2052.3.2
by John Arbash Meinel
Change Copyright .. by Canonical to Copyright ... Canonical |
1 |
# Copyright (C) 2005 Canonical Ltd
|
1887.1.1
by Adeodato Simó
Do not separate paragraphs in the copyright statement with blank lines, |
2 |
#
|
1185.1.18
by Robert Collins
Lalo Martins remotebranch patch |
3 |
# This program is free software; you can redistribute it and/or modify
|
4 |
# it under the terms of the GNU General Public License as published by
|
|
5 |
# the Free Software Foundation; either version 2 of the License, or
|
|
6 |
# (at your option) any later version.
|
|
1887.1.1
by Adeodato Simó
Do not separate paragraphs in the copyright statement with blank lines, |
7 |
#
|
1185.1.18
by Robert Collins
Lalo Martins remotebranch patch |
8 |
# This program is distributed in the hope that it will be useful,
|
9 |
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
10 |
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
11 |
# GNU General Public License for more details.
|
|
1887.1.1
by Adeodato Simó
Do not separate paragraphs in the copyright statement with blank lines, |
12 |
#
|
1185.1.18
by Robert Collins
Lalo Martins remotebranch patch |
13 |
# You should have received a copy of the GNU General Public License
|
14 |
# along with this program; if not, write to the Free Software
|
|
15 |
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
16 |
||
2004.1.28
by v.ladeuil+lp at free
Merge bzr.dev. Including http modifications by "smart" related code |
17 |
from cStringIO import StringIO |
2004.1.25
by v.ladeuil+lp at free
Shuffle http related test code. Hopefully it ends up at the right place :) |
18 |
import errno |
2420.1.11
by Vincent Ladeuil
Implement digest authentication. Test suite passes. Tested against apache-2.x. |
19 |
import md5 |
2004.1.29
by v.ladeuil+lp at free
New tests for http range requests handling. |
20 |
from SimpleHTTPServer import SimpleHTTPRequestHandler |
2164.2.29
by Vincent Ladeuil
Test the http redirection at the request level even if it's not |
21 |
import re |
2420.1.11
by Vincent Ladeuil
Implement digest authentication. Test suite passes. Tested against apache-2.x. |
22 |
import sha |
2004.1.25
by v.ladeuil+lp at free
Shuffle http related test code. Hopefully it ends up at the right place :) |
23 |
import socket |
2420.1.11
by Vincent Ladeuil
Implement digest authentication. Test suite passes. Tested against apache-2.x. |
24 |
import time |
2420.1.9
by Vincent Ladeuil
Refactor proxy and auth test classes. Tests failing for digest auth. |
25 |
import urllib2 |
2213.1.1
by v.ladeuil+lp at free
Workaround SimpleHTTPRequestHandler.translate_path limitation in |
26 |
import urlparse |
1530.1.14
by Robert Collins
Remove duplicate web server from HTTPTestUtil. |
27 |
|
2018.5.150
by Andrew Bennetts
Tidy imports in HTTPTestUtil.py |
28 |
from bzrlib.smart import protocol |
1534.4.50
by Robert Collins
Got the bzrdir api straightened out, plenty of refactoring to use it pending, but the api is up and running. |
29 |
from bzrlib.tests import TestCaseWithTransport |
2004.1.25
by v.ladeuil+lp at free
Shuffle http related test code. Hopefully it ends up at the right place :) |
30 |
from bzrlib.tests.HttpServer import ( |
31 |
HttpServer, |
|
32 |
TestingHTTPRequestHandler, |
|
33 |
)
|
|
2004.1.28
by v.ladeuil+lp at free
Merge bzr.dev. Including http modifications by "smart" related code |
34 |
from bzrlib.transport import ( |
35 |
get_transport, |
|
36 |
)
|
|
2004.1.25
by v.ladeuil+lp at free
Shuffle http related test code. Hopefully it ends up at the right place :) |
37 |
|
38 |
||
39 |
class WallRequestHandler(TestingHTTPRequestHandler): |
|
40 |
"""Whatever request comes in, close the connection"""
|
|
41 |
||
42 |
def handle_one_request(self): |
|
43 |
"""Handle a single HTTP request, by abruptly closing the connection"""
|
|
44 |
self.close_connection = 1 |
|
45 |
||
46 |
||
47 |
