1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27 package org.apache.hc.client5.http.impl.auth;
28
29 import java.util.LinkedList;
30 import java.util.Queue;
31
32 import org.apache.hc.client5.http.auth.AuthExchange;
33 import org.apache.hc.client5.http.auth.AuthScheme;
34 import org.apache.hc.client5.http.auth.AuthSchemeFactory;
35 import org.apache.hc.client5.http.auth.AuthScope;
36 import org.apache.hc.client5.http.auth.AuthStateCacheable;
37 import org.apache.hc.client5.http.auth.AuthenticationException;
38 import org.apache.hc.client5.http.auth.ChallengeType;
39 import org.apache.hc.client5.http.auth.Credentials;
40 import org.apache.hc.client5.http.auth.CredentialsProvider;
41 import org.apache.hc.client5.http.auth.StandardAuthScheme;
42 import org.apache.hc.client5.http.auth.UsernamePasswordCredentials;
43 import org.apache.hc.client5.http.impl.DefaultAuthenticationStrategy;
44 import org.apache.hc.client5.http.protocol.HttpClientContext;
45 import org.apache.hc.core5.http.HttpHeaders;
46 import org.apache.hc.core5.http.HttpHost;
47 import org.apache.hc.core5.http.HttpRequest;
48 import org.apache.hc.core5.http.HttpResponse;
49 import org.apache.hc.core5.http.HttpStatus;
50 import org.apache.hc.core5.http.config.Lookup;
51 import org.apache.hc.core5.http.config.RegistryBuilder;
52 import org.apache.hc.core5.http.message.BasicHeader;
53 import org.apache.hc.core5.http.message.BasicHttpRequest;
54 import org.apache.hc.core5.http.message.BasicHttpResponse;
55 import org.apache.hc.core5.http.protocol.BasicHttpContext;
56 import org.apache.hc.core5.http.protocol.HttpContext;
57 import org.junit.jupiter.api.Assertions;
58 import org.junit.jupiter.api.BeforeEach;
59 import org.junit.jupiter.api.Test;
60 import org.mockito.Answers;
61 import org.mockito.Mockito;
62
63 @SuppressWarnings({"boxing","static-access"})
64 public class TestHttpAuthenticator {
65
66 @AuthStateCacheable
67 abstract class CacheableAuthState implements AuthScheme {
68
69 @Override
70 public String getName() {
71 return StandardAuthScheme.BASIC;
72 }
73
74 }
75
76 private AuthExchange authExchange;
77 private CacheableAuthState authScheme;
78 private HttpContext context;
79 private HttpHost defaultHost;
80 private CredentialsProvider credentialsProvider;
81 private Lookup<AuthSchemeFactory> authSchemeRegistry;
82 private HttpAuthenticator httpAuthenticator;
83
84 @BeforeEach
85 public void setUp() throws Exception {
86 this.authExchange = new AuthExchange();
87 this.authScheme = Mockito.mock(CacheableAuthState.class, Mockito.withSettings()
88 .defaultAnswer(Answers.CALLS_REAL_METHODS));
89 Mockito.when(this.authScheme.isChallengeComplete()).thenReturn(Boolean.TRUE);
90 this.context = new BasicHttpContext();
91 this.defaultHost = new HttpHost("localhost", 80);
92 this.credentialsProvider = Mockito.mock(CredentialsProvider.class);
93 this.context.setAttribute(HttpClientContext.CREDS_PROVIDER, this.credentialsProvider);
94 this.authSchemeRegistry = RegistryBuilder.<AuthSchemeFactory>create()
95 .register(StandardAuthScheme.BASIC, BasicSchemeFactory.INSTANCE)
96 .register(StandardAuthScheme.DIGEST, DigestSchemeFactory.INSTANCE)
97 .build();
98 this.context.setAttribute(HttpClientContext.AUTHSCHEME_REGISTRY, this.authSchemeRegistry);
99 this.httpAuthenticator = new HttpAuthenticator();
100 }
101
102 @Test
103 public void testUpdateAuthExchange() throws Exception {
104 final HttpResponse response = new BasicHttpResponse(HttpStatus.SC_UNAUTHORIZED, "UNAUTHORIZED");
105 response.setHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.BASIC + " realm=test");
106 Assertions.assertTrue(this.httpAuthenticator.isChallenged(
