root / test / ganeti.http_unittest.py @ 18215385
History | View | Annotate | Download (12.2 kB)
1 | a0638838 | Oleksiy Mishchenko | #!/usr/bin/python
|
---|---|---|---|
2 | a0638838 | Oleksiy Mishchenko | #
|
3 | a0638838 | Oleksiy Mishchenko | |
4 | a0638838 | Oleksiy Mishchenko | # Copyright (C) 2007, 2008 Google Inc.
|
5 | a0638838 | Oleksiy Mishchenko | #
|
6 | a0638838 | Oleksiy Mishchenko | # This program is free software; you can redistribute it and/or modify
|
7 | a0638838 | Oleksiy Mishchenko | # it under the terms of the GNU General Public License as published by
|
8 | a0638838 | Oleksiy Mishchenko | # the Free Software Foundation; either version 2 of the License, or
|
9 | a0638838 | Oleksiy Mishchenko | # (at your option) any later version.
|
10 | a0638838 | Oleksiy Mishchenko | #
|
11 | a0638838 | Oleksiy Mishchenko | # This program is distributed in the hope that it will be useful, but
|
12 | a0638838 | Oleksiy Mishchenko | # WITHOUT ANY WARRANTY; without even the implied warranty of
|
13 | a0638838 | Oleksiy Mishchenko | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
14 | a0638838 | Oleksiy Mishchenko | # General Public License for more details.
|
15 | a0638838 | Oleksiy Mishchenko | #
|
16 | a0638838 | Oleksiy Mishchenko | # You should have received a copy of the GNU General Public License
|
17 | a0638838 | Oleksiy Mishchenko | # along with this program; if not, write to the Free Software
|
18 | a0638838 | Oleksiy Mishchenko | # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
19 | a0638838 | Oleksiy Mishchenko | # 02110-1301, USA.
|
20 | a0638838 | Oleksiy Mishchenko | |
21 | a0638838 | Oleksiy Mishchenko | |
22 | a0638838 | Oleksiy Mishchenko | """Script for unittesting the http module"""
|
23 | a0638838 | Oleksiy Mishchenko | |
24 | a0638838 | Oleksiy Mishchenko | |
25 | a0638838 | Oleksiy Mishchenko | import os |
26 | a0638838 | Oleksiy Mishchenko | import unittest |
27 | a0638838 | Oleksiy Mishchenko | import time |
28 | a8950eb7 | Michael Hanselmann | import tempfile |
29 | a0638838 | Oleksiy Mishchenko | |
30 | a0638838 | Oleksiy Mishchenko | from ganeti import http |
31 | a0638838 | Oleksiy Mishchenko | |
32 | f30ca1e6 | Michael Hanselmann | import ganeti.http.server |
33 | f30ca1e6 | Michael Hanselmann | import ganeti.http.client |
34 | bf9bd8dd | Michael Hanselmann | import ganeti.http.auth |
35 | a0638838 | Oleksiy Mishchenko | |
36 | 25231ec5 | Michael Hanselmann | import testutils |
37 | 25231ec5 | Michael Hanselmann | |
38 | f30ca1e6 | Michael Hanselmann | |
39 | f30ca1e6 | Michael Hanselmann | class TestStartLines(unittest.TestCase): |
40 | f30ca1e6 | Michael Hanselmann | """Test cases for start line classes"""
|
41 | f30ca1e6 | Michael Hanselmann | |
42 | f30ca1e6 | Michael Hanselmann | def testClientToServerStartLine(self): |
43 | f30ca1e6 | Michael Hanselmann | """Test client to server start line (HTTP request)"""
|
44 | f30ca1e6 | Michael Hanselmann | start_line = http.HttpClientToServerStartLine("GET", "/", "HTTP/1.1") |
