13
13
# You should have received a copy of the GNU General Public License
14
14
# along with this program; if not, write to the Free Software
15
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
15
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17
17
from cStringIO import StringIO
19
from SimpleHTTPServer import SimpleHTTPRequestHandler
24
from bzrlib.tests import TestCaseWithTransport
25
from bzrlib.tests.HttpServer import (
27
TestingHTTPRequestHandler,
32
from bzrlib.smart import medium, protocol
33
from bzrlib.tests import http_server
29
34
from bzrlib.transport import (
32
from bzrlib.smart import protocol
35
class WallRequestHandler(TestingHTTPRequestHandler):
36
"""Whatever request comes in, close the connection"""
38
def handle_one_request(self):
39
"""Handle a single HTTP request, by abruptly closing the connection"""
40
self.close_connection = 1
43
class BadStatusRequestHandler(TestingHTTPRequestHandler):
44
"""Whatever request comes in, returns a bad status"""
46
def parse_request(self):
47
"""Fakes handling a single HTTP request, returns a bad status"""
48
ignored = TestingHTTPRequestHandler.parse_request(self)
50
self.send_response(0, "Bad status")
52
except socket.error, e:
53
# We don't want to pollute the test results with
54
# spurious server errors while test succeed. In our
55
# case, it may occur that the test has already read
56
# the 'Bad Status' and closed the socket while we are
57
# still trying to send some headers... So the test is
58
# ok, but if we raise the exception, the output is
59
# dirty. So we don't raise, but we close the
60
# connection, just to be safe :)
61
spurious = [errno.EPIPE,
65
if (len(e.args) > 0) and (e.args[0] in spurious):
66
self.close_connection = 1
73
class InvalidStatusRequestHandler(TestingHTTPRequestHandler):
74
"""Whatever request comes in, returns am invalid status"""
76
def parse_request(self):
77
"""Fakes handling a single HTTP request, returns a bad status"""
78
ignored = TestingHTTPRequestHandler.parse_request(self)
79
self.wfile.write("Invalid status line\r\n")
83
class BadProtocolRequestHandler(TestingHTTPRequestHandler):
84
"""Whatever request comes in, returns a bad protocol version"""
86
def parse_request(self):
87
"""Fakes handling a single HTTP request, returns a bad status"""
88
ignored = TestingHTTPRequestHandler.parse_request(self)
89
# Returns an invalid protocol version, but curl just
90
# ignores it and those cannot be tested.
91
self.wfile.write("%s %d %s\r\n" % ('HTTP/0.0',
93
'Look at my protocol version'))
97
class ForbiddenRequestHandler(TestingHTTPRequestHandler):
98
"""Whatever request comes in, returns a 403 code"""
100
def parse_request(self):
101
"""Handle a single HTTP request, by replying we cannot handle it"""
102
ignored = TestingHTTPRequestHandler.parse_request(self)
107
class HTTPServerWithSmarts(HttpServer):
40
class HTTPServerWithSmarts(http_server.HttpServer):
108
41
"""HTTPServerWithSmarts extends the HttpServer with POST methods that will
109
42
trigger a smart server to execute with a transport rooted at the rootdir of
114
HttpServer.__init__(self, SmartRequestHandler)
117
class SmartRequestHandler(TestingHTTPRequestHandler):
118
"""Extend TestingHTTPRequestHandler to support smart client POSTs."""
46
def __init__(self, protocol_version=None):
47
http_server.HttpServer.__init__(self, SmartRequestHandler,
48
protocol_version=protocol_version)
51
class SmartRequestHandler(http_server.TestingHTTPRequestHandler):
52
"""Extend TestingHTTPRequestHandler to support smart client POSTs.
54
XXX: This duplicates a fair bit of the logic in bzrlib.transport.http.wsgi.
120
57
def do_POST(self):
121
58
"""Hand the request off to a smart server instance."""
