The Perl Toolchain Summit needs more sponsors. If your company depends on Perl, please support this very important event.
SHAW / Mojolicious-Plugin-DigestAuth-0.08 / t / 01options.t 
use strict;
use warnings;
use lib 't';

use Mojolicious::Lite;

use Test::More tests => 35;
use Test::Mojo;

use TestHelper;

my $error_checker = sub {
    my ($self, %options) = @_;
    my $reply  = 'No error';

    eval { $self->digest_auth(%options) };
    if($@) {
        $reply = $@;
        $self->res->code(500);
    }

    $self->render(text => $reply);
};

# TODO: Need test with options to plugin call
plugin 'digest_auth';

get '/no_allow' => sub { $error_checker->(shift) };
get '/unsupported_qop' => sub { $error_checker->(shift, allow => users(), qop => 'huh?') };
get '/unsupported_algorithm' => sub { $error_checker->(shift, allow => users(), algorithm => '3DES') };
get '/MD5-sess_no_qop' => sub { $error_checker->(shift, allow => users(), algorithm => 'MD5-sess', qop => '') };

my $t = Test::Mojo->new;
$t->get_ok('/no_allow');
$t->status_is(500);
$t->content_like(qr/you must setup an authentication source/);

$t->get_ok('/MD5-sess_no_qop');
$t->status_is(500);
$t->content_like(qr/requires a qop/);

$t->get_ok('/unsupported_qop');
$t->status_is(500);
$t->content_like(qr/unsupported qop/);

$t->get_ok('/unsupported_algorithm');
$t->status_is(500);
$t->content_like(qr/unsupported algorithm/);

any '/test_defaults' => create_action();
$t->get_ok('/test_defaults')
  ->status_is(401)
  ->header_like('WWW-Authenticate', qr/^Digest\s/)
  ->header_like('WWW-Authenticate', qr/realm="WWW"/)
  ->header_like('WWW-Authenticate', qr/nonce="[^"]+"/)
  ->header_like('WWW-Authenticate', qr/opaque="\w+"/)
  ->header_like('WWW-Authenticate', qr/domain="\/"/)
  ->header_like('WWW-Authenticate', qr/algorithm=MD5/)
  ->header_like('WWW-Authenticate', qr/qop="auth"/)  #,auth-int"/)
  ->content_isnt("You're in!");

# Belongs here?
# By default support_broken_browsers = 1
$t->get_ok('/test_defaults?a=b')
  ->status_is(401);
$t->get_ok('/test_defaults?a=b', { %{build_auth_request($t->tx)}, 'User-Agent' => IE6 })
  ->status_is(200)
  ->content_is("You're in!");
####

get '/test_defaults_overridden' => create_action(realm     => 'MD5-sess Realm',
                                                 domain    => 'example.com,dev.example.com',
                                                 algorithm => 'MD5-sess');

$t->get_ok('/test_defaults_overridden')
  ->status_is(401)
  ->header_like('WWW-Authenticate', qr/realm="MD5-sess Realm"/)
  ->header_like('WWW-Authenticate', qr/domain="example.com,dev.example.com"/)
  ->header_like('WWW-Authenticate', qr/algorithm=MD5-sess/);

get '/test_no_qop' => create_action(qop => '');
$t->get_ok('/test_no_qop')
  ->status_is(401)
  ->header_unlike('WWW-Authenticate', qr/qop="\w+"/);