mirror
/
Alamofire
mirror of https://github.com/Alamofire/Alamofire.git


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197
							//
//  AuthenticationTests.swift
//
//  Copyright (c) 2014-2018 Alamofire Software Foundation (http://alamofire.org/)
//
//  Permission is hereby granted, free of charge, to any person obtaining a copy
//  of this software and associated documentation files (the "Software"), to deal
//  in the Software without restriction, including without limitation the rights
//  to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
//  copies of the Software, and to permit persons to whom the Software is
//  furnished to do so, subject to the following conditions:
//
//  The above copyright notice and this permission notice shall be included in
//  all copies or substantial portions of the Software.
//
//  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
//  IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
//  FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
//  AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
//  LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
//  OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
//  THE SOFTWARE.
//

import Alamofire
import Foundation
import XCTest

class AuthenticationTestCase: BaseTestCase {
    let user = "user"
    let password = "password"
    var urlString = ""

    var manager: SessionManager!

    override func setUp() {
        super.setUp()

        manager = SessionManager(configuration: .default)

        // Clear out credentials
        let credentialStorage = URLCredentialStorage.shared

        for (protectionSpace, credentials) in credentialStorage.allCredentials {
            for (_, credential) in credentials {
                credentialStorage.remove(credential, for: protectionSpace)
            }
        }

        // Clear out cookies
        let cookieStorage = HTTPCookieStorage.shared
        cookieStorage.cookies?.forEach { cookieStorage.deleteCookie($0) }
    }
}

// MARK: -

class BasicAuthenticationTestCase: AuthenticationTestCase {
    override func setUp() {
        super.setUp()
        urlString = "https://httpbin.org/basic-auth/\(user)/\(password)"
    }

    func testHTTPBasicAuthenticationWithInvalidCredentials() {
        // Given
        let expectation = self.expectation(description: "\(urlString) 401")

        var response: DataResponse<Data?>?

        // When
        manager.request(urlString)
            .authenticate(withUsername: "invalid", password: "credentials")
            .response { resp in
                response = resp
                expectation.fulfill()
            }

        waitForExpectations(timeout: timeout, handler: nil)

        // Then
        XCTAssertNotNil(response?.request)
        XCTAssertNotNil(response?.response)
        XCTAssertEqual(response?.response?.statusCode, 401)
        // TODO: What data was there before?
        XCTAssertNil(response?.data)
        XCTAssertNil(response?.error)
    }

    func testHTTPBasicAuthenticationWithValidCredentials() {
        // Given
        let expectation = self.expectation(description: "\(urlString) 200")

        var response: DataResponse<Data?>?

        // When
        manager.request(urlString)
            .authenticate(withUsername: user, password: password)
            .response { resp in
                response = resp
                expectation.fulfill()
            }

        waitForExpectations(timeout: timeout, handler: nil)

        // Then
        XCTAssertNotNil(response?.request)
        XCTAssertNotNil(response?.response)
        XCTAssertEqual(response?.response?.statusCode, 200)
        XCTAssertNotNil(response?.data)
        XCTAssertNil(response?.error)
    }
    // TODO: How did this test work, this returns an initial 404?
//    func testHiddenHTTPBasicAuthentication() {
//        // Given
//        let urlString = "http://httpbin.org/hidden-basic-auth/\(user)/\(password)"
//        let expectation = self.expectation(description: "\(urlString) 200")
//        let headers = HTTPHeaders.authorization(withUsername: user, password: password)
//
//        var response: DataResponse<Data?>?
//
//        // When
//        manager.request(urlString, headers: headers)
//            .response { resp in
//                response = resp
//                expectation.fulfill()
//            }
//
//        waitForExpectations(timeout: timeout, handler: nil)
//
//        // Then
//        XCTAssertNotNil(response?.request)
//        XCTAssertNotNil(response?.response)
//        XCTAssertEqual(response?.response?.statusCode, 200)
//        XCTAssertNotNil(response?.data)
//        XCTAssertNil(response?.error)
//    }
}

// MARK: -

class HTTPDigestAuthenticationTestCase: AuthenticationTestCase {
    let qop = "auth"

    override func setUp() {
        super.setUp()
        urlString = "https://httpbin.org/digest-auth/\(qop)/\(user)/\(password)"
    }

    func testHTTPDigestAuthenticationWithInvalidCredentials() {
        // Given
        let expectation = self.expectation(description: "\(urlString) 401")

        var response: DataResponse<Data?>?

        // When
        manager.request(urlString)
            .authenticate(withUsername: "invalid", password: "credentials")
            .response { resp in
                response = resp
                expectation.fulfill()
            }

        waitForExpectations(timeout: timeout, handler: nil)

        // Then
        XCTAssertNotNil(response?.request)
        XCTAssertNotNil(response?.response)
        XCTAssertEqual(response?.response?.statusCode, 401)
        // TODO: What data was there before, failing auth should return an empty body?
        XCTAssertNil(response?.data)
        XCTAssertNil(response?.error)
    }

    func testHTTPDigestAuthenticationWithValidCredentials() {
        // Given
        let expectation = self.expectation(description: "\(urlString) 200")

        var response: DataResponse<Data?>?

        // When
        manager.request(urlString)
            .authenticate(withUsername: user, password: password)
            .response { resp in
                response = resp
                expectation.fulfill()
            }

        waitForExpectations(timeout: timeout, handler: nil)

        // Then
        XCTAssertNotNil(response?.request)
        XCTAssertNotNil(response?.response)
        XCTAssertEqual(response?.response?.statusCode, 200)
        XCTAssertNotNil(response?.data)
        XCTAssertNil(response?.error)
    }
}