1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27 package org.apache.hc.client5.http.impl.auth;
28
29 import java.util.LinkedList;
30 import java.util.Queue;
31
32 import org.apache.hc.client5.http.auth.AuthExchange;
33 import org.apache.hc.client5.http.auth.AuthScheme;
34 import org.apache.hc.client5.http.auth.AuthSchemeFactory;
35 import org.apache.hc.client5.http.auth.AuthScope;
36 import org.apache.hc.client5.http.auth.AuthStateCacheable;
37 import org.apache.hc.client5.http.auth.AuthenticationException;
38 import org.apache.hc.client5.http.auth.ChallengeType;
39 import org.apache.hc.client5.http.auth.Credentials;
40 import org.apache.hc.client5.http.auth.CredentialsProvider;
41 import org.apache.hc.client5.http.auth.StandardAuthScheme;
42 import org.apache.hc.client5.http.auth.UsernamePasswordCredentials;
43 import org.apache.hc.client5.http.impl.DefaultAuthenticationStrategy;
44 import org.apache.hc.client5.http.protocol.HttpClientContext;
45 import org.apache.hc.core5.http.HttpHeaders;
46 import org.apache.hc.core5.http.HttpHost;
47 import org.apache.hc.core5.http.HttpRequest;
48 import org.apache.hc.core5.http.HttpResponse;
49 import org.apache.hc.core5.http.HttpStatus;
50 import org.apache.hc.core5.http.config.Lookup;
51 import org.apache.hc.core5.http.config.RegistryBuilder;
52 import org.apache.hc.core5.http.message.BasicHeader;
53 import org.apache.hc.core5.http.message.BasicHttpRequest;
54 import org.apache.hc.core5.http.message.BasicHttpResponse;
55 import org.apache.hc.core5.http.protocol.HttpContext;
56 import org.junit.jupiter.api.Assertions;
57 import org.junit.jupiter.api.BeforeEach;
58 import org.junit.jupiter.api.Test;
59 import org.mockito.Answers;
60 import org.mockito.Mockito;
61
62 @SuppressWarnings({"boxing","static-access"})
63 public class TestHttpAuthenticator {
64
65 @AuthStateCacheable
66 abstract class CacheableAuthState implements AuthScheme {
67
68 @Override
69 public String getName() {
70 return StandardAuthScheme.BASIC;
71 }
72
73 }
74
75 private AuthExchange authExchange;
76 private CacheableAuthState authScheme;
77 private HttpClientContext context;
78 private HttpHost defaultHost;
79 private CredentialsProvider credentialsProvider;
80 private Lookup<AuthSchemeFactory> authSchemeRegistry;
81 private HttpAuthenticator httpAuthenticator;
82
83 @BeforeEach
84 public void setUp() throws Exception {
85 this.authExchange = new AuthExchange();
86 this.authScheme = Mockito.mock(CacheableAuthState.class, Mockito.withSettings()
87 .defaultAnswer(Answers.CALLS_REAL_METHODS));
88 Mockito.when(this.authScheme.isChallengeComplete()).thenReturn(Boolean.TRUE);
89 this.context = HttpClientContext.create();
90 this.defaultHost = new HttpHost("localhost", 80);
91 this.credentialsProvider = Mockito.mock(CredentialsProvider.class);
92 this.context.setCredentialsProvider(this.credentialsProvider);
93 this.authSchemeRegistry = RegistryBuilder.<AuthSchemeFactory>create()
94 .register(StandardAuthScheme.BASIC, BasicSchemeFactory.INSTANCE)
95 .register(StandardAuthScheme.DIGEST, DigestSchemeFactory.INSTANCE)
96 .build();
97 this.context.setAuthSchemeRegistry(this.authSchemeRegistry);
98 this.httpAuthenticator = new HttpAuthenticator();
99 }
100
101 @Test
102 public void testUpdateAuthExchange() throws Exception {
103 final HttpResponse response = new BasicHttpResponse(HttpStatus.SC_UNAUTHORIZED, "UNAUTHORIZED");
104 response.setHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.BASIC + " realm=test");
105 Assertions.assertTrue(this.httpAuthenticator.isChallenged(
106 this.defaultHost, ChallengeType.TARGET, response, this.authExchange, this.context));
107 }
108