59
backing = get_transport(self.server.test_case_server._home_dir)
60
chroot_server = chroot.ChrootServer(backing)
63
t = get_transport(chroot_server.get_url())
66
chroot_server.tearDown()
68
def do_POST_inner(self, chrooted_transport):
122
69
self.send_response(200)
123
70
self.send_header("Content-type", "application/octet-stream")
124
transport = get_transport(self.server.test_case_server._home_dir)
71
if not self.path.endswith('.bzr/smart'):
73
'POST to path not ending in .bzr/smart: %r' % (self.path,))
74
t = chrooted_transport.clone(self.path[:-len('.bzr/smart')])
75
# if this fails, we should return 400 bad request, but failure is
76
# failure for now - RBC 20060919
77
data_length = int(self.headers['Content-Length'])
125
78
# TODO: We might like to support streaming responses. 1.0 allows no
126
79
# Content-length in this case, so for integrity we should perform our
127
80
# own chunking within the stream.
129
82
# the HTTP chunking as this will allow HTTP persistence safely, even if
130
83
# we have to stop early due to error, but we would also have to use the
131
84
# HTTP trailer facility which may not be widely available.
85
request_bytes = self.rfile.read(data_length)
86
protocol_factory, unused_bytes = medium._get_protocol_factory_for_bytes(
132
88
out_buffer = StringIO()
133
smart_protocol_request = protocol.SmartServerRequestProtocolOne(
134
transport, out_buffer.write)
135
# if this fails, we should return 400 bad request, but failure is
136
# failure for now - RBC 20060919
137
data_length = int(self.headers['Content-Length'])
89
smart_protocol_request = protocol_factory(t, out_buffer.write, '/')
138
90
# Perhaps there should be a SmartServerHTTPMedium that takes care of
139
91
# feeding the bytes in the http request to the smart_protocol_request,
140
92
# but for now it's simpler to just feed the bytes directly.
141
smart_protocol_request.accept_bytes(self.rfile.read(data_length))
142
assert smart_protocol_request.next_read_size() == 0, (
143
"not finished reading, but all data sent to protocol.")
93
smart_protocol_request.accept_bytes(unused_bytes)
94
if not (smart_protocol_request.next_read_size() == 0):
95
raise errors.SmartProtocolError(
96
"not finished reading, but all data sent to protocol.")
144
97
self.send_header("Content-Length", str(len(out_buffer.getvalue())))
145
98
self.end_headers()
146
99
self.wfile.write(out_buffer.getvalue())
149
class SingleRangeRequestHandler(TestingHTTPRequestHandler):
150
"""Always reply to range request as if they were single.
152
Don't be explicit about it, just to annoy the clients.
155
def get_multiple_ranges(self, file, file_size, ranges):
156
"""Answer as if it was a single range request and ignores the rest"""
157
(start, end) = ranges[0]
158
return self.get_single_range(file, file_size, start, end)
161
class NoRangeRequestHandler(TestingHTTPRequestHandler):
162
"""Ignore range requests without notice"""
164
# Just bypass the range handling done by TestingHTTPRequestHandler
165
do_GET = SimpleHTTPRequestHandler.do_GET
168
class TestCaseWithWebserver(TestCaseWithTransport):
102
class TestCaseWithWebserver(tests.TestCaseWithTransport):
169
103
"""A support class that provides readonly urls that are http://.
171
105
This is done by forcing the readonly server to be an http
204
138
return self.__secondary_server
207
class FakeProxyRequestHandler(TestingHTTPRequestHandler):
208
"""Append a '-proxied' suffix to file served"""
210
def translate_path(self, path):
211
# We need to act as a proxy and accept absolute urls,
212
# which SimpleHTTPRequestHandler (grand parent) is not
213
# ready for. So we just drop the protocol://host:port
214
# part in front of the request-url (because we know we
215
# would not forward the request to *another* proxy).
217
# So we do what SimpleHTTPRequestHandler.translate_path
218
# do beginning with python 2.4.3: abandon query
219
# parameters, scheme, host port, etc (which ensure we
220
# provide the right behaviour on all python versions).
221
path = urlparse.urlparse(path)[2]
222
# And now, we can apply *our* trick to proxy files
223
self.path += '-proxied'
224
# An finally we leave our mother class do whatever it
225
# wants with the path
226
return TestingHTTPRequestHandler.translate_path(self, path)
229
class RedirectRequestHandler(TestingHTTPRequestHandler):
141
class ProxyServer(http_server.HttpServer):
142
"""A proxy test server for http transports."""