107 this.defaultHost, ChallengeType.TARGET, response, this.authExchange, this.context));
108 }
109
110 @Test
111 public void testAuthenticationRequestedAfterSuccess() throws Exception {
112 final HttpResponse response = new BasicHttpResponse(HttpStatus.SC_UNAUTHORIZED, "UNAUTHORIZED");
113 response.setHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.BASIC + " realm=test");
114
115 this.authExchange.select(this.authScheme);
116 this.authExchange.setState(AuthExchange.State.SUCCESS);
117
118 Assertions.assertTrue(this.httpAuthenticator.isChallenged(
119 this.defaultHost, ChallengeType.TARGET, response, this.authExchange, this.context));
120 }
121
122 @Test
123 public void testAuthenticationNotRequestedUnchallenged() throws Exception {
124 final HttpResponse response = new BasicHttpResponse(HttpStatus.SC_OK, "OK");
125
126 Assertions.assertFalse(this.httpAuthenticator.isChallenged(
127 this.defaultHost, ChallengeType.TARGET, response, this.authExchange, this.context));
128 Assertions.assertEquals(AuthExchange.State.UNCHALLENGED, this.authExchange.getState());
129 }
130
131 @Test
132 public void testAuthenticationNotRequestedSuccess1() throws Exception {
133 final HttpResponse response = new BasicHttpResponse(HttpStatus.SC_OK, "OK");
134 this.authExchange.select(this.authScheme);
135 this.authExchange.setState(AuthExchange.State.CHALLENGED);
136
137 Assertions.assertFalse(this.httpAuthenticator.isChallenged(
138 this.defaultHost, ChallengeType.TARGET, response, this.authExchange, this.context));
139 Assertions.assertEquals(AuthExchange.State.SUCCESS, this.authExchange.getState());
140 }
141
142 @Test
143 public void testAuthenticationNotRequestedSuccess2() throws Exception {
144 final HttpResponse response = new BasicHttpResponse(HttpStatus.SC_OK, "OK");
145 this.authExchange.select(this.authScheme);
146 this.authExchange.setState(AuthExchange.State.HANDSHAKE);
147
148 Assertions.assertFalse(this.httpAuthenticator.isChallenged(
149 this.defaultHost, ChallengeType.TARGET, response, this.authExchange, this.context));
150 Assertions.assertEquals(AuthExchange.State.SUCCESS, this.authExchange.getState());
151 }
152
153 @Test
154 public void testAuthentication() throws Exception {
155 final HttpHost host = new HttpHost("somehost", 80);
156 final HttpResponse response = new BasicHttpResponse(HttpStatus.SC_UNAUTHORIZED, "UNAUTHORIZED");
157 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.BASIC + " realm=\"test\""));
158 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.DIGEST + " realm=\"realm1\", nonce=\"1234\""));
159 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, "whatever realm=\"realm1\", stuff=\"1234\""));
160
161 final Credentials credentials = new UsernamePasswordCredentials("user", "pass".toCharArray());
162 Mockito.when(this.credentialsProvider.getCredentials(Mockito.any(),
163 Mockito.any())).thenReturn(credentials);
164
165 final DefaultAuthenticationStrategy authStrategy = new DefaultAuthenticationStrategy();
166
167 Assertions.assertTrue(this.httpAuthenticator.updateAuthState(host, ChallengeType.TARGET, response, authStrategy,
168 this.authExchange, this.context));
169 Assertions.assertEquals(AuthExchange.State.CHALLENGED, this.authExchange.getState());
170
171 final Queue<AuthScheme> options = this.authExchange.getAuthOptions();
172 Assertions.assertNotNull(options);
173 final AuthScheme authScheme1 = options.poll();
174 Assertions.assertNotNull(authScheme1);
175 Assertions.assertEquals(StandardAuthScheme.DIGEST, authScheme1.getName());
176 final AuthScheme authScheme2 = options.poll();
177 Assertions.assertNotNull(authScheme2);
178 Assertions.assertEquals(StandardAuthScheme.BASIC, authScheme2.getName());