109 @Test
110 public void testAuthenticationRequestedAfterSuccess() throws Exception {
111 final HttpResponse response = new BasicHttpResponse(HttpStatus.SC_UNAUTHORIZED, "UNAUTHORIZED");
112 response.setHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.BASIC + " realm=test");
113
114 this.authExchange.select(this.authScheme);
115 this.authExchange.setState(AuthExchange.State.SUCCESS);
116
117 Assertions.assertTrue(this.httpAuthenticator.isChallenged(
118 this.defaultHost, ChallengeType.TARGET, response, this.authExchange, this.context));
119 }
120
121 @Test
122 public void testAuthenticationNotRequestedUnchallenged() throws Exception {
123 final HttpResponse response = new BasicHttpResponse(HttpStatus.SC_OK, "OK");
124
125 Assertions.assertFalse(this.httpAuthenticator.isChallenged(
126 this.defaultHost, ChallengeType.TARGET, response, this.authExchange, this.context));
127 Assertions.assertEquals(AuthExchange.State.UNCHALLENGED, this.authExchange.getState());
128 }
129
130 @Test
131 public void testAuthenticationNotRequestedSuccess1() throws Exception {
132 final HttpResponse response = new BasicHttpResponse(HttpStatus.SC_OK, "OK");
133 this.authExchange.select(this.authScheme);
134 this.authExchange.setState(AuthExchange.State.CHALLENGED);
135
136 Assertions.assertFalse(this.httpAuthenticator.isChallenged(
137 this.defaultHost, ChallengeType.TARGET, response, this.authExchange, this.context));
138 Assertions.assertEquals(AuthExchange.State.SUCCESS, this.authExchange.getState());
139 }
140
141 @Test
142 public void testAuthenticationNotRequestedSuccess2() throws Exception {
143 final HttpResponse response = new BasicHttpResponse(HttpStatus.SC_OK, "OK");
144 this.authExchange.select(this.authScheme);
145 this.authExchange.setState(AuthExchange.State.HANDSHAKE);
146
147 Assertions.assertFalse(this.httpAuthenticator.isChallenged(
148 this.defaultHost, ChallengeType.TARGET, response, this.authExchange, this.context));
149 Assertions.assertEquals(AuthExchange.State.SUCCESS, this.authExchange.getState());
150 }
151
152 @Test
153 public void testAuthentication() throws Exception {
154 final HttpHost host = new HttpHost("somehost", 80);
155 final HttpResponse response = new BasicHttpResponse(HttpStatus.SC_UNAUTHORIZED, "UNAUTHORIZED");
156 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.BASIC + " realm=\"test\""));
157 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.DIGEST + " realm=\"realm1\", nonce=\"1234\""));
158 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, "whatever realm=\"realm1\", stuff=\"1234\""));
159
160 final Credentials credentials = new UsernamePasswordCredentials("user", "pass".toCharArray());
161 Mockito.when(this.credentialsProvider.getCredentials(Mockito.any(),
162 Mockito.any())).thenReturn(credentials);
163
164 final DefaultAuthenticationStrategy authStrategy = new DefaultAuthenticationStrategy();
165
166 Assertions.assertTrue(this.httpAuthenticator.updateAuthState(host, ChallengeType.TARGET, response, authStrategy,
167 this.authExchange, this.context));
168 Assertions.assertEquals(AuthExchange.State.CHALLENGED, this.authExchange.getState());
169
170 final Queue<AuthScheme> options = this.authExchange.getAuthOptions();
171 Assertions.assertNotNull(options);
172 final AuthScheme authScheme1 = options.poll();
173 Assertions.assertNotNull(authScheme1);
174 Assertions.assertEquals(StandardAuthScheme.DIGEST, authScheme1.getName());
175 final AuthScheme authScheme2 = options.poll();
176 Assertions.assertNotNull(authScheme2);
177 Assertions.assertEquals(StandardAuthScheme.BASIC, authScheme2.getName());
178 Assertions.assertNull(options.poll());
