Add test for dotnet#71463 with invalid tokens

filipnavara · Jul 12, 2022 · b2e8daf · b2e8daf
1 parent fa99451
commit b2e8daf
Showing 1 changed file with 20 additions and 0 deletions.
diff --git a/...ibraries/System.Net.Security/tests/FunctionalTests/NegotiateAuthenticationKerberosTest.cs b/...ibraries/System.Net.Security/tests/FunctionalTests/NegotiateAuthenticationKerberosTest.cs
@@ -60,5 +60,25 @@ await kerberosExecutor.Invoke(() =>
                 Assert.True(serverNegotiateAuthentication.IsAuthenticated);
             });
         }
+
+        [Fact]
+        public async void Invalid_Token()
+        {
+            using var kerberosExecutor = new KerberosExecutor(_testOutputHelper, "LINUX.CONTOSO.COM");
+            // Force a non-empty keytab to make macOS happy
+            kerberosExecutor.AddService("HTTP/linux.contoso.com");
+            await kerberosExecutor.Invoke(() =>
+            {
+                NegotiateAuthentication ntAuth = new NegotiateAuthentication(new NegotiateAuthenticationServerOptions { });
+                // Ask for NegHints
+                byte[] blob = ntAuth.GetOutgoingBlob((ReadOnlySpan<byte>)default, out NegotiateAuthenticationStatusCode statusCode);
+                Assert.Equal(NegotiateAuthenticationStatusCode.ContinueNeeded, statusCode);
+                Assert.NotNull(blob);
+                // Send garbage token
+                blob = ntAuth.GetOutgoingBlob(new byte[3], out statusCode);
+                Assert.True(statusCode >= NegotiateAuthenticationStatusCode.GenericFailure);
+                Assert.Null(blob);
+            });
+        }
     }
 }