179 Assertions.assertNull(options.poll());
180 }
181
182 @Test
183 public void testAuthenticationCredentialsForBasic() throws Exception {
184 final HttpHost host = new HttpHost("somehost", 80);
185 final HttpResponse response =
186 new BasicHttpResponse(HttpStatus.SC_UNAUTHORIZED, "UNAUTHORIZED");
187 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.BASIC + " realm=\"test\""));
188 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.DIGEST + " realm=\"realm1\", nonce=\"1234\""));
189
190 final Credentials credentials = new UsernamePasswordCredentials("user", "pass".toCharArray());
191 Mockito.when(this.credentialsProvider.getCredentials(Mockito.eq(new AuthScope(host, "test", StandardAuthScheme.BASIC)),
192 Mockito.any())).thenReturn(credentials);
193
194 final DefaultAuthenticationStrategy authStrategy = new DefaultAuthenticationStrategy();
195
196 Assertions.assertTrue(this.httpAuthenticator.updateAuthState(host, ChallengeType.TARGET, response, authStrategy,
197 this.authExchange, this.context));
198 Assertions.assertEquals(AuthExchange.State.CHALLENGED, this.authExchange.getState());
199
200 final Queue<AuthScheme> options = this.authExchange.getAuthOptions();
201 Assertions.assertNotNull(options);
202 final AuthScheme authScheme1 = options.poll();
203 Assertions.assertNotNull(authScheme1);
204 Assertions.assertEquals(StandardAuthScheme.BASIC, authScheme1.getName());
205 Assertions.assertNull(options.poll());
206 }
207
208 @Test
209 public void testAuthenticationNoChallenges() throws Exception {
210 final HttpHost host = new HttpHost("somehost", 80);
211 final HttpResponse response = new BasicHttpResponse(HttpStatus.SC_UNAUTHORIZED, "UNAUTHORIZED");
212
213 final DefaultAuthenticationStrategy authStrategy = new DefaultAuthenticationStrategy();
214
215 Assertions.assertFalse(this.httpAuthenticator.updateAuthState(
216 host, ChallengeType.TARGET, response, authStrategy, this.authExchange, this.context));
217 }
218
219 @Test
220 public void testAuthenticationNoSupportedChallenges() throws Exception {
221 final HttpHost host = new HttpHost("somehost", 80);
222 final HttpResponse response = new BasicHttpResponse(HttpStatus.SC_UNAUTHORIZED, "UNAUTHORIZED");
223 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, "This realm=\"test\""));
224 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, "That realm=\"realm1\", nonce=\"1234\""));
225
226 final DefaultAuthenticationStrategy authStrategy = new DefaultAuthenticationStrategy();
227
228 Assertions.assertFalse(this.httpAuthenticator.updateAuthState(
229 host, ChallengeType.TARGET, response, authStrategy, this.authExchange, this.context));
230 }
231
232 @Test
233 public void testAuthenticationNoCredentials() throws Exception {
234 final HttpHost host = new HttpHost("somehost", 80);
235 final HttpResponse response = new BasicHttpResponse(HttpStatus.SC_UNAUTHORIZED, "UNAUTHORIZED");
236 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.BASIC + " realm=\"test\""));
237 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.DIGEST + " realm=\"realm1\", nonce=\"1234\""));
238
239 final DefaultAuthenticationStrategy authStrategy = new DefaultAuthenticationStrategy();
240
241 Assertions.assertFalse(this.httpAuthenticator.updateAuthState(
242 host, ChallengeType.TARGET, response, authStrategy, this.authExchange, this.context));
243 }
244
245 @Test
246 public void testAuthenticationFailed() throws Exception {
247 final HttpHost host = new HttpHost("somehost", 80);
248 final HttpResponse response = new BasicHttpResponse(HttpStatus.SC_UNAUTHORIZED, "UNAUTHORIZED");
249 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.BASIC + " realm=\"test\""));
