1
# Copyright (C) 2005 Canonical Ltd
3
# This program is free software; you can redistribute it and/or modify
4
# it under the terms of the GNU General Public License as published by
5
# the Free Software Foundation; either version 2 of the License, or
6
# (at your option) any later version.
8
# This program is distributed in the hope that it will be useful,
9
# but WITHOUT ANY WARRANTY; without even the implied warranty of
10
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11
# GNU General Public License for more details.
13
# You should have received a copy of the GNU General Public License
14
# along with this program; if not, write to the Free Software
15
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
17
from cStringIO import StringIO
33
from bzrlib.smart import protocol
34
from bzrlib.tests import http_server
37
class HTTPServerWithSmarts(http_server.HttpServer):
38
"""HTTPServerWithSmarts extends the HttpServer with POST methods that will
39
trigger a smart server to execute with a transport rooted at the rootdir of
43
def __init__(self, protocol_version=None):
44
http_server.HttpServer.__init__(self, SmartRequestHandler,
45
protocol_version=protocol_version)
48
class SmartRequestHandler(http_server.TestingHTTPRequestHandler):
49
"""Extend TestingHTTPRequestHandler to support smart client POSTs."""
52
"""Hand the request off to a smart server instance."""
53
self.send_response(200)
54
self.send_header("Content-type", "application/octet-stream")
55
t = transport.get_transport(self.server.test_case_server._home_dir)
56
# TODO: We might like to support streaming responses. 1.0 allows no
57
# Content-length in this case, so for integrity we should perform our
58
# own chunking within the stream.
59
# 1.1 allows chunked responses, and in this case we could chunk using
60
# the HTTP chunking as this will allow HTTP persistence safely, even if
61
# we have to stop early due to error, but we would also have to use the
62
# HTTP trailer facility which may not be widely available.
63
out_buffer = StringIO()
64
smart_protocol_request = protocol.SmartServerRequestProtocolOne(
66
# if this fails, we should return 400 bad request, but failure is
67
# failure for now - RBC 20060919
68
data_length = int(self.headers['Content-Length'])
69
# Perhaps there should be a SmartServerHTTPMedium that takes care of
70
# feeding the bytes in the http request to the smart_protocol_request,
71
# but for now it's simpler to just feed the bytes directly.
72
smart_protocol_request.accept_bytes(self.rfile.read(data_length))
73
assert smart_protocol_request.next_read_size() == 0, (
74
"not finished reading, but all data sent to protocol.")
75
self.send_header("Content-Length", str(len(out_buffer.getvalue())))
77
self.wfile.write(out_buffer.getvalue())
80
class TestCaseWithWebserver(tests.TestCaseWithTransport):
81
"""A support class that provides readonly urls that are http://.
83
This is done by forcing the readonly server to be an http
84
one. This will currently fail if the primary transport is not
85
backed by regular disk files.
88
super(TestCaseWithWebserver, self).setUp()
89
self.transport_readonly_server = http_server.HttpServer
92
class TestCaseWithTwoWebservers(TestCaseWithWebserver):
93
"""A support class providing readonly urls on two servers that are http://.
95
We set up two webservers to allows various tests involving
96
proxies or redirections from one server to the other.
99
super(TestCaseWithTwoWebservers, self).setUp()
100
self.transport_secondary_server = http_server.HttpServer
101
self.__secondary_server = None
103
def create_transport_secondary_server(self):
104
"""Create a transport server from class defined at init.
106
This is mostly a hook for daughter classes.
108
return self.transport_secondary_server()
110
def get_secondary_server(self):
111
"""Get the server instance for the secondary transport."""
112
if self.__secondary_server is None:
113
self.__secondary_server = self.create_transport_secondary_server()
114
self.__secondary_server.setUp()
115
self.addCleanup(self.__secondary_server.tearDown)
116
return self.__secondary_server
119
class ProxyServer(http_server.HttpServer):
120
"""A proxy test server for http transports."""