144
proxy_requests = True
147
class RedirectRequestHandler(http_server.TestingHTTPRequestHandler):
230
148
"""Redirect all request to the specified server"""
232
150
def parse_request(self):
233
151
"""Redirect a single HTTP request to another host"""
234
valid = TestingHTTPRequestHandler.parse_request(self)
152
valid = http_server.TestingHTTPRequestHandler.parse_request(self)
236
154
tcs = self.server.test_case_server
237
155
code, target = tcs.is_redirected(self.path)
309
231
self.old_server = self.get_secondary_server()
234
class AuthRequestHandler(http_server.TestingHTTPRequestHandler):
235
"""Requires an authentication to process requests.
237
This is intended to be used with a server that always and
238
only use one authentication scheme (implemented by daughter
242
# The following attributes should be defined in the server
243
# - auth_header_sent: the header name sent to require auth
244
# - auth_header_recv: the header received containing auth
245
# - auth_error_code: the error code to indicate auth required
248
if self.authorized():
249
return http_server.TestingHTTPRequestHandler.do_GET(self)
251
# Note that we must update test_case_server *before*
252
# sending the error or the client may try to read it
253
# before we have sent the whole error back.
254
tcs = self.server.test_case_server
255
tcs.auth_required_errors += 1
256
self.send_response(tcs.auth_error_code)
257
self.send_header_auth_reqed()
258
# We do not send a body
259
self.send_header('Content-Length', '0')
264
class BasicAuthRequestHandler(AuthRequestHandler):
265
"""Implements the basic authentication of a request"""
267
def authorized(self):
268
tcs = self.server.test_case_server
269
if tcs.auth_scheme != 'basic':
272
auth_header = self.headers.get(tcs.auth_header_recv, None)
274
scheme, raw_auth = auth_header.split(' ', 1)
275
if scheme.lower() == tcs.auth_scheme:
276
user, password = raw_auth.decode('base64').split(':')
277
return tcs.authorized(user, password)
281
def send_header_auth_reqed(self):
282
tcs = self.server.test_case_server
283
self.send_header(tcs.auth_header_sent,
284
'Basic realm="%s"' % tcs.auth_realm)
287
# FIXME: We could send an Authentication-Info header too when
288
# the authentication is succesful
290
class DigestAuthRequestHandler(AuthRequestHandler):
291
"""Implements the digest authentication of a request.
293
We need persistence for some attributes and that can't be
294
achieved here since we get instantiated for each request. We
295
rely on the DigestAuthServer to take care of them.
298
def authorized(self):
299
tcs = self.server.test_case_server
300
if tcs.auth_scheme != 'digest':
303
auth_header = self.headers.get(tcs.auth_header_recv, None)
304
if auth_header is None:
306
scheme, auth = auth_header.split(None, 1)
307
if scheme.lower() == tcs.auth_scheme:
308
auth_dict = urllib2.parse_keqv_list(urllib2.parse_http_list(auth))
310
return tcs.digest_authorized(auth_dict, self.command)
314
def send_header_auth_reqed(self):
315
tcs = self.server.test_case_server
316
header = 'Digest realm="%s", ' % tcs.auth_realm
317
header += 'nonce="%s", algorithm="%s", qop="auth"' % (tcs.auth_nonce,
319
self.send_header(tcs.auth_header_sent,header)
322
class AuthServer(http_server.HttpServer):
323
"""Extends HttpServer with a dictionary of passwords.
325
This is used as a base class for various schemes which should
326
all use or redefined the associated AuthRequestHandler.
328
Note that no users are defined by default, so add_user should
329
be called before issuing the first request.
332
# The following attributes should be set dy daughter classes
333
# and are used by AuthRequestHandler.
334
auth_header_sent = None
335
auth_header_recv = None
336
auth_error_code = None
337
auth_realm = "Thou should not pass"
339
def __init__(self, request_handler, auth_scheme,
340
protocol_version=None):
341
http_server.HttpServer.__init__(self, request_handler,
342
protocol_version=protocol_version)
343
self.auth_scheme = auth_scheme
344
self.password_of = {}
345
self.auth_required_errors = 0
347
def add_user(self, user, password):
348
"""Declare a user with an associated password.
