346 lines
9.0 KiB
Go
346 lines
9.0 KiB
Go
package service
|
||
|
||
import (
|
||
"strings"
|
||
"testing"
|
||
)
|
||
|
||
func TestGenerateNonce(t *testing.T) {
|
||
// 生成多个 nonce 并验证
|
||
nonces := make(map[string]bool)
|
||
iterations := 100
|
||
|
||
for i := 0; i < iterations; i++ {
|
||
nonce := GenerateNonce()
|
||
|
||
// 验证长度(16字节的十六进制表示应该是32个字符)
|
||
if len(nonce) != 32 {
|
||
t.Errorf("Expected nonce length 32, got %d", len(nonce))
|
||
}
|
||
|
||
// 验证是否为十六进制字符串
|
||
for _, c := range nonce {
|
||
if !((c >= '0' && c <= '9') || (c >= 'a' && c <= 'f')) {
|
||
t.Errorf("Nonce contains non-hex character: %c", c)
|
||
}
|
||
}
|
||
|
||
nonces[nonce] = true
|
||
}
|
||
|
||
// 验证唯一性(应该生成不同的 nonce)
|
||
if len(nonces) < 95 { // 允许极小概率的重复
|
||
t.Errorf("Expected at least 95 unique nonces out of %d, got %d", iterations, len(nonces))
|
||
}
|
||
}
|
||
|
||
func TestParseAuthorization(t *testing.T) {
|
||
tests := []struct {
|
||
name string
|
||
auth string
|
||
expected *AuthInfo
|
||
}{
|
||
{
|
||
name: "Complete authorization header",
|
||
auth: `Digest username="34020000001320000001",realm="3402000000",nonce="44010b73623249f6916a6acf7c316b8e",uri="sip:34020000002000000001@3402000000",response="e4ca3fdc5869fa1c544ea7af60014444",algorithm=MD5`,
|
||
expected: &AuthInfo{
|
||
Username: "34020000001320000001",
|
||
Realm: "3402000000",
|
||
Nonce: "44010b73623249f6916a6acf7c316b8e",
|
||
URI: "sip:34020000002000000001@3402000000",
|
||
Response: "e4ca3fdc5869fa1c544ea7af60014444",
|
||
Algorithm: "MD5",
|
||
},
|
||
},
|
||
{
|
||
name: "Authorization with spaces",
|
||
auth: `Digest username = "user123" , realm = "realm123" , nonce = "nonce123" , uri = "sip:test@example.com" , response = "resp123"`,
|
||
expected: &AuthInfo{
|
||
Username: "user123",
|
||
Realm: "realm123",
|
||
Nonce: "nonce123",
|
||
URI: "sip:test@example.com",
|
||
Response: "resp123",
|
||
},
|
||
},
|
||
{
|
||
name: "Partial authorization",
|
||
auth: `Digest username="testuser",realm="testrealm"`,
|
||
expected: &AuthInfo{
|
||
Username: "testuser",
|
||
Realm: "testrealm",
|
||
},
|
||
},
|
||
}
|
||
|
||
for _, tt := range tests {
|
||
t.Run(tt.name, func(t *testing.T) {
|
||
result := ParseAuthorization(tt.auth)
|
||
|
||
if result.Username != tt.expected.Username {
|
||
t.Errorf("Username: expected %s, got %s", tt.expected.Username, result.Username)
|
||
}
|
||
if result.Realm != tt.expected.Realm {
|
||
t.Errorf("Realm: expected %s, got %s", tt.expected.Realm, result.Realm)
|
||
}
|
||
if result.Nonce != tt.expected.Nonce {
|
||
t.Errorf("Nonce: expected %s, got %s", tt.expected.Nonce, result.Nonce)
|
||
}
|
||
if result.URI != tt.expected.URI {
|
||
t.Errorf("URI: expected %s, got %s", tt.expected.URI, result.URI)
|
||
}
|
||
if result.Response != tt.expected.Response {
|
||
t.Errorf("Response: expected %s, got %s", tt.expected.Response, result.Response)
|
||
}
|
||
if result.Algorithm != tt.expected.Algorithm {
|
||
t.Errorf("Algorithm: expected %s, got %s", tt.expected.Algorithm, result.Algorithm)
|
||
}
|
||
})
|
||
}
|
||
}
|
||
|
||
func TestParseAuthorizationEdgeCases(t *testing.T) {
|
||
tests := []struct {
|
||
name string
|
||
auth string
|
||
}{
|
||