45 | f30ca1e6 | Michael Hanselmann | self.assertEqual(str(start_line), "GET / HTTP/1.1") |
46 | f30ca1e6 | Michael Hanselmann | |
47 | f30ca1e6 | Michael Hanselmann | def testServerToClientStartLine(self): |
48 | f30ca1e6 | Michael Hanselmann | """Test server to client start line (HTTP response)"""
|
49 | f30ca1e6 | Michael Hanselmann | start_line = http.HttpServerToClientStartLine("HTTP/1.1", 200, "OK") |
50 | f30ca1e6 | Michael Hanselmann | self.assertEqual(str(start_line), "HTTP/1.1 200 OK") |
51 | f30ca1e6 | Michael Hanselmann | |
52 | f30ca1e6 | Michael Hanselmann | |
53 | f30ca1e6 | Michael Hanselmann | class TestMisc(unittest.TestCase): |
54 | f30ca1e6 | Michael Hanselmann | """Miscellaneous tests"""
|
55 | f30ca1e6 | Michael Hanselmann | |
56 | f30ca1e6 | Michael Hanselmann | def _TestDateTimeHeader(self, gmnow, expected): |
57 | f30ca1e6 | Michael Hanselmann | self.assertEqual(http.server._DateTimeHeader(gmnow=gmnow), expected)
|
58 | f30ca1e6 | Michael Hanselmann | |
59 | f30ca1e6 | Michael Hanselmann | def testDateTimeHeader(self): |
60 | f30ca1e6 | Michael Hanselmann | """Test ganeti.http._DateTimeHeader"""
|
61 | f30ca1e6 | Michael Hanselmann | self._TestDateTimeHeader((2008, 1, 2, 3, 4, 5, 3, 0, 0), |
62 | f30ca1e6 | Michael Hanselmann | "Thu, 02 Jan 2008 03:04:05 GMT")
|
63 | f30ca1e6 | Michael Hanselmann | self._TestDateTimeHeader((2008, 1, 1, 0, 0, 0, 0, 0, 0), |
64 | f30ca1e6 | Michael Hanselmann | "Mon, 01 Jan 2008 00:00:00 GMT")
|
65 | f30ca1e6 | Michael Hanselmann | self._TestDateTimeHeader((2008, 12, 31, 0, 0, 0, 0, 0, 0), |
66 | f30ca1e6 | Michael Hanselmann | "Mon, 31 Dec 2008 00:00:00 GMT")
|
67 | f30ca1e6 | Michael Hanselmann | self._TestDateTimeHeader((2008, 12, 31, 23, 59, 59, 0, 0, 0), |
68 | f30ca1e6 | Michael Hanselmann | "Mon, 31 Dec 2008 23:59:59 GMT")
|
69 | f30ca1e6 | Michael Hanselmann | self._TestDateTimeHeader((2008, 12, 31, 0, 0, 0, 6, 0, 0), |
70 | f30ca1e6 | Michael Hanselmann | "Sun, 31 Dec 2008 00:00:00 GMT")
|
71 | f30ca1e6 | Michael Hanselmann | |
72 | f30ca1e6 | Michael Hanselmann | def testHttpServerRequest(self): |
73 | f30ca1e6 | Michael Hanselmann | """Test ganeti.http.server._HttpServerRequest"""
|
74 | a8950eb7 | Michael Hanselmann | server_request = http.server._HttpServerRequest("GET", "/", None, None) |
75 | f30ca1e6 | Michael Hanselmann | |
76 | f30ca1e6 | Michael Hanselmann | # These are expected by users of the HTTP server
|
77 | f30ca1e6 | Michael Hanselmann | self.assert_(hasattr(server_request, "request_method")) |
78 | f30ca1e6 | Michael Hanselmann | self.assert_(hasattr(server_request, "request_path")) |
79 | f30ca1e6 | Michael Hanselmann | self.assert_(hasattr(server_request, "request_headers")) |
80 | f30ca1e6 | Michael Hanselmann | self.assert_(hasattr(server_request, "request_body")) |
81 | f30ca1e6 | Michael Hanselmann | self.assert_(isinstance(server_request.resp_headers, dict)) |
82 | 68fa9caf | Michael Hanselmann | self.assert_(hasattr(server_request, "private")) |
83 | f30ca1e6 | Michael Hanselmann | |