250 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.DIGEST + " realm=\"realm1\", nonce=\"1234\""));
251
252 this.authExchange.setState(AuthExchange.State.CHALLENGED);
253 this.authExchange.select(this.authScheme);
254
255 final DefaultAuthenticationStrategy authStrategy = new DefaultAuthenticationStrategy();
256
257 Assertions.assertFalse(this.httpAuthenticator.updateAuthState(
258 host, ChallengeType.TARGET, response, authStrategy, this.authExchange, this.context));
259
260 Assertions.assertEquals(AuthExchange.State.FAILURE, this.authExchange.getState());
261 }
262
263 @Test
264 public void testAuthenticationFailedPreviously() throws Exception {
265 final HttpHost host = new HttpHost("somehost", 80);
266 final HttpResponse response = new BasicHttpResponse(HttpStatus.SC_UNAUTHORIZED, "UNAUTHORIZED");
267 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.BASIC + " realm=\"test\""));
268 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.DIGEST + " realm=\"realm1\", nonce=\"1234\""));
269
270 this.authExchange.setState(AuthExchange.State.FAILURE);
271
272 final DefaultAuthenticationStrategy authStrategy = new DefaultAuthenticationStrategy();
273
274 Assertions.assertFalse(this.httpAuthenticator.updateAuthState(
275 host, ChallengeType.TARGET, response, authStrategy, this.authExchange, this.context));
276
277 Assertions.assertEquals(AuthExchange.State.FAILURE, this.authExchange.getState());
278 }
279
280 @Test
281 public void testAuthenticationFailure() throws Exception {
282 final HttpHost host = new HttpHost("somehost", 80);
283 final HttpResponse response = new BasicHttpResponse(HttpStatus.SC_UNAUTHORIZED, "UNAUTHORIZED");
284 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.BASIC + " realm=\"test\""));
285 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.DIGEST + " realm=\"realm1\", nonce=\"1234\""));
286 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, "whatever realm=\"realm1\", stuff=\"1234\""));
287
288 final DefaultAuthenticationStrategy authStrategy = new DefaultAuthenticationStrategy();
289
290 this.authExchange.setState(AuthExchange.State.CHALLENGED);
291 this.authExchange.select(new BasicScheme());
292
293 Assertions.assertFalse(this.httpAuthenticator.updateAuthState(
294 host, ChallengeType.TARGET, response, authStrategy, this.authExchange, this.context));
295 Assertions.assertEquals(AuthExchange.State.FAILURE, this.authExchange.getState());
296 }
297
298 @Test
299 public void testAuthenticationHandshaking() throws Exception {
300 final HttpHost host = new HttpHost("somehost", 80);
301 final HttpResponse response = new BasicHttpResponse(HttpStatus.SC_UNAUTHORIZED, "UNAUTHORIZED");
302 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.BASIC + " realm=\"test\""));
303 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.DIGEST + " realm=\"realm1\", stale=true, nonce=\"1234\""));
304 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, "whatever realm=\"realm1\", stuff=\"1234\""));
305
306 final DefaultAuthenticationStrategy authStrategy = new DefaultAuthenticationStrategy();
307
308 this.authExchange.setState(AuthExchange.State.CHALLENGED);
309 this.authExchange.select(new DigestScheme());
310
311 Assertions.assertTrue(this.httpAuthenticator.updateAuthState(
312 host, ChallengeType.TARGET, response, authStrategy, this.authExchange, this.context));
313
314 Assertions.assertEquals(AuthExchange.State.HANDSHAKE, this.authExchange.getState());
315 }
316
317 @Test
318 public void testAuthenticationNoMatchingChallenge() throws Exception {
319 final HttpHost host = new HttpHost("somehost", 80);
320 final HttpResponse response = new BasicHttpResponse(HttpStatus.SC_UNAUTHORIZED, "UNAUTHORIZED");
