use v6;
use Test;
use Net::Hawk::Client;
use Net::Hawk::Crypto;
subtest {
my %credentials = (
id => 'dh37fgj492je',
key => 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
algorithm => 'sha256',
);
my %options = (
credentials => %credentials,
timestamp => 1353832234,
nonce => 'j4h3g2',
ext => 'some-app-ext-data'
);
subtest {
my $field = Net::Hawk::Client::header(
'http://example.com:8000/resource/1?b=1&a=2',
'GET',
|%options,
)<field>;
is(
$field,
'Hawk id="dh37fgj492je", ts="1353832234", nonce="j4h3g2", ext="some-app-ext-data", mac="6R4rV5iE+NPoym+WwjeHzjAGXUtLNIxmo1vpMofpLAE="',
'Hawk header generated ok',
);
};
subtest {
%options<payload> = 'Thank you for flying Hawk';
%options<content_type> = 'text/plain';
my $field = Net::Hawk::Client::header(
'http://example.com:8000/resource/1?b=1&a=2',
'POST',
|%options,
)<field>;
is(
$field,
'Hawk id="dh37fgj492je", ts="1353832234", nonce="j4h3g2", hash="Yi9LfIIFRtBEPt74PVmbTF/xVAwPn7ub15ePICfgnuY=", ext="some-app-ext-data", mac="aSe1DERmZuRl3pI36/9BdZmnErTw3sNzOOAUlfeKjVw="',
'Hawk header generated ok',
);
};
};
subtest {
my $uri = 'http://example.net/somewhere/over/the/rainbow';
my $uri_s = 'https://example.net/somewhere/over/the/rainbow';
my %args = (
credentials => {
id => '123456',
key => '2983d45yun89q',
algorithm => 'sha1',
},
ext => 'Bazinga!',
timestamp => 1353809207,
nonce => 'Ygvqdz',
payload => 'something to write about',
);
my $header = Net::Hawk::Client::header($uri,'POST',|%args);
is(
$header<field>,
'Hawk id="123456", ts="1353809207", nonce="Ygvqdz", hash="bsvY3IfUllw6V5rvk4tStEvpBhE=", ext="Bazinga!", mac="qbf1ZPG/r/e06F4ht+T77LXi5vw="',
'valid authorization header (sha1)',
);
%args<credentials><algorithm>='sha256';
%args<content_type> = 'text/plain';
$header = Net::Hawk::Client::header($uri_s,'POST',|%args);
is(
$header<field>,
'Hawk id="123456", ts="1353809207", nonce="Ygvqdz", hash="2QfCt3GuY9HQnHWyWD3wX68ZOKbynqlfYmuO2ZBRqtY=", ext="Bazinga!", mac="q1CwFoSHzPZSkbIvl0oYlD+91rBUEvFk763nMjMndj8="',
'valid authorization header (sha256)',
);
%args<ext> :delete;
$header = Net::Hawk::Client::header($uri_s,'POST',|%args);
is(
$header<field>,
'Hawk id="123456", ts="1353809207", nonce="Ygvqdz", hash="2QfCt3GuY9HQnHWyWD3wX68ZOKbynqlfYmuO2ZBRqtY=", mac="HTgtd0jPI6E4izx8e4OHdO36q00xFCU0FolNq3RiCYs="',
'valid authorization header (no ext)',
);
%args<ext>=Str;
$header = Net::Hawk::Client::header($uri_s,'POST',|%args);
is(
$header<field>,
'Hawk id="123456", ts="1353809207", nonce="Ygvqdz", hash="2QfCt3GuY9HQnHWyWD3wX68ZOKbynqlfYmuO2ZBRqtY=", mac="HTgtd0jPI6E4izx8e4OHdO36q00xFCU0FolNq3RiCYs="',
'valid authorization header (null ext)',
);
%args<payload>='';
$header = Net::Hawk::Client::header($uri_s,'POST',|%args);
is(
$header<field>,
'Hawk id="123456", ts="1353809207", nonce="Ygvqdz", hash="q/t+NNAkQZNlq/aAD6PlexImwQTxwgT2MahfTa9XRLA=", mac="U5k16YEzn3UnBHKeBzsDXn067Gu3R4YaY6xOt9PYRZM="',
'valid authorization header (empty payload)',
);
%args<hash> = calculate_payload_hash(
'something to write about',
%args<credentials><algorithm>,
%args<content_type>,
);
$header = Net::Hawk::Client::header($uri_s,'POST',|%args);
is(
$header<field>,
'Hawk id="123456", ts="1353809207", nonce="Ygvqdz", hash="2QfCt3GuY9HQnHWyWD3wX68ZOKbynqlfYmuO2ZBRqtY=", mac="HTgtd0jPI6E4izx8e4OHdO36q00xFCU0FolNq3RiCYs="',
'valid authorization header (pre hashed payload)',
);
};
subtest {
ok(
! Net::Hawk::Client::authenticate([
'server-authorization' => 'Hawk mac="abc", bad="xyz"',
],{}),
'returns false on invalid header',
);
my %artifacts = (
method => 'POST',
host => 'example.com',
port => 8080,
resource => '/resource/4?filter=a',
ts => 1362336900,
nonce => 'eb5S_L',
hash => 'nJjkVtBE5Y/Bk38Aiokwn0jiJxt/0S2WRSUwWLCf5xk=',
ext => 'some-app-data',
mac => 'BlmSe8K+pbKIb6YsZCnt4E1GrYvY1AaYayNR82dGpIk=',
id => '123456',
);
my %credentials = (
id => '123456',
key => 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
algorithm => 'sha256',
user => 'steve'
);
ok(
! Net::Hawk::Client::authenticate([
'content-type' => 'text/plain',
'server-authorization' => 'Hawk mac="_IJRsMl/4oL+nn+vKoeVZPdCHXB4yJkNnBbTbHFZUYE=", hash="f9cDF/TDm7TkYRLnGwRMfeDzT6LixQVLvrIKhh0vgmM=", ext="response-specific"',
],%credentials,%artifacts),
'returns false on invalid mac',
);
ok(
Net::Hawk::Client::authenticate([
'content-type' => 'text/plain',
'server-authorization' => 'Hawk mac="XIJRsMl/4oL+nn+vKoeVZPdCHXB4yJkNnBbTbHFZUYE=", hash="f9cDF/TDm7TkYRLnGwRMfeDzT6LixQVLvrIKhh0vgmM=", ext="response-specific"',
],%credentials,%artifacts),
'returns true on ignoring hash',
);
ok(
! Net::Hawk::Client::authenticate([
'www-authenticate' => 'Hawk ts="1362346425875", tsm="PhwayS28vtnn3qbv0mqRBYSXebN/zggEtucfeZ620Zo=", x="Stale timestamp"',
],{}),
'fails on invalid WWW-Authenticate header format',
);
ok(
! Net::Hawk::Client::authenticate([
'www-authenticate' => 'Hawk ts="1362346425875", tsm="hwayS28vtnn3qbv0mqRBYSXebN/zggEtucfeZ620Zo=", error="Stale timestamp"',
],%credentials),
'fails on invalid WWW-Authenticate header format',
);
ok(
Net::Hawk::Client::authenticate([
'www-authenticate' => 'Hawk error="Stale timestamp"',
],{}),
'skips tsm validation when missing ts',
);
};
done;