84 | f30ca1e6 | Michael Hanselmann | def testServerSizeLimits(self): |
85 | f30ca1e6 | Michael Hanselmann | """Test HTTP server size limits"""
|
86 | f30ca1e6 | Michael Hanselmann | message_reader_class = http.server._HttpClientToServerMessageReader |
87 | f30ca1e6 | Michael Hanselmann | self.assert_(message_reader_class.START_LINE_LENGTH_MAX > 0) |
88 | f30ca1e6 | Michael Hanselmann | self.assert_(message_reader_class.HEADER_LENGTH_MAX > 0) |
89 | f30ca1e6 | Michael Hanselmann | |
90 | f30ca1e6 | Michael Hanselmann | def testClientSizeLimits(self): |
91 | f30ca1e6 | Michael Hanselmann | """Test HTTP client size limits"""
|
92 | f30ca1e6 | Michael Hanselmann | message_reader_class = http.client._HttpServerToClientMessageReader |
93 | f30ca1e6 | Michael Hanselmann | self.assert_(message_reader_class.START_LINE_LENGTH_MAX > 0) |
94 | f30ca1e6 | Michael Hanselmann | self.assert_(message_reader_class.HEADER_LENGTH_MAX > 0) |
95 | a0638838 | Oleksiy Mishchenko | |
96 | a8950eb7 | Michael Hanselmann | def testFormatAuthHeader(self): |
97 | a8950eb7 | Michael Hanselmann | self.assertEqual(http.auth._FormatAuthHeader("Basic", {}), |
98 | a8950eb7 | Michael Hanselmann | "Basic")
|
99 | a8950eb7 | Michael Hanselmann | self.assertEqual(http.auth._FormatAuthHeader("Basic", { "foo": "bar", }), |
100 | a8950eb7 | Michael Hanselmann | "Basic foo=bar")
|
101 | a8950eb7 | Michael Hanselmann | self.assertEqual(http.auth._FormatAuthHeader("Basic", { "foo": "", }), |
102 | a8950eb7 | Michael Hanselmann | "Basic foo=\"\"")
|
103 | a8950eb7 | Michael Hanselmann | self.assertEqual(http.auth._FormatAuthHeader("Basic", { "foo": "x,y", }), |
104 | a8950eb7 | Michael Hanselmann | "Basic foo=\"x,y\"")
|
105 | a8950eb7 | Michael Hanselmann | params = { |
106 | a8950eb7 | Michael Hanselmann | "foo": "x,y", |
107 | a8950eb7 | Michael Hanselmann | "realm": "secure", |
108 | a8950eb7 | Michael Hanselmann | } |
109 | a8950eb7 | Michael Hanselmann | # It's a dict whose order isn't guaranteed, hence checking a list
|
110 | a8950eb7 | Michael Hanselmann | self.assert_(http.auth._FormatAuthHeader("Digest", params) in |
111 | a8950eb7 | Michael Hanselmann | ("Digest foo=\"x,y\" realm=secure",
|
112 | a8950eb7 | Michael Hanselmann | "Digest realm=secure foo=\"x,y\""))
|
113 | a8950eb7 | Michael Hanselmann | |
114 | a0638838 | Oleksiy Mishchenko | |
115 | bf9bd8dd | Michael Hanselmann | class _FakeRequestAuth(http.auth.HttpServerRequestAuthentication): |
116 | a8950eb7 | Michael Hanselmann | def __init__(self, realm, authreq, authenticate_fn): |
117 | bf9bd8dd | Michael Hanselmann | http.auth.HttpServerRequestAuthentication.__init__(self)
|
118 | bf9bd8dd | Michael Hanselmann | |
119 | bf9bd8dd | Michael Hanselmann | self.realm = realm
|
120 | a8950eb7 | Michael Hanselmann | self.authreq = authreq
|
121 | a8950eb7 | Michael Hanselmann | self.authenticate_fn = authenticate_fn
|
122 | a8950eb7 | Michael Hanselmann | |
123 | a8950eb7 | Michael Hanselmann | def AuthenticationRequired(self, req): |
124 | a8950eb7 | Michael Hanselmann | return self.authreq |
