def test_check():
    up = proxyauth.ProxyAuth()
    with taddons.context() as ctx:
        ctx.configure(up, auth_nonanonymous=True)
        f = tflow.tflow()
        assert not up.check(f)
        f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
            "test", "test")
        assert up.check(f)

        f.request.headers["Proxy-Authorization"] = "invalid"
        assert not up.check(f)

        f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
            "test", "test", scheme="unknown")
        assert not up.check(f)

        ctx.configure(up, auth_nonanonymous=False, auth_singleuser="******")
        f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
            "test", "test")
        assert up.check(f)
        ctx.configure(up, auth_nonanonymous=False, auth_singleuser="******")
        assert not up.check(f)

        ctx.configure(
            up,
            auth_singleuser=None,
            auth_htpasswd=tutils.test_data.path("mitmproxy/net/data/htpasswd"))
        f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
            "test", "test")
        assert up.check(f)
        f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
            "test", "foo")
        assert not up.check(f)
Beispiel #2
0
    def test_authenticate(self):
        up = proxyauth.ProxyAuth()
        with taddons.context(up, loadcore=False) as ctx:
            ctx.configure(up, proxyauth="any", mode="regular")

            f = tflow.tflow()
            assert not f.response
            up.authenticate(f)
            assert f.response.status_code == 407

            f = tflow.tflow()
            f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
                "test", "test"
            )
            up.authenticate(f)
            assert not f.response
            assert not f.request.headers.get("Proxy-Authorization")

            f = tflow.tflow()
            ctx.configure(up, mode="reverse")
            assert not f.response
            up.authenticate(f)
            assert f.response.status_code == 401

            f = tflow.tflow()
            f.request.headers["Authorization"] = proxyauth.mkauth(
                "test", "test"
            )
            up.authenticate(f)
            assert not f.response
            assert not f.request.headers.get("Authorization")
def test_authenticate():
    up = proxyauth.ProxyAuth()
    with taddons.context() as ctx:
        ctx.configure(up, auth_nonanonymous=True)

        f = tflow.tflow()
        assert not f.response
        up.authenticate(f)
        assert f.response.status_code == 407

        f = tflow.tflow()
        f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
            "test", "test")
        up.authenticate(f)
        assert not f.response
        assert not f.request.headers.get("Proxy-Authorization")

        f = tflow.tflow()
        f.mode = "transparent"
        assert not f.response
        up.authenticate(f)
        assert f.response.status_code == 401

        f = tflow.tflow()
        f.mode = "transparent"
        f.request.headers["Authorization"] = proxyauth.mkauth("test", "test")
        up.authenticate(f)
        assert not f.response
        assert not f.request.headers.get("Authorization")
Beispiel #4
0
    def test_authenticate(self):
        up = proxyauth.ProxyAuth()
        with taddons.context(up, loadcore=False) as ctx:
            ctx.configure(up, proxyauth="any", mode="regular")

            f = tflow.tflow()
            assert not f.response
            up.authenticate_http(f)
            assert f.response.status_code == 407

            f = tflow.tflow()
            f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
                "test", "test"
            )
            up.authenticate_http(f)
            assert not f.response
            assert not f.request.headers.get("Proxy-Authorization")

            f = tflow.tflow()
            ctx.configure(up, mode="reverse")
            assert not f.response
            up.authenticate_http(f)
            assert f.response.status_code == 401

            f = tflow.tflow()
            f.request.headers["Authorization"] = proxyauth.mkauth(
                "test", "test"
            )
            up.authenticate_http(f)
            assert not f.response
            assert not f.request.headers.get("Authorization")
Beispiel #5
0
def test_authenticate():
    up = proxyauth.ProxyAuth()
    with taddons.context() as ctx:
        ctx.configure(up, auth_nonanonymous=True)

        f = tflow.tflow()
        assert not f.response
        up.authenticate(f)
        assert f.response.status_code == 407

        f = tflow.tflow()
        f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
            "test", "test"
        )
        up.authenticate(f)
        assert not f.response
        assert not f.request.headers.get("Proxy-Authorization")

        f = tflow.tflow()
        f.mode = "transparent"
        assert not f.response
        up.authenticate(f)
        assert f.response.status_code == 401

        f = tflow.tflow()
        f.mode = "transparent"
        f.request.headers["Authorization"] = proxyauth.mkauth(
            "test", "test"
        )
        up.authenticate(f)
        assert not f.response
        assert not f.request.headers.get("Authorization")
Beispiel #6
0
def test_check():
    up = proxyauth.ProxyAuth()
    with taddons.context() as ctx:
        ctx.configure(up, proxyauth="any", mode="regular")
        f = tflow.tflow()
        assert not up.check(f)
        f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
            "test", "test")
        assert up.check(f)