class BadStatusRequestHandler(TestingHTTPRequestHandler): |
|
48 |
"""Whatever request comes in, returns a bad status"""
|
|
49 |
||
50 |
def parse_request(self): |
|
51 |
"""Fakes handling a single HTTP request, returns a bad status"""
|
|
52 |
ignored = TestingHTTPRequestHandler.parse_request(self) |
|
53 |
try: |
|
54 |
self.send_response(0, "Bad status") |
|
55 |
self.end_headers() |
|
56 |
except socket.error, e: |
|
2158.2.1
by v.ladeuil+lp at free
Windows tests cleanup. |
57 |
# We don't want to pollute the test results with
|
58 |
# spurious server errors while test succeed. In our
|
|
2188.1.1
by Aaron Bentley
Windows tests cleanup. (Vincent Ladeuil) |
59 |
# case, it may occur that the test has already read
|
2158.2.1
by v.ladeuil+lp at free
Windows tests cleanup. |
60 |
# the 'Bad Status' and closed the socket while we are
|
61 |
# still trying to send some headers... So the test is
|
|
2188.1.1
by Aaron Bentley
Windows tests cleanup. (Vincent Ladeuil) |
62 |
# ok, but if we raise the exception, the output is
|
2158.2.1
by v.ladeuil+lp at free
Windows tests cleanup. |
63 |
# dirty. So we don't raise, but we close the
|
64 |
# connection, just to be safe :)
|
|
65 |
spurious = [errno.EPIPE, |
|
66 |
errno.ECONNRESET, |
|
67 |
errno.ECONNABORTED, |
|
68 |
]
|
|
69 |
if (len(e.args) > 0) and (e.args[0] in spurious): |
|
2004.1.25
by v.ladeuil+lp at free
Shuffle http related test code. Hopefully it ends up at the right place :) |
70 |
self.close_connection = 1 |
71 |
pass
|
|
72 |
else: |
|
73 |
raise
|
|
74 |
return False |
|
75 |
||
76 |
||
77 |
class InvalidStatusRequestHandler(TestingHTTPRequestHandler): |
|
78 |
"""Whatever request comes in, returns am invalid status"""
|
|
79 |
||
80 |
def parse_request(self): |
|
81 |
"""Fakes handling a single HTTP request, returns a bad status"""
|
|
82 |
ignored = TestingHTTPRequestHandler.parse_request(self) |
|
83 |
self.wfile.write("Invalid status line\r\n") |
|
84 |
return False |
|
85 |
||
86 |
||
87 |
class BadProtocolRequestHandler(TestingHTTPRequestHandler): |
|
88 |
"""Whatever request comes in, returns a bad protocol version"""
|
|
89 |
||
90 |
def parse_request(self): |
|
91 |
"""Fakes handling a single HTTP request, returns a bad status"""
|
|
92 |
ignored = TestingHTTPRequestHandler.parse_request(self) |
|
93 |
# Returns an invalid protocol version, but curl just
|
|
94 |
# ignores it and those cannot be tested.
|
|
95 |
self.wfile.write("%s %d %s\r\n" % ('HTTP/0.0', |
|
96 |
404, |
|
97 |
'Look at my protocol version')) |
|
98 |
return False |
|
1534.4.50
by Robert Collins
Got the bzrdir api straightened out, plenty of refactoring to use it pending, but the api is up and running. |
99 |
|
100 |
||
2004.1.27
by v.ladeuil+lp at free
Fix bug #57644 by issuing an explicit error message. |
101 |
class ForbiddenRequestHandler(TestingHTTPRequestHandler): |
102 |
"""Whatever request comes in, returns a 403 code"""
|
|
103 |
||
104 |
def parse_request(self): |
|
105 |
"""Handle a single HTTP request, by replying we cannot handle it"""
|
|
106 |
ignored = TestingHTTPRequestHandler.parse_request(self) |
|
107 |
self.send_error(403) |
|
108 |
return False |
|
109 |
||
110 |
||
2004.1.28
by v.ladeuil+lp at free
Merge bzr.dev. Including http modifications by "smart" related code |
111 |
class HTTPServerWithSmarts(HttpServer): |
112 |
"""HTTPServerWithSmarts extends the HttpServer with POST methods that will
|
|
113 |
trigger a smart server to execute with a transport rooted at the rootdir of
|
|
114 |
the HTTP server.
|
|
115 |
"""
|
|
116 |
||
117 |
def __init__(self): |
|
118 |
HttpServer.__init__(self, SmartRequestHandler) |
|
119 |
||
120 |
||
121 |
class SmartRequestHandler(TestingHTTPRequestHandler): |
|
122 |
"""Extend TestingHTTPRequestHandler to support smart client POSTs."""
|
|
123 |
||
124 |
def do_POST(self): |
|
125 |
"""Hand the request off to a smart server instance."""
