def action(self):
from miro import httpauth
id_, args = self.args[0], self.args[1:]
def callback(auth_header):
c = GotHTTPAuthCommand(self.daemon, id_, auth_header)
c.send()
httpauth.find_http_auth(callback, *args)
def test_remove(self):
url = 'http://example.com/foo.html'
header = 'Basic realm="Protected Space"'
auth = self.ask_for_http_auth(url, header)
self.assertEquals(httpauth.find_http_auth(url, header), auth)
httpauth.remove(auth)
self.assertEquals(httpauth.find_http_auth(url, header), None)
def _lookup_auth(self):
"""Lookup existing HTTP passwords to use.
We need to do this before we are running in the libcurl thread because
we access the httpauth module.
"""
self.http_auth = httpauth.find_http_auth(self.options.url)
self.proxy_auth = httpauth.find_http_auth(_proxy_auth_url())
def _lookup_auth(self):
"""Lookup existing HTTP passwords to use.
We need to do this before we are running in the libcurl thread because
we access the httpauth module.
"""
self.http_auth = httpauth.find_http_auth(self.options.url)
self.proxy_auth = httpauth.find_http_auth(_proxy_auth_url())
def action(self):
from miro import httpauth
id_, args = self.args[0], self.args[1:]
def callback(auth_header):
c = GotHTTPAuthCommand(self.daemon, id_, auth_header)
c.send()
httpauth.find_http_auth(callback, *args)
def test_remove_from_main_process(self):
# This is test_remove using the daemon's httpauth.py, but we also test
# that it's removed from the main process
import miro.httpauth
url = 'http://example.com/foo.html'
header = 'Basic realm="Protected Space"'
auth = self.ask_for_http_auth(url, header)
self.assertEquals(httpauth.find_http_auth(url, header), auth)
self.assertEquals(miro.httpauth.find_http_auth(url, header), auth)
httpauth.remove(auth)
# wait for RemoveHTTPAuthCommand to be run
self.runPendingIdles()
self.assertEquals(httpauth.find_http_auth(url, header), None)
self.assertEquals(miro.httpauth.find_http_auth(url, header), None)
def test_digest_reuse_with_domain(self):
header = (
'Digest realm="Protected Space",nonce="123",'
'domain="/metoo,http://metoo.com/,http://example2.com/metoo"')
url = 'http://example.com/foo/test.html'
# we should re-use the auth credentials for urls specified in domain
url2 = 'http://example.com/metoo/'
url3 = 'http://example.com/metoo/index.html/'
url4 = 'http://metoo.com/'
url5 = 'http://example2.com/metoo/'
# but not for ones outside
url6 = 'http://example.com/notmetoo/index.html/'
url7 = 'http://notmetoo.com/'
url8 = 'http://example2.com/notmetoo/'
auth = self.ask_for_http_auth(url, header)
self.assertEquals(httpauth.find_http_auth(url), auth)
self.assertEquals(httpauth.find_http_auth(url2), auth)
self.assertEquals(httpauth.find_http_auth(url3), auth)
self.assertEquals(httpauth.find_http_auth(url4), auth)
self.assertEquals(httpauth.find_http_auth(url5), auth)
self.assertEquals(httpauth.find_http_auth(url6), None)
self.assertEquals(httpauth.find_http_auth(url7), None)
self.assertEquals(httpauth.find_http_auth(url8), None)
def test_digest_reuse_with_domain(self):
header = (
'Digest realm="Protected Space",nonce="123",'
'domain="/metoo,http://metoo.com/,http://example2.com/metoo"')
url = 'http://example.com/foo/test.html'
# we should re-use the auth credentials for urls specified in domain
url2 = 'http://example.com/metoo/'
url3 = 'http://example.com/metoo/index.html/'
url4 = 'http://metoo.com/'
url5 = 'http://example2.com/metoo/'
# but not for ones outside
url6 = 'http://example.com/notmetoo/index.html/'
url7 = 'http://notmetoo.com/'
url8 = 'http://example2.com/notmetoo/'
auth = self.ask_for_http_auth(url, header)
self.assertEquals(httpauth.find_http_auth(url), auth)
self.assertEquals(httpauth.find_http_auth(url2), auth)
self.assertEquals(httpauth.find_http_auth(url3), auth)
self.assertEquals(httpauth.find_http_auth(url4), auth)
self.assertEquals(httpauth.find_http_auth(url5), auth)
self.assertEquals(httpauth.find_http_auth(url6), None)
self.assertEquals(httpauth.find_http_auth(url7), None)
self.assertEquals(httpauth.find_http_auth(url8), None)
def test_digest_reuse(self):
header = 'Digest realm="Protected Space",nonce="123"'
url = 'http://example.com/foo/test.html'
# we should re-use the auth credentials for all urls in the same server
url2 = 'http://example.com/foo/test2.html'
url3 = 'http://example.com/foo/bar/test2.html'
url4 = 'http://example.com/test.html'
# but not for ones outside
url5 = 'http://example2.com/foo/test.html'
auth = self.ask_for_http_auth(url, header)
self.assertEquals(httpauth.find_http_auth(url), auth)
self.assertEquals(httpauth.find_http_auth(url2), auth)
self.assertEquals(httpauth.find_http_auth(url3), auth)
self.assertEquals(httpauth.find_http_auth(url4), auth)
self.assertEquals(httpauth.find_http_auth(url5), None)
def _handle_auth(self, auth_type, header_key, url, location):
