1
# Copyright (C) 2005 Canonical Ltd
3
# This program is free software; you can redistribute it and/or modify
4
# it under the terms of the GNU General Public License as published by
5
# the Free Software Foundation; either version 2 of the License, or
6
# (at your option) any later version.
8
# This program is distributed in the hope that it will be useful,
9
# but WITHOUT ANY WARRANTY; without even the implied warranty of
10
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11
# GNU General Public License for more details.
13
# You should have received a copy of the GNU General Public License
14
# along with this program; if not, write to the Free Software
15
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
17
from cStringIO import StringIO
32
from bzrlib.smart import medium, protocol
33
from bzrlib.tests import http_server
34
from bzrlib.transport import (
40
class HTTPServerWithSmarts(http_server.HttpServer):
41
"""HTTPServerWithSmarts extends the HttpServer with POST methods that will
42
trigger a smart server to execute with a transport rooted at the rootdir of
46
def __init__(self, protocol_version=None):
47
http_server.HttpServer.__init__(self, SmartRequestHandler,
48
protocol_version=protocol_version)
51
class SmartRequestHandler(http_server.TestingHTTPRequestHandler):
52
"""Extend TestingHTTPRequestHandler to support smart client POSTs.
54
XXX: This duplicates a fair bit of the logic in bzrlib.transport.http.wsgi.
58
"""Hand the request off to a smart server instance."""
59
backing = get_transport(self.server.test_case_server._home_dir)
60
chroot_server = chroot.ChrootServer(backing)
63
t = get_transport(chroot_server.get_url())
66
chroot_server.tearDown()
68
def do_POST_inner(self, chrooted_transport):
69
self.send_response(200)
70
self.send_header("Content-type", "application/octet-stream")
71
if not self.path.endswith('.bzr/smart'):
73
'POST to path not ending in .bzr/smart: %r' % (self.path,))
74
t = chrooted_transport.clone(self.path[:-len('.bzr/smart')])
75
# if this fails, we should return 400 bad request, but failure is
76
# failure for now - RBC 20060919
77
data_length = int(self.headers['Content-Length'])
78
# TODO: We might like to support streaming responses. 1.0 allows no
79
# Content-length in this case, so for integrity we should perform our
80
# own chunking within the stream.
81
# 1.1 allows chunked responses, and in this case we could chunk using
82
# the HTTP chunking as this will allow HTTP persistence safely, even if
83
# we have to stop early due to error, but we would also have to use the
84
# HTTP trailer facility which may not be widely available.
85
request_bytes = self.rfile.read(data_length)
86
protocol_factory, unused_bytes = medium._get_protocol_factory_for_bytes(
88
out_buffer = StringIO()
89
smart_protocol_request = protocol_factory(t, out_buffer.write, '/')
90
# Perhaps there should be a SmartServerHTTPMedium that takes care of
91
# feeding the bytes in the http request to the smart_protocol_request,
92
# but for now it's simpler to just feed the bytes directly.
93
smart_protocol_request.accept_bytes(unused_bytes)
94
if not (smart_protocol_request.next_read_size() == 0):
95
raise errors.SmartProtocolError(
96
"not finished reading, but all data sent to protocol.")
97
self.send_header("Content-Length", str(len(out_buffer.getvalue())))
99
self.wfile.write(out_buffer.getvalue())
102
class TestCaseWithWebserver(tests.TestCaseWithTransport):
103
"""A support class that provides readonly urls that are http://.
105
This is done by forcing the readonly server to be an http
106
one. This will currently fail if the primary transport is not
107
backed by regular disk files.
110
super(TestCaseWithWebserver, self).setUp()
111
self.transport_readonly_server = http_server.HttpServer
114
class TestCaseWithTwoWebservers(TestCaseWithWebserver):
115
"""A support class providing readonly urls on two servers that are http://.
117
We set up two webservers to allows various tests involving
118
proxies or redirections from one server to the other.
121
super(TestCaseWithTwoWebservers, self).setUp()
122
self.transport_secondary_server = http_server.HttpServer
123
self.__secondary_server = None
125
def create_transport_secondary_server(self):
126
"""Create a transport server from class defined at init.
128
This is mostly a hook for daughter classes.
130
return self.transport_secondary_server()
132
def get_secondary_server(self):
133
"""Get the server instance for the secondary transport."""
134
if self.__secondary_server is None:
135
self.__secondary_server = self.create_transport_secondary_server()
136
self.__secondary_server.setUp()
137
self.addCleanup(self.__secondary_server.tearDown)
138
return self.__secondary_server
141
class ProxyServer(http_server.HttpServer):
142
"""A proxy test server for http transports."""
