openethereum/dapps/src/tests/authorization.rs

// Copyright 2015, 2016 Ethcore (UK) Ltd.
// This file is part of Parity.

// Parity is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.

// Parity is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.

// You should have received a copy of the GNU General Public License
// along with Parity.  If not, see <http://www.gnu.org/licenses/>.

use tests::helpers::{serve_with_auth, request};

#[test]
fn should_require_authorization() {
	// given
	let server = serve_with_auth("test", "test");

	// when
	let response = request(server,
		"\
			GET / HTTP/1.1\r\n\
			Host: 127.0.0.1:8080\r\n\
			Connection: close\r\n\
			\r\n\
		"
	);

	// then
	assert_eq!(response.status, "HTTP/1.1 401 Unauthorized".to_owned());
	assert_eq!(response.headers.get(0).unwrap(), "WWW-Authenticate: Basic realm=\"Parity\"");
}

#[test]
fn should_reject_on_invalid_auth() {
	// given
	let server = serve_with_auth("test", "test");

	// when
	let response = request(server,
		"\
			GET / HTTP/1.1\r\n\
			Host: 127.0.0.1:8080\r\n\
			Connection: close\r\n\
			Authorization: Basic QWxhZGRpbjpPcGVuU2VzYW1l\r\n
			\r\n\
		"
	);

	// then
	assert_eq!(response.status, "HTTP/1.1 401 Unauthorized".to_owned());
	assert!(response.body.contains("Unauthorized"), response.body);
	assert_eq!(response.headers_raw.contains("WWW-Authenticate"), false);
}

#[test]
fn should_allow_on_valid_auth() {
	// given
	let server = serve_with_auth("Aladdin", "OpenSesame");

	// when
	let response = request(server,
		"\
			GET /home/ HTTP/1.1\r\n\
			Host: 127.0.0.1:8080\r\n\
			Connection: close\r\n\
			Authorization: Basic QWxhZGRpbjpPcGVuU2VzYW1l\r\n
			\r\n\
		"
	);

	// then
	assert_eq!(response.status, "HTTP/1.1 200 OK".to_owned());
}
Fixing redirection. Adding tests 2016-08-30 16:05:18 +02:00			`// Copyright 2015, 2016 Ethcore (UK) Ltd.`
			`// This file is part of Parity.`

			`// Parity is free software: you can redistribute it and/or modify`
			`// it under the terms of the GNU General Public License as published by`
			`// the Free Software Foundation, either version 3 of the License, or`
			`// (at your option) any later version.`

			`// Parity is distributed in the hope that it will be useful,`
			`// but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`// GNU General Public License for more details.`

			`// You should have received a copy of the GNU General Public License`
			`// along with Parity. If not, see <http://www.gnu.org/licenses/>.`

			`use tests::helpers::{serve_with_auth, request};`

			`#[test]`
			`fn should_require_authorization() {`
			`// given`
			`let server = serve_with_auth("test", "test");`

			`// when`
			`let response = request(server,`
			`"\`
			`GET / HTTP/1.1\r\n\`
			`Host: 127.0.0.1:8080\r\n\`
			`Connection: close\r\n\`
			`\r\n\`
			`"`
			`);`

			`// then`
			`assert_eq!(response.status, "HTTP/1.1 401 Unauthorized".to_owned());`
			`assert_eq!(response.headers.get(0).unwrap(), "WWW-Authenticate: Basic realm=\"Parity\"");`
			`}`

			`#[test]`
			`fn should_reject_on_invalid_auth() {`
			`// given`
			`let server = serve_with_auth("test", "test");`

			`// when`
			`let response = request(server,`
			`"\`
			`GET / HTTP/1.1\r\n\`
			`Host: 127.0.0.1:8080\r\n\`
			`Connection: close\r\n\`
			`Authorization: Basic QWxhZGRpbjpPcGVuU2VzYW1l\r\n`
			`\r\n\`
			`"`
			`);`

			`// then`
			`assert_eq!(response.status, "HTTP/1.1 401 Unauthorized".to_owned());`
Fixign tests 2016-09-02 10:10:51 +02:00			`assert!(response.body.contains("Unauthorized"), response.body);`
Fixing redirection. Adding tests 2016-08-30 16:05:18 +02:00			`assert_eq!(response.headers_raw.contains("WWW-Authenticate"), false);`
			`}`

			`#[test]`
			`fn should_allow_on_valid_auth() {`
			`// given`
			`let server = serve_with_auth("Aladdin", "OpenSesame");`

			`// when`
			`let response = request(server,`
			`"\`
			`GET /home/ HTTP/1.1\r\n\`
			`Host: 127.0.0.1:8080\r\n\`
			`Connection: close\r\n\`
			`Authorization: Basic QWxhZGRpbjpPcGVuU2VzYW1l\r\n`
			`\r\n\`
			`"`
			`);`

			`// then`
			`assert_eq!(response.status, "HTTP/1.1 200 OK".to_owned());`
			`}`