|
|
126 |
self.send_response(200) |
|
127 |
self.send_header("Content-type", "application/octet-stream") |
|
2164.2.28
by Vincent Ladeuil
TestingHTTPServer.test_case_server renamed from test_case to avoid confusions. |
128 |
transport = get_transport(self.server.test_case_server._home_dir) |
2004.1.28
by v.ladeuil+lp at free
Merge bzr.dev. Including http modifications by "smart" related code |
129 |
# TODO: We might like to support streaming responses. 1.0 allows no
|
130 |
# Content-length in this case, so for integrity we should perform our
|
|
131 |
# own chunking within the stream.
|
|
132 |
# 1.1 allows chunked responses, and in this case we could chunk using
|
|
133 |
# the HTTP chunking as this will allow HTTP persistence safely, even if
|
|
134 |
# we have to stop early due to error, but we would also have to use the
|
|
135 |
# HTTP trailer facility which may not be widely available.
|
|
136 |
out_buffer = StringIO() |
|
2018.5.150
by Andrew Bennetts
Tidy imports in HTTPTestUtil.py |
137 |
smart_protocol_request = protocol.SmartServerRequestProtocolOne( |
2004.1.28
by v.ladeuil+lp at free
Merge bzr.dev. Including http modifications by "smart" related code |
138 |
transport, out_buffer.write) |
139 |
# if this fails, we should return 400 bad request, but failure is
|
|
140 |
# failure for now - RBC 20060919
|
|
141 |
data_length = int(self.headers['Content-Length']) |
|
142 |
# Perhaps there should be a SmartServerHTTPMedium that takes care of
|
|
143 |
# feeding the bytes in the http request to the smart_protocol_request,
|
|
144 |
# but for now it's simpler to just feed the bytes directly.
|
|
145 |
smart_protocol_request.accept_bytes(self.rfile.read(data_length)) |
|
146 |
assert smart_protocol_request.next_read_size() == 0, ( |
|
147 |
"not finished reading, but all data sent to protocol.") |
|
148 |
self.send_header("Content-Length", str(len(out_buffer.getvalue()))) |
|
149 |
self.end_headers() |
|
150 |
self.wfile.write(out_buffer.getvalue()) |
|
151 |
||
152 |
||
2520.2.2
by Vincent Ladeuil
Fix #115209 by issuing a single range request on 400: Bad Request |
153 |
class LimitedRangeRequestHandler(TestingHTTPRequestHandler): |
154 |
"""Errors out when range specifiers exceed the limit"""
|
|
155 |
||
156 |
def get_multiple_ranges(self, file, file_size, ranges): |
|
157 |
"""Refuses the multiple ranges request"""
|
|
158 |
tcs = self.server.test_case_server |
|
159 |
if tcs.range_limit is not None and len(ranges) > tcs.range_limit: |
|
160 |
file.close() |
|
161 |
# Emulate apache behavior
|
|
162 |
self.send_error(400, "Bad Request") |
|
163 |
return
|
|
164 |
return TestingHTTPRequestHandler.get_multiple_ranges(self, file, |
|
165 |
file_size, ranges) |
|
166 |
||
167 |
def do_GET(self): |
|
168 |
tcs = self.server.test_case_server |
|
169 |
tcs.GET_request_nb += 1 |
|
170 |
return TestingHTTPRequestHandler.do_GET(self) |
|
171 |
||
172 |
||
173 |
class LimitedRangeHTTPServer(HttpServer): |
|
174 |
"""An HttpServer erroring out on requests with too much range specifiers"""
|
|
175 |
||
176 |
def __init__(self, request_handler=LimitedRangeRequestHandler, |
|
177 |
range_limit=None): |
|
178 |
HttpServer.__init__(self, request_handler) |
|
179 |
self.range_limit = range_limit |
|
180 |
self.GET_request_nb = 0 |
|
181 |
||
182 |
||
2004.1.29
by v.ladeuil+lp at free
New tests for http range requests handling. |
183 |
class SingleRangeRequestHandler(TestingHTTPRequestHandler): |
184 |
"""Always reply to range request as if they were single.
|
|
185 |
||
186 |
Don't be explicit about it, just to annoy the clients.
|
|
187 |
"""
|
|
188 |
||
189 |
def get_multiple_ranges(self, file, file_size, ranges): |
|
190 |
"""Answer as if it was a single range request and ignores the rest"""
|
|
191 |
(start, end) = ranges[0] |
|
192 |
return self.get_single_range(file, file_size, start, end) |
|
193 |
||
194 |
||
2481.3.1
by Vincent Ladeuil
Fix bug #112719 by using the right range header. |
195 |
class SingleOnlyRangeRequestHandler(TestingHTTPRequestHandler): |
196 |
"""Only reply to simple range requests, errors out on multiple"""
|
|
197 |
||
198 |
def get_multiple_ranges(self, file, file_size, ranges): |
|
199 |
"""Refuses the multiple ranges request"""
|
|
200 |
if len(ranges) > 1: |
|
201 |
file.close() |
|
202 |
self.send_error(416, "Requested range not satisfiable") |
|
203 |
return
|
|
204 |
(start, end) = ranges[0] |
|
205 |
return self.get_single_range(file, file_size, start, end) |
|
206 |
||
207 |
||
2004.1.29
by v.ladeuil+lp at free
New tests for http range requests handling. |
208 |
class NoRangeRequestHandler(TestingHTTPRequestHandler): |
209 |
"""Ignore range requests without notice"""
|
|
210 |
||
211 |
# Just bypass the range handling done by TestingHTTPRequestHandler
|
|
212 |
do_GET = SimpleHTTPRequestHandler.do_GET |
|
213 |
||
214 |
||
1534.4.50
by Robert Collins
Got the bzrdir api straightened out, plenty of refactoring to use it pending, but the api is up and running. |
215 |
class TestCaseWithWebserver(TestCaseWithTransport): |
216 |
"""A support class that provides readonly urls that are http://.