        f.request.headers["Proxy-Authorization"] = "invalid"
        assert not up.check(f)

        f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
            "test", "test", scheme="unknown")
        assert not up.check(f)

        ctx.configure(up, proxyauth="test:test")
        f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
            "test", "test")
        assert up.check(f)
        ctx.configure(up, proxyauth="test:foo")
        assert not up.check(f)

        ctx.configure(up,
                      proxyauth="@" +
                      tutils.test_data.path("mitmproxy/net/data/htpasswd"))
        f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
            "test", "test")
        assert up.check(f)
        f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
            "test", "foo")
        assert not up.check(f)
Beispiel #7
0
    def test_handlers(self):
        up = proxyauth.ProxyAuth()
        with taddons.context(up) as ctx:
            ctx.configure(up, proxyauth="any", mode="regular")

            f = tflow.tflow()
            assert not f.response
            up.requestheaders(f)
            assert f.response.status_code == 407

            f = tflow.tflow()
            f.request.method = "CONNECT"
            assert not f.response
            up.http_connect(f)
            assert f.response.status_code == 407

            f = tflow.tflow()
            f.request.method = "CONNECT"
            f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
                "test", "test"
            )
            up.http_connect(f)
            assert not f.response

            f2 = tflow.tflow(client_conn=f.client_conn)
            up.requestheaders(f2)
            assert not f2.response
            assert f2.metadata["proxyauth"] == ('test', 'test')
Beispiel #8
0
def test_handlers():
    up = proxyauth.ProxyAuth()
    with taddons.context() as ctx:
        ctx.configure(up, auth_nonanonymous=True, mode="regular")

        f = tflow.tflow()
        assert not f.response
        up.requestheaders(f)
        assert f.response.status_code == 407

        f = tflow.tflow()
        f.request.method = "CONNECT"
        assert not f.response
        up.http_connect(f)
        assert f.response.status_code == 407

        f = tflow.tflow()
        f.request.method = "CONNECT"
        f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
            "test", "test"
        )
        up.http_connect(f)
        assert not f.response

        f2 = tflow.tflow(client_conn=f.client_conn)
        up.requestheaders(f2)
        assert not f2.response
Beispiel #9
0
    def test_handlers(self):
        up = proxyauth.ProxyAuth()
        with taddons.context(up) as ctx:
            ctx.configure(up, proxyauth="any", mode="regular")

            f = tflow.tflow()
            assert not f.response
            up.requestheaders(f)
            assert f.response.status_code == 407

            f = tflow.tflow()
            f.request.method = "CONNECT"
            assert not f.response
            up.http_connect(f)
            assert f.response.status_code == 407

            f = tflow.tflow()
            f.request.method = "CONNECT"
            f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
                "test", "test"
            )
            up.http_connect(f)
            assert not f.response

            f2 = tflow.tflow(client_conn=f.client_conn)
            up.requestheaders(f2)
            assert not f2.response
            assert f2.metadata["proxyauth"] == ('test', 'test')
Beispiel #10
0
def test_parse_http_basic_auth():
    assert proxyauth.parse_http_basic_auth(proxyauth.mkauth(
        "test", "test")) == ("basic", "test", "test")
    assert not proxyauth.parse_http_basic_auth("")
    assert not proxyauth.parse_http_basic_auth("foo bar")
    v = "basic " + binascii.b2a_base64(b"foo").decode("ascii")
    assert not proxyauth.parse_http_basic_auth(v)
Beispiel #11
0
def test_parse_http_basic_auth():
    assert proxyauth.parse_http_basic_auth(
        proxyauth.mkauth("test", "test")
    ) == ("basic", "test", "test")
    assert not proxyauth.parse_http_basic_auth("")
    assert not proxyauth.parse_http_basic_auth("foo bar")
    v = "basic " + binascii.b2a_base64(b"foo").decode("ascii")
    assert not proxyauth.parse_http_basic_auth(v)
Beispiel #12
0
    def test_check(self):
        up = proxyauth.ProxyAuth()
        with taddons.context(up) as ctx:
            ctx.configure(up, proxyauth="any", mode="regular")
            f = tflow.tflow()
            assert not up.check(f)
            f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
                "test", "test"
            )
            assert up.check(f)

            f.request.headers["Proxy-Authorization"] = "invalid"
            assert not up.check(f)

            f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
                "test", "test", scheme="unknown"
            )
            assert not up.check(f)

            ctx.configure(up, proxyauth="test:test")
            f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
                "test", "test"
            )
            assert up.check(f)
            ctx.configure(up, proxyauth="test:foo")
            assert not up.check(f)

            ctx.configure(
                up,
                proxyauth="@" + tutils.test_data.path(
                    "mitmproxy/net/data/htpasswd"
                )
            )
            f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
                "test", "test"
            )
            assert up.check(f)
            f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
                "test", "foo"
            )
            assert not up.check(f)