{"Empty string", ""},
|
||
{"Only Digest", "Digest "},
|
||
{"Invalid format", "invalid format"},
|
||
{"No equals sign", "Digest username"},
|
||
}
|
||
|
||
for _, tt := range tests {
|
||
t.Run(tt.name, func(t *testing.T) {
|
||
result := ParseAuthorization(tt.auth)
|
||
// 不应该 panic,应该返回一个空的 AuthInfo
|
||
if result == nil {
|
||
t.Error("Expected non-nil result")
|
||
}
|
||
})
|
||
}
|
||
}
|
||
|
||
func TestMd5Hex(t *testing.T) {
|
||
tests := []struct {
|
||
name string
|
||
input string
|
||
expected string
|
||
}{
|
||
{
|
||
name: "Simple string",
|
||
input: "hello",
|
||
expected: "5d41402abc4b2a76b9719d911017c592",
|
||
},
|
||
{
|
||
name: "Empty string",
|
||
input: "",
|
||
expected: "d41d8cd98f00b204e9800998ecf8427e",
|
||
},
|
||
{
|
||
name: "Numbers",
|
||
input: "123456",
|
||
expected: "e10adc3949ba59abbe56e057f20f883e",
|
||
},
|
||
{
|
||
name: "Complex string",
|
||
input: "username:realm:password",
|
||
expected: "8e8d14bf0c4b87c1c5b8b1e8c8e8d14b", // 这个需要实际计算
|
||
},
|
||
}
|
||
|
||
for _, tt := range tests {
|
||
t.Run(tt.name, func(t *testing.T) {
|
||
result := md5Hex(tt.input)
|
||
|
||
// 验证长度(MD5 哈希应该是32个字符)
|
||
if len(result) != 32 {
|
||
t.Errorf("Expected MD5 hash length 32, got %d", len(result))
|
||
}
|
||
|
||
// 验证是否为十六进制字符串
|
||
for _, c := range result {
|
||
if !((c >= '0' && c <= '9') || (c >= 'a' && c <= 'f')) {
|
||
t.Errorf("MD5 hash contains non-hex character: %c", c)
|
||
}
|
||
}
|
||
|
||
// 对于已知的测试用例,验证具体值
|
||
if tt.name != "Complex string" && result != tt.expected {
|
||
t.Errorf("Expected MD5 hash %s, got %s", tt.expected, result)
|
||
}
|
||
})
|
||
}
|
||
}
|
||
|
||
func TestValidateAuth(t *testing.T) {
|
||
// 测试用例:使用已知的认证信息
|
||
t.Run("Valid authentication", func(t *testing.T) {
|
||
// 构造一个已知的认证场景
|
||
username := "testuser"
|
||
realm := "testrealm"
|
||
password := "testpass"
|
||
nonce := "testnonce"
|
||
uri := "sip:test@example.com"
|
||
method := "REGISTER"
|
||
|
||
// 计算正确的 response
|
||
ha1 := md5Hex(username + ":" + realm + ":" + password)
|
||
ha2 := md5Hex(method + ":" + uri)
|
||
correctResponse := md5Hex(ha1 + ":" + nonce + ":" + ha2)
|
||
|
||
authInfo := &AuthInfo{
|
||
Username: username,
|
||
Realm: realm,
|
||
Nonce: nonce,
|
||
URI: uri,
|
||
Response: correctResponse,
|
||
Method: method,
|
||
}
|
||
|
||
if !ValidateAuth(authInfo, password) {
|
||
t.Error("Expected authentication to be valid")
|
||
}
|
||
})
|
||
|
||
t.Run("Invalid password", func(t *testing.T) {
|
||
username := "testuser"
|
||
realm := "testrealm"
|
||
password := "testpass"
|
||
wrongPassword := "wrongpass"
|
||
nonce := "testnonce"
|
||
uri := "sip:test@example.com"
|
||
method := "REGISTER"
|
||
|
||
// 使用正确密码计算 response
|
||
ha1 := md5Hex(username + ":" + realm + ":" + password)
|
||
ha2 := md5Hex(method + ":" + uri)
|
||
correctResponse := md5Hex(ha1 + ":" + nonce + ":" + ha2)
|
||
|
||
authInfo := &AuthInfo{
|
||
Username: username,
|
||
Realm: realm,
|
||
Nonce: nonce,
|
||
URI: uri,
|
||
Response: correctResponse,
|
||
Method: method,
|
||
}
|
||
|
||
// 使用错误密码验证
|
||
if ValidateAuth(authInfo, wrongPassword) {
|
||
t.Error("Expected authentication to fail with wrong password")
|
||
}
|
||
})