|
|
217 |
||
2004.3.3
by vila
Better (but still incomplete) design for bogus servers. |
218 |
This is done by forcing the readonly server to be an http
|
219 |
one. This will currently fail if the primary transport is not
|
|
220 |
backed by regular disk files.
|
|
1185.1.18
by Robert Collins
Lalo Martins remotebranch patch |
221 |
"""
|
222 |
def setUp(self): |
|
1530.1.14
by Robert Collins
Remove duplicate web server from HTTPTestUtil. |
223 |
super(TestCaseWithWebserver, self).setUp() |
2004.1.25
by v.ladeuil+lp at free
Shuffle http related test code. Hopefully it ends up at the right place :) |
224 |
self.transport_readonly_server = HttpServer |
2167.3.5
by v.ladeuil+lp at free
Tests for proxies, covering #74759. |
225 |
|
226 |
||
227 |
class TestCaseWithTwoWebservers(TestCaseWithWebserver): |
|
2164.2.13
by v.ladeuil+lp at free
Add tests for redirection. Preserve transport decorations. |
228 |
"""A support class providing readonly urls on two servers that are http://.
|
2167.3.5
by v.ladeuil+lp at free
Tests for proxies, covering #74759. |
229 |
|
2164.2.25
by Vincent Ladeuil
Fix typos noticed by Aaron. |
230 |
We set up two webservers to allows various tests involving
|
2167.3.5
by v.ladeuil+lp at free
Tests for proxies, covering #74759. |
231 |
proxies or redirections from one server to the other.
|
232 |
"""
|
|
233 |
def setUp(self): |
|
234 |
super(TestCaseWithTwoWebservers, self).setUp() |
|
235 |
self.transport_secondary_server = HttpServer |
|
236 |
self.__secondary_server = None |
|
237 |
||
238 |
def create_transport_secondary_server(self): |
|
239 |
"""Create a transport server from class defined at init.
|
|
240 |
||
241 |
This is mostly a hook for daughter classes.
|
|
242 |
"""
|
|
243 |
return self.transport_secondary_server() |
|
244 |
||
245 |
def get_secondary_server(self): |
|
246 |
"""Get the server instance for the secondary transport."""
|
|
247 |
if self.__secondary_server is None: |
|
248 |
self.__secondary_server = self.create_transport_secondary_server() |
|
249 |
self.__secondary_server.setUp() |
|
250 |
self.addCleanup(self.__secondary_server.tearDown) |
|
251 |
return self.__secondary_server |
|
252 |
||
253 |
||
2420.1.9
by Vincent Ladeuil
Refactor proxy and auth test classes. Tests failing for digest auth. |
254 |
class ProxyServer(HttpServer): |
255 |
"""A proxy test server for http transports."""
|
|
256 |
||
257 |
proxy_requests = True |
|
2213.1.1
by v.ladeuil+lp at free
Workaround SimpleHTTPRequestHandler.translate_path limitation in |
258 |
|
2167.3.5
by v.ladeuil+lp at free
Tests for proxies, covering #74759. |
259 |
|
2164.2.13
by v.ladeuil+lp at free
Add tests for redirection. Preserve transport decorations. |
260 |
class RedirectRequestHandler(TestingHTTPRequestHandler): |
261 |
"""Redirect all request to the specified server"""
|
|
262 |
||
263 |
def parse_request(self): |
|
264 |
"""Redirect a single HTTP request to another host"""
|
|
265 |
valid = TestingHTTPRequestHandler.parse_request(self) |
|
266 |
if valid: |
|
2164.2.29
by Vincent Ladeuil
Test the http redirection at the request level even if it's not |
267 |
tcs = self.server.test_case_server |
268 |
code, target = tcs.is_redirected(self.path) |
|
269 |
if code is not None and target is not None: |
|
270 |
# Redirect as instructed
|
|
271 |
self.send_response(code) |
|
2164.2.16
by Vincent Ladeuil
Add tests. |
272 |
self.send_header('Location', target) |
273 |
self.end_headers() |
|
274 |
return False # The job is done |
|
2164.2.29
by Vincent Ladeuil
Test the http redirection at the request level even if it's not |
275 |
else: |
276 |
# We leave the parent class serve the request
|
|
277 |
pass
|
|
2164.2.13
by v.ladeuil+lp at free
Add tests for redirection. Preserve transport decorations. |
278 |
return valid |
279 |
||
280 |
||
281 |
class HTTPServerRedirecting(HttpServer): |
|
282 |
"""An HttpServer redirecting to another server """
|
|
283 |
||
2164.2.16
by Vincent Ladeuil
Add tests. |
284 |
def __init__(self, request_handler=RedirectRequestHandler): |
2164.2.13
by v.ladeuil+lp at free
Add tests for redirection. Preserve transport decorations. |
285 |
HttpServer.__init__(self, request_handler) |
2164.2.29
by Vincent Ladeuil
Test the http redirection at the request level even if it's not |
286 |
# redirections is a list of tuples (source, target, code)
|
287 |
# - source is a regexp for the paths requested
|
|
288 |
# - target is a replacement for re.sub describing where
|
|
289 |
# the request will be redirected
|
|
290 |
# - code is the http error code associated to the
|
|
291 |
# redirection (301 permanent, 302 temporarry, etc
|
|
292 |
self.redirections = [] |
|
293 |
||
294 |
def redirect_to(self, host, port): |
|
295 |
"""Redirect all requests to a specific host:port"""
|
|
296 |
self.redirections = [('(.*)', |
|
297 |
r'http://%s:%s\1' % (host, port) , |
|
298 |
301)] |
|
299 |
||
300 |
def is_redirected(self, path): |
|
301 |
"""Is the path redirected by this server.
