Rev 4052: Ensures all auth handlers correctly parse all auth headers. in file:///net/bigmamac/Volumes/home/vila/src/bzr/bugs/256612-http-auth/

Vincent Ladeuil v.ladeuil+lp at free.fr
Wed Feb 25 19:24:45 GMT 2009


At file:///net/bigmamac/Volumes/home/vila/src/bzr/bugs/256612-http-auth/

------------------------------------------------------------
revno: 4052
revision-id: v.ladeuil+lp at free.fr-20090225192444-az73q3t73x8ti6bi
parent: v.ladeuil+lp at free.fr-20090225185843-mns85a9v5zqr60ef
committer: Vincent Ladeuil <v.ladeuil+lp at free.fr>
branch nick: 256612-http-auth
timestamp: Wed 2009-02-25 20:24:44 +0100
message:
  Ensures all auth handlers correctly parse all auth headers.
  
  * bzrlib/tests/test_http.py:
  (TestAuthHeader): Test for all known auth schemes.
  
  * bzrlib/transport/http/_urllib2_wrappers.py:
  (AbstractAuthHandler._parse_auth_header): All handlers should be
  able to parse any header, they may as well share the
  implementation.
  (NegotiateAuthHandler.auth_match, BasicAuthHandler.auth_match,
  DigestAuthHandler.auth_match): JFDI.
-------------- next part --------------
=== modified file 'bzrlib/tests/test_http.py'
--- a/bzrlib/tests/test_http.py	2009-02-24 08:11:42 +0000
+++ b/bzrlib/tests/test_http.py	2009-02-25 19:24:44 +0000
@@ -216,6 +216,35 @@
         self.port = None
 
 
+class TestAuthHeader(tests.TestCase):
+
+    def parse_header(self, header):
+        ah =  _urllib2_wrappers.AbstractAuthHandler()
+        return ah._parse_auth_header(header)
+
+    def test_empty_header(self):
+        scheme, remainder = self.parse_header('')
+        self.assertEquals('', scheme)
+        self.assertIs(None, remainder)
+
+    def test_negotiate_header(self):
+        scheme, remainder = self.parse_header('Negotiate')
+        self.assertEquals('negotiate', scheme)
+        self.assertIs(None, remainder)
+
+    def test_basic_header(self):
+        scheme, remainder = self.parse_header(
+            'Basic realm="Thou should not pass"')
+        self.assertEquals('basic', scheme)
+        self.assertEquals('realm="Thou should not pass"', remainder)
+
+    def test_digest_header(self):
+        scheme, remainder = self.parse_header(
+            'Digest realm="Thou should not pass"')
+        self.assertEquals('digest', scheme)
+        self.assertEquals('realm="Thou should not pass"', remainder)
+
+
 class TestHTTPServer(tests.TestCase):
     """Test the HTTP servers implementations."""
 

=== modified file 'bzrlib/transport/http/_urllib2_wrappers.py'
--- a/bzrlib/transport/http/_urllib2_wrappers.py	2009-02-25 18:58:43 +0000
+++ b/bzrlib/transport/http/_urllib2_wrappers.py	2009-02-25 19:24:44 +0000
@@ -995,6 +995,22 @@
         # in such a cycle by default.
         self._retry_count = None
 
+    def _parse_auth_header(self, server_header):
+        """Parse the authentication header.
+
+        :param server_header: The value of the header sent by the server
+            describing the authenticaion request.
+
+        :return: A tuple (scheme, remainder) scheme being the first word in the
+            given header (lower cased), remainder may be None.
+        """
+        try:
+            scheme, remainder = server_header.split(None, 1)
+        except ValueError:
+            scheme = server_header
+            remainder = None
+        return (scheme.lower(), remainder)
+
     def update_auth(self, auth, key, value):
         """Update a value in auth marking the auth as modified if needed"""
         old_value = auth.get(key, None)
@@ -1162,7 +1178,7 @@
     requires_username = False
 
     def auth_match(self, header, auth):
-        scheme = header.lower()
+        scheme, raw_auth = self._parse_auth_header(header)
         if scheme != 'negotiate':
             return False
         self.update_auth(auth, 'scheme', scheme)
@@ -1214,11 +1230,7 @@
         return auth_header
 
     def auth_match(self, header, auth):
-        try:
-            scheme, raw_auth = header.split(None, 1)
-        except ValueError:
-            return False
-        scheme = scheme.lower()
+        scheme, raw_auth = self._parse_auth_header(header)
         if scheme != 'basic':
             return False
 
@@ -1277,11 +1289,7 @@
         return auth.get('scheme', None) == 'digest'
 
     def auth_match(self, header, auth):
-        try:
-            scheme, raw_auth = header.split(None, 1)
-        except ValueError:
-            return False
-        scheme = scheme.lower()
+        scheme, raw_auth = self._parse_auth_header(header)
         if scheme != 'digest':
             return False
 



More information about the bazaar-commits mailing list