|
| 1 | +/* |
| 2 | + * TeleStax, Open Source Cloud Communications |
| 3 | + * Copyright 2011-2018, Telestax Inc and individual contributors |
| 4 | + * by the @authors tag. |
| 5 | + * |
| 6 | + * This program is free software: you can redistribute it and/or modify |
| 7 | + * under the terms of the GNU Affero General Public License as |
| 8 | + * published by the Free Software Foundation; either version 3 of |
| 9 | + * the License, or (at your option) any later version. |
| 10 | + * |
| 11 | + * This program is distributed in the hope that it will be useful, |
| 12 | + * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 13 | + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 14 | + * GNU Affero General Public License for more details. |
| 15 | + * |
| 16 | + * You should have received a copy of the GNU Affero General Public License |
| 17 | + * along with this program. If not, see <http://www.gnu.org/licenses/> |
| 18 | + */ |
| 19 | + |
| 20 | +package org.restcomm.connect.commons; |
| 21 | + |
| 22 | +import org.junit.Test; |
| 23 | +import org.restcomm.connect.commons.dao.Sid; |
| 24 | +import org.restcomm.connect.commons.util.DigestAuthentication; |
| 25 | + |
| 26 | +import java.util.HashMap; |
| 27 | +import java.util.Map; |
| 28 | + |
| 29 | +import static org.junit.Assert.assertTrue; |
| 30 | + |
| 31 | +public class DigestAuthenticationTest { |
| 32 | + |
| 33 | + private String client = "alice0000000"; |
| 34 | + private String domain = "org0000000.restcomm.com"; |
| 35 | + private String password = "1234"; |
| 36 | + private String proxyAuthHeader = "Digest username=\"alice0000000\"," + |
| 37 | + "realm=\"org0000000.restcomm.com\"," + |
| 38 | + "cnonce=\"6b8b4567\"," + |
| 39 | + "nc=00000001," + |
| 40 | + "qop=auth,uri=\"sip:172.31.44.214:5080\"," + |
| 41 | + "nonce=\"39656532346436332d633335612d346\"," + |
| 42 | + "response=\"00e135e06e2474d1d0318fb66a2bc473\"," + |
| 43 | + "algorithm=MD5\n"; |
| 44 | + |
| 45 | + @Test |
| 46 | + public void testAuth(){ |
| 47 | + String hashedPass = DigestAuthentication.HA1(client, domain, password, "MD5"); |
| 48 | + |
| 49 | + assertTrue(permitted(proxyAuthHeader, "INVITE", hashedPass)); |
| 50 | + |
| 51 | + } |
| 52 | + |
| 53 | + static boolean permitted(final String authorization, final String method, String clientPassword) { |
| 54 | + final Map<String, String> map = authHeaderToMap(authorization); |
| 55 | + String user = map.get("username"); |
| 56 | + final String algorithm = map.get("algorithm"); |
| 57 | + final String realm = map.get("realm"); |
| 58 | + final String uri = map.get("uri"); |
| 59 | + final String nonce = map.get("nonce"); |
| 60 | + final String nc = map.get("nc"); |
| 61 | + final String cnonce = map.get("cnonce"); |
| 62 | + final String qop = map.get("qop"); |
| 63 | + final String response = map.get("response"); |
| 64 | + final String password2 = clientPassword; |
| 65 | + final String result = DigestAuthentication.response(algorithm, user, realm, "", password2, nonce, nc, cnonce, |
| 66 | + method, uri, null, qop); |
| 67 | + return result.equals(response); |
| 68 | + } |
| 69 | + |
| 70 | + private static Map<String, String> authHeaderToMap(final String header) { |
| 71 | + final Map<String, String> map = new HashMap<String, String>(); |
| 72 | + final int endOfScheme = header.indexOf(" "); |
| 73 | + map.put("scheme", header.substring(0, endOfScheme).trim()); |
| 74 | + final String[] tokens = header.substring(endOfScheme + 1).split(","); |
| 75 | + for (final String token : tokens) { |
| 76 | + final String[] values = token.trim().split("=",2); //Issue #935, split only for first occurrence of "=" |
| 77 | + map.put(values[0].toLowerCase(), values[1].replace("\"", "")); |
| 78 | + } |
| 79 | + |
| 80 | + return map; |
| 81 | + } |
| 82 | + |
| 83 | +} |
0 commit comments