1 files changed, 66 insertions, 4 deletions

diff --git a/tests/auth.rs b/tests/auth.rs
index f43553b..128047d 100644
--- a/tests/auth.rs
+++ b/tests/auth.rs
@@ -3,6 +3,7 @@ mod fixtures;
 use assert_cmd::prelude::*;
 use assert_fs::fixture::TempDir;
 use fixtures::{port, tmpdir, Error, FILES};
+use reqwest::StatusCode;
 use rstest::rstest_parametrize;
 use select::document::Document;
 use select::predicate::Text;
@@ -24,7 +25,7 @@ use std::time::Duration;
         "testpassword"
     ),
 )]
-fn auth_works(
+fn auth_accepts(
     tmpdir: TempDir,
     port: u16,
     cli_auth_arg: &str,
@@ -43,11 +44,15 @@ fn auth_works(
     sleep(Duration::from_secs(1));
 
     let client = reqwest::Client::new();
-    let body = client
+    let response = client
         .get(format!("http://localhost:{}", port).as_str())
         .basic_auth(client_username, Some(client_password))
-        .send()?
-        .error_for_status()?;
+        .send()?;
+
+    let status_code = response.status();
+    assert_eq!(status_code, StatusCode::OK);
+
+    let body = response.error_for_status()?;
     let parsed = Document::from_read(body)?;
     for &file in FILES {
         assert!(parsed.find(Text).any(|x| x.text() == file));
@@ -57,3 +62,60 @@ fn auth_works(
 
     Ok(())
 }
+
+#[rstest_parametrize(
+    cli_auth_arg, client_username, client_password,
+    case("rightuser:rightpassword", "wronguser", "rightpassword"),
+    case(
+        "rightuser:sha256:314eee236177a721d0e58d3ca4ff01795cdcad1e8478ba8183a2e58d69c648c0",
+        "wronguser",
+        "rightpassword"
+    ),
+    case(
+        "rightuser:sha512:84ec4056571afeec9f5b59453305877e9a66c3f9a1d91733fde759b370c1d540b9dc58bfc88c5980ad2d020c3a8ee84f21314a180856f5a82ba29ecba29e2cab",
+        "wronguser",
+        "rightpassword"
+    ),
+    case("rightuser:rightpassword", "rightuser", "wrongpassword"),
+    case(
+        "rightuser:sha256:314eee236177a721d0e58d3ca4ff01795cdcad1e8478ba8183a2e58d69c648c0",
+        "rightuser",
+        "wrongpassword"
+    ),
+    case(
+        "rightuser:sha512:84ec4056571afeec9f5b59453305877e9a66c3f9a1d91733fde759b370c1d540b9dc58bfc88c5980ad2d020c3a8ee84f21314a180856f5a82ba29ecba29e2cab",
+        "rightuser",
+        "wrongpassword"
+    ),
+)]
+fn auth_rejects(
+    tmpdir: TempDir,
+    port: u16,
+    cli_auth_arg: &str,
+    client_username: &str,
+    client_password: &str,
+) -> Result<(), Error> {
+    let mut child = Command::cargo_bin("miniserve")?
+        .arg(tmpdir.path())
+        .arg("-p")
+        .arg(port.to_string())
+        .arg("-a")
+        .arg(cli_auth_arg)
+        .stdout(Stdio::null())
+        .spawn()?;
+
+    sleep(Duration::from_secs(1));
+
+    let client = reqwest::Client::new();
+    let status = client
+        .get(format!("http://localhost:{}", port).as_str())
+        .basic_auth(client_username, Some(client_password))
+        .send()?
+        .status();
+
+    assert_eq!(status, StatusCode::UNAUTHORIZED);
+
+    child.kill()?;
+
+    Ok(())
+}