122
proxy_requests = True
125
class RedirectRequestHandler(http_server.TestingHTTPRequestHandler):
126
"""Redirect all request to the specified server"""
128
def parse_request(self):
129
"""Redirect a single HTTP request to another host"""
130
valid = http_server.TestingHTTPRequestHandler.parse_request(self)
132
tcs = self.server.test_case_server
133
code, target = tcs.is_redirected(self.path)
134
if code is not None and target is not None:
135
# Redirect as instructed
136
self.send_response(code)
137
self.send_header('Location', target)
138
# We do not send a body
139
self.send_header('Content-Length', '0')
141
return False # The job is done
143
# We leave the parent class serve the request
148
class HTTPServerRedirecting(http_server.HttpServer):
149
"""An HttpServer redirecting to another server """
151
def __init__(self, request_handler=RedirectRequestHandler,
152
protocol_version=None):
153
http_server.HttpServer.__init__(self, request_handler,
154
protocol_version=protocol_version)
155
# redirections is a list of tuples (source, target, code)
156
# - source is a regexp for the paths requested
157
# - target is a replacement for re.sub describing where
158
# the request will be redirected
159
# - code is the http error code associated to the
160
# redirection (301 permanent, 302 temporarry, etc
161
self.redirections = []
163
def redirect_to(self, host, port):
164
"""Redirect all requests to a specific host:port"""
165
self.redirections = [('(.*)',
166
r'http://%s:%s\1' % (host, port) ,
169
def is_redirected(self, path):
170
"""Is the path redirected by this server.
172
:param path: the requested relative path
174
:returns: a tuple (code, target) if a matching
175
redirection is found, (None, None) otherwise.
179
for (rsource, rtarget, rcode) in self.redirections:
180
target, match = re.subn(rsource, rtarget, path)
183
break # The first match wins
189
class TestCaseWithRedirectedWebserver(TestCaseWithTwoWebservers):
190
"""A support class providing redirections from one server to another.
192
We set up two webservers to allows various tests involving
194
The 'old' server is redirected to the 'new' server.
197
def create_transport_secondary_server(self):
198
"""Create the secondary server redirecting to the primary server"""
199
new = self.get_readonly_server()
200
redirecting = HTTPServerRedirecting()
201
redirecting.redirect_to(new.host, new.port)
205
super(TestCaseWithRedirectedWebserver, self).setUp()
206
# The redirections will point to the new server
207
self.new_server = self.get_readonly_server()
208
# The requests to the old server will be redirected
209
self.old_server = self.get_secondary_server()
212
class AuthRequestHandler(http_server.TestingHTTPRequestHandler):
213
"""Requires an authentication to process requests.
215
This is intended to be used with a server that always and
216
only use one authentication scheme (implemented by daughter
220
# The following attributes should be defined in the server
221
# - auth_header_sent: the header name sent to require auth
222
# - auth_header_recv: the header received containing auth
223
# - auth_error_code: the error code to indicate auth required
226
if self.authorized():
227
return http_server.TestingHTTPRequestHandler.do_GET(self)
229
# Note that we must update test_case_server *before*
230
# sending the error or the client may try to read it
231
# before we have sent the whole error back.
232
tcs = self.server.test_case_server
233
tcs.auth_required_errors += 1
234
self.send_response(tcs.auth_error_code)
235
self.send_header_auth_reqed()
236
# We do not send a body
237
self.send_header('Content-Length', '0')
242
class BasicAuthRequestHandler(AuthRequestHandler):
243
"""Implements the basic authentication of a request"""
245
def authorized(self):
246
tcs = self.server.test_case_server
247
if tcs.auth_scheme != 'basic':
250
auth_header = self.headers.get(tcs.auth_header_recv, None)
252
scheme, raw_auth = auth_header.split(' ', 1)
253
if scheme.lower() == tcs.auth_scheme:
254
user, password = raw_auth.decode('base64').split(':')
255
return tcs.authorized(user, password)
259
def send_header_auth_reqed(self):
260
tcs = self.server.test_case_server
261
self.send_header(tcs.auth_header_sent,
262
'Basic realm="%s"' % tcs.auth_realm)
265
# FIXME: We could send an Authentication-Info header too when
266
# the authentication is succesful
268
class DigestAuthRequestHandler(AuthRequestHandler):
269
"""Implements the digest authentication of a request.
271
We need persistence for some attributes and that can't be
272
achieved here since we get instantiated for each request. We
273
rely on the DigestAuthServer to take care of them.
276
def authorized(self):
277
tcs = self.server.test_case_server
278
if tcs.auth_scheme != 'digest':
281
auth_header = self.headers.get(tcs.auth_header_recv, None)
282
if auth_header is None:
284
scheme, auth = auth_header.split(None, 1)
285
if scheme.lower() == tcs.auth_scheme:
286
auth_dict = urllib2.parse_keqv_list(urllib2.parse_http_list(auth))
288
return tcs.digest_authorized(auth_dict, self.command)
292
def send_header_auth_reqed(self):
293
tcs = self.server.test_case_server
294
header = 'Digest realm="%s", ' % tcs.auth_realm
295
header += 'nonce="%s", algorithm="%s", qop="auth"' % (tcs.auth_nonce,
297
self.send_header(tcs.auth_header_sent,header)
300
class AuthServer(http_server.HttpServer):
301
"""Extends HttpServer with a dictionary of passwords.
