def createDocumentRoot(self):
docroot = self.mktemp()
os.mkdir(docroot)
userResource = TestDAVPrincipalResource("/principals/users/user01")
userResource.writeDeadProperty(TwistedPasswordProperty("user01"))
principalCollection = TestPrincipalsCollection(
"/principals/",
children={"users": TestPrincipalsCollection(
"/principals/users/",
children={"user01": userResource})})
rootResource = self.resource_class(
docroot, principalCollections=(principalCollection,))
portal = Portal(DavRealm())
portal.registerChecker(TwistedPropertyChecker())
credentialFactories = (basic.BasicCredentialFactory(""),)
loginInterfaces = (IPrincipal,)
self.site = Site(AuthenticationWrapper(
rootResource,
portal,
credentialFactories,
credentialFactories,
loginInterfaces
))
rootResource.setAccessControlList(self.grant(element.All()))
for name, acl in (
("none" , self.grant()),
("read" , self.grant(element.Read())),
("read-write" , self.grant(element.Read(), element.Write())),
("unlock" , self.grant(element.Unlock())),
("all" , self.grant(element.All())),
):
filename = os.path.join(docroot, name)
if not os.path.isfile(filename):
file(filename, "w").close()
resource = self.resource_class(filename)
resource.setAccessControlList(acl)
for name, acl in (
("nobind" , self.grant()),
("bind" , self.grant(element.Bind())),
("unbind" , self.grant(element.Bind(), element.Unbind())),
):
dirname = os.path.join(docroot, name)
if not os.path.isdir(dirname):
os.mkdir(dirname)
resource = self.resource_class(dirname)
resource.setAccessControlList(acl)
return docroot
def setUp(self):
"""
Create a portal and add an in memory checker to it.
Then set up a protectedResource that will be wrapped in each test.
"""
self.portal = portal.Portal(TestAuthRealm())
c = checkers.InMemoryUsernamePasswordDatabaseDontUse()
c.addUser('username', 'password')
self.portal.registerChecker(c)
self.credFactory = basic.BasicCredentialFactory('test realm')
self.protectedResource = ProtectedResource()
self.protectedResource.responseText = "You shouldn't see me."
def setUp(self):
TestCase.setUp(self)
gooduser = TestDAVPrincipalResource("/users/gooduser")
gooduser.writeDeadProperty(TwistedPasswordProperty("goodpass"))
baduser = TestDAVPrincipalResource("/users/baduser")
baduser.writeDeadProperty(TwistedPasswordProperty("badpass"))
rootresource = TestPrincipalsCollection(
"/", {
"users":
TestResource("/users/", {
"gooduser": gooduser,
"baduser": baduser
})
})
protected = TestResource("/protected",
principalCollections=[rootresource])
protected.setAccessControlList(
davxml.ACL(
davxml.ACE(davxml.Principal(davxml.HRef("/users/gooduser")),
davxml.Grant(davxml.Privilege(davxml.All())),
davxml.Protected())))
rootresource.children["protected"] = protected
portal = Portal(DavRealm())
portal.registerChecker(TwistedPropertyChecker())
credentialFactories = (basic.BasicCredentialFactory(""), )
loginInterfaces = (IPrincipal, )
self.rootresource = rootresource
self.site = Site(
AuthenticationWrapper(
self.rootresource,
portal,
credentialFactories,
credentialFactories,
loginInterfaces,
))
def test_multipleWWWAuthenticateSchemes(self):
"""
Test that our unauthorized response can contain challenges for
multiple authentication schemes.
"""
root = wrapper.HTTPAuthResource(
self.protectedResource,
(basic.BasicCredentialFactory('test realm'),
FakeDigestCredentialFactory('md5', 'test realm')),
self.portal,
interfaces=(IHTTPUser, ))
d = self.assertResponse((root, 'http://localhost/', {}), (401, {
'www-authenticate':
[challengeResponse, ('basic', {
'realm': 'test realm'
})]
}, None))
return d
def test_authorizationAgainstMultipleSchemes(self):
"""
Test that we can successfully authenticate when presented
with multiple WWW-Authenticate headers
"""
root = wrapper.HTTPAuthResource(
self.protectedResource,
(basic.BasicCredentialFactory('test realm'),
FakeDigestCredentialFactory('md5', 'test realm')),
self.portal,
interfaces=(IHTTPUser,))
def respondBasic(ign):
credentials = base64.encodestring('username:password')
d = self.assertResponse((root, 'http://localhost/',
{'authorization':
('basic', credentials)}),
(200,
{}, None))
return d
def respond(ign):
d = self.assertResponse((root, 'http://localhost/',
{'authorization': authRequest1}),
(200,
{},
None))
return d.addCallback(respondBasic)
d = self.assertResponse((root, 'http://localhost/', {}),
(401,
{'www-authenticate':
[challengeResponse,
('basic', {'realm': 'test realm'})]},
None))
return d
def setUp(self):
self.credentialFactory = basic.BasicCredentialFactory('foo')
self.username = '******'
self.password = '******'