321 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, StandardAuthScheme.DIGEST + " realm=\"realm1\", nonce=\"1234\""));
322 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, "whatever realm=\"realm1\", stuff=\"1234\""));
323
324 final Credentials credentials = new UsernamePasswordCredentials("user", "pass".toCharArray());
325 Mockito.when(this.credentialsProvider.getCredentials(Mockito.eq(new AuthScope(host, "realm1", StandardAuthScheme.DIGEST)),
326 Mockito.any())).thenReturn(credentials);
327
328 final DefaultAuthenticationStrategy authStrategy = new DefaultAuthenticationStrategy();
329
330 this.authExchange.setState(AuthExchange.State.CHALLENGED);
331 this.authExchange.select(new BasicScheme());
332
333 Assertions.assertTrue(this.httpAuthenticator.updateAuthState(
334 host, ChallengeType.TARGET, response, authStrategy, this.authExchange, this.context));
335 Assertions.assertEquals(AuthExchange.State.CHALLENGED, this.authExchange.getState());
336
337 final Queue<AuthScheme> options = this.authExchange.getAuthOptions();
338 Assertions.assertNotNull(options);
339 final AuthScheme authScheme1 = options.poll();
340 Assertions.assertNotNull(authScheme1);
341 Assertions.assertEquals(StandardAuthScheme.DIGEST, authScheme1.getName());
342 Assertions.assertNull(options.poll());
343 }
344
345 @Test
346 public void testAuthenticationException() throws Exception {
347 final HttpHost host = new HttpHost("somehost", 80);
348 final HttpResponse response = new BasicHttpResponse(HttpStatus.SC_UNAUTHORIZED, "UNAUTHORIZED");
349 response.addHeader(new BasicHeader(HttpHeaders.WWW_AUTHENTICATE, "blah blah blah"));
350
351 this.authExchange.setState(AuthExchange.State.CHALLENGED);
352
353 final DefaultAuthenticationStrategy authStrategy = new DefaultAuthenticationStrategy();
354
355 Assertions.assertFalse(this.httpAuthenticator.updateAuthState(
356 host, ChallengeType.TARGET, response, authStrategy, this.authExchange, this.context));
357
358 Assertions.assertEquals(AuthExchange.State.UNCHALLENGED, this.authExchange.getState());
359 Assertions.assertNull(this.authExchange.getAuthScheme());
360 }
361
362 @Test
363 public void testAuthFailureState() throws Exception {
364 final HttpRequest request = new BasicHttpRequest("GET", "/");
365 this.authExchange.setState(AuthExchange.State.FAILURE);
366 this.authExchange.select(this.authScheme);
367
368 this.httpAuthenticator.addAuthResponse(defaultHost, ChallengeType.TARGET, request, authExchange, context);
369
370 Assertions.assertFalse(request.containsHeader(HttpHeaders.AUTHORIZATION));
371
372 Mockito.verify(this.authScheme, Mockito.never()).generateAuthResponse(
373 Mockito.eq(defaultHost),
374 Mockito.any(HttpRequest.class),
375 Mockito.any(HttpContext.class));
376 }
377
378 @Test
379 public void testAuthChallengeStateNoOption() throws Exception {
380 final HttpRequest request = new BasicHttpRequest("GET", "/");
381 this.authExchange.setState(AuthExchange.State.CHALLENGED);
382 this.authExchange.select(this.authScheme);
383
384 Mockito.when(this.authScheme.generateAuthResponse(
385 Mockito.eq(defaultHost),
386 Mockito.any(HttpRequest.class),
387 Mockito.any(HttpContext.class))).thenReturn("stuff");
388
389 this.httpAuthenticator.addAuthResponse(defaultHost, ChallengeType.TARGET, request, authExchange, context);
390
391 Assertions.assertTrue(request.containsHeader(HttpHeaders.AUTHORIZATION));
392 }
393
394 @Test
395 public void testAuthChallengeStateOneOptions() throws Exception {
396 final HttpRequest request = new BasicHttpRequest("GET", "/");
397 this.authExchange.setState(AuthExchange.State.CHALLENGED);
