diff --git a/test/Microsoft.AspNet.Server.WebListener.FunctionalTests/AuthenticationTests.cs b/test/Microsoft.AspNet.Server.WebListener.FunctionalTests/AuthenticationTests.cs index 68fd03f1cb..d8a2fa3e66 100644 --- a/test/Microsoft.AspNet.Server.WebListener.FunctionalTests/AuthenticationTests.cs +++ b/test/Microsoft.AspNet.Server.WebListener.FunctionalTests/AuthenticationTests.cs @@ -32,12 +32,11 @@ namespace Microsoft.AspNet.Server.WebListener { [Theory] [InlineData(AuthenticationSchemes.AllowAnonymous)] - [InlineData(AuthenticationSchemes.Kerberos)] [InlineData(AuthenticationSchemes.Negotiate)] [InlineData(AuthenticationSchemes.NTLM)] // [InlineData(AuthenticationSchemes.Digest)] [InlineData(AuthenticationSchemes.Basic)] - [InlineData(AuthenticationSchemes.Kerberos | AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /*AuthenticationSchemes.Digest |*/ AuthenticationSchemes.Basic)] + [InlineData(AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /*AuthenticationSchemes.Digest |*/ AuthenticationSchemes.Basic)] public async Task AuthTypes_AllowAnonymous_NoChallenge(AuthenticationSchemes authType) { string address; @@ -56,7 +55,6 @@ namespace Microsoft.AspNet.Server.WebListener } [Theory] - [InlineData(AuthenticationSchemes.Kerberos)] [InlineData(AuthenticationSchemes.Negotiate)] [InlineData(AuthenticationSchemes.NTLM)] // [InlineData(AuthenticationSchemes.Digest)] // TODO: Not implemented @@ -76,7 +74,6 @@ namespace Microsoft.AspNet.Server.WebListener } [Theory] - [InlineData(AuthenticationSchemes.Kerberos)] [InlineData(AuthenticationSchemes.Negotiate)] [InlineData(AuthenticationSchemes.NTLM)] // [InlineData(AuthenticationSchemes.Digest)] // TODO: Not implemented @@ -104,8 +101,7 @@ namespace Microsoft.AspNet.Server.WebListener { string address; using (Utilities.CreateHttpAuthServer( - AuthenticationSchemes.Kerberos - | AuthenticationSchemes.Negotiate + AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM /* | AuthenticationSchemes.Digest TODO: Not implemented */ | AuthenticationSchemes.Basic @@ -122,17 +118,16 @@ namespace Microsoft.AspNet.Server.WebListener { var response = await SendRequestAsync(address); Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode); - Assert.Equal("Kerberos, Negotiate, NTLM, basic", response.Headers.WwwAuthenticate.ToString(), StringComparer.OrdinalIgnoreCase); + Assert.Equal("Negotiate, NTLM, basic", response.Headers.WwwAuthenticate.ToString(), StringComparer.OrdinalIgnoreCase); } } [Theory] - [InlineData(AuthenticationSchemes.Kerberos)] [InlineData(AuthenticationSchemes.Negotiate)] [InlineData(AuthenticationSchemes.NTLM)] // [InlineData(AuthenticationSchemes.Digest)] // TODO: Not implemented // [InlineData(AuthenticationSchemes.Basic)] // Doesn't work with default creds - [InlineData(AuthenticationSchemes.Kerberos | AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /* AuthenticationSchemes.Digest |*/ AuthenticationSchemes.Basic)] + [InlineData(AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /* AuthenticationSchemes.Digest |*/ AuthenticationSchemes.Basic)] public async Task AuthTypes_AllowAnonymousButSpecify401_Success(AuthenticationSchemes authType) { string address; @@ -164,12 +159,11 @@ namespace Microsoft.AspNet.Server.WebListener } [Theory] - [InlineData(AuthenticationSchemes.Kerberos)] [InlineData(AuthenticationSchemes.Negotiate)] [InlineData(AuthenticationSchemes.NTLM)] // [InlineData(AuthenticationSchemes.Digest)] // TODO: Not implemented // [InlineData(AuthenticationSchemes.Basic)] // Doesn't work with default creds - [InlineData(AuthenticationSchemes.Kerberos | AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /* AuthenticationSchemes.Digest |*/ AuthenticationSchemes.Basic)] + [InlineData(AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /* AuthenticationSchemes.Digest |*/ AuthenticationSchemes.Basic)] public async Task AuthTypes_RequireAuth_Success(AuthenticationSchemes