1 files changed, 92 insertions, 1 deletions

diff --git a/tests/auto/network/access/http2/tst_http2.cpp b/tests/auto/network/access/http2/tst_http2.cpp
index 6702f25b16..0d851cd3df 100644
--- a/tests/auto/network/access/http2/tst_http2.cpp
+++ b/tests/auto/network/access/http2/tst_http2.cpp
@@ -111,6 +111,9 @@ private slots:
     void connectToHost();
     void maxFrameSize();
 
+    void authenticationRequired_data();
+    void authenticationRequired();
+
 protected slots:
     // Slots to listen to our in-process server:
     void serverStarted(quint16 port);
@@ -154,6 +157,7 @@ private:
     int windowUpdates = 0;
     bool prefaceOK = false;
     bool serverGotSettingsACK = false;
+    bool POSTResponseHEADOnly = true;
 
     static const RawSettings defaultServerSettings;
 };
@@ -767,6 +771,92 @@ void tst_Http2::maxFrameSize()
     QVERIFY(serverGotSettingsACK);
 }
 
+void tst_Http2::authenticationRequired_data()
+{
+    QTest::addColumn<bool>("success");
+    QTest::addColumn<bool>("responseHEADOnly");
+
+    QTest::addRow("failed-auth") << false << true;
+    QTest::addRow("successful-auth") << true << true;
+    // Include a DATA frame in the response from the remote server. An example would be receiving a
+    // JSON response on a request along with the 401 error.
+    QTest::addRow("failed-auth-with-response") << false << false;
+    QTest::addRow("successful-auth-with-response") << true << false;
+}
+
+void tst_Http2::authenticationRequired()
+{
+    clearHTTP2State();
+    QFETCH(const bool, responseHEADOnly);
+    POSTResponseHEADOnly = responseHEADOnly;
+
+    QFETCH(const bool, success);
+
+    ServerPtr targetServer(newServer(defaultServerSettings, defaultConnectionType()));
+    targetServer->setResponseBody("Hello");
+    targetServer->setAuthenticationHeader("Basic realm=\"Shadow\"");
+
+    QMetaObject::invokeMethod(targetServer.data(), "startServer", Qt::QueuedConnection);
+    runEventLoop();
+
+    QVERIFY(serverPort != 0);
+
+    nRequests = 1;
+
+    auto url = requestUrl(defaultConnectionType());
+    url.setPath("/index.html");
+    QNetworkRequest request(url);
+
+    QByteArray expectedBody = "Hello, World!";
+    request.setHeader(QNetworkRequest::ContentTypeHeader, "application/x-www-form-urlencoded");
+    request.setAttribute(QNetworkRequest::Http2AllowedAttribute, QVariant(true));
+    QScopedPointer<QNetworkReply> reply;
+    reply.reset(manager->post(request, expectedBody));
+
+    bool authenticationRequested = false;
+    connect(manager.get(), &QNetworkAccessManager::authenticationRequired, reply.get(),
+            [&](QNetworkReply *, QAuthenticator *auth) {
+                authenticationRequested = true;
+                if (success) {
+                    auth->setUser("admin");
+                    auth->setPassword("admin");
+                }
+            });
+
+    QByteArray receivedBody;
+    connect(targetServer.get(), &Http2Server::receivedDATAFrame, reply.get(),
+            [&receivedBody](quint32 streamID, const QByteArray &body) {
+                if (streamID == 3) // The expected body is on the retry, so streamID == 3
+                    receivedBody += body;
+            });
+
+    if (success)
+        connect(reply.get(), &QNetworkReply::finished, this, &tst_Http2::replyFinished);
+    else
+        connect(reply.get(), &QNetworkReply::errorOccurred, this, &tst_Http2::replyFinishedWithError);
+    // Since we're using self-signed certificates,
+    // ignore SSL errors:
+    reply->ignoreSslErrors();
+
+    runEventLoop();
+    STOP_ON_FAILURE
+
+    if (!success)
+        QCOMPARE(reply->error(), QNetworkReply::AuthenticationRequiredError);
+    // else: no error (is checked in tst_Http2::replyFinished)
+
+    QVERIFY(authenticationRequested);
+
+    const auto isAuthenticated = [](QByteArray bv) {
+        return bv == "Basic YWRtaW46YWRtaW4="; // admin:admin
+    };
+    // Get the "authorization" header out from the server and make sure it's as expected:
+    auto reqAuthHeader = targetServer->requestAuthorizationHeader();
+    QCOMPARE(isAuthenticated(reqAuthHeader), success);
+    if (success)
+        QCOMPARE(receivedBody, expectedBody);
+}
+
 void tst_Http2::serverStarted(quint16 port)
 {
     serverPort = port;
@@ -778,6 +868,7 @@ void tst_Http2::clearHTTP2State()
     windowUpdates = 0;
     prefaceOK = false;
     serverGotSettingsACK = false;
+    POSTResponseHEADOnly = true;
 }
 
 void tst_Http2::runEventLoop(int ms)
@@ -910,7 +1001,7 @@ void tst_Http2::receivedData(quint32 streamID)
     Q_ASSERT(srv);
     QMetaObject::invokeMethod(srv, "sendResponse", Qt::QueuedConnection,
                               Q_ARG(quint32, streamID),
-                              Q_ARG(bool, true /*HEADERS only*/));
+                              Q_ARG(bool, POSTResponseHEADOnly /*true = HEADERS only*/));
 }
 
 void tst_Http2::windowUpdated(quint32 streamID)