# this method needs to run in the eventloop because it uses the
# httpauth module. At this point the transfer is removed from
# curl_manager's, so we don't have to worry about accessing our
# attributes.
self.current_auth_type = auth_type
self.auth_attempts[auth_type] += 1
if auth_type == 'http' and self.http_auth is not None:
httpauth.remove(self.http_auth)
elif auth_type == 'proxy' and self.proxy_auth is not None:
httpauth.remove(self.proxy_auth)
if self.auth_attempts[auth_type] > MAX_AUTH_ATTEMPTS:
self.handle_auth_failure()
return
try:
auth_header = self.headers[header_key]
except KeyError:
self.handle_auth_failure()
return
if auth_type == 'http':
# now that we have the www-authenticate header, try again to find
# an existing password
existing_auth = httpauth.find_http_auth(url, auth_header)
if existing_auth is not None:
self.http_auth = existing_auth
self._send_new_request()
return
try:
httpauth.ask_for_http_auth(self._ask_for_http_auth_callback, url,
auth_header, location)
except (AssertionError, ValueError), e:
logging.warn("Error when parsing auth header: %s", e)
self.handle_auth_failure()
def _handle_auth(self, auth_type, header_key, url, location):
# this method needs to run in the eventloop because it uses the
# httpauth module. At this point the transfer is removed from
# curl_manager's, so we don't have to worry about accessing our
# attributes.
self.current_auth_type = auth_type
self.auth_attempts[auth_type] += 1
if auth_type == 'http' and self.http_auth is not None:
httpauth.remove(self.http_auth)
elif auth_type == 'proxy' and self.proxy_auth is not None:
httpauth.remove(self.proxy_auth)
if self.auth_attempts[auth_type] > MAX_AUTH_ATTEMPTS:
self.handle_auth_failure()
return
try:
auth_header = self.headers[header_key]
except KeyError:
self.handle_auth_failure()
return
if auth_type == 'http':
# now that we have the www-authenticate header, try again to find
# an existing password
existing_auth = httpauth.find_http_auth(url, auth_header)
if existing_auth is not None:
self.http_auth = existing_auth
self._send_new_request()
return
try:
httpauth.ask_for_http_auth(self._ask_for_http_auth_callback,
url, auth_header, location)
except (AssertionError, ValueError), e:
logging.warn("Error when parsing auth header: %s", e)
self.handle_auth_failure()
def test_simple(self):
url = 'http://example.com/foo.html'
header = 'Basic realm="Protected Space"'
self.assertEquals(httpauth.find_http_auth(url), None)
auth = self.ask_for_http_auth(url, header)
self.assertEquals(auth.username, 'user')
self.assertEquals(auth.password, 'password')
self.assertEquals(auth.scheme, 'basic')
def test_initial_list(self):
"""Test that the initial auth data gets sent to the daemon. """
# this was setup before the daemon started, we should not need to
# re-enter it.
url = 'http://oldserver.com/foo.html'
auth = httpauth.find_http_auth(url)
self.assertNotEquals(auth, None)
self.assertEquals(auth.username, 'user')
self.assertEquals(auth.password, 'password')
def test_basic_reuse(self):
header = 'Basic realm="Protected Space"'
url = 'http://example.com/foo/test.html'
# we should re-use the auth credentials for urls in the same directory
url2 = 'http://example.com/foo/test2.html'
url3 = 'http://example.com/foo/bar/test2.html'
# but not for ones outside
url4 = 'http://example.com/test.html'
url5 = 'http://example2.com/foo/test.html'
auth = self.ask_for_http_auth(url, header)
self.assertEquals(httpauth.find_http_auth(url), auth)
self.assertEquals(httpauth.find_http_auth(url2), auth)
self.assertEquals(httpauth.find_http_auth(url3), auth)
self.assertEquals(httpauth.find_http_auth(url4), None)
self.assertEquals(httpauth.find_http_auth(url5), None)
# however, if we know the www-authenticate header (and thus the
# realm), then we can re-use the credentials
self.assertEquals(httpauth.find_http_auth(url4, header), auth)
# but not if the realm is different or the root url
self.assertEquals(httpauth.find_http_auth(url5, header), None)
self.assertEquals(httpauth.find_http_auth(url5,
'Basic realm="Other Protected Space"'), None)