144
proxy_requests = True
147
class RedirectRequestHandler(http_server.TestingHTTPRequestHandler):
148
"""Redirect all request to the specified server"""
150
def parse_request(self):
151
"""Redirect a single HTTP request to another host"""
152
valid = http_server.TestingHTTPRequestHandler.parse_request(self)
154
tcs = self.server.test_case_server
155
code, target = tcs.is_redirected(self.path)
156
if code is not None and target is not None:
157
# Redirect as instructed
158
self.send_response(code)
159
self.send_header('Location', target)
160
# We do not send a body
161
self.send_header('Content-Length', '0')
163
return False # The job is done
165
# We leave the parent class serve the request
170
class HTTPServerRedirecting(http_server.HttpServer):
171
"""An HttpServer redirecting to another server """
173
def __init__(self, request_handler=RedirectRequestHandler,
174
protocol_version=None):
175
http_server.HttpServer.__init__(self, request_handler,
176
protocol_version=protocol_version)
177
# redirections is a list of tuples (source, target, code)
178
# - source is a regexp for the paths requested
179
# - target is a replacement for re.sub describing where
180
# the request will be redirected
181
# - code is the http error code associated to the
182
# redirection (301 permanent, 302 temporarry, etc
183
self.redirections = []
185
def redirect_to(self, host, port):
186
"""Redirect all requests to a specific host:port"""
187
self.redirections = [('(.*)',
188
r'http://%s:%s\1' % (host, port) ,
191
def is_redirected(self, path):
192
"""Is the path redirected by this server.
194
:param path: the requested relative path
196
:returns: a tuple (code, target) if a matching
197
redirection is found, (None, None) otherwise.
201
for (rsource, rtarget, rcode) in self.redirections:
202
target, match = re.subn(rsource, rtarget, path)
205
break # The first match wins
211
class TestCaseWithRedirectedWebserver(TestCaseWithTwoWebservers):
212
"""A support class providing redirections from one server to another.
214
We set up two webservers to allows various tests involving
216
The 'old' server is redirected to the 'new' server.
219
def create_transport_secondary_server(self):
220
"""Create the secondary server redirecting to the primary server"""
221
new = self.get_readonly_server()
222
redirecting = HTTPServerRedirecting()
223
redirecting.redirect_to(new.host, new.port)
227
super(TestCaseWithRedirectedWebserver, self).setUp()
228
# The redirections will point to the new server
229
self.new_server = self.get_readonly_server()
230
# The requests to the old server will be redirected
231
self.old_server = self.get_secondary_server()
234
class AuthRequestHandler(http_server.TestingHTTPRequestHandler):
235
"""Requires an authentication to process requests.
237
This is intended to be used with a server that always and
238
only use one authentication scheme (implemented by daughter
242
# The following attributes should be defined in the server
243
# - auth_header_sent: the header name sent to require auth
244
# - auth_header_recv: the header received containing auth
245
# - auth_error_code: the error code to indicate auth required
248
if self.authorized():
249
return http_server.TestingHTTPRequestHandler.do_GET(self)
251
# Note that we must update test_case_server *before*
252
# sending the error or the client may try to read it
253
# before we have sent the whole error back.
254
tcs = self.server.test_case_server
255
tcs.auth_required_errors += 1
256
self.send_response(tcs.auth_error_code)
257
self.send_header_auth_reqed()
258
# We do not send a body
259
self.send_header('Content-Length', '0')
264
class BasicAuthRequestHandler(AuthRequestHandler):
265
"""Implements the basic authentication of a request"""
267
def authorized(self):
268
tcs = self.server.test_case_server
269
if tcs.auth_scheme != 'basic':
272
auth_header = self.headers.get(tcs.auth_header_recv, None)
274
scheme, raw_auth = auth_header.split(' ', 1)
275
if scheme.lower() == tcs.auth_scheme:
276
user, password = raw_auth.decode('base64').split(':')
277
return tcs.authorized(user, password)
281
def send_header_auth_reqed(self):
282
tcs = self.server.test_case_server
283
self.send_header(tcs.auth_header_sent,
284
'Basic realm="%s"' % tcs.auth_realm)
287
# FIXME: We could send an Authentication-Info header too when
288
# the authentication is succesful
290
class DigestAuthRequestHandler(AuthRequestHandler):
291
"""Implements the digest authentication of a request.
293
We need persistence for some attributes and that can't be
294
achieved here since we get instantiated for each request. We
295
rely on the DigestAuthServer to take care of them.
298
def authorized(self):
299
tcs = self.server.test_case_server
300
if tcs.auth_scheme != 'digest':
303
auth_header = self.headers.get(tcs.auth_header_recv, None)
304
if auth_header is None:
306
scheme, auth = auth_header.split(None, 1)
307
if scheme.lower() == tcs.auth_scheme:
308
auth_dict = urllib2.parse_keqv_list(urllib2.parse_http_list(auth))
310
return tcs.digest_authorized(auth_dict, self.command)
314
def send_header_auth_reqed(self):
315
tcs = self.server.test_case_server
316
header = 'Digest realm="%s", ' % tcs.auth_realm
317
header += 'nonce="%s", algorithm="%s", qop="auth"' % (tcs.auth_nonce,
319
self.send_header(tcs.auth_header_sent,header)
322
class AuthServer(http_server.HttpServer):
323
"""Extends HttpServer with a dictionary of passwords.