179 }
180
181 @Test
182 public void testAuthenticationCredentialsForBasic() throws Exception {
183 final HttpHost host = new HttpHost("somehost", 80);
184 final HttpResponse response =
185 new BasicHttpResponse(HttpStatus.SC_UNAUTHORIZED, "UNAUTHORIZED");
186 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.BASIC + " realm=\"test\""));
187 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.DIGEST + " realm=\"realm1\", nonce=\"1234\""));
188
189 final Credentials credentials = new UsernamePasswordCredentials("user", "pass".toCharArray());
190 Mockito.when(this.credentialsProvider.getCredentials(Mockito.eq(new AuthScope(host, "test", StandardAuthScheme.BASIC)),
191 Mockito.any())).thenReturn(credentials);
192
193 final DefaultAuthenticationStrategy authStrategy = new DefaultAuthenticationStrategy();
194
195 Assertions.assertTrue(this.httpAuthenticator.updateAuthState(host, ChallengeType.TARGET, response, authStrategy,
196 this.authExchange, this.context));
197 Assertions.assertEquals(AuthExchange.State.CHALLENGED, this.authExchange.getState());
198
199 final Queue<AuthScheme> options = this.authExchange.getAuthOptions();
200 Assertions.assertNotNull(options);
201 final AuthScheme authScheme1 = options.poll();
202 Assertions.assertNotNull(authScheme1);
203 Assertions.assertEquals(StandardAuthScheme.BASIC, authScheme1.getName());
204 Assertions.assertNull(options.poll());
205 }
206
207 @Test
208 public void testAuthenticationNoChallenges() throws Exception {
209 final HttpHost host = new HttpHost("somehost", 80);
210 final HttpResponse response = new BasicHttpResponse(HttpStatus.SC_UNAUTHORIZED, "UNAUTHORIZED");
211
212 final DefaultAuthenticationStrategy authStrategy = new DefaultAuthenticationStrategy();
213
214 Assertions.assertFalse(this.httpAuthenticator.updateAuthState(
215 host, ChallengeType.TARGET, response, authStrategy, this.authExchange, this.context));
216 }
217
218 @Test
219 public void testAuthenticationNoSupportedChallenges() throws Exception {
220 final HttpHost host = new HttpHost("somehost", 80);
221 final HttpResponse response = new BasicHttpResponse(HttpStatus.SC_UNAUTHORIZED, "UNAUTHORIZED");
222 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, "This realm=\"test\""));
223 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, "That realm=\"realm1\", nonce=\"1234\""));
224
225 final DefaultAuthenticationStrategy authStrategy = new DefaultAuthenticationStrategy();
226
227 Assertions.assertFalse(this.httpAuthenticator.updateAuthState(
228 host, ChallengeType.TARGET, response, authStrategy, this.authExchange, this.context));
229 }
230
231 @Test
232 public void testAuthenticationNoCredentials() throws Exception {
233 final HttpHost host = new HttpHost("somehost", 80);
234 final HttpResponse response = new BasicHttpResponse(HttpStatus.SC_UNAUTHORIZED, "UNAUTHORIZED");
235 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.BASIC + " realm=\"test\""));
236 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.DIGEST + " realm=\"realm1\", nonce=\"1234\""));
237
238 final DefaultAuthenticationStrategy authStrategy = new DefaultAuthenticationStrategy();
239
240 Assertions.assertFalse(this.httpAuthenticator.updateAuthState(
241 host, ChallengeType.TARGET, response, authStrategy, this.authExchange, this.context));
242 }
243
244 @Test
245 public void testAuthenticationFailed() throws Exception {
246 final HttpHost host = new HttpHost("somehost", 80);
247 final HttpResponse response = new BasicHttpResponse(HttpStatus.SC_UNAUTHORIZED, "UNAUTHORIZED");
248 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.BASIC + " realm=\"test\""));
