectedResponse = md5([
|
|---|
| 46 | ha1,
|
|---|
| 47 | parsedUpdatedHeader.nonce,
|
|---|
| 48 | parsedUpdatedHeader.nc,
|
|---|
| 49 | parsedUpdatedHeader.cnonce,
|
|---|
| 50 | parsedUpdatedHeader.qop,
|
|---|
| 51 | ha2
|
|---|
| 52 | ].join(':'));
|
|---|
| 53 |
|
|---|
| 54 | return {
|
|---|
| 55 | header: updatedHeader,
|
|---|
| 56 | parsed: parsedUpdatedHeader,
|
|---|
| 57 | expectedResponse: expectedResponse,
|
|---|
| 58 | }
|
|---|
| 59 | }
|
|---|
| 60 |
|
|---|
| 61 | const result = performDigest();
|
|---|
| 62 |
|
|---|
| 63 | (result.header).should
|
|---|
| 64 | .match(/qop="auth"/)
|
|---|
| 65 | .match(/uri="\/dir\/index.html"/)
|
|---|
| 66 | .match(/opaque="5ccc069c403ebaf9f0171e9517f40e41"/)
|
|---|
| 67 | .match(/realm="testrealm@host\.com"/)
|
|---|
| 68 | .match(/response=/)
|
|---|
| 69 | .match(/nc=/)
|
|---|
| 70 | .match(/nonce=/)
|
|---|
| 71 | .match(/cnonce=/);
|
|---|
| 72 |
|
|---|
| 73 | (result.parsed.response).should.be.eql(result.expectedResponse);
|
|---|
| 74 | });
|
|---|
| 75 | });
|
|---|
| 76 |
|
|---|
| 77 | describe('With plus character in nonce header', function() {
|
|---|
| 78 | it('should generate a proper header', function() {
|
|---|
| 79 | // from https://tools.ietf.org/html/rfc2617
|
|---|
| 80 | var performDigest = function() {
|
|---|
| 81 | var header = 'Digest realm="testrealm@host.com", qop="auth,auth-int", nonce="dcd98b7102dd2f0e8b11d0f6+00bfb0c093", opaque="5ccc069c403ebaf9f0171e9517f40e41"';
|
|---|
| 82 | var user = 'Mufasa';
|
|---|
| 83 | var pass = 'Circle Of Life';
|
|---|
| 84 | var method = 'get';
|
|---|
| 85 | var path = '/dir/index.html';
|
|---|
| 86 |
|
|---|
| 87 | var updatedHeader = auth.digest(header, user, pass, method, path);
|
|---|
| 88 | var parsedUpdatedHeader = parse_header(updatedHeader);
|
|---|
| 89 |
|
|---|
| 90 | var ha1 = md5(user + ':' + parsedUpdatedHeader.realm + ':' + pass);
|
|---|
| 91 | var ha2 = md5(method.toUpperCase() + ':' + path);
|
|---|
| 92 | var expectedResponse = md5([
|
|---|
| 93 | ha1,
|
|---|
| 94 | parsedUpdatedHeader.nonce,
|
|---|
| 95 | parsedUpdatedHeader.nc,
|
|---|
| 96 | parsedUpdatedHeader.cnonce,
|
|---|
| 97 | parsedUpdatedHeader.qop,
|
|---|
| 98 | ha2
|
|---|
| 99 | ].join(':'));
|
|---|
| 100 |
|
|---|
| 101 | return {
|
|---|
| 102 | header: updatedHeader,
|
|---|
| 103 | parsed: parsedUpdatedHeader,
|
|---|
| 104 | expectedResponse: expectedResponse,
|
|---|
| 105 | }
|
|---|
| 106 | }
|
|---|
| 107 |
|
|---|
| 108 | const result = performDigest();
|
|---|
| 109 |
|
|---|
| 110 | (result.header).should
|
|---|
| 111 | .match(/nonce="dcd98b7102dd2f0e8b11d0f6\+00bfb0c093"/)
|
|---|
| 112 | });
|
|---|
| 113 | });
|
|---|
| 114 |
|
|---|
| 115 | describe('With brackets in realm header', function() {
|
|---|
| 116 | it('should generate a proper header', function() {
|
|---|
| 117 | // from https://tools.ietf.org/html/rfc2617
|
|---|
| 118 | var performDigest = function() {
|
|---|
| 119 | var header = 'Digest qop="auth", realm="IP Camera(76475)", nonce="4e4449794d575269597a706b5a575935595441324d673d3d", stale="FALSE", Basic realm="IP Camera(76475)"';