303
This is used as a base class for various schemes which should
304
all use or redefined the associated AuthRequestHandler.
306
Note that no users are defined by default, so add_user should
307
be called before issuing the first request.
310
# The following attributes should be set dy daughter classes
311
# and are used by AuthRequestHandler.
312
auth_header_sent = None
313
auth_header_recv = None
314
auth_error_code = None
315
auth_realm = "Thou should not pass"
317
def __init__(self, request_handler, auth_scheme,
318
protocol_version=None):
319
http_server.HttpServer.__init__(self, request_handler,
320
protocol_version=protocol_version)
321
self.auth_scheme = auth_scheme
322
self.password_of = {}
323
self.auth_required_errors = 0
325
def add_user(self, user, password):
326
"""Declare a user with an associated password.
328
password can be empty, use an empty string ('') in that
331
self.password_of[user] = password
333
def authorized(self, user, password):
334
"""Check that the given user provided the right password"""
335
expected_password = self.password_of.get(user, None)
336
return expected_password is not None and password == expected_password
339
# FIXME: There is some code duplication with
340
# _urllib2_wrappers.py.DigestAuthHandler. If that duplication
341
# grows, it may require a refactoring. Also, we don't implement
342
# SHA algorithm nor MD5-sess here, but that does not seem worth
344
class DigestAuthServer(AuthServer):
345
"""A digest authentication server"""
349
def __init__(self, request_handler, auth_scheme,
350
protocol_version=None):
351
AuthServer.__init__(self, request_handler, auth_scheme,
352
protocol_version=protocol_version)
354
def digest_authorized(self, auth, command):
355
nonce = auth['nonce']
356
if nonce != self.auth_nonce:
358
realm = auth['realm']
359
if realm != self.auth_realm:
361
user = auth['username']
362
if not self.password_of.has_key(user):
364
algorithm= auth['algorithm']
365
if algorithm != 'MD5':
371
password = self.password_of[user]
373
# Recalculate the response_digest to compare with the one
375
A1 = '%s:%s:%s' % (user, realm, password)
376
A2 = '%s:%s' % (command, auth['uri'])
378
H = lambda x: md5.new(x).hexdigest()
379
KD = lambda secret, data: H("%s:%s" % (secret, data))
381
nonce_count = int(auth['nc'], 16)
383
ncvalue = '%08x' % nonce_count
385
cnonce = auth['cnonce']
386
noncebit = '%s:%s:%s:%s:%s' % (nonce, ncvalue, cnonce, qop, H(A2))
387
response_digest = KD(H(A1), noncebit)
389
return response_digest == auth['response']
391
class HTTPAuthServer(AuthServer):
392
"""An HTTP server requiring authentication"""
394
def init_http_auth(self):
395
self.auth_header_sent = 'WWW-Authenticate'
396
self.auth_header_recv = 'Authorization'
397
self.auth_error_code = 401
400
class ProxyAuthServer(AuthServer):
401
"""A proxy server requiring authentication"""
403
def init_proxy_auth(self):
404
self.proxy_requests = True
405
self.auth_header_sent = 'Proxy-Authenticate'
406
self.auth_header_recv = 'Proxy-Authorization'
407
self.auth_error_code = 407
410
class HTTPBasicAuthServer(HTTPAuthServer):
411
"""An HTTP server requiring basic authentication"""
413
def __init__(self, protocol_version=None):
414
HTTPAuthServer.__init__(self, BasicAuthRequestHandler, 'basic',
415
protocol_version=protocol_version)
416
self.init_http_auth()
419
class HTTPDigestAuthServer(DigestAuthServer, HTTPAuthServer):
420
"""An HTTP server requiring digest authentication"""
422
def __init__(self, protocol_version=None):
423
DigestAuthServer.__init__(self, DigestAuthRequestHandler, 'digest',
424
protocol_version=protocol_version)
425
self.init_http_auth()
428
class ProxyBasicAuthServer(ProxyAuthServer):
429
"""A proxy server requiring basic authentication"""
431
def __init__(self, protocol_version=None):
432
ProxyAuthServer.__init__(self, BasicAuthRequestHandler, 'basic',
433
protocol_version=protocol_version)
434
self.init_proxy_auth()
437
class ProxyDigestAuthServer(DigestAuthServer, ProxyAuthServer):
438
"""A proxy server requiring basic authentication"""
440
def __init__(self, protocol_version=None):
441
ProxyAuthServer.__init__(self, DigestAuthRequestHandler, 'digest',
442
protocol_version=protocol_version)
443
self.init_proxy_auth()
added
removed
bzrlib/tests/http_utils.py