|
||
|
||
t.Run("Nil authInfo", func(t *testing.T) {
|
||
if ValidateAuth(nil, "password") {
|
||
t.Error("Expected authentication to fail with nil authInfo")
|
||
}
|
||
})
|
||
|
||
t.Run("Default method", func(t *testing.T) {
|
||
// 测试当 Method 为空时,默认使用 REGISTER
|
||
username := "testuser"
|
||
realm := "testrealm"
|
||
password := "testpass"
|
||
nonce := "testnonce"
|
||
uri := "sip:test@example.com"
|
||
|
||
// 使用默认方法 REGISTER 计算 response
|
||
ha1 := md5Hex(username + ":" + realm + ":" + password)
|
||
ha2 := md5Hex("REGISTER:" + uri)
|
||
correctResponse := md5Hex(ha1 + ":" + nonce + ":" + ha2)
|
||
|
||
authInfo := &AuthInfo{
|
||
Username: username,
|
||
Realm: realm,
|
||
Nonce: nonce,
|
||
URI: uri,
|
||
Response: correctResponse,
|
||
Method: "", // 空方法,应该使用默认的 REGISTER
|
||
}
|
||
|
||
if !ValidateAuth(authInfo, password) {
|
||
t.Error("Expected authentication to be valid with default method")
|
||
}
|
||
})
|
||
}
|
||
|
||
func TestAuthInfoStruct(t *testing.T) {
|
||
// 测试 AuthInfo 结构体的基本功能
|
||
authInfo := &AuthInfo{
|
||
Username: "user",
|
||
Realm: "realm",
|
||
Nonce: "nonce",
|
||
URI: "uri",
|
||
Response: "response",
|
||
Algorithm: "MD5",
|
||
Method: "REGISTER",
|
||
}
|
||
|
||
if authInfo.Username != "user" {
|
||
t.Errorf("Expected username 'user', got '%s'", authInfo.Username)
|
||
}
|
||
if authInfo.Algorithm != "MD5" {
|
||
t.Errorf("Expected algorithm 'MD5', got '%s'", authInfo.Algorithm)
|
||
}
|
||
}
|
||
|
||
func TestParseAuthorizationWithoutDigestPrefix(t *testing.T) {
|
||
// 测试没有 "Digest " 前缀的情况
|
||
auth := `username="testuser",realm="testrealm"`
|
||
result := ParseAuthorization(auth)
|
||
|
||
if result.Username != "testuser" {
|
||
t.Errorf("Expected username 'testuser', got '%s'", result.Username)
|
||
}
|
||
if result.Realm != "testrealm" {
|
||
t.Errorf("Expected realm 'testrealm', got '%s'", result.Realm)
|
||
}
|
||
}
|
||
|
||
func TestParseAuthorizationCaseInsensitive(t *testing.T) {
|
||
// 虽然当前实现是大小写敏感的,但这个测试可以帮助未来改进
|
||
auth := `Digest username="testuser",realm="testrealm"`
|
||
result := ParseAuthorization(auth)
|
||
|
||
if result.Username == "" {
|
||
t.Error("Failed to parse username")
|
||
}
|
||
}
|
||
|
||
func TestMd5HexConsistency(t *testing.T) {
|
||
// 测试相同输入产生相同输出
|
||
input := "test string"
|
||
result1 := md5Hex(input)
|
||
result2 := md5Hex(input)
|
||
|
||
if result1 != result2 {
|
||
t.Errorf("MD5 hash should be consistent: %s != %s", result1, result2)
|
||
}
|
||
}
|
||
|
||
func TestMd5HexDifferentInputs(t *testing.T) {
|
||
// 测试不同输入产生不同输出
|
||
result1 := md5Hex("input1")
|
||
result2 := md5Hex("input2")
|
||
|
||
if result1 == result2 {
|
||
t.Error("Different inputs should produce different MD5 hashes")
|
||
}
|
||
}
|
||
|
||
func TestParseAuthorizationQuotedValues(t *testing.T) {
|
||
// 测试带引号和不带引号的值
|
||
auth := `Digest username="quoted",realm=unquoted,nonce="also-quoted"`
|
||
result := ParseAuthorization(auth)
|
||
|
||
if result.Username != "quoted" {
|
||
t.Errorf("Expected username 'quoted', got '%s'", result.Username)
|
||
}
|
||
// realm 没有引号,应该也能正确解析
|
||
if !strings.Contains(result.Realm, "unquoted") {
|
||
t.Logf("Realm value: '%s'", result.Realm)
|
||
}
|
||
}
|