            with mock.patch('ldap3.Server', return_value="ldap://fake_server:389 - cleartext"):
                with mock.patch('ldap3.Connection', search="test"):
                    with mock.patch('ldap3.Connection.search', return_value="test"):
                        ctx.configure(
                            up,
                            proxyauth="ldap:localhost:cn=default,dc=cdhdt,dc=com:password:ou=application,dc=cdhdt,dc=com"
                        )
                        f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
                            "test", "test"
                        )
                        assert up.check(f)
                        f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
                            "", ""
                        )
                        assert not up.check(f)
Beispiel #13
0
def test_check():
    up = proxyauth.ProxyAuth()
    with taddons.context() as ctx:
        ctx.configure(up, auth_nonanonymous=True)
        f = tflow.tflow()
        assert not up.check(f)
        f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
            "test", "test"
        )
        assert up.check(f)

        f.request.headers["Proxy-Authorization"] = "invalid"
        assert not up.check(f)

        f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
            "test", "test", scheme = "unknown"
        )
        assert not up.check(f)

        ctx.configure(up, auth_nonanonymous=False, auth_singleuser="******")
        f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
            "test", "test"
        )
        assert up.check(f)
        ctx.configure(up, auth_nonanonymous=False, auth_singleuser="******")
        assert not up.check(f)

        ctx.configure(
            up,
            auth_singleuser = None,
            auth_htpasswd = tutils.test_data.path(
                "mitmproxy/net/data/htpasswd"
            )
        )
        f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
            "test", "test"
        )
        assert up.check(f)
        f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
            "test", "foo"
        )
        assert not up.check(f)
Beispiel #14
0
def test_parse_http_basic_auth():
    assert proxyauth.parse_http_basic_auth(proxyauth.mkauth(
        "test", "test")) == ("basic", "test", "test")
    with pytest.raises(ValueError):
        proxyauth.parse_http_basic_auth("")
    with pytest.raises(ValueError):
        proxyauth.parse_http_basic_auth("foo bar")
    with pytest.raises(ValueError):
        proxyauth.parse_http_basic_auth("basic abc")
    with pytest.raises(ValueError):
        v = "basic " + binascii.b2a_base64(b"foo").decode("ascii")
        proxyauth.parse_http_basic_auth(v)
Beispiel #15
0
 def test_auth(self):
     self.master.addons.add(proxyauth.ProxyAuth())
     self.master.options.auth_singleuser = "******"
     assert self.pathod("202").status_code == 401
     p = self.pathoc()
     with p.connect():
         ret = p.request("""
             get
             '/p/202'
             h'%s'='%s'
         """ % ("Authorization", proxyauth.mkauth("test", "test")))
     assert ret.status_code == 202
Beispiel #16
0
def test_parse_http_basic_auth():
    assert proxyauth.parse_http_basic_auth(
        proxyauth.mkauth("test", "test")
    ) == ("basic", "test", "test")
    with pytest.raises(ValueError):
        proxyauth.parse_http_basic_auth("")
    with pytest.raises(ValueError):
        proxyauth.parse_http_basic_auth("foo bar")
    with pytest.raises(ValueError):
        proxyauth.parse_http_basic_auth("basic abc")
    with pytest.raises(ValueError):
        v = "basic " + binascii.b2a_base64(b"foo").decode("ascii")
        proxyauth.parse_http_basic_auth(v)
Beispiel #17
0
 def test_auth(self):
     self.master.addons.add(proxyauth.ProxyAuth())
     self.master.options.proxyauth = "test:test"
     assert self.pathod("202").status_code == 407
     p = self.pathoc()
     with p.connect():
         ret = p.request("""
             get
             'http://localhost:%s/p/202'
             h'%s'='%s'
         """ % (self.server.port, "Proxy-Authorization",
                proxyauth.mkauth("test", "test")))
     assert ret.status_code == 202
Beispiel #18
0
 def test_auth(self):
     self.master.addons.add(proxyauth.ProxyAuth())
     self.master.options.auth_singleuser = "******"
     assert self.pathod("202").status_code == 401
     p = self.pathoc()
     with p.connect():
         ret = p.request("""
             get
             '/p/202'
             h'%s'='%s'
         """ % (
             "Authorization",
             proxyauth.mkauth("test", "test")
         ))
     assert ret.status_code == 202
Beispiel #19
0
    def test_check(self, tdata):
        up = proxyauth.ProxyAuth()
        with taddons.context(up) as ctx:
            ctx.configure(up, proxyauth="any", mode="regular")
            f = tflow.tflow()
            assert not up.check(f)
            f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
                "test", "test")
            assert up.check(f)

