def test_extract_username_and_password(self): auth = requests_ntlm2.HttpNtlmAuth(self.test_server_username, self.test_server_password) assert auth.extract_username_and_password() == ("{}\\{}".format(domain.upper(), username), password) # noqa fake = faker.Factory.create() username2 = fake.user_name() password2 = fake.password() auth = requests_ntlm2.HttpNtlmAuth(username2, password2) assert auth.extract_username_and_password() == (username2, password2)
def test_response_hook__http_200(self, mock_retry_using_http_ntlm_auth): auth = requests_ntlm2.HttpNtlmAuth(self.test_server_username, self.test_server_password) response = requests.Response() response.status_code = 200 new_response = auth.response_hook(response) mock_retry_using_http_ntlm_auth.assert_not_called() assert new_response is response
def test_retry_using_http_ntlm_auth__no_content_length(self): auth = requests_ntlm2.HttpNtlmAuth( self.test_server_username, self.test_server_password, send_cbt=False ) response = requests.Response() response.request = requests.Request(headers={"Proxy-Authenticate": "NTLM bla bla"}) response.status_code = 407 response.headers["Proxy-Authenticate"] = "NTLM" result = auth.retry_using_http_ntlm_auth( "foobar", "Proxy-Authenticate", response, "foobar", {} ) assert result is response fp = BytesIO( b"Proxy-Authenticate: NTLM TlRMTVNTUAACAAAABgAGADgAAAAGgokAyYpGWqVMA/QAAAAAAAAA" b"AH4AfgA+AAAABQCTCAAAAA9ERVROU1cCAAwARABFAFQATgBTAFcAAQAaAFMARwAtADQAOQAxADMAM" b"wAwADAAMAAwADkABAAUAEQARQBUAE4AUwBXAC4AVwBJAE4AAwAwAHMAZwAtADQAOQAxADMAMwAwAD" b"AAMAAwADkALgBkAGUAdABuAHMAdwAuAHcAaQBuAAAAAAA=\r\n" b"Connection: Keep-Alive\r\n" b"Proxy-Connection: Keep-Alive\r\n" b"Server: nginx\r\n" b"\r\n" b"this is the body\r\n" b"\r\n" ) response = requests.Response() response.request = requests.Request(headers={}) response.request.copy = mock.MagicMock() response.status_code = 407 response.request.body = fp response2 = requests.Response() response2.request = requests.Request(headers={}) response2.raw = mock.MagicMock() response2.request.copy = mock.MagicMock() response2.headers = {"set-cookie": "test-cookie", "foobar": "baz", "foobar2": "bla"} response2.connection = mock.MagicMock() response.raw = mock.MagicMock() response.connection = mock.MagicMock() response.connection.send = mock.MagicMock(return_value=response2) func_spec = "requests_ntlm2.dance.HttpNtlmContext.get_authenticate_header" with mock.patch(func_spec) as mock_auth_header: result = auth.retry_using_http_ntlm_auth( "foobar", "Proxy-Authenticate", response, "NTLM", {} ) assert result is response2.connection.send.return_value mock_auth_header.assert_called()
def test_response_hook__http_407_basic_auth_header(self, mock_retry_using_http_ntlm_auth): auth = requests_ntlm2.HttpNtlmAuth(self.test_server_username, self.test_server_password) response = requests.Response() response.status_code = 407 response.headers["Proxy-Authenticate"] = "Basic" new_response = auth.response_hook(response) mock_retry_using_http_ntlm_auth.assert_not_called() assert new_response is response
def test__init(self): auth = requests_ntlm2.HttpNtlmAuth(self.test_server_username, self.test_server_password) assert isinstance(auth, requests_ntlm2.HttpNtlmAuth) assert auth.username == username assert auth.password == password assert auth.domain == domain.upper() assert auth.send_cbt is True assert auth.ntlm_compatibility == requests_ntlm2.core.NtlmCompatibility.NTLMv2_DEFAULT
def test_history_is_preserved(self): for auth_type in self.auth_types: res = requests.get( url=self.test_server_url + auth_type, auth=requests_ntlm2.HttpNtlmAuth(self.test_server_username, self.test_server_password), ) self.assertEqual(len(res.history), 2)