249 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.DIGEST + " realm=\"realm1\", nonce=\"1234\""));
250
251 this.authExchange.setState(AuthExchange.State.CHALLENGED);
252 this.authExchange.select(this.authScheme);
253
254 final DefaultAuthenticationStrategy authStrategy = new DefaultAuthenticationStrategy();
255
256 Assertions.assertFalse(this.httpAuthenticator.updateAuthState(
257 host, ChallengeType.TARGET, response, authStrategy, this.authExchange, this.context));
258
259 Assertions.assertEquals(AuthExchange.State.FAILURE, this.authExchange.getState());
260 }
261
262 @Test
263 public void testAuthenticationFailedPreviously() throws Exception {
264 final HttpHost host = new HttpHost("somehost", 80);
265 final HttpResponse response = new BasicHttpResponse(HttpStatus.SC_UNAUTHORIZED, "UNAUTHORIZED");
266 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.BASIC + " realm=\"test\""));
267 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.DIGEST + " realm=\"realm1\", nonce=\"1234\""));
268
269 this.authExchange.setState(AuthExchange.State.FAILURE);
270
271 final DefaultAuthenticationStrategy authStrategy = new DefaultAuthenticationStrategy();
272
273 Assertions.assertFalse(this.httpAuthenticator.updateAuthState(
274 host, ChallengeType.TARGET, response, authStrategy, this.authExchange, this.context));
275
276 Assertions.assertEquals(AuthExchange.State.FAILURE, this.authExchange.getState());
277 }
278
279 @Test
280 public void testAuthenticationFailure() throws Exception {
281 final HttpHost host = new HttpHost("somehost", 80);
282 final HttpResponse response = new BasicHttpResponse(HttpStatus.SC_UNAUTHORIZED, "UNAUTHORIZED");
283 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.BASIC + " realm=\"test\""));
284 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.DIGEST + " realm=\"realm1\", nonce=\"1234\""));
285 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, "whatever realm=\"realm1\", stuff=\"1234\""));
286
287 final DefaultAuthenticationStrategy authStrategy = new DefaultAuthenticationStrategy();
288
289 this.authExchange.setState(AuthExchange.State.CHALLENGED);
290 this.authExchange.select(new BasicScheme());
291
292 Assertions.assertFalse(this.httpAuthenticator.updateAuthState(
293 host, ChallengeType.TARGET, response, authStrategy, this.authExchange, this.context));
294 Assertions.assertEquals(AuthExchange.State.FAILURE, this.authExchange.getState());
295 }
296
297 @Test
298 public void testAuthenticationHandshaking() throws Exception {
299 final HttpHost host = new HttpHost("somehost", 80);
300 final HttpResponse response = new BasicHttpResponse(HttpStatus.SC_UNAUTHORIZED, "UNAUTHORIZED");
301 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.BASIC + " realm=\"test\""));
302 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.DIGEST + " realm=\"realm1\", stale=true, nonce=\"1234\""));
303 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, "whatever realm=\"realm1\", stuff=\"1234\""));
304
305 final DefaultAuthenticationStrategy authStrategy = new DefaultAuthenticationStrategy();
306
307 this.authExchange.setState(AuthExchange.State.CHALLENGED);
308 this.authExchange.select(new DigestScheme());
309
310 Assertions.assertTrue(this.httpAuthenticator.updateAuthState(
311 host, ChallengeType.TARGET, response, authStrategy, this.authExchange, this.context));
312
313 Assertions.assertEquals(AuthExchange.State.HANDSHAKE, this.authExchange.getState());
314 }
315
316 @Test
317 public void testAuthenticationNoMatchingChallenge() throws Exception {
318 final HttpHost host = new HttpHost("somehost", 80);
319 final HttpResponse response = new BasicHttpResponse(HttpStatus.SC_UNAUTHORIZED, "UNAUTHORIZED");
