authorization.json

[
  {
    "name": "no params",
    "header": "A",
    "expected": {
      "authScheme": "A",
      "params": null
    }
  },
  {
    "name": "empty params",
    "header": "B ",
    "expected": {
      "authScheme": "B",
      "params": {}
    },
    "normalize": "B"
  },
  {
    "name": "basic",
    "ref": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Authorization#basic_authentication",
    "header": "Basic YWxhZGRpbjpvcGVuc2VzYW1l",
    "expected": {
      "authScheme": "Basic",
      "params": "YWxhZGRpbjpvcGVuc2VzYW1l"
    }
  },
  {
    "name": "bearer",
    "ref": "https://datatracker.ietf.org/doc/html/rfc6750#section-3",
    "header": "Bearer realm=\"example\", error=\"invalid_token\", error_description=\"The access token expired\"",
    "expected": {
      "authScheme": "Bearer",
      "params": {
        "realm": "\"example\"",
        "error": "\"invalid_token\"",
        "error_description": "\"The access token expired\""
      }
    }
  },
  {
    "name": "digest",
    "ref": "https://datatracker.ietf.org/doc/html/rfc7616#section-3.9.1",
    "header": "Digest username=\"Mufasa\", realm=\"http-auth@example.org\", uri=\"/dir/index.html\", algorithm=SHA-256, nonce=\"7ypf/xlj9XXwfDPEoM4URrv/xwf94BcCAzFZH4GiTo0v\", nc=00000001, cnonce=\"f2/wE4q74E6zIJEtWaHKaf5wv/H5QzzpXusqGemxURZJ\", qop=auth, response=\"753927fa0e85d155564e2e272a28d1802ca10daf4496794697cf8db5856cb6c1\", opaque=\"FQhe/qaU925kfnzjCev0ciny7QMkPqMAFRtzCUYo5tdS\"",
    "expected": {
      "authScheme": "Digest",
      "params": {
        "username": "\"Mufasa\"",
        "realm": "\"http-auth@example.org\"",
        "uri": "\"/dir/index.html\"",
        "algorithm": "SHA-256",
        "nonce": "\"7ypf/xlj9XXwfDPEoM4URrv/xwf94BcCAzFZH4GiTo0v\"",
        "nc": "00000001",
        "cnonce": "\"f2/wE4q74E6zIJEtWaHKaf5wv/H5QzzpXusqGemxURZJ\"",
        "qop": "auth",
        "response": "\"753927fa0e85d155564e2e272a28d1802ca10daf4496794697cf8db5856cb6c1\"",
        "opaque": "\"FQhe/qaU925kfnzjCev0ciny7QMkPqMAFRtzCUYo5tdS\""
      }
    }
  },
  {
    "name": "Example with SHA-512-256, Charset, and Userhash",
    "header": "Digest username=\"488869477bf257147b804c45308cd62ac4e25eb717b12b298c79e62dcea254ec\", realm=\"api@example.org\", uri=\"/doe.json\", algorithm=SHA-512-256, nonce=\"5TsQWLVdgBdmrQ0XsxbDODV+57QdFR34I9HAbC/RVvkK\", nc=00000001, cnonce=\"NTg6RKcb9boFIAS3KrFK9BGeh+iDa/sm6jUMp2wds69v\", qop=auth, response=\"ae66e67d6b427bd3f120414a82e4acff38e8ecd9101d6c861229025f607a79dd\", opaque=\"HRPCssKJSGjCrkzDg8OhwpzCiGPChXYjwrI2QmXDnsOS\", userhash=true",
    "ref": "https://datatracker.ietf.org/doc/html/rfc7616#section-3.9.2",
    "expected": {
      "authScheme": "Digest",
      "params": {
        "username": "\"488869477bf257147b804c45308cd62ac4e25eb717b12b298c79e62dcea254ec\"",
        "realm": "\"api@example.org\"",
        "uri": "\"/doe.json\"",
        "algorithm": "SHA-512-256",
        "nonce": "\"5TsQWLVdgBdmrQ0XsxbDODV+57QdFR34I9HAbC/RVvkK\"",
        "nc": "00000001",
        "cnonce": "\"NTg6RKcb9boFIAS3KrFK9BGeh+iDa/sm6jUMp2wds69v\"",
        "qop": "auth",
        "response": "\"ae66e67d6b427bd3f120414a82e4acff38e8ecd9101d6c861229025f607a79dd\"",
        "opaque": "\"HRPCssKJSGjCrkzDg8OhwpzCiGPChXYjwrI2QmXDnsOS\"",
        "userhash": "true"
      }
    }
  },
  {
    "name": "Example for AWS4-HMAC-SHA256",
    "header": "AWS4-HMAC-SHA256 Credential=\"AKIAIOSFODNN7EXAMPLE/20130524/us-east-1/s3/aws4_request\", SignedHeaders=\"host;range;x-amz-date\", Signature=fe5f80f77d5fa3beca038a248ff027d0445342fe2855ddc963176630326f1024",
    "ref": "https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-auth-using-authorization-header.html",
    "expected": {
      "authScheme": "AWS4-HMAC-SHA256",
      "params": {
        "Credential": "\"AKIAIOSFODNN7EXAMPLE/20130524/us-east-1/s3/aws4_request\"",
        "SignedHeaders": "\"host;range;x-amz-date\"",
        "Signature": "fe5f80f77d5fa3beca038a248ff027d0445342fe2855ddc963176630326f1024"
      }
    }
  },
  {
    "name": "invalid auth scheme",
    "header": "<invalid>",
    "must_fail": true
  },
  {
    "name": "invalid params",
    "header": "scheme==",
    "must_fail": true
  },
  {
    "name": "token68 and auth param",
    "header": "Basic YWxhZGRpbjpvcGVuc2VzYW1l a=a",
    "must_fail": true
  }
]