|
|
302 |
||
303 |
:param path: the requested relative path
|
|
304 |
||
305 |
:returns: a tuple (code, target) if a matching
|
|
306 |
redirection is found, (None, None) otherwise.
|
|
307 |
"""
|
|
308 |
code = None |
|
309 |
target = None |
|
310 |
for (rsource, rtarget, rcode) in self.redirections: |
|
311 |
target, match = re.subn(rsource, rtarget, path) |
|
312 |
if match: |
|
313 |
code = rcode |
|
314 |
break # The first match wins |
|
315 |
else: |
|
316 |
target = None |
|
317 |
return code, target |
|
2164.2.13
by v.ladeuil+lp at free
Add tests for redirection. Preserve transport decorations. |
318 |
|
2167.3.5
by v.ladeuil+lp at free
Tests for proxies, covering #74759. |
319 |
|
2164.2.22
by Vincent Ladeuil
Take Aaron's review comments into account. |
320 |
class TestCaseWithRedirectedWebserver(TestCaseWithTwoWebservers): |
321 |
"""A support class providing redirections from one server to another.
|
|
322 |
||
2164.2.25
by Vincent Ladeuil
Fix typos noticed by Aaron. |
323 |
We set up two webservers to allows various tests involving
|
2164.2.22
by Vincent Ladeuil
Take Aaron's review comments into account. |
324 |
redirections.
|
325 |
The 'old' server is redirected to the 'new' server.
|
|
326 |
"""
|
|
327 |
||
328 |
def create_transport_secondary_server(self): |
|
329 |
"""Create the secondary server redirecting to the primary server"""
|
|
330 |
new = self.get_readonly_server() |
|
331 |
redirecting = HTTPServerRedirecting() |
|
332 |
redirecting.redirect_to(new.host, new.port) |
|
333 |
return redirecting |
|
334 |
||
335 |
def setUp(self): |
|
336 |
super(TestCaseWithRedirectedWebserver, self).setUp() |
|
337 |
# The redirections will point to the new server
|
|
338 |
self.new_server = self.get_readonly_server() |
|
339 |
# The requests to the old server will be redirected
|
|
340 |
self.old_server = self.get_secondary_server() |
|
341 |
||
342 |
||
2420.1.9
by Vincent Ladeuil
Refactor proxy and auth test classes. Tests failing for digest auth. |
343 |
class AuthRequestHandler(TestingHTTPRequestHandler): |
344 |
"""Requires an authentication to process requests.
|
|
2363.4.12
by Vincent Ladeuil
Take jam's review comments into account. Fix typos, give better |
345 |
|
346 |
This is intended to be used with a server that always and
|
|
2420.1.9
by Vincent Ladeuil
Refactor proxy and auth test classes. Tests failing for digest auth. |
347 |
only use one authentication scheme (implemented by daughter
|
348 |
classes).
|
|
2363.4.12
by Vincent Ladeuil
Take jam's review comments into account. Fix typos, give better |
349 |
"""