125 | bf9bd8dd | Michael Hanselmann | |
126 | bf9bd8dd | Michael Hanselmann | def GetAuthRealm(self, req): |
127 | bf9bd8dd | Michael Hanselmann | return self.realm |
128 | bf9bd8dd | Michael Hanselmann | |
129 | a8950eb7 | Michael Hanselmann | def Authenticate(self, *args): |
130 | a8950eb7 | Michael Hanselmann | if self.authenticate_fn: |
131 | a8950eb7 | Michael Hanselmann | return self.authenticate_fn(*args) |
132 | a8950eb7 | Michael Hanselmann | raise NotImplementedError() |
133 | a8950eb7 | Michael Hanselmann | |
134 | bf9bd8dd | Michael Hanselmann | |
135 | bf9bd8dd | Michael Hanselmann | class TestAuth(unittest.TestCase): |
136 | bf9bd8dd | Michael Hanselmann | """Authentication tests"""
|
137 | bf9bd8dd | Michael Hanselmann | |
138 | bf9bd8dd | Michael Hanselmann | hsra = http.auth.HttpServerRequestAuthentication |
139 | bf9bd8dd | Michael Hanselmann | |
140 | bf9bd8dd | Michael Hanselmann | def testConstants(self): |
141 | a8950eb7 | Michael Hanselmann | for scheme in [self.hsra._CLEARTEXT_SCHEME, self.hsra._HA1_SCHEME]: |
142 | a8950eb7 | Michael Hanselmann | self.assertEqual(scheme, scheme.upper())
|
143 | a8950eb7 | Michael Hanselmann | self.assert_(scheme.startswith("{")) |
144 | a8950eb7 | Michael Hanselmann | self.assert_(scheme.endswith("}")) |
145 | bf9bd8dd | Michael Hanselmann | |
146 | bf9bd8dd | Michael Hanselmann | def _testVerifyBasicAuthPassword(self, realm, user, password, expected): |
147 | a8950eb7 | Michael Hanselmann | ra = _FakeRequestAuth(realm, False, None) |
148 | bf9bd8dd | Michael Hanselmann | |
149 | bf9bd8dd | Michael Hanselmann | return ra.VerifyBasicAuthPassword(None, user, password, expected) |
150 | bf9bd8dd | Michael Hanselmann | |
151 | bf9bd8dd | Michael Hanselmann | def testVerifyBasicAuthPassword(self): |
152 | bf9bd8dd | Michael Hanselmann | tvbap = self._testVerifyBasicAuthPassword
|
153 | bf9bd8dd | Michael Hanselmann | |
154 | bf9bd8dd | Michael Hanselmann | good_pws = ["pw", "pw{", "pw}", "pw{}", "pw{x}y", "}pw", |
155 | bf9bd8dd | Michael Hanselmann | "0", "123", "foo...:xyz", "TeST"] |
156 | bf9bd8dd | Michael Hanselmann | |
157 | bf9bd8dd | Michael Hanselmann | for pw in good_pws: |
158 | bf9bd8dd | Michael Hanselmann | # Try cleartext passwords
|
159 | bf9bd8dd | Michael Hanselmann | self.assert_(tvbap("abc", "user", pw, pw)) |
160 | bf9bd8dd | Michael Hanselmann | self.assert_(tvbap("abc", "user", pw, "{cleartext}" + pw)) |
161 | bf9bd8dd | Michael Hanselmann | self.assert_(tvbap("abc", "user", pw, "{ClearText}" + pw)) |
162 | bf9bd8dd | Michael Hanselmann | self.assert_(tvbap("abc", "user", pw, "{CLEARTEXT}" + pw)) |
163 | bf9bd8dd | Michael Hanselmann | |
164 | bf9bd8dd | Michael Hanselmann | # Try with invalid password
|
165 | bf9bd8dd | Michael Hanselmann | self.failIf(tvbap("abc", "user", pw, "something")) |
166 | bf9bd8dd | Michael Hanselmann | |
167 | bf9bd8dd | Michael Hanselmann | # Try with invalid scheme
|
168 | bf9bd8dd | Michael Hanselmann | self.failIf(tvbap("abc", "user", pw, "{000}" + pw)) |