def test_requests_ntlm(self): for auth_type in self.auth_types: res = requests.get( url=self.test_server_url + auth_type, auth=requests_ntlm2.HttpNtlmAuth( self.test_server_username, self.test_server_password ), ) assert res.status_code == 200
def test__init(self): auth = requests_ntlm2.HttpNtlmAuth(self.test_server_username, self.test_server_password) self.assertIsInstance(auth, requests_ntlm2.HttpNtlmAuth) self.assertEqual(auth.username, username) self.assertEqual(auth.password, password) self.assertEqual(auth.domain, domain.upper()) self.assertTrue(auth.send_cbt) self.assertEqual(auth.ntlm_compatibility, requests_ntlm2.core.NtlmCompatibility.NTLMv2_DEFAULT)
def test_requests_ntlm(self): for auth_type in self.auth_types: res = requests.get( url=self.test_server_url + auth_type, auth=requests_ntlm2.HttpNtlmAuth(self.test_server_username, self.test_server_password), ) self.assertEqual(res.status_code, 200, msg="auth_type " + auth_type)
def test_new_requests_are_used(self): for auth_type in self.auth_types: res = requests.get( url=self.test_server_url + auth_type, auth=requests_ntlm2.HttpNtlmAuth( self.test_server_username, self.test_server_password ), ) assert res.history[0].request is not res.history[1].request assert res.history[0].request is not res.request
def test_response_hook__http_401_negotiate_auth_header( self, mock_retry_using_http_ntlm_auth): auth = requests_ntlm2.HttpNtlmAuth(self.test_server_username, self.test_server_password) response = requests.Response() response.status_code = 401 response.headers["WWW-Authenticate"] = "Negotiate" new_response = auth.response_hook(response) mock_retry_using_http_ntlm_auth.assert_called_once_with( "www-authenticate", "Authorization", response, "Negotiate", {}) self.assertTrue(new_response is not response)
def test_username_parse_no_domain(self): test_user = "******" expected_domain = "" expected_user = "******" context = requests_ntlm2.HttpNtlmAuth(test_user, "pass") actual_domain = context.domain actual_user = context.username assert actual_domain == expected_domain assert actual_user == expected_user
def test_username_parse_backslash(self): test_user = "******" expected_domain = "DOMAIN" expected_user = "******" context = requests_ntlm2.HttpNtlmAuth(test_user, "pass") actual_domain = context.domain actual_user = context.username assert actual_domain == expected_domain assert actual_user == expected_user
def send_request(url, username, password): """ Sends a request to the url with the credentials specified. Returns the final response """ session = requests.Session() session.verify = False session.auth = requests_ntlm2.HttpNtlmAuth(username, password) response = session.get(url) return response
def test_response_hook__http_407_ntlm_auth_header(self, mock_retry_using_http_ntlm_auth): auth = requests_ntlm2.HttpNtlmAuth(self.test_server_username, self.test_server_password) response = requests.Response() response.status_code = 407 response.headers["Proxy-Authenticate"] = "NTLM" new_response = auth.response_hook(response) mock_retry_using_http_ntlm_auth.assert_called_once_with( "proxy-authenticate", "Proxy-Authorization", response, "NTLM", {} ) assert new_response is not response
def test_username_parse_at(self): test_user = "******" # UPN format should not be split, # since "stuff after @" not always == domain # (eg, email address with alt UPN suffix) expected_domain = "" expected_user = "******" context = requests_ntlm2.HttpNtlmAuth(test_user, "pass") actual_domain = context.domain actual_user = context.username assert actual_domain == expected_domain assert actual_user == expected_user