authType) { string address; @@ -188,12 +182,10 @@ namespace Microsoft.AspNet.Server.WebListener [Theory] [InlineData(AuthenticationSchemes.AllowAnonymous)] - [InlineData(AuthenticationSchemes.Kerberos)] [InlineData(AuthenticationSchemes.Negotiate)] [InlineData(AuthenticationSchemes.NTLM)] // [InlineData(AuthenticationSchemes.Digest)] [InlineData(AuthenticationSchemes.Basic)] - // [InlineData(AuthenticationSchemes.Kerberos | AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /*AuthenticationSchemes.Digest |*/ AuthenticationSchemes.Basic)] public async Task AuthTypes_GetSingleDescriptions(AuthenticationSchemes authType) { string address; @@ -227,8 +219,7 @@ namespace Microsoft.AspNet.Server.WebListener { string address; AuthenticationSchemes authType = - AuthenticationSchemes.Kerberos - | AuthenticationSchemes.Negotiate + AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /*AuthenticationSchemes.Digest |*/ AuthenticationSchemes.Basic; @@ -236,7 +227,7 @@ namespace Microsoft.AspNet.Server.WebListener { var context = new DefaultHttpContext((IFeatureCollection)env); var resultList = context.Authentication.GetAuthenticationSchemes(); - Assert.Equal(4, resultList.Count()); + Assert.Equal(3, resultList.Count()); return Task.FromResult(0); })) { @@ -247,12 +238,11 @@ namespace Microsoft.AspNet.Server.WebListener } [Theory] - [InlineData(AuthenticationSchemes.Kerberos)] [InlineData(AuthenticationSchemes.Negotiate)] [InlineData(AuthenticationSchemes.NTLM)] // [InlineData(AuthenticationSchemes.Digest)] [InlineData(AuthenticationSchemes.Basic)] - [InlineData(AuthenticationSchemes.Kerberos | AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /*AuthenticationSchemes.Digest |*/ AuthenticationSchemes.Basic)] + [InlineData(AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /*AuthenticationSchemes.Digest |*/ AuthenticationSchemes.Basic)] public async Task AuthTypes_AuthenticateWithNoUser_NoResults(AuthenticationSchemes authType) { string address; @@ -276,12 +266,11 @@ namespace Microsoft.AspNet.Server.WebListener } [Theory] - [InlineData(AuthenticationSchemes.Kerberos)] [InlineData(AuthenticationSchemes.Negotiate)] [InlineData(AuthenticationSchemes.NTLM)] // [InlineData(AuthenticationSchemes.Digest)] // [InlineData(AuthenticationSchemes.Basic)] // Doesn't work with default creds - [InlineData(AuthenticationSchemes.Kerberos | AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /*AuthenticationSchemes.Digest |*/ AuthenticationSchemes.Basic)] + [InlineData(AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /*AuthenticationSchemes.Digest |*/ AuthenticationSchemes.Basic)] public async Task AuthTypes_AuthenticateWithUser_OneResult(AuthenticationSchemes authType) { string address; @@ -309,12 +298,11 @@ namespace Microsoft.AspNet.Server.WebListener } [Theory] - [InlineData(AuthenticationSchemes.Kerberos)] [InlineData(AuthenticationSchemes.Negotiate)] [InlineData(AuthenticationSchemes.NTLM)] // [InlineData(AuthenticationSchemes.Digest)] [InlineData(AuthenticationSchemes.Basic)] - [InlineData(AuthenticationSchemes.Kerberos | AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /*AuthenticationSchemes.Digest |*/ AuthenticationSchemes.Basic)] + [InlineData(AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /*AuthenticationSchemes.Digest |*/ AuthenticationSchemes.Basic)] public async Task AuthTypes_ChallengeWithoutAuthTypes_AllChallengesSent(AuthenticationSchemes authType) { string address; @@ -334,12 +322,11 @@ namespace Microsoft.AspNet.Server.WebListener } [Theory] - [InlineData(AuthenticationSchemes.Kerberos)] [InlineData(AuthenticationSchemes.Negotiate)] [InlineData(AuthenticationSchemes.NTLM)] // [InlineData(AuthenticationSchemes.Digest)] [InlineData(AuthenticationSchemes.Basic)] - [InlineData(AuthenticationSchemes.Kerberos | AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /*AuthenticationSchemes.Digest |*/ AuthenticationSchemes.Basic)] + [InlineData(AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /*AuthenticationSchemes.Digest |*/ AuthenticationSchemes.Basic)] public async Task AuthTypes_ChallengeWithAllAuthTypes_AllChallengesSent(AuthenticationSchemes authType) { string address; @@ -362,7 +349,6 @@ namespace Microsoft.AspNet.Server.WebListener } [Theory] - [InlineData(AuthenticationSchemes.Kerberos)] [InlineData(AuthenticationSchemes.Negotiate)] [InlineData(AuthenticationSchemes.NTLM)] // [InlineData(AuthenticationSchemes.Digest)] @@ -370,7 +356,7 @@ namespace Microsoft.AspNet.Server.WebListener public async Task AuthTypes_ChallengeOneAuthType_OneChallengeSent(AuthenticationSchemes authType) { string address; - var authTypes = AuthenticationSchemes.Kerberos | AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /*AuthenticationSchemes.Digest |*/ AuthenticationSchemes.Basic; + var authTypes = AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /*AuthenticationSchemes.Digest |*/ AuthenticationSchemes.Basic; using (Utilities.CreateHttpAuthServer(authTypes | AuthenticationSchemes.AllowAnonymous, out address, env => { var context = new DefaultHttpContext((IFeatureCollection)env); @@ -387,7 +373,6 @@ namespace Microsoft.AspNet.Server.WebListener } [Theory] - [InlineData(AuthenticationSchemes.Kerberos)] [InlineData(AuthenticationSchemes.Negotiate)] [InlineData(AuthenticationSchemes.NTLM)] // [InlineData(AuthenticationSchemes.Digest)] @@ -395,7 +380,7 @@ namespace Microsoft.AspNet.Server.WebListener public async Task AuthTypes_ChallengeDisabledAuthType_Error(AuthenticationSchemes authType) { string address; - var authTypes = AuthenticationSchemes.Kerberos | AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /*AuthenticationSchemes.Digest |*/ AuthenticationSchemes.Basic; + var authTypes = AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /*AuthenticationSchemes.Digest |*/ AuthenticationSchemes.Basic; authTypes = authTypes & ~authType; var authTypeList = authType.ToString().Split(new char[] { ',', ' ' }, StringSplitOptions.RemoveEmptyEntries); using (Utilities.CreateHttpAuthServer(authTypes | AuthenticationSchemes.AllowAnonymous, out address, env => @@ -413,7 +398,6 @@ namespace Microsoft.AspNet.Server.WebListener } [Theory] - [InlineData(AuthenticationSchemes.Kerberos)] [InlineData(AuthenticationSchemes.Negotiate)] [InlineData(AuthenticationSchemes.NTLM)] // [InlineData(AuthenticationSchemes.Digest)] @@ -421,7 +405,7 @@ namespace Microsoft.AspNet.Server.WebListener public async Task AuthTypes_Forbid_Forbidden(AuthenticationSchemes authType) { string address; - var authTypes = AuthenticationSchemes.AllowAnonymous | AuthenticationSchemes.Kerberos | AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /*AuthenticationSchemes.Digest |*/ AuthenticationSchemes.Basic; + var authTypes = AuthenticationSchemes.AllowAnonymous | AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /*AuthenticationSchemes.Digest |*/ AuthenticationSchemes.Basic; using (Utilities.CreateHttpAuthServer(authTypes, out address, env => { var context = new DefaultHttpContext((IFeatureCollection)env); @@ -437,7 +421,6 @@ namespace Microsoft.AspNet.Server.WebListener } [Theory] - [InlineData(AuthenticationSchemes.Kerberos)] [InlineData(AuthenticationSchemes.Negotiate)] [InlineData(AuthenticationSchemes.NTLM)] // [InlineData(AuthenticationSchemes.Digest)] // Not implemented @@ -461,7 +444,6 @@ namespace Microsoft.AspNet.Server.WebListener } [Theory] - [InlineData(AuthenticationSchemes.Kerberos)] [InlineData(AuthenticationSchemes.Negotiate)] [InlineData(AuthenticationSchemes.NTLM)] // [InlineData(AuthenticationSchemes.Digest)] // Not implemented @@ -485,7 +467,6 @@ namespace Microsoft.AspNet.Server.WebListener } [Theory] - [InlineData(AuthenticationSchemes.Kerberos)] [InlineData(AuthenticationSchemes.Negotiate)] [InlineData(AuthenticationSchemes.NTLM)] // [InlineData(AuthenticationSchemes.Digest)] // Not