169 | bf9bd8dd | Michael Hanselmann | self.failIf(tvbap("abc", "user", pw, "{unk}" + pw)) |
170 | bf9bd8dd | Michael Hanselmann | self.failIf(tvbap("abc", "user", pw, "{Unk}" + pw)) |
171 | bf9bd8dd | Michael Hanselmann | self.failIf(tvbap("abc", "user", pw, "{UNK}" + pw)) |
172 | bf9bd8dd | Michael Hanselmann | |
173 | bf9bd8dd | Michael Hanselmann | # Try with invalid scheme format
|
174 | bf9bd8dd | Michael Hanselmann | self.failIf(tvbap("abc", "user", "pw", "{something")) |
175 | bf9bd8dd | Michael Hanselmann | |
176 | bf9bd8dd | Michael Hanselmann | # Hash is MD5("user:This is only a test:pw")
|
177 | bf9bd8dd | Michael Hanselmann | self.assert_(tvbap("This is only a test", "user", "pw", |
178 | bf9bd8dd | Michael Hanselmann | "{ha1}92ea58ae804481498c257b2f65561a17"))
|
179 | bf9bd8dd | Michael Hanselmann | self.assert_(tvbap("This is only a test", "user", "pw", |
180 | bf9bd8dd | Michael Hanselmann | "{HA1}92ea58ae804481498c257b2f65561a17"))
|
181 | bf9bd8dd | Michael Hanselmann | |
182 | 23ccba04 | Michael Hanselmann | self.failUnlessRaises(AssertionError, tvbap, None, "user", "pw", |
183 | 23ccba04 | Michael Hanselmann | "{HA1}92ea58ae804481498c257b2f65561a17")
|
184 | bf9bd8dd | Michael Hanselmann | self.failIf(tvbap("Admin area", "user", "pw", |
185 | bf9bd8dd | Michael Hanselmann | "{HA1}92ea58ae804481498c257b2f65561a17"))
|
186 | bf9bd8dd | Michael Hanselmann | self.failIf(tvbap("This is only a test", "someone", "pw", |
187 | bf9bd8dd | Michael Hanselmann | "{HA1}92ea58ae804481498c257b2f65561a17"))
|
188 | bf9bd8dd | Michael Hanselmann | self.failIf(tvbap("This is only a test", "user", "something", |
189 | bf9bd8dd | Michael Hanselmann | "{HA1}92ea58ae804481498c257b2f65561a17"))
|
190 | bf9bd8dd | Michael Hanselmann | |
191 | bf9bd8dd | Michael Hanselmann | |
192 | a8950eb7 | Michael Hanselmann | class _SimpleAuthenticator: |
193 | a8950eb7 | Michael Hanselmann | def __init__(self, user, password): |
194 | a8950eb7 | Michael Hanselmann | self.user = user
|
195 | a8950eb7 | Michael Hanselmann | self.password = password
|
196 | a8950eb7 | Michael Hanselmann | self.called = False |
197 | a8950eb7 | Michael Hanselmann | |
198 | a8950eb7 | Michael Hanselmann | def __call__(self, req, user, password): |
199 | a8950eb7 | Michael Hanselmann | self.called = True |
200 | a8950eb7 | Michael Hanselmann | return self.user == user and self.password == password |
201 | a8950eb7 | Michael Hanselmann | |
202 | a8950eb7 | Michael Hanselmann | |
203 | a8950eb7 | Michael Hanselmann | class TestHttpServerRequestAuthentication(unittest.TestCase): |
204 | a8950eb7 | Michael Hanselmann | def testNoAuth(self): |
205 | a8950eb7 | Michael Hanselmann | req = http.server._HttpServerRequest("GET", "/", None, None) |
206 | a8950eb7 | Michael Hanselmann | _FakeRequestAuth("area1", False, None).PreHandleRequest(req) |
207 | a8950eb7 | Michael Hanselmann | |
208 | a8950eb7 | Michael Hanselmann | def testNoRealm(self): |
209 | a8950eb7 | Michael Hanselmann | headers = { http.HTTP_AUTHORIZATION: "", }