            f.request.headers["Proxy-Authorization"] = "invalid"
            assert not up.check(f)

            f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
                "test", "test", scheme="unknown")
            assert not up.check(f)

            ctx.configure(up, proxyauth="test:test")
            f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
                "test", "test")
            assert up.check(f)
            ctx.configure(up, proxyauth="test:foo")
            assert not up.check(f)

            ctx.configure(up,
                          proxyauth="@" +
                          tdata.path("mitmproxy/net/data/htpasswd"))
            f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
                "test", "test")
            assert up.check(f)
            f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
                "test", "foo")
            assert not up.check(f)

            with mock.patch('ldap3.Server',
                            return_value="ldap://fake_server:389 - cleartext"):
                with mock.patch('ldap3.Connection', search="test"):
                    with mock.patch('ldap3.Connection.search',
                                    return_value="test"):
                        ctx.configure(
                            up,
                            proxyauth=
                            "ldap:localhost:cn=default,dc=cdhdt,dc=com:password:ou=application,dc=cdhdt,dc=com"
                        )
                        f.request.headers[
                            "Proxy-Authorization"] = proxyauth.mkauth(
                                "test", "test")
                        assert up.check(f)
                        f.request.headers[
                            "Proxy-Authorization"] = proxyauth.mkauth("", "")
                        assert not up.check(f)
Beispiel #20
0
 def test_auth(self):
     self.master.addons.add(proxyauth.ProxyAuth())
     self.master.addons.trigger(
         "configure", self.master.options.keys()
     )
     self.master.options.proxyauth = "test:test"
     assert self.pathod("202").status_code == 407
     p = self.pathoc()
     with p.connect():
         ret = p.request("""
             get
             'http://localhost:%s/p/202'
             h'%s'='%s'
         """ % (
             self.server.port,
             "Proxy-Authorization",
             proxyauth.mkauth("test", "test")
         ))
     assert ret.status_code == 202
Beispiel #21
0
 def test_mkauth_scheme(self):
     assert proxyauth.mkauth('username', 'password') == 'basic dXNlcm5hbWU6cGFzc3dvcmQ=\n'
Beispiel #22
0
 def test_parse_http_basic_auth(self):
     input = proxyauth.mkauth("test", "test")
     assert proxyauth.parse_http_basic_auth(input) == ("basic", "test", "test")
Beispiel #23
0
 def test_mkauth(self, scheme, expected):
     assert proxyauth.mkauth('username', 'password', scheme) == expected
Beispiel #24
0
 def test_mkauth(self, scheme, expected):
     assert proxyauth.mkauth('username', 'password', scheme) == expected
Beispiel #25
0
 def test_mkauth_scheme(self):
     assert proxyauth.mkauth('username', 'password') == 'basic dXNlcm5hbWU6cGFzc3dvcmQ=\n'
Beispiel #26
0
 def test_parse_http_basic_auth(self):
     input = proxyauth.mkauth("test", "test")
     assert proxyauth.parse_http_basic_auth(input) == ("basic", "test", "test")
Beispiel #27
0
def test_check(monkeypatch):
    up = proxyauth.ProxyAuth()
    with taddons.context() as ctx:
        ctx.configure(up, proxyauth="any", mode="regular")
        f = tflow.tflow()
        assert not up.check(f)
        f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
            "test", "test"
        )
        assert up.check(f)

        f.request.headers["Proxy-Authorization"] = "invalid"
        assert not up.check(f)

        f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
            "test", "test", scheme="unknown"
        )
        assert not up.check(f)

        ctx.configure(up, proxyauth="test:test")
        f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
            "test", "test"
        )
        assert up.check(f)
        ctx.configure(up, proxyauth="test:foo")
        assert not up.check(f)

        ctx.configure(
            up,
            proxyauth="@" + tutils.test_data.path(
                "mitmproxy/net/data/htpasswd"
            )
        )
        f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
            "test", "test"
        )
        assert up.check(f)
        f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
            "test", "foo"
        )
        assert not up.check(f)

        ctx.configure(
            up,
            proxyauth="ldap:fake-server:cn=?,ou=test,o=lab:test"
        )
        conn = ldap3.Connection("fake-server", user="******", password="******", client_strategy=ldap3.MOCK_SYNC)
        conn.bind()
        conn.strategy.add_entry('cn=user0,ou=test,o=lab', {'userPassword': '******', 'sn': 'user0_sn', 'revision': 0, 'objectClass': 'test'})

        def conn_mp(ldap, user, password, **kwargs):
            return conn

        monkeypatch.setattr(ldap3, "Connection", conn_mp)
        f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
            "user0", "test0"
        )
        assert up.check(f)
        f.request.headers["Proxy-Authorization"] = proxyauth.mkauth(
            "", ""
        )
        assert not up.check(f)