def test_extract_username_and_password(self):
auth = requests_ntlm2.HttpNtlmAuth(self.test_server_username, self.test_server_password)
assert auth.extract_username_and_password() == ("{}\\{}".format(domain.upper(), username), password) # noqa
fake = faker.Factory.create()
username2 = fake.user_name()
password2 = fake.password()
auth = requests_ntlm2.HttpNtlmAuth(username2, password2)
assert auth.extract_username_and_password() == (username2, password2)
def test_response_hook__http_200(self, mock_retry_using_http_ntlm_auth):
auth = requests_ntlm2.HttpNtlmAuth(self.test_server_username, self.test_server_password)
response = requests.Response()
response.status_code = 200
new_response = auth.response_hook(response)
mock_retry_using_http_ntlm_auth.assert_not_called()
assert new_response is response
def test_retry_using_http_ntlm_auth__no_content_length(self):
auth = requests_ntlm2.HttpNtlmAuth(
self.test_server_username,
self.test_server_password,
send_cbt=False
)
response = requests.Response()
response.request = requests.Request(headers={"Proxy-Authenticate": "NTLM bla bla"})
response.status_code = 407
response.headers["Proxy-Authenticate"] = "NTLM"
result = auth.retry_using_http_ntlm_auth(
"foobar",
"Proxy-Authenticate",
response,
"foobar",
{}
)
assert result is response
fp = BytesIO(
b"Proxy-Authenticate: NTLM TlRMTVNTUAACAAAABgAGADgAAAAGgokAyYpGWqVMA/QAAAAAAAAA"
b"AH4AfgA+AAAABQCTCAAAAA9ERVROU1cCAAwARABFAFQATgBTAFcAAQAaAFMARwAtADQAOQAxADMAM"
b"wAwADAAMAAwADkABAAUAEQARQBUAE4AUwBXAC4AVwBJAE4AAwAwAHMAZwAtADQAOQAxADMAMwAwAD"
b"AAMAAwADkALgBkAGUAdABuAHMAdwAuAHcAaQBuAAAAAAA=\r\n"
b"Connection: Keep-Alive\r\n"
b"Proxy-Connection: Keep-Alive\r\n"
b"Server: nginx\r\n"
b"\r\n"
b"this is the body\r\n"
b"\r\n"
)
response = requests.Response()
response.request = requests.Request(headers={})
response.request.copy = mock.MagicMock()
response.status_code = 407
response.request.body = fp
response2 = requests.Response()
response2.request = requests.Request(headers={})
response2.raw = mock.MagicMock()
response2.request.copy = mock.MagicMock()
response2.headers = {"set-cookie": "test-cookie", "foobar": "baz", "foobar2": "bla"}
response2.connection = mock.MagicMock()
response.raw = mock.MagicMock()
response.connection = mock.MagicMock()
response.connection.send = mock.MagicMock(return_value=response2)
func_spec = "requests_ntlm2.dance.HttpNtlmContext.get_authenticate_header"
with mock.patch(func_spec) as mock_auth_header:
result = auth.retry_using_http_ntlm_auth(
"foobar",
"Proxy-Authenticate",
response,
"NTLM",
{}
)
assert result is response2.connection.send.return_value
mock_auth_header.assert_called()
def test_response_hook__http_407_basic_auth_header(self, mock_retry_using_http_ntlm_auth):
auth = requests_ntlm2.HttpNtlmAuth(self.test_server_username, self.test_server_password)
response = requests.Response()
response.status_code = 407
response.headers["Proxy-Authenticate"] = "Basic"
new_response = auth.response_hook(response)
mock_retry_using_http_ntlm_auth.assert_not_called()
assert new_response is response
def test__init(self):
auth = requests_ntlm2.HttpNtlmAuth(self.test_server_username, self.test_server_password)
assert isinstance(auth, requests_ntlm2.HttpNtlmAuth)
assert auth.username == username
assert auth.password == password
assert auth.domain == domain.upper()
assert auth.send_cbt is True
assert auth.ntlm_compatibility == requests_ntlm2.core.NtlmCompatibility.NTLMv2_DEFAULT
def test_history_is_preserved(self):
for auth_type in self.auth_types:
res = requests.get(
url=self.test_server_url + auth_type,
auth=requests_ntlm2.HttpNtlmAuth(self.test_server_username,
self.test_server_password),
