diff --git a/test/fixtures/servers/_servers.js b/test/fixtures/servers/_servers.js index 4db6b9fde..0dd3c93fe 100644 --- a/test/fixtures/servers/_servers.js +++ b/test/fixtures/servers/_servers.js @@ -669,7 +669,8 @@ function createDigestServer (options) { expectedUsername = options.username || 'username', expectedPassword = options.password || 'password'; - passport.use(new DigestStrategy({ qop: 'auth' }, + // Register Digest strategies for MD5 and SHA-256 + passport.use('digest-md5', new DigestStrategy({ qop: 'auth', algorithm: 'MD5' }, function (username, done) { if (username !== expectedUsername) { return done(null, false); @@ -678,8 +679,30 @@ function createDigestServer (options) { return done(null, username, expectedPassword); })); + passport.use('digest-sha256', new DigestStrategy({ qop: 'auth', algorithm: 'SHA-256' }, + function (username, done) { + if (username !== expectedUsername) { + return done(null, false); + } + + return done(null, username, expectedPassword); + })); + + app.use((req, res, next) => { + if (!req.headers.authorization) { + res.status(401); + res.set('WWW-Authenticate', + 'Digest realm="Users", qop="auth", algorithm="MD5", nonce="md5nonce"'); + res.append('WWW-Authenticate', + 'Digest realm="Users", qop="auth", algorithm="SHA-256", nonce="sha256nonce"'); + + return res.send('Unauthorized'); + } + next(); + }); + app.all('*', - passport.authenticate('digest', { session: false }), + passport.authenticate(['digest-md5', 'digest-sha256'], { session: false }), function (req, res) { res.send(req.users); }); diff --git a/test/integration/auth-methods/digest.test.js b/test/integration/auth-methods/digest.test.js index 3af44c0ee..54e40ee39 100644 --- a/test/integration/auth-methods/digest.test.js +++ b/test/integration/auth-methods/digest.test.js @@ -1031,4 +1031,71 @@ describe('digest auth', function () { expect(secondCall.args[2]).to.have.property('code', 200); }); }); + + describe('with opted-in algorithm other than the default (md5)', function () { + before(function (done) { + var runOptions = { + collection: { + item: { + name: 'DigestAuth', + request: { + url: global.servers.digest, + auth: { + type: 'digest', + digest: { + algorithm: 'SHA-256', + username: '{{uname}}', + password: '{{pass}}' + } + } + } + } + }, + environment: { + values: [{ + key: 'uname', + value: USERNAME + }, { + key: 'pass', + value: PASSWORD + }] + } + }; + + // perform the collection run + this.run(runOptions, function (err, results) { + testrun = results; + done(err); + }); + }); + + it('should have completed the run', function () { + expect(testrun).to.be.ok; + expect(testrun).to.nested.include({ + 'done.callCount': 1 + }); + testrun.done.getCall(0).args[0] && console.error(testrun.done.getCall(0).args[0].stack); + expect(testrun.done.getCall(0).args[0]).to.be.null; + expect(testrun).to.nested.include({ + 'start.callCount': 1 + }); + }); + + it('should have tried twice and succeeded the second time', function () { + expect(testrun).to.nested.include({ + 'io.callCount': 2, + 'request.callCount': 2 + }); + + var firstError = testrun.io.firstCall.args[0], + secondError = testrun.io.secondCall.args[0], + firstResponse = testrun.io.firstCall.args[3], + secondResponse = testrun.io.secondCall.args[3]; + + expect(firstError).to.be.null; + expect(secondError).to.be.null; + expect(firstResponse).to.have.property('code', 401); + expect(secondResponse).not.to.have.property('code', 401); + }); + }); });