350
password can be empty, use an empty string ('') in that
353
self.password_of[user] = password
355
def authorized(self, user, password):
356
"""Check that the given user provided the right password"""
357
expected_password = self.password_of.get(user, None)
358
return expected_password is not None and password == expected_password
361
# FIXME: There is some code duplication with
362
# _urllib2_wrappers.py.DigestAuthHandler. If that duplication
363
# grows, it may require a refactoring. Also, we don't implement
364
# SHA algorithm nor MD5-sess here, but that does not seem worth
366
class DigestAuthServer(AuthServer):
367
"""A digest authentication server"""
371
def __init__(self, request_handler, auth_scheme,
372
protocol_version=None):
373
AuthServer.__init__(self, request_handler, auth_scheme,
374
protocol_version=protocol_version)
376
def digest_authorized(self, auth, command):
377
nonce = auth['nonce']
378
if nonce != self.auth_nonce:
380
realm = auth['realm']
381
if realm != self.auth_realm:
383
user = auth['username']
384
if not self.password_of.has_key(user):
386
algorithm= auth['algorithm']
387
if algorithm != 'MD5':
393
password = self.password_of[user]
395
# Recalculate the response_digest to compare with the one
397
A1 = '%s:%s:%s' % (user, realm, password)
398
A2 = '%s:%s' % (command, auth['uri'])
400
H = lambda x: osutils.md5(x).hexdigest()
401
KD = lambda secret, data: H("%s:%s" % (secret, data))
403
nonce_count = int(auth['nc'], 16)
405
ncvalue = '%08x' % nonce_count
407
cnonce = auth['cnonce']
408
noncebit = '%s:%s:%s:%s:%s' % (nonce, ncvalue, cnonce, qop, H(A2))
409
response_digest = KD(H(A1), noncebit)
411
return response_digest == auth['response']
413
class HTTPAuthServer(AuthServer):
414
"""An HTTP server requiring authentication"""
416
def init_http_auth(self):
417
self.auth_header_sent = 'WWW-Authenticate'
418
self.auth_header_recv = 'Authorization'
419
self.auth_error_code = 401
422
class ProxyAuthServer(AuthServer):
423
"""A proxy server requiring authentication"""
425
def init_proxy_auth(self):
426
self.proxy_requests = True
427
self.auth_header_sent = 'Proxy-Authenticate'
428
self.auth_header_recv = 'Proxy-Authorization'
429
self.auth_error_code = 407
432
class HTTPBasicAuthServer(HTTPAuthServer):
433
"""An HTTP server requiring basic authentication"""
435
def __init__(self, protocol_version=None):
436
HTTPAuthServer.__init__(self, BasicAuthRequestHandler, 'basic',
437
protocol_version=protocol_version)
438
self.init_http_auth()
441
class HTTPDigestAuthServer(DigestAuthServer, HTTPAuthServer):
442
"""An HTTP server requiring digest authentication"""
444
def __init__(self, protocol_version=None):
445
DigestAuthServer.__init__(self, DigestAuthRequestHandler, 'digest',
446
protocol_version=protocol_version)
447
self.init_http_auth()
450
class ProxyBasicAuthServer(ProxyAuthServer):
451
"""A proxy server requiring basic authentication"""
453
def __init__(self, protocol_version=None):
454
ProxyAuthServer.__init__(self, BasicAuthRequestHandler, 'basic',
455
protocol_version=protocol_version)
456
self.init_proxy_auth()
459
class ProxyDigestAuthServer(DigestAuthServer, ProxyAuthServer):
460
"""A proxy server requiring basic authentication"""
462
def __init__(self, protocol_version=None):
463
ProxyAuthServer.__init__(self, DigestAuthRequestHandler, 'digest',
464
protocol_version=protocol_version)
465
self.init_proxy_auth()
added
removed
bzrlib/tests/http_utils.py
