Add tests of auth retries

[platform/upstream/curl.git] / tests / data / test2023

<testcase>
<info>
<keywords>
HTTP
HTTP GET
HTTP Basic auth
</keywords>
</info>
# Server-side
<reply>

<!-- First request has Basic auth, wrong password -->
<data100>
HTTP/1.1 401 Sorry wrong password\r
Server: Microsoft-IIS/5.0\r
Content-Type: text/html; charset=iso-8859-1\r
Content-Length: 29\r
WWW-Authenticate: Basic realm="testrealm"\r
\r
This is a bad password page!
</data100>

<!-- Second request has Basic auth, right password -->
<data200>
HTTP/1.1 200 Things are fine in server land\r
Server: Microsoft-IIS/5.0\r
Content-Type: text/html; charset=iso-8859-1\r
Content-Length: 32\r
\r
Finally, this is the real page!
</data200>

<!-- Third request has Basic auth, wrong password -->
<data300>
HTTP/1.1 401 Sorry wrong password (2)\r
Server: Microsoft-IIS/5.0\r
Content-Type: text/html; charset=iso-8859-1\r
Content-Length: 29\r
WWW-Authenticate: Basic realm="testrealm"\r
\r
This is a bad password page!
</data300>

<!-- Fourth request has Basic auth, wrong password -->
<data400>
HTTP/1.1 401 Sorry wrong password (3)\r
Server: Microsoft-IIS/5.0\r
Content-Type: text/html; charset=iso-8859-1\r
Content-Length: 29\r
WWW-Authenticate: Basic realm="testrealm"\r
\r
This is a bad password page!
</data400>

<!-- Fifth request has Basic auth, right password -->
<data500>
HTTP/1.1 200 Things are fine in server land (2)\r
Server: Microsoft-IIS/5.0\r
Content-Type: text/html; charset=iso-8859-1\r
Content-Length: 32\r
\r
Finally, this is the real page!
</data500>

<datacheck>
HTTP/1.1 401 Sorry wrong password\r
Server: Microsoft-IIS/5.0\r
Content-Type: text/html; charset=iso-8859-1\r
Content-Length: 29\r
WWW-Authenticate: Basic realm="testrealm"\r
\r
This is a bad password page!
HTTP/1.1 200 Things are fine in server land\r
Server: Microsoft-IIS/5.0\r
Content-Type: text/html; charset=iso-8859-1\r
Content-Length: 32\r
\r
Finally, this is the real page!
HTTP/1.1 401 Sorry wrong password (2)\r
Server: Microsoft-IIS/5.0\r
Content-Type: text/html; charset=iso-8859-1\r
Content-Length: 29\r
WWW-Authenticate: Basic realm="testrealm"\r
\r
This is a bad password page!
HTTP/1.1 401 Sorry wrong password (3)\r
Server: Microsoft-IIS/5.0\r
Content-Type: text/html; charset=iso-8859-1\r
Content-Length: 29\r
WWW-Authenticate: Basic realm="testrealm"\r
\r
This is a bad password page!
HTTP/1.1 200 Things are fine in server land (2)\r
Server: Microsoft-IIS/5.0\r
Content-Type: text/html; charset=iso-8859-1\r
Content-Length: 32\r
\r
Finally, this is the real page!
</datacheck>

</reply>

# Client-side
<client>
<server>
http
</server>
<tool>
libauthretry
</tool>

 <name>
HTTP authorization retry (Basic)
 </name>
 <setenv>
# we force our own host name, in order to make the test machine independent
CURL_GETHOSTNAME=curlhost
# we try to use the LD_PRELOAD hack, if not a debug build
LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
 </setenv>
 <command>
http://%HOSTIP:%HTTPPORT/2023 basic basic
</command>
<precheck>
chkhostname curlhost
</precheck>
</client>

# Verify data after the test has been "shot"
<verify>
<strip>
^User-Agent:.*
</strip>
<protocol>
GET /20230100 HTTP/1.1\r
Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz\r
Host: %HOSTIP:%HTTPPORT\r
Accept: */*\r
\r
GET /20230200 HTTP/1.1\r
Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=\r
Host: %HOSTIP:%HTTPPORT\r
Accept: */*\r
\r
GET /20230300 HTTP/1.1\r
Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz\r
Host: %HOSTIP:%HTTPPORT\r
Accept: */*\r
\r
GET /20230400 HTTP/1.1\r
Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz\r
Host: %HOSTIP:%HTTPPORT\r
Accept: */*\r
\r
GET /20230500 HTTP/1.1\r
Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=\r
Host: %HOSTIP:%HTTPPORT\r
Accept: */*\r
\r
</protocol>
</verify>
</testcase>