398 final LinkedList<AuthScheme> authOptions = new LinkedList<>();
399 authOptions.add(this.authScheme);
400 this.authExchange.setOptions(authOptions);
401
402 Mockito.when(this.authScheme.generateAuthResponse(
403 Mockito.eq(defaultHost),
404 Mockito.any(HttpRequest.class),
405 Mockito.any(HttpContext.class))).thenReturn("stuff");
406
407 this.httpAuthenticator.addAuthResponse(defaultHost, ChallengeType.TARGET, request, authExchange, context);
408
409 Assertions.assertSame(this.authScheme, this.authExchange.getAuthScheme());
410 Assertions.assertNull(this.authExchange.getAuthOptions());
411
412 Assertions.assertTrue(request.containsHeader(HttpHeaders.AUTHORIZATION));
413 }
414
415 @Test
416 public void testAuthChallengeStateMultipleOption() throws Exception {
417 final HttpRequest request = new BasicHttpRequest("GET", "/");
418 this.authExchange.setState(AuthExchange.State.CHALLENGED);
419
420 final LinkedList<AuthScheme> authOptions = new LinkedList<>();
421 final AuthScheme authScheme1 = Mockito.mock(AuthScheme.class);
422 Mockito.doThrow(new AuthenticationException()).when(authScheme1).generateAuthResponse(
423 Mockito.eq(defaultHost),
424 Mockito.any(HttpRequest.class),
425 Mockito.any(HttpContext.class));
426 final AuthScheme authScheme2 = Mockito.mock(AuthScheme.class);
427 Mockito.when(authScheme2.generateAuthResponse(
428 Mockito.eq(defaultHost),
429 Mockito.any(HttpRequest.class),
430 Mockito.any(HttpContext.class))).thenReturn("stuff");
431 authOptions.add(authScheme1);
432 authOptions.add(authScheme2);
433 this.authExchange.setOptions(authOptions);
434
435 this.httpAuthenticator.addAuthResponse(defaultHost, ChallengeType.TARGET, request, authExchange, context);
436
437 Assertions.assertSame(authScheme2, this.authExchange.getAuthScheme());
438 Assertions.assertNull(this.authExchange.getAuthOptions());
439
440 Assertions.assertTrue(request.containsHeader(HttpHeaders.AUTHORIZATION));
441 }
442
443 @Test
444 public void testAuthSuccess() throws Exception {
445 final HttpRequest request = new BasicHttpRequest("GET", "/");
446 this.authExchange.setState(AuthExchange.State.SUCCESS);
447 this.authExchange.select(this.authScheme);
448
449 Mockito.when(this.authScheme.isConnectionBased()).thenReturn(Boolean.FALSE);
450 Mockito.when(this.authScheme.generateAuthResponse(
451 Mockito.eq(defaultHost),
452 Mockito.any(HttpRequest.class),
453 Mockito.any(HttpContext.class))).thenReturn("stuff");
454
455 this.httpAuthenticator.addAuthResponse(defaultHost, ChallengeType.TARGET, request, authExchange, context);
456
457 Assertions.assertSame(this.authScheme, this.authExchange.getAuthScheme());
458 Assertions.assertNull(this.authExchange.getAuthOptions());
459
460 Assertions.assertTrue(request.containsHeader(HttpHeaders.AUTHORIZATION));
461 }
462
463 @Test
464 public void testAuthSuccessConnectionBased() throws Exception {
465 final HttpRequest request = new BasicHttpRequest("GET", "/");
466 this.authExchange.setState(AuthExchange.State.SUCCESS);
467 this.authExchange.select(this.authScheme);
468
469 Mockito.when(this.authScheme.isConnectionBased()).thenReturn(Boolean.TRUE);
470 Mockito.when(this.authScheme.generateAuthResponse(
471 Mockito.eq(defaultHost),
472 Mockito.any(HttpRequest.class),
473 Mockito.any(HttpContext.class))).thenReturn("stuff");
474
475 this.httpAuthenticator.addAuthResponse(defaultHost, ChallengeType.TARGET, request, authExchange, context);
476
477 Assertions.assertFalse(request.containsHeader(HttpHeaders.AUTHORIZATION));
478
479 Mockito.verify(this.authScheme, Mockito.never()).generateAuthResponse(
480 Mockito.eq(defaultHost),
481 Mockito.any(HttpRequest.class),
482 Mockito.any(HttpContext.class));
483 }
484
485 }