|
210 | a8950eb7 | Michael Hanselmann | req = http.server._HttpServerRequest("GET", "/", headers, None) |
211 | a8950eb7 | Michael Hanselmann | ra = _FakeRequestAuth(None, False, None) |
212 | a8950eb7 | Michael Hanselmann | self.assertRaises(AssertionError, ra.PreHandleRequest, req) |
213 | a8950eb7 | Michael Hanselmann | |
214 | a8950eb7 | Michael Hanselmann | def testNoScheme(self): |
215 | a8950eb7 | Michael Hanselmann | headers = { http.HTTP_AUTHORIZATION: "", }
|
216 | a8950eb7 | Michael Hanselmann | req = http.server._HttpServerRequest("GET", "/", headers, None) |
217 | a8950eb7 | Michael Hanselmann | ra = _FakeRequestAuth("area1", False, None) |
218 | a8950eb7 | Michael Hanselmann | self.assertRaises(http.HttpUnauthorized, ra.PreHandleRequest, req)
|
219 | a8950eb7 | Michael Hanselmann | |
220 | a8950eb7 | Michael Hanselmann | def testUnknownScheme(self): |
221 | a8950eb7 | Michael Hanselmann | headers = { http.HTTP_AUTHORIZATION: "NewStyleAuth abc", }
|
222 | a8950eb7 | Michael Hanselmann | req = http.server._HttpServerRequest("GET", "/", headers, None) |
223 | a8950eb7 | Michael Hanselmann | ra = _FakeRequestAuth("area1", False, None) |
224 | a8950eb7 | Michael Hanselmann | self.assertRaises(http.HttpUnauthorized, ra.PreHandleRequest, req)
|
225 | a8950eb7 | Michael Hanselmann | |
226 | a8950eb7 | Michael Hanselmann | def testInvalidBase64(self): |
227 | a8950eb7 | Michael Hanselmann | headers = { http.HTTP_AUTHORIZATION: "Basic x_=_", }
|
228 | a8950eb7 | Michael Hanselmann | req = http.server._HttpServerRequest("GET", "/", headers, None) |
229 | a8950eb7 | Michael Hanselmann | ra = _FakeRequestAuth("area1", False, None) |
230 | a8950eb7 | Michael Hanselmann | self.assertRaises(http.HttpUnauthorized, ra.PreHandleRequest, req)
|
231 | a8950eb7 | Michael Hanselmann | |
232 | a8950eb7 | Michael Hanselmann | def testAuthForPublicResource(self): |
233 | a8950eb7 | Michael Hanselmann | headers = { |
234 | a8950eb7 | Michael Hanselmann | http.HTTP_AUTHORIZATION: "Basic %s" % ("foo".encode("base64").strip(), ), |
235 | a8950eb7 | Michael Hanselmann | } |
236 | a8950eb7 | Michael Hanselmann | req = http.server._HttpServerRequest("GET", "/", headers, None) |
237 | a8950eb7 | Michael Hanselmann | ra = _FakeRequestAuth("area1", False, None) |
238 | a8950eb7 | Michael Hanselmann | self.assertRaises(http.HttpUnauthorized, ra.PreHandleRequest, req)
|
239 | a8950eb7 | Michael Hanselmann | |
240 | a8950eb7 | Michael Hanselmann | def testAuthForPublicResource(self): |
241 | a8950eb7 | Michael Hanselmann | headers = { |
242 | a8950eb7 | Michael Hanselmann | http.HTTP_AUTHORIZATION: |
243 | a8950eb7 | Michael Hanselmann | "Basic %s" % ("foo:bar".encode("base64").strip(), ), |
244 | a8950eb7 | Michael Hanselmann | } |
245 | a8950eb7 | Michael Hanselmann | req = http.server._HttpServerRequest("GET", "/", headers, None) |
246 | a8950eb7 | Michael Hanselmann | ac = _SimpleAuthenticator("foo", "bar") |
247 | a8950eb7 | Michael Hanselmann | ra = _FakeRequestAuth("area1", False, ac) |