|
2363.4.8
by Vincent Ladeuil
Implement a basic auth HTTP server, rewrite tests accordingly. |
350 |
|
2420.1.9
by Vincent Ladeuil
Refactor proxy and auth test classes. Tests failing for digest auth. |
351 |
# The following attributes should be defined in the server
|
2420.1.10
by Vincent Ladeuil
Doc fixes. |
352 |
# - auth_header_sent: the header name sent to require auth
|
353 |
# - auth_header_recv: the header received containing auth
|
|
354 |
# - auth_error_code: the error code to indicate auth required
|
|
2420.1.2
by Vincent Ladeuil
Define tests for http proxy basic authentication. They fail. |
355 |
|
2363.4.8
by Vincent Ladeuil
Implement a basic auth HTTP server, rewrite tests accordingly. |
356 |
def do_GET(self): |
2420.1.9
by Vincent Ladeuil
Refactor proxy and auth test classes. Tests failing for digest auth. |
357 |
if self.authorized(): |
358 |
return TestingHTTPRequestHandler.do_GET(self) |
|
359 |
else: |
|
360 |
# Note that we must update test_case_server *before*
|
|
361 |
# sending the error or the client may try to read it
|
|
362 |
# before we have sent the whole error back.
|
|
363 |
tcs = self.server.test_case_server |
|
364 |
tcs.auth_required_errors += 1 |
|
365 |
self.send_response(tcs.auth_error_code) |
|
366 |
self.send_header_auth_reqed() |
|
367 |
self.end_headers() |
|
368 |
return
|
|
2363.4.8
by Vincent Ladeuil
Implement a basic auth HTTP server, rewrite tests accordingly. |
369 |
|
2363.4.12
by Vincent Ladeuil
Take jam's review comments into account. Fix typos, give better |
370 |
|
2420.1.9
by Vincent Ladeuil
Refactor proxy and auth test classes. Tests failing for digest auth. |
371 |
class BasicAuthRequestHandler(AuthRequestHandler): |
372 |
"""Implements the basic authentication of a request"""
|
|
373 |
||
374 |
def authorized(self): |
|
375 |
tcs = self.server.test_case_server |
|
376 |
if tcs.auth_scheme != 'basic': |
|
377 |
return False |
|
378 |
||
2420.1.11
by Vincent Ladeuil
Implement digest authentication. Test suite passes. Tested against apache-2.x. |
379 |
auth_header = self.headers.get(tcs.auth_header_recv, None) |
380 |
if auth_header: |
|
381 |
scheme, raw_auth = auth_header.split(' ', 1) |
|
382 |
if scheme.lower() == tcs.auth_scheme: |
|
383 |
user, password = raw_auth.decode('base64').split(':') |
|
384 |
return tcs.authorized(user, password) |
|
2420.1.9
by Vincent Ladeuil
Refactor proxy and auth test classes. Tests failing for digest auth. |
385 |
|
386 |
return False |
|
387 |
||
388 |
def send_header_auth_reqed(self): |
|
2420.1.11
by Vincent Ladeuil
Implement digest authentication. Test suite passes. Tested against apache-2.x. |
389 |
tcs = self.server.test_case_server |
390 |
self.send_header(tcs.auth_header_sent, |
|
391 |
'Basic realm="%s"' % tcs.auth_realm) |
|
392 |
||
393 |
||
2420.1.19
by Vincent Ladeuil
Cosmetic changes. |
394 |
# FIXME: We could send an Authentication-Info header too when
|
395 |
# the authentication is succesful
|
|
2420.1.9
by Vincent Ladeuil
Refactor proxy and auth test classes. Tests failing for digest auth. |
396 |
|
397 |
class DigestAuthRequestHandler(AuthRequestHandler): |
|
2420.1.11
by Vincent Ladeuil
Implement digest authentication. Test suite passes. Tested against apache-2.x. |
398 |
"""Implements the digest authentication of a request.
|
399 |
||
400 |
We need persistence for some attributes and that can't be
|
|
401 |
achieved here since we get instantiated for each request. We
|
|
402 |
rely on the DigestAuthServer to take care of them.
|
|
403 |
"""
|
|
2420.1.9
by Vincent Ladeuil
Refactor proxy and auth test classes. Tests failing for digest auth. |
404 |
|
405 |
def authorized(self): |
|
406 |
tcs = self.server.test_case_server |
|
407 |
if tcs.auth_scheme != 'digest': |
|
408 |
return False |
|
409 |
||
2420.1.11
by Vincent Ladeuil
Implement digest authentication. Test suite passes. Tested against apache-2.x. |
410 |
auth_header = self.headers.get(tcs.auth_header_recv, None) |
411 |
if auth_header is None: |
|
412 |
return False |
|
413 |
scheme, auth = auth_header.split(None, 1) |
|
414 |
if scheme.lower() == tcs.auth_scheme: |
|
415 |
auth_dict = urllib2.parse_keqv_list(urllib2.parse_http_list(auth)) |
|
416 |
||
417 |
return tcs.digest_authorized(auth_dict, self.command) |
|
2420.1.9
by Vincent Ladeuil
Refactor proxy and auth test classes. Tests failing for digest auth. |
418 |
|
419 |
return False |
|
420 |
||
421 |
def send_header_auth_reqed(self): |
|
2420.1.11
by Vincent Ladeuil
Implement digest authentication. Test suite passes. Tested against apache-2.x. |
422 |
tcs = self.server.test_case_server |
423 |
header = 'Digest realm="%s", ' % tcs.auth_realm |
|
2545.2.1
by Vincent Ladeuil
Fix 121889 by working around urllib2 bug. |
424 |
header += 'nonce="%s", algorithm="%s", qop="auth"' % (tcs.auth_nonce, |
425 |
'MD5') |
|
2420.1.11
by Vincent Ladeuil
Implement digest authentication. Test suite passes. Tested against apache-2.x. |
426 |
self.send_header(tcs.auth_header_sent,header) |
427 |
||
2420.1.9
by Vincent Ladeuil
Refactor proxy and auth test classes. Tests failing for digest auth. |
428 |
|
429 |
class AuthServer(HttpServer): |
|
430 |
"""Extends HttpServer with a dictionary of passwords.
|
|
431 |
||
432 |
This is used as a base class for various schemes which should
|
|
433 |
all use or redefined the associated AuthRequestHandler.