320 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.DIGEST + " realm=\"realm1\", nonce=\"1234\""));
321 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, "whatever realm=\"realm1\", stuff=\"1234\""));
322
323 final Credentials credentials = new UsernamePasswordCredentials("user", "pass".toCharArray());
324 Mockito.when(this.credentialsProvider.getCredentials(Mockito.eq(new AuthScope(host, "realm1", StandardAuthScheme.DIGEST)),
325 Mockito.any())).thenReturn(credentials);
326
327 final DefaultAuthenticationStrategy authStrategy = new DefaultAuthenticationStrategy();
328
329 this.authExchange.setState(AuthExchange.State.CHALLENGED);
330 this.authExchange.select(new BasicScheme());
331
332 Assertions.assertTrue(this.httpAuthenticator.updateAuthState(
333 host, ChallengeType.TARGET, response, authStrategy, this.authExchange, this.context));
334 Assertions.assertEquals(AuthExchange.State.CHALLENGED, this.authExchange.getState());
335
336 final Queue<AuthScheme> options = this.authExchange.getAuthOptions();
337 Assertions.assertNotNull(options);
338 final AuthScheme authScheme1 = options.poll();
339 Assertions.assertNotNull(authScheme1);
340 Assertions.assertEquals(StandardAuthScheme.DIGEST, authScheme1.getName());
341 Assertions.assertNull(options.poll());
342 }
343
344 @Test
345 public void testAuthenticationException() throws Exception {
346 final HttpHost host = new HttpHost("somehost", 80);
347 final HttpResponse response = new BasicHttpResponse(HttpStatus.SC_UNAUTHORIZED, "UNAUTHORIZED");
348 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, "blah blah blah"));
349
350 this.authExchange.setState(AuthExchange.State.CHALLENGED);
351
352 final DefaultAuthenticationStrategy authStrategy = new DefaultAuthenticationStrategy();
353
354 Assertions.assertFalse(this.httpAuthenticator.updateAuthState(
355 host, ChallengeType.TARGET, response, authStrategy, this.authExchange, this.context));
356
357 Assertions.assertEquals(AuthExchange.State.UNCHALLENGED, this.authExchange.getState());
358 Assertions.assertNull(this.authExchange.getAuthScheme());
359 }
360
361 @Test
362 public void testAuthFailureState() throws Exception {
363 final HttpRequest request = new BasicHttpRequest("GET", "/");
364 this.authExchange.setState(AuthExchange.State.FAILURE);
365 this.authExchange.select(this.authScheme);
366
367 this.httpAuthenticator.addAuthResponse(defaultHost, ChallengeType.TARGET, request, authExchange, context);
368
369 Assertions.assertFalse(request.containsHeader(HttpHeaders.AUTHORIZATION));
370
371 Mockito.verify(this.authScheme, Mockito.never()).generateAuthResponse(
372 Mockito.eq(defaultHost),
373 Mockito.any(HttpRequest.class),
374 Mockito.any(HttpContext.class));
375 }
376
377 @Test
378 public void testAuthChallengeStateNoOption() throws Exception {
379 final HttpRequest request = new BasicHttpRequest("GET", "/");
380 this.authExchange.setState(AuthExchange.State.CHALLENGED);
381 this.authExchange.select(this.authScheme);
382
383 Mockito.when(this.authScheme.generateAuthResponse(
384 Mockito.eq(defaultHost),
385 Mockito.any(HttpRequest.class),
386 Mockito.any(HttpContext.class))).thenReturn("stuff");
387
388 this.httpAuthenticator.addAuthResponse(defaultHost, ChallengeType.TARGET, request, authExchange, context);
389
390 Assertions.assertTrue(request.containsHeader(HttpHeaders.AUTHORIZATION));
391 }
392
393 @Test
394 public void testAuthChallengeStateOneOptions() throws Exception {
395 final HttpRequest request = new BasicHttpRequest("GET", "/");
396 this.authExchange.setState(AuthExchange.State.CHALLENGED);
397 final LinkedList<AuthScheme> authOptions = new LinkedList<>();