)
self.assertEqual(len(res.history), 2)
def test_requests_ntlm(self):
for auth_type in self.auth_types:
res = requests.get(
url=self.test_server_url + auth_type,
auth=requests_ntlm2.HttpNtlmAuth(
self.test_server_username, self.test_server_password
),
)
assert res.status_code == 200
def test__init(self):
auth = requests_ntlm2.HttpNtlmAuth(self.test_server_username,
self.test_server_password)
self.assertIsInstance(auth, requests_ntlm2.HttpNtlmAuth)
self.assertEqual(auth.username, username)
self.assertEqual(auth.password, password)
self.assertEqual(auth.domain, domain.upper())
self.assertTrue(auth.send_cbt)
self.assertEqual(auth.ntlm_compatibility,
requests_ntlm2.core.NtlmCompatibility.NTLMv2_DEFAULT)
def test_requests_ntlm(self):
for auth_type in self.auth_types:
res = requests.get(
url=self.test_server_url + auth_type,
auth=requests_ntlm2.HttpNtlmAuth(self.test_server_username,
self.test_server_password),
)
self.assertEqual(res.status_code,
200,
msg="auth_type " + auth_type)
def test_new_requests_are_used(self):
for auth_type in self.auth_types:
res = requests.get(
url=self.test_server_url + auth_type,
auth=requests_ntlm2.HttpNtlmAuth(
self.test_server_username, self.test_server_password
),
)
assert res.history[0].request is not res.history[1].request
assert res.history[0].request is not res.request
def test_response_hook__http_401_negotiate_auth_header(
self, mock_retry_using_http_ntlm_auth):
auth = requests_ntlm2.HttpNtlmAuth(self.test_server_username,
self.test_server_password)
response = requests.Response()
response.status_code = 401
response.headers["WWW-Authenticate"] = "Negotiate"
new_response = auth.response_hook(response)
mock_retry_using_http_ntlm_auth.assert_called_once_with(
"www-authenticate", "Authorization", response, "Negotiate", {})
self.assertTrue(new_response is not response)
def test_username_parse_no_domain(self):
test_user = "******"
expected_domain = ""
expected_user = "******"
context = requests_ntlm2.HttpNtlmAuth(test_user, "pass")
actual_domain = context.domain
actual_user = context.username
assert actual_domain == expected_domain
assert actual_user == expected_user
def test_username_parse_backslash(self):
test_user = "******"
expected_domain = "DOMAIN"
expected_user = "******"
context = requests_ntlm2.HttpNtlmAuth(test_user, "pass")
actual_domain = context.domain
actual_user = context.username
assert actual_domain == expected_domain
assert actual_user == expected_user
def send_request(url, username, password):
"""
Sends a request to the url with the credentials specified.
Returns the final response
"""
session = requests.Session()
session.verify = False
session.auth = requests_ntlm2.HttpNtlmAuth(username, password)
response = session.get(url)
return response
def test_response_hook__http_407_ntlm_auth_header(self, mock_retry_using_http_ntlm_auth):
auth = requests_ntlm2.HttpNtlmAuth(self.test_server_username, self.test_server_password)
response = requests.Response()
response.status_code = 407
response.headers["Proxy-Authenticate"] = "NTLM"
new_response = auth.response_hook(response)
mock_retry_using_http_ntlm_auth.assert_called_once_with(
"proxy-authenticate",
"Proxy-Authorization",
response,
"NTLM",
{}
)
assert new_response is not response
def test_username_parse_at(self):
test_user = "******"
# UPN format should not be split,
# since "stuff after @" not always == domain
# (eg, email address with alt UPN suffix)
expected_domain = ""
expected_user = "******"
context = requests_ntlm2.HttpNtlmAuth(test_user, "pass")
actual_domain = context.domain
actual_user = context.username
assert actual_domain == expected_domain
assert actual_user == expected_user