|
|---|
| 120 | var user = 'Mufasa';
|
|---|
| 121 | var pass = 'Circle Of Life';
|
|---|
| 122 | var method = 'get';
|
|---|
| 123 | var path = '/dir/index.html';
|
|---|
| 124 |
|
|---|
| 125 | var updatedHeader = auth.digest(header, user, pass, method, path);
|
|---|
| 126 | var parsedUpdatedHeader = parse_header(updatedHeader);
|
|---|
| 127 |
|
|---|
| 128 | var ha1 = md5(user + ':' + parsedUpdatedHeader.realm + ':' + pass);
|
|---|
| 129 | var ha2 = md5(method.toUpperCase() + ':' + path);
|
|---|
| 130 | var expectedResponse = md5([
|
|---|
| 131 | ha1,
|
|---|
| 132 | parsedUpdatedHeader.nonce,
|
|---|
| 133 | parsedUpdatedHeader.nc,
|
|---|
| 134 | parsedUpdatedHeader.cnonce,
|
|---|
| 135 | parsedUpdatedHeader.qop,
|
|---|
| 136 | ha2
|
|---|
| 137 | ].join(':'));
|
|---|
| 138 |
|
|---|
| 139 | return {
|
|---|
| 140 | header: updatedHeader,
|
|---|
| 141 | parsed: parsedUpdatedHeader,
|
|---|
| 142 | expectedResponse: expectedResponse,
|
|---|
| 143 | }
|
|---|
| 144 | }
|
|---|
| 145 |
|
|---|
| 146 | const result = performDigest();
|
|---|
| 147 |
|
|---|
| 148 | (result.header).should
|
|---|
| 149 | .match(/realm="IP Camera\(76475\)"/)
|
|---|
| 150 | });
|
|---|
| 151 | });
|
|---|
| 152 |
|
|---|
| 153 | describe('Without qop (RFC 2617)', function() {
|
|---|
| 154 | it('should generate a proper header', function() {
|
|---|
| 155 | // from https://tools.ietf.org/html/rfc2069
|
|---|
| 156 | var performDigest = function() {
|
|---|
| 157 | var header = 'Digest realm="testrealm@host.com", nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093", opaque="5ccc069c403ebaf9f0171e9517f40e41"';
|
|---|
| 158 | var user = 'Mufasa';
|
|---|
| 159 | var pass = 'Circle Of Life';
|
|---|
| 160 | var method = 'get';
|
|---|
| 161 | var path = '/dir/index.html';
|
|---|
| 162 |
|
|---|
| 163 | var updatedHeader = auth.digest(header, user, pass, method, path);
|
|---|
| 164 | var parsedUpdatedHeader = parse_header(updatedHeader);
|
|---|
| 165 |
|
|---|
| 166 | var ha1 = md5(user + ':' + parsedUpdatedHeader.realm + ':' + pass);
|
|---|
| 167 | var ha2 = md5(method.toUpperCase() + ':' + path);
|
|---|
| 168 | var expectedResponse = md5([ha1, parsedUpdatedHeader.nonce, ha2].join(':'));
|
|---|
| 169 |
|
|---|
| 170 | return {
|
|---|
| 171 | header: updatedHeader,
|
|---|
| 172 | parsed: parsedUpdatedHeader,
|
|---|
| 173 | expectedResponse: expectedResponse,
|
|---|
| 174 | }
|
|---|
| 175 | }
|
|---|
| 176 |
|
|---|
| 177 | const result = performDigest();
|
|---|
| 178 |
|
|---|
| 179 | (result.header).should
|
|---|
| 180 | .not.match(/qop=/)
|
|---|
| 181 | .match(/uri="\/dir\/index.html"/)
|
|---|
| 182 | .match(/opaque="5ccc069c403ebaf9f0171e9517f40e41"/)
|
|---|
| 183 | .match(/realm="testrealm@host\.com"/)
|
|---|
| 184 | .match(/response=/)
|
|---|
| 185 | .not.match(/nc=/)
|
|---|
| 186 | .match(/nonce=/)
|
|---|
| 187 | .not.match(/cnonce=/);
|
|---|
| 188 |
|
|---|
| 189 | (result.parsed.response).should.be.eql(result.expectedResponse);
|
|---|
| 190 | });
|
|---|
| 191 | });
|
|---|
| 192 | }) |
|---|