398 authOptions.add(this.authScheme);
399 this.authExchange.setOptions(authOptions);
400
401 Mockito.when(this.authScheme.generateAuthResponse(
402 Mockito.eq(defaultHost),
403 Mockito.any(HttpRequest.class),
404 Mockito.any(HttpContext.class))).thenReturn("stuff");
405
406 this.httpAuthenticator.addAuthResponse(defaultHost, ChallengeType.TARGET, request, authExchange, context);
407
408 Assertions.assertSame(this.authScheme, this.authExchange.getAuthScheme());
409 Assertions.assertNull(this.authExchange.getAuthOptions());
410
411 Assertions.assertTrue(request.containsHeader(HttpHeaders.AUTHORIZATION));
412 }
413
414 @Test
415 public void testAuthChallengeStateMultipleOption() throws Exception {
416 final HttpRequest request = new BasicHttpRequest("GET", "/");
417 this.authExchange.setState(AuthExchange.State.CHALLENGED);
418
419 final LinkedList<AuthScheme> authOptions = new LinkedList<>();
420 final AuthScheme authScheme1 = Mockito.mock(AuthScheme.class);
421 Mockito.doThrow(new AuthenticationException()).when(authScheme1).generateAuthResponse(
422 Mockito.eq(defaultHost),
423 Mockito.any(HttpRequest.class),
424 Mockito.any(HttpContext.class));
425 final AuthScheme authScheme2 = Mockito.mock(AuthScheme.class);
426 Mockito.when(authScheme2.generateAuthResponse(
427 Mockito.eq(defaultHost),
428 Mockito.any(HttpRequest.class),
429 Mockito.any(HttpContext.class))).thenReturn("stuff");
430 authOptions.add(authScheme1);
431 authOptions.add(authScheme2);
432 this.authExchange.setOptions(authOptions);
433
434 this.httpAuthenticator.addAuthResponse(defaultHost, ChallengeType.TARGET, request, authExchange, context);
435
436 Assertions.assertSame(authScheme2, this.authExchange.getAuthScheme());
437 Assertions.assertNull(this.authExchange.getAuthOptions());
438
439 Assertions.assertTrue(request.containsHeader(HttpHeaders.AUTHORIZATION));
440 }
441
442 @Test
443 public void testAuthSuccess() throws Exception {
444 final HttpRequest request = new BasicHttpRequest("GET", "/");
445 this.authExchange.setState(AuthExchange.State.SUCCESS);
446 this.authExchange.select(this.authScheme);
447
448 Mockito.when(this.authScheme.isConnectionBased()).thenReturn(Boolean.FALSE);
449 Mockito.when(this.authScheme.generateAuthResponse(
450 Mockito.eq(defaultHost),
451 Mockito.any(HttpRequest.class),
452 Mockito.any(HttpContext.class))).thenReturn("stuff");
453
454 this.httpAuthenticator.addAuthResponse(defaultHost, ChallengeType.TARGET, request, authExchange, context);
455
456 Assertions.assertSame(this.authScheme, this.authExchange.getAuthScheme());
457 Assertions.assertNull(this.authExchange.getAuthOptions());
458
459 Assertions.assertTrue(request.containsHeader(HttpHeaders.AUTHORIZATION));
460 }
461
462 @Test
463 public void testAuthSuccessConnectionBased() throws Exception {
464 final HttpRequest request = new BasicHttpRequest("GET", "/");
465 this.authExchange.setState(AuthExchange.State.SUCCESS);
466 this.authExchange.select(this.authScheme);
467
468 Mockito.when(this.authScheme.isConnectionBased()).thenReturn(Boolean.TRUE);
469 Mockito.when(this.authScheme.generateAuthResponse(
470 Mockito.eq(defaultHost),
471 Mockito.any(HttpRequest.class),
472 Mockito.any(HttpContext.class))).thenReturn("stuff");
473
474 this.httpAuthenticator.addAuthResponse(defaultHost, ChallengeType.TARGET, request, authExchange, context);
475
476 Assertions.assertFalse(request.containsHeader(HttpHeaders.AUTHORIZATION));
477
478 Mockito.verify(this.authScheme, Mockito.never()).generateAuthResponse(
479 Mockito.eq(defaultHost),
480 Mockito.any(HttpRequest.class),
481 Mockito.any(HttpContext.class));
482 }
483
484 }