325
This is used as a base class for various schemes which should
326
all use or redefined the associated AuthRequestHandler.
328
Note that no users are defined by default, so add_user should
329
be called before issuing the first request.
332
# The following attributes should be set dy daughter classes
333
# and are used by AuthRequestHandler.
334
auth_header_sent = None
335
auth_header_recv = None
336
auth_error_code = None
337
auth_realm = "Thou should not pass"
339
def __init__(self, request_handler, auth_scheme,
340
protocol_version=None):
341
http_server.HttpServer.__init__(self, request_handler,
342
protocol_version=protocol_version)
343
self.auth_scheme = auth_scheme
344
self.password_of = {}
345
self.auth_required_errors = 0
347
def add_user(self, user, password):
348
"""Declare a user with an associated password.
350
password can be empty, use an empty string ('') in that
353
self.password_of[user] = password
355
def authorized(self, user, password):
356
"""Check that the given user provided the right password"""
357
expected_password = self.password_of.get(user, None)
358
return expected_password is not None and password == expected_password
361
# FIXME: There is some code duplication with
362
# _urllib2_wrappers.py.DigestAuthHandler. If that duplication
363
# grows, it may require a refactoring. Also, we don't implement
364
# SHA algorithm nor MD5-sess here, but that does not seem worth
366
class DigestAuthServer(AuthServer):
367
"""A digest authentication server"""
371
def __init__(self, request_handler, auth_scheme,
372
protocol_version=None):
373
AuthServer.__init__(self, request_handler, auth_scheme,
374
protocol_version=protocol_version)
376
def digest_authorized(self, auth, command):
377
nonce = auth['nonce']
378
if nonce != self.auth_nonce:
380
realm = auth['realm']
381
if realm != self.auth_realm:
383
user = auth['username']
384
if not self.password_of.has_key(user):
386
algorithm= auth['algorithm']
387
if algorithm != 'MD5':
393
password = self.password_of[user]
395
# Recalculate the response_digest to compare with the one
397
A1 = '%s:%s:%s' % (user, realm, password)
398
A2 = '%s:%s' % (command, auth['uri'])
400
H = lambda x: osutils.md5(x).hexdigest()
401
KD = lambda secret, data: H("%s:%s" % (secret, data))
403
nonce_count = int(auth['nc'], 16)
405
ncvalue = '%08x' % nonce_count
407
cnonce = auth['cnonce']
408
noncebit = '%s:%s:%s:%s:%s' % (nonce, ncvalue, cnonce, qop, H(A2))
409
response_digest = KD(H(A1), noncebit)
411
return response_digest == auth['response']
413
class HTTPAuthServer(AuthServer):
414
"""An HTTP server requiring authentication"""
416
def init_http_auth(self):
417
self.auth_header_sent = 'WWW-Authenticate'
418
self.auth_header_recv = 'Authorization'
419
self.auth_error_code = 401
422
class ProxyAuthServer(AuthServer):
423
"""A proxy server requiring authentication"""
425
def init_proxy_auth(self):
426
self.proxy_requests = True
427
self.auth_header_sent = 'Proxy-Authenticate'
428
self.auth_header_recv = 'Proxy-Authorization'
429
self.auth_error_code = 407
432
class HTTPBasicAuthServer(HTTPAuthServer):
433
"""An HTTP server requiring basic authentication"""
435
def __init__(self, protocol_version=None):
436
HTTPAuthServer.__init__(self, BasicAuthRequestHandler, 'basic',
437
protocol_version=protocol_version)
438
self.init_http_auth()
441
class HTTPDigestAuthServer(DigestAuthServer, HTTPAuthServer):
442
"""An HTTP server requiring digest authentication"""
444
def __init__(self, protocol_version=None):
445
DigestAuthServer.__init__(self, DigestAuthRequestHandler, 'digest',
446
protocol_version=protocol_version)
447
self.init_http_auth()
450
class ProxyBasicAuthServer(ProxyAuthServer):
451
"""A proxy server requiring basic authentication"""
453
def __init__(self, protocol_version=None):
454
ProxyAuthServer.__init__(self, BasicAuthRequestHandler, 'basic',
455
protocol_version=protocol_version)
456
self.init_proxy_auth()
459
class ProxyDigestAuthServer(DigestAuthServer, ProxyAuthServer):
460
"""A proxy server requiring basic authentication"""
462
def __init__(self, protocol_version=None):
463
ProxyAuthServer.__init__(self, DigestAuthRequestHandler, 'digest',
464
protocol_version=protocol_version)
465
self.init_proxy_auth()
added
removed
bzrlib/tests/http_utils.py