248 | a8950eb7 | Michael Hanselmann | ra.PreHandleRequest(req) |
249 | a8950eb7 | Michael Hanselmann | |
250 | a8950eb7 | Michael Hanselmann | req = http.server._HttpServerRequest("GET", "/", headers, None) |
251 | a8950eb7 | Michael Hanselmann | ac = _SimpleAuthenticator("something", "else") |
252 | a8950eb7 | Michael Hanselmann | ra = _FakeRequestAuth("area1", False, ac) |
253 | a8950eb7 | Michael Hanselmann | self.assertRaises(http.HttpUnauthorized, ra.PreHandleRequest, req)
|
254 | a8950eb7 | Michael Hanselmann | |
255 | a8950eb7 | Michael Hanselmann | def testInvalidRequestHeader(self): |
256 | a8950eb7 | Michael Hanselmann | checks = { |
257 | a8950eb7 | Michael Hanselmann | http.HttpUnauthorized: ["", "\t", "-", ".", "@", "<", ">", "Digest", |
258 | a8950eb7 | Michael Hanselmann | "basic %s" % "foobar".encode("base64").strip()], |
259 | a8950eb7 | Michael Hanselmann | http.HttpBadRequest: ["Basic"],
|
260 | a8950eb7 | Michael Hanselmann | } |
261 | a8950eb7 | Michael Hanselmann | |
262 | a8950eb7 | Michael Hanselmann | for exc, headers in checks.items(): |
263 | a8950eb7 | Michael Hanselmann | for i in headers: |
264 | a8950eb7 | Michael Hanselmann | headers = { http.HTTP_AUTHORIZATION: i, } |
265 | a8950eb7 | Michael Hanselmann | req = http.server._HttpServerRequest("GET", "/", headers, None) |
266 | a8950eb7 | Michael Hanselmann | ra = _FakeRequestAuth("area1", False, None) |
267 | a8950eb7 | Michael Hanselmann | self.assertRaises(exc, ra.PreHandleRequest, req)
|
268 | a8950eb7 | Michael Hanselmann | |
269 | a8950eb7 | Michael Hanselmann | def testBasicAuth(self): |
270 | a8950eb7 | Michael Hanselmann | for user in ["", "joe", "user name with spaces"]: |
271 | a8950eb7 | Michael Hanselmann | for pw in ["", "-", ":", "foobar", "Foo Bar Baz", "@@@", "###", |
272 | a8950eb7 | Michael Hanselmann | "foo:bar:baz"]:
|
273 | a8950eb7 | Michael Hanselmann | for wrong_pw in [True, False]: |
274 | a8950eb7 | Michael Hanselmann | basic_auth = "%s:%s" % (user, pw)
|
275 | a8950eb7 | Michael Hanselmann | if wrong_pw:
|
276 | a8950eb7 | Michael Hanselmann | basic_auth += "WRONG"
|
277 | a8950eb7 | Michael Hanselmann | headers = { |
278 | a8950eb7 | Michael Hanselmann | http.HTTP_AUTHORIZATION: |
279 | a8950eb7 | Michael Hanselmann | "Basic %s" % (basic_auth.encode("base64").strip(), ), |
280 | a8950eb7 | Michael Hanselmann | } |
281 | a8950eb7 | Michael Hanselmann | req = http.server._HttpServerRequest("GET", "/", headers, None) |
282 | a8950eb7 | Michael Hanselmann | |
283 | a8950eb7 | Michael Hanselmann | ac = _SimpleAuthenticator(user, pw) |
284 | a8950eb7 | Michael Hanselmann | self.assertFalse(ac.called)
|
285 | a8950eb7 | Michael Hanselmann | ra = _FakeRequestAuth("area1", True, ac) |
286 | a8950eb7 | Michael Hanselmann | if wrong_pw:
|
287 | a8950eb7 | Michael Hanselmann | try:
|
288 | a8950eb7 | Michael Hanselmann | ra.PreHandleRequest(req) |
289 | a8950eb7 | Michael Hanselmann | except http.HttpUnauthorized, err:
|
290 | a8950eb7 | Michael Hanselmann | www_auth = err.headers[http.HTTP_WWW_AUTHENTICATE] |
