Added test demonstrating failure for PK

kcharwood · kcharwood · commit 8a99f2d17297 · 2016-03-31T09:25:02.000-05:00
diff --git a/Tests/Tests/AFHTTPSessionManagerTests.m b/Tests/Tests/AFHTTPSessionManagerTests.m
@@ -511,15 +511,39 @@ - (void)testHiddenBasicAuthentication {
 
 # pragma mark - Server Trust
 
-- (void)testInvalidServerTrustProducesCorrectError {
+- (void)testInvalidServerTrustProducesCorrectErrorForCertificatePinning {
     __weak XCTestExpectation *expectation = [self expectationWithDescription:@"Request should fail"];
     NSURL *googleCertificateURL = [[NSBundle bundleForClass:[self class]] URLForResource:@"google.com" withExtension:@"cer"];
     NSData *googleCertificateData = [NSData dataWithContentsOfURL:googleCertificateURL];
     AFHTTPSessionManager *manager = [[AFHTTPSessionManager alloc] initWithBaseURL:[NSURL URLWithString:@"https://apple.com/"]];
     [manager setResponseSerializer:[AFHTTPResponseSerializer serializer]];
     manager.securityPolicy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModeCertificate withPinnedCertificates:[NSSet setWithObject:googleCertificateData]];
     [manager
-     GET:@"AFNetworking/AFNetworking"
+     GET:@""
+     parameters:nil
+     progress:nil
+     success:^(NSURLSessionDataTask * _Nonnull task, id  _Nullable responseObject) {
+         XCTFail(@"Request should fail");
+         [expectation fulfill];
+     }
+     failure:^(NSURLSessionDataTask * _Nullable task, NSError * _Nonnull error) {
+         XCTAssertEqualObjects(error.domain, NSURLErrorDomain);
+         XCTAssertEqual(error.code, NSURLErrorServerCertificateUntrusted);
+         [expectation fulfill];
+     }];
+    [self waitForExpectationsWithCommonTimeoutUsingHandler:nil];
+    [manager invalidateSessionCancelingTasks:YES];
+}
+
+- (void)testInvalidServerTrustProducesCorrectErrorForPublicKeyPinning {
+    __weak XCTestExpectation *expectation = [self expectationWithDescription:@"Request should fail"];
+    NSURL *googleCertificateURL = [[NSBundle bundleForClass:[self class]] URLForResource:@"google.com" withExtension:@"cer"];
+    NSData *googleCertificateData = [NSData dataWithContentsOfURL:googleCertificateURL];
+    AFHTTPSessionManager *manager = [[AFHTTPSessionManager alloc] initWithBaseURL:[NSURL URLWithString:@"https://apple.com/"]];
+    [manager setResponseSerializer:[AFHTTPResponseSerializer serializer]];
+    manager.securityPolicy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModePublicKey withPinnedCertificates:[NSSet setWithObject:googleCertificateData]];
+    [manager
+     GET:@""
      parameters:nil
      progress:nil
      success:^(NSURLSessionDataTask * _Nonnull task, id  _Nullable responseObject) {
