From f9cc36700c95a88ff7d7489167094556ac0e75cc Mon Sep 17 00:00:00 2001
From: James Groffen <james.groffen@dsto.defence.gov.au>
Date: Fri, 8 Jan 2016 17:01:50 +1030
Subject: Add option to not send a Negotiate headers

If negotiation was attempted but failed do not send a new Negotiate header.
Useful when only one single sign on mechanism is allowed and to avoid
misleading login prompts in some browsers.

Added a test of the GssapiDontReauth option to the test suite.
Also added SPNEGO no auth test.

[SS: reworded and fixed commit subject/comment]
[SS: fixed whitespace errors and 80 column wrappings]

Reviewed-by: Simo Sorce <simo@redhat.com>

Close #65
---
 tests/magtests.py | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)

(limited to 'tests/magtests.py')

diff --git a/tests/magtests.py b/tests/magtests.py
index 8075197..5abede0 100755
--- a/tests/magtests.py
+++ b/tests/magtests.py
@@ -283,6 +283,34 @@ def test_spnego_auth(testdir, testenv, testlog):
         else:
             sys.stderr.write('SPNEGO Proxy Auth: SUCCESS\n')
 
+    with (open(testlog, 'a')) as logfile:
+        spnego = subprocess.Popen(["tests/t_spnego_no_auth.py"],
+                                  stdout=logfile, stderr=logfile,
+                                  env=testenv, preexec_fn=os.setsid)
+        spnego.wait()
+        if spnego.returncode != 0:
+            sys.stderr.write('SPNEGO No Auth: FAILED\n')
+        else:
+            sys.stderr.write('SPNEGO No Auth: SUCCESS\n')
+
+
+def test_spnego_negotiate_once(testdir, testenv, testlog):
+
+    spnego_negotiate_once_dir = os.path.join(testdir, 'httpd', 'html',
+                                          'spnego_negotiate_once')
+    os.mkdir(spnego_negotiate_once_dir)
+    shutil.copy('tests/index.html', spnego_negotiate_once_dir)
+
+    with (open(testlog, 'a')) as logfile:
+        spnego = subprocess.Popen(["tests/t_spnego_negotiate_once.py"],
+                                  stdout=logfile, stderr=logfile,
+                                  env=testenv, preexec_fn=os.setsid)
+        spnego.wait()
+        if spnego.returncode != 0:
+            sys.stderr.write('SPNEGO Negotiate Once: FAILED\n')
+        else:
+            sys.stderr.write('SPNEGO Negotiate Once: SUCCESS\n')
+
 
 def test_basic_auth_krb5(testdir, testenv, testlog):
 
@@ -358,6 +386,7 @@ if __name__ == '__main__':
 
         test_spnego_auth(testdir, testenv, testlog)
 
+        test_spnego_negotiate_once(testdir, testenv, testlog)
 
         testenv = {'MAG_USER_NAME': USR_NAME,
                    'MAG_USER_PASSWORD': USR_PWD,
-- 
cgit