|
|
2363.4.12
by Vincent Ladeuil
Take jam's review comments into account. Fix typos, give better |
434 |
|
435 |
Note that no users are defined by default, so add_user should
|
|
436 |
be called before issuing the first request.
|
|
2420.1.11
by Vincent Ladeuil
Implement digest authentication. Test suite passes. Tested against apache-2.x. |
437 |
"""
|
2420.1.9
by Vincent Ladeuil
Refactor proxy and auth test classes. Tests failing for digest auth. |
438 |
|
439 |
# The following attributes should be set dy daughter classes
|
|
440 |
# and are used by AuthRequestHandler.
|
|
441 |
auth_header_sent = None |
|
442 |
auth_header_recv = None |
|
443 |
auth_error_code = None |
|
2420.1.11
by Vincent Ladeuil
Implement digest authentication. Test suite passes. Tested against apache-2.x. |
444 |
auth_realm = "Thou should not pass" |
2363.4.12
by Vincent Ladeuil
Take jam's review comments into account. Fix typos, give better |
445 |
|
446 |
def __init__(self, request_handler, auth_scheme): |
|
2363.4.8
by Vincent Ladeuil
Implement a basic auth HTTP server, rewrite tests accordingly. |
447 |
HttpServer.__init__(self, request_handler) |
2363.4.12
by Vincent Ladeuil
Take jam's review comments into account. Fix typos, give better |
448 |
self.auth_scheme = auth_scheme |
2363.4.8
by Vincent Ladeuil
Implement a basic auth HTTP server, rewrite tests accordingly. |
449 |
self.password_of = {} |
2420.1.4
by Vincent Ladeuil
Add test checking the number of roundtrips due to 401 or 407 errors. |
450 |
self.auth_required_errors = 0 |
2363.4.8
by Vincent Ladeuil
Implement a basic auth HTTP server, rewrite tests accordingly. |
451 |
|
452 |
def add_user(self, user, password): |
|
2363.4.12
by Vincent Ladeuil
Take jam's review comments into account. Fix typos, give better |
453 |
"""Declare a user with an associated password.
|
454 |
||
455 |
password can be empty, use an empty string ('') in that
|
|
456 |
case, not None.
|
|
457 |
"""
|
|
2363.4.8
by Vincent Ladeuil
Implement a basic auth HTTP server, rewrite tests accordingly. |
458 |
self.password_of[user] = password |
459 |
||
460 |
def authorized(self, user, password): |
|
2420.1.11
by Vincent Ladeuil
Implement digest authentication. Test suite passes. Tested against apache-2.x. |
461 |
"""Check that the given user provided the right password"""
|
2363.4.12
by Vincent Ladeuil
Take jam's review comments into account. Fix typos, give better |
462 |
expected_password = self.password_of.get(user, None) |
463 |
return expected_password is not None and password == expected_password |
|
464 |
||
465 |
||
2420.1.19
by Vincent Ladeuil
Cosmetic changes. |
466 |
# FIXME: There is some code duplication with
|
467 |
# _urllib2_wrappers.py.DigestAuthHandler. If that duplciation
|
|
468 |
# grows, it may require a refactoring. Also, we don't implement
|
|
469 |
# SHA algorithm nor MD5-sess here, but that does not seem worth
|
|
470 |
# it.
|
|
2420.1.11
by Vincent Ladeuil
Implement digest authentication. Test suite passes. Tested against apache-2.x. |
471 |
class DigestAuthServer(AuthServer): |
472 |
"""A digest authentication server"""
|
|
473 |
||
2420.1.16
by Vincent Ladeuil
Handle nonce changes. Fix a nasty bug breaking the auth parameters sharing. |
474 |
auth_nonce = 'now!' |
2420.1.11
by Vincent Ladeuil
Implement digest authentication. Test suite passes. Tested against apache-2.x. |
475 |
|
476 |
def __init__(self, request_handler, auth_scheme): |
|
477 |
AuthServer.__init__(self, request_handler, auth_scheme) |
|
478 |
||
479 |
def digest_authorized(self, auth, command): |
|
2420.1.16
by Vincent Ladeuil
Handle nonce changes. Fix a nasty bug breaking the auth parameters sharing. |
480 |
nonce = auth['nonce'] |
481 |
if nonce != self.auth_nonce: |
|
482 |
return False |
|
2420.1.11
by Vincent Ladeuil
Implement digest authentication. Test suite passes. Tested against apache-2.x. |
483 |
realm = auth['realm'] |
484 |
if realm != self.auth_realm: |
|
485 |
return False |
|
486 |
user = auth['username'] |
|
487 |
if not self.password_of.has_key(user): |
|
488 |
return False |
|
489 |
algorithm= auth['algorithm'] |
|
490 |
if algorithm != 'MD5': |
|
491 |
return False |