implemented diff --git a/test/Microsoft.Net.Http.Server.FunctionalTests/AuthenticationTests.cs b/test/Microsoft.Net.Http.Server.FunctionalTests/AuthenticationTests.cs index f9e9316dc8..7c4272cd51 100644 --- a/test/Microsoft.Net.Http.Server.FunctionalTests/AuthenticationTests.cs +++ b/test/Microsoft.Net.Http.Server.FunctionalTests/AuthenticationTests.cs @@ -4,6 +4,7 @@ using System; using System.Net; using System.Net.Http; using System.Threading.Tasks; +using Microsoft.AspNet.Testing.xunit; using Xunit; namespace Microsoft.Net.Http.Server @@ -12,12 +13,11 @@ namespace Microsoft.Net.Http.Server { [Theory] [InlineData(AuthenticationSchemes.AllowAnonymous)] - [InlineData(AuthenticationSchemes.Kerberos)] [InlineData(AuthenticationSchemes.Negotiate)] [InlineData(AuthenticationSchemes.NTLM)] // [InlineData(AuthenticationSchemes.Digest)] [InlineData(AuthenticationSchemes.Basic)] - [InlineData(AuthenticationSchemes.Kerberos | AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /*AuthenticationSchemes.Digest |*/ AuthenticationSchemes.Basic)] + [InlineData(AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /*AuthenticationSchemes.Digest |*/ AuthenticationSchemes.Basic)] public async Task AuthTypes_AllowAnonymous_NoChallenge(AuthenticationSchemes authType) { string address; @@ -45,7 +45,6 @@ namespace Microsoft.Net.Http.Server } [Theory] - [InlineData(AuthenticationSchemes.Kerberos)] [InlineData(AuthenticationSchemes.Negotiate)] [InlineData(AuthenticationSchemes.NTLM)] // [InlineData(AuthenticationType.Digest)] // TODO: Not implemented @@ -66,7 +65,6 @@ namespace Microsoft.Net.Http.Server } [Theory] - [InlineData(AuthenticationSchemes.Kerberos)] [InlineData(AuthenticationSchemes.Negotiate)] [InlineData(AuthenticationSchemes.NTLM)] // [InlineData(AuthenticationSchemes.Digest)] // TODO: Not implemented @@ -96,8 +94,7 @@ namespace Microsoft.Net.Http.Server { string address; AuthenticationSchemes authType = - AuthenticationSchemes.Kerberos - | AuthenticationSchemes.Negotiate + AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM /* | AuthenticationSchemes.Digest TODO: Not implemented */ | AuthenticationSchemes.Basic; @@ -114,17 +111,16 @@ namespace Microsoft.Net.Http.Server var response = await responseTask; Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode); - Assert.Equal("Kerberos, Negotiate, NTLM, basic", response.Headers.WwwAuthenticate.ToString(), StringComparer.OrdinalIgnoreCase); + Assert.Equal("Negotiate, NTLM, basic", response.Headers.WwwAuthenticate.ToString(), StringComparer.OrdinalIgnoreCase); } } [Theory] - [InlineData(AuthenticationSchemes.Kerberos)] [InlineData(AuthenticationSchemes.Negotiate)] [InlineData(AuthenticationSchemes.NTLM)] // [InlineData(AuthenticationSchemes.Digest)] // TODO: Not implemented // [InlineData(AuthenticationSchemes.Basic)] // Doesn't work with default creds - [InlineData(AuthenticationSchemes.Kerberos | AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /*AuthenticationType.Digest |*/ AuthenticationSchemes.Basic)] + [InlineData(AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /*AuthenticationType.Digest |*/ AuthenticationSchemes.Basic)] public async Task AuthTypes_AllowAnonymousButSpecify401_Success(AuthenticationSchemes authType) { string address; @@ -151,12 +147,11 @@ namespace Microsoft.Net.Http.Server } [Theory] - [InlineData(AuthenticationSchemes.Kerberos)] [InlineData(AuthenticationSchemes.Negotiate)] [InlineData(AuthenticationSchemes.NTLM)] // [InlineData(AuthenticationSchemes.Digest)] // TODO: Not implemented // [InlineData(AuthenticationSchemes.Basic)] // Doesn't work with default creds - [InlineData(AuthenticationSchemes.Kerberos | AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /*AuthenticationType.Digest |*/ AuthenticationSchemes.Basic)] + [InlineData(AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /*AuthenticationType.Digest |*/ AuthenticationSchemes.Basic)] public async Task AuthTypes_RequireAuth_Success(AuthenticationSchemes authType) { string address; @@ -175,6 +170,48 @@ namespace Microsoft.Net.Http.Server } } + [ConditionalTheory] + [SkipOffDomain] + public async Task AuthTypes_RequireKerberosAuth_Success() + { + string address; + using (var server = Utilities.CreateHttpAuthServer(AuthenticationSchemes.Kerberos, out address)) + { + Task responseTask = SendRequestAsync(address, useDefaultCredentials: true); + + var context = await server.GetContextAsync(); + Assert.NotNull(context.User); + Assert.True(context.User.Identity.IsAuthenticated); + Assert.Equal(AuthenticationSchemes.Kerberos, context.AuthenticationChallenges); + context.Dispose(); + + var response = await responseTask; + Assert.Equal(HttpStatusCode.OK, response.StatusCode); + } + } + + [ConditionalTheory] + [SkipOffDomain] + public async Task MultipleAuthTypes_KerberosAllowAnonymousButSpecify401_ChallengesAdded() + { + string address; + using (var server = Utilities.CreateHttpAuthServer(AuthenticationSchemes.Kerberos | AuthenticationSchemes.AllowAnonymous, out address)) + { + Task responseTask = SendRequestAsync(address); + + var context = await server.GetContextAsync(); + Assert.NotNull(context.User); + Assert.False(context.User.Identity.IsAuthenticated); + Assert.Equal(AuthenticationSchemes.Kerberos, context.AuthenticationChallenges); + context.Response.StatusCode = 401; + context.Dispose(); + + var response = await responseTask; + Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode); + Assert.Equal("Kerberos", response.Headers.WwwAuthenticate.ToString(), StringComparer.OrdinalIgnoreCase); + } + } + private async Task SendRequestAsync(string uri, bool useDefaultCredentials = false) { HttpClientHandler handler = new HttpClientHandler(); diff --git a/test/Microsoft.Net.Http.Server.FunctionalTests/SkipOffDomainAttribute.cs b/test/Microsoft.Net.Http.Server.FunctionalTests/SkipOffDomainAttribute.cs new file mode 100644 index 0000000000..11a7bb82fb --- /dev/null +++ b/test/Microsoft.Net.Http.Server.FunctionalTests/SkipOffDomainAttribute.cs @@ -0,0 +1,39 @@ +// Copyright (c) .NET Foundation. All rights reserved. +// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. + +using System; +using System.DirectoryServices.ActiveDirectory; +using Microsoft.AspNet.Testing.xunit; + +namespace Microsoft.Net.Http.Server +{ + /// + /// Skips an auth test if the machine is not joined to a Windows domain. + /// + [AttributeUsage(AttributeTargets.Method, AllowMultiple = false)] + public class SkipOffDomainAttribute : Attribute, ITestCondition + { + public bool IsMet + { + get + { + try + { + return !string.IsNullOrEmpty(Domain.GetComputerDomain().Name); + } + catch + { + } + return false; + } + } + + public string SkipReason + { + get + { + return "Machine is not joined to a domain."; + } + } + } +} \ No newline at end of file diff --git a/test/Microsoft.Net.Http.Server.FunctionalTests/project.json b/test/Microsoft.Net.Http.Server.FunctionalTests/project.json index d5a72c4598..586047d801 100644 --- a/test/Microsoft.Net.Http.Server.FunctionalTests/project.json +++ b/test/Microsoft.Net.Http.Server.FunctionalTests/project.json @@ -1,18 +1,19 @@ { - "commands": { - "test": "xunit.runner.aspnet" - }, - "dependencies": { - "Microsoft.Net.Http.Server": "1.0.0-*", - "Microsoft.AspNet.Testing": "1.0.0-*", - "xunit.runner.aspnet": "2.0.0-aspnet-*" - }, - "frameworks": { - "dnx451": { - "frameworkAssemblies": { - "System.Net.Http": "", - "System.Net.Http.WebRequest": "" - } - } + "commands": { + "test": "xunit.runner.aspnet" + }, + "dependencies": { + "Microsoft.Net.Http.Server": "1.0.0-*", + "Microsoft.AspNet.Testing": "1.0.0-*", + "xunit.runner.aspnet": "2.0.0-aspnet-*" + }, + "frameworks": { + "dnx451": { + "frameworkAssemblies": { + "System.DirectoryServices": "", + "System.Net.Http": "", + "System.Net.Http.WebRequest": "" + } } + } }