michael@0: /* Any copyright is dedicated to the Public Domain. michael@0: * http://creativecommons.org/publicdomain/zero/1.0/ */ michael@0: michael@0: Cu.import("resource://services-crypto/utils.js"); michael@0: Cu.import("resource://services-common/async.js"); michael@0: Cu.import("resource://services-common/rest.js"); michael@0: Cu.import("resource://services-common/utils.js"); michael@0: michael@0: function run_test() { michael@0: initTestLogging("Trace"); michael@0: run_next_test(); michael@0: } michael@0: michael@0: add_test(function test_authenticated_request() { michael@0: _("Ensure that sending a MAC authenticated GET request works as expected."); michael@0: michael@0: let message = "Great Success!"; michael@0: michael@0: // TODO: We use a preset key here, but use getTokenFromBrowserIDAssertion() michael@0: // from TokenServerClient to get a real one when possible. (Bug 745800) michael@0: let id = "eyJleHBpcmVzIjogMTM2NTAxMDg5OC4x"; michael@0: let key = "qTZf4ZFpAMpMoeSsX3zVRjiqmNs="; michael@0: let method = "GET"; michael@0: michael@0: let nonce = btoa(CryptoUtils.generateRandomBytes(16)); michael@0: let ts = Math.floor(Date.now() / 1000); michael@0: let extra = {ts: ts, nonce: nonce}; michael@0: michael@0: let auth; michael@0: michael@0: let server = httpd_setup({"/foo": function(request, response) { michael@0: do_check_true(request.hasHeader("Authorization")); michael@0: do_check_eq(auth, request.getHeader("Authorization")); michael@0: michael@0: response.setStatusLine(request.httpVersion, 200, "OK"); michael@0: response.bodyOutputStream.write(message, message.length); michael@0: } michael@0: }); michael@0: let uri = CommonUtils.makeURI(server.baseURI + "/foo"); michael@0: let sig = CryptoUtils.computeHTTPMACSHA1(id, key, method, uri, extra); michael@0: auth = sig.getHeader(); michael@0: michael@0: let req = new TokenAuthenticatedRESTRequest(uri, {id: id, key: key}, extra); michael@0: let cb = Async.makeSpinningCallback(); michael@0: req.get(cb); michael@0: let result = cb.wait(); michael@0: michael@0: do_check_eq(null, result); michael@0: do_check_eq(message, req.response.body); michael@0: michael@0: server.stop(run_next_test); michael@0: });