|
492 |
qop = auth['qop'] |
|
493 |
if qop != 'auth': |
|
494 |
return False |
|
495 |
||
496 |
password = self.password_of[user] |
|
497 |
||
498 |
# Recalculate the response_digest to compare with the one
|
|
499 |
# sent by the client
|
|
500 |
A1 = '%s:%s:%s' % (user, realm, password) |
|
501 |
A2 = '%s:%s' % (command, auth['uri']) |
|
502 |
||
503 |
H = lambda x: md5.new(x).hexdigest() |
|
504 |
KD = lambda secret, data: H("%s:%s" % (secret, data)) |
|
505 |
||
506 |
nonce_count = int(auth['nc'], 16) |
|
507 |
||
508 |
ncvalue = '%08x' % nonce_count |
|
509 |
||
510 |
cnonce = auth['cnonce'] |
|
511 |
noncebit = '%s:%s:%s:%s:%s' % (nonce, ncvalue, cnonce, qop, H(A2)) |
|
512 |
response_digest = KD(H(A1), noncebit) |
|
513 |
||
514 |
return response_digest == auth['response'] |
|
515 |
||
2420.1.9
by Vincent Ladeuil
Refactor proxy and auth test classes. Tests failing for digest auth. |
516 |
class HTTPAuthServer(AuthServer): |
517 |
"""An HTTP server requiring authentication"""
|
|
518 |
||
2420.1.11
by Vincent Ladeuil
Implement digest authentication. Test suite passes. Tested against apache-2.x. |
519 |
def init_http_auth(self): |
520 |
self.auth_header_sent = 'WWW-Authenticate' |
|
521 |
self.auth_header_recv = 'Authorization' |
|
522 |
self.auth_error_code = 401 |
|
2420.1.9
by Vincent Ladeuil
Refactor proxy and auth test classes. Tests failing for digest auth. |
523 |
|
524 |
||
525 |
class ProxyAuthServer(AuthServer): |
|
526 |
"""A proxy server requiring authentication"""
|
|
527 |
||
2420.1.11
by Vincent Ladeuil
Implement digest authentication. Test suite passes. Tested against apache-2.x. |
528 |
def init_proxy_auth(self): |
529 |
self.proxy_requests = True |
|
530 |
self.auth_header_sent = 'Proxy-Authenticate' |
|
531 |
self.auth_header_recv = 'Proxy-Authorization' |
|
532 |
self.auth_error_code = 407 |
|
2420.1.9
by Vincent Ladeuil
Refactor proxy and auth test classes. Tests failing for digest auth. |
533 |
|
534 |
||
535 |
class HTTPBasicAuthServer(HTTPAuthServer): |
|
536 |
"""An HTTP server requiring basic authentication"""
|
|
537 |
||
538 |
def __init__(self): |
|
539 |
HTTPAuthServer.__init__(self, BasicAuthRequestHandler, 'basic') |
|
2420.1.11
by Vincent Ladeuil
Implement digest authentication. Test suite passes. Tested against apache-2.x. |
540 |
self.init_http_auth() |
541 |
||
542 |
||
543 |
class HTTPDigestAuthServer(DigestAuthServer, HTTPAuthServer): |
|
2420.1.9
by Vincent Ladeuil
Refactor proxy and auth test classes. Tests failing for digest auth. |
544 |
"""An HTTP server requiring digest authentication"""
|
545 |
||
546 |
def __init__(self): |
|
2420.1.11
by Vincent Ladeuil
Implement digest authentication. Test suite passes. Tested against apache-2.x. |
547 |
DigestAuthServer.__init__(self, DigestAuthRequestHandler, 'digest') |
548 |
self.init_http_auth() |
|
2420.1.9
by Vincent Ladeuil
Refactor proxy and auth test classes. Tests failing for digest auth. |
549 |
|
550 |
||
551 |
class ProxyBasicAuthServer(ProxyAuthServer): |
|
2420.1.11
by Vincent Ladeuil
Implement digest authentication. Test suite passes. Tested against apache-2.x. |
552 |
"""A proxy server requiring basic authentication"""
|
2420.1.9
by Vincent Ladeuil
Refactor proxy and auth test classes. Tests failing for digest auth. |
553 |
|
554 |
def __init__(self): |
|
555 |
ProxyAuthServer.__init__(self, BasicAuthRequestHandler, 'basic') |
|
2420.1.11
by Vincent Ladeuil
Implement digest authentication. Test suite passes. Tested against apache-2.x. |
556 |
self.init_proxy_auth() |
557 |
||
558 |
||
559 |
class ProxyDigestAuthServer(DigestAuthServer, ProxyAuthServer): |
|
560 |
"""A proxy server requiring basic authentication"""
|
|
2420.1.9
by Vincent Ladeuil
Refactor proxy and auth test classes. Tests failing for digest auth. |
561 |
|
562 |
def __init__(self): |
|
563 |
ProxyAuthServer.__init__(self, DigestAuthRequestHandler, 'digest') |
|
2420.1.11
by Vincent Ladeuil
Implement digest authentication. Test suite passes. Tested against apache-2.x. |
564 |
self.init_proxy_auth() |
2420.1.9
by Vincent Ladeuil
Refactor proxy and auth test classes. Tests failing for digest auth. |
565 |
|
566 |