291 | a8950eb7 | Michael Hanselmann | self.assert_(www_auth.startswith(http.auth.HTTP_BASIC_AUTH))
|
292 | a8950eb7 | Michael Hanselmann | else:
|
293 | a8950eb7 | Michael Hanselmann | self.fail("Didn't raise HttpUnauthorized") |
294 | a8950eb7 | Michael Hanselmann | else:
|
295 | a8950eb7 | Michael Hanselmann | ra.PreHandleRequest(req) |
296 | a8950eb7 | Michael Hanselmann | self.assert_(ac.called)
|
297 | a8950eb7 | Michael Hanselmann | |
298 | a8950eb7 | Michael Hanselmann | |
299 | a8950eb7 | Michael Hanselmann | class TestReadPasswordFile(testutils.GanetiTestCase): |
300 | a8950eb7 | Michael Hanselmann | def setUp(self): |
301 | a8950eb7 | Michael Hanselmann | testutils.GanetiTestCase.setUp(self)
|
302 | a8950eb7 | Michael Hanselmann | |
303 | a8950eb7 | Michael Hanselmann | self.tmpfile = tempfile.NamedTemporaryFile()
|
304 | a8950eb7 | Michael Hanselmann | |
305 | a8950eb7 | Michael Hanselmann | def testSimple(self): |
306 | a8950eb7 | Michael Hanselmann | self.tmpfile.write("user1 password") |
307 | a8950eb7 | Michael Hanselmann | self.tmpfile.flush()
|
308 | a8950eb7 | Michael Hanselmann | |
309 | a8950eb7 | Michael Hanselmann | users = http.auth.ReadPasswordFile(self.tmpfile.name)
|
310 | a8950eb7 | Michael Hanselmann | self.assertEqual(len(users), 1) |
311 | a8950eb7 | Michael Hanselmann | self.assertEqual(users["user1"].password, "password") |
312 | a8950eb7 | Michael Hanselmann | self.assertEqual(len(users["user1"].options), 0) |
313 | a8950eb7 | Michael Hanselmann | |
314 | a8950eb7 | Michael Hanselmann | def testOptions(self): |
315 | a8950eb7 | Michael Hanselmann | self.tmpfile.write("# Passwords\n") |
316 | a8950eb7 | Michael Hanselmann | self.tmpfile.write("user1 password\n") |
317 | a8950eb7 | Michael Hanselmann | self.tmpfile.write("\n") |
318 | a8950eb7 | Michael Hanselmann | self.tmpfile.write("# Comment\n") |
319 | a8950eb7 | Michael Hanselmann | self.tmpfile.write("user2 pw write,read\n") |
320 | a8950eb7 | Michael Hanselmann | self.tmpfile.write(" \t# Another comment\n") |
321 | a8950eb7 | Michael Hanselmann | self.tmpfile.write("invalidline\n") |
322 | a8950eb7 | Michael Hanselmann | self.tmpfile.flush()
|
323 | a8950eb7 | Michael Hanselmann | |
324 | a8950eb7 | Michael Hanselmann | users = http.auth.ReadPasswordFile(self.tmpfile.name)
|
325 | a8950eb7 | Michael Hanselmann | self.assertEqual(len(users), 2) |
326 | a8950eb7 | Michael Hanselmann | self.assertEqual(users["user1"].password, "password") |
327 | a8950eb7 | Michael Hanselmann | self.assertEqual(len(users["user1"].options), 0) |
328 | a8950eb7 | Michael Hanselmann | |
329 | a8950eb7 | Michael Hanselmann | self.assertEqual(users["user2"].password, "pw") |
330 | a8950eb7 | Michael Hanselmann | self.assertEqual(users["user2"].options, ["write", "read"]) |
331 | a8950eb7 | Michael Hanselmann | |
332 | a8950eb7 | Michael Hanselmann | |
333 | a0638838 | Oleksiy Mishchenko | if __name__ == '__main__': |
334 | 25231ec5 | Michael Hanselmann | testutils.GanetiTestProgram() |