Rev 4052: Ensures all auth handlers correctly parse all auth headers. in file:///net/bigmamac/Volumes/home/vila/src/bzr/bugs/256612-http-auth/
Vincent Ladeuil
v.ladeuil+lp at free.fr
Wed Feb 25 19:24:45 GMT 2009
At file:///net/bigmamac/Volumes/home/vila/src/bzr/bugs/256612-http-auth/
------------------------------------------------------------
revno: 4052
revision-id: v.ladeuil+lp at free.fr-20090225192444-az73q3t73x8ti6bi
parent: v.ladeuil+lp at free.fr-20090225185843-mns85a9v5zqr60ef
committer: Vincent Ladeuil <v.ladeuil+lp at free.fr>
branch nick: 256612-http-auth
timestamp: Wed 2009-02-25 20:24:44 +0100
message:
Ensures all auth handlers correctly parse all auth headers.
* bzrlib/tests/test_http.py:
(TestAuthHeader): Test for all known auth schemes.
* bzrlib/transport/http/_urllib2_wrappers.py:
(AbstractAuthHandler._parse_auth_header): All handlers should be
able to parse any header, they may as well share the
implementation.
(NegotiateAuthHandler.auth_match, BasicAuthHandler.auth_match,
DigestAuthHandler.auth_match): JFDI.
-------------- next part --------------
=== modified file 'bzrlib/tests/test_http.py'
--- a/bzrlib/tests/test_http.py 2009-02-24 08:11:42 +0000
+++ b/bzrlib/tests/test_http.py 2009-02-25 19:24:44 +0000
@@ -216,6 +216,35 @@
self.port = None
+class TestAuthHeader(tests.TestCase):
+
+ def parse_header(self, header):
+ ah = _urllib2_wrappers.AbstractAuthHandler()
+ return ah._parse_auth_header(header)
+
+ def test_empty_header(self):
+ scheme, remainder = self.parse_header('')
+ self.assertEquals('', scheme)
+ self.assertIs(None, remainder)
+
+ def test_negotiate_header(self):
+ scheme, remainder = self.parse_header('Negotiate')
+ self.assertEquals('negotiate', scheme)
+ self.assertIs(None, remainder)
+
+ def test_basic_header(self):
+ scheme, remainder = self.parse_header(
+ 'Basic realm="Thou should not pass"')
+ self.assertEquals('basic', scheme)
+ self.assertEquals('realm="Thou should not pass"', remainder)
+
+ def test_digest_header(self):
+ scheme, remainder = self.parse_header(
+ 'Digest realm="Thou should not pass"')
+ self.assertEquals('digest', scheme)
+ self.assertEquals('realm="Thou should not pass"', remainder)
+
+
class TestHTTPServer(tests.TestCase):
"""Test the HTTP servers implementations."""
=== modified file 'bzrlib/transport/http/_urllib2_wrappers.py'
--- a/bzrlib/transport/http/_urllib2_wrappers.py 2009-02-25 18:58:43 +0000
+++ b/bzrlib/transport/http/_urllib2_wrappers.py 2009-02-25 19:24:44 +0000
@@ -995,6 +995,22 @@
# in such a cycle by default.
self._retry_count = None
+ def _parse_auth_header(self, server_header):
+ """Parse the authentication header.
+
+ :param server_header: The value of the header sent by the server
+ describing the authenticaion request.
+
+ :return: A tuple (scheme, remainder) scheme being the first word in the
+ given header (lower cased), remainder may be None.
+ """
+ try:
+ scheme, remainder = server_header.split(None, 1)
+ except ValueError:
+ scheme = server_header
+ remainder = None
+ return (scheme.lower(), remainder)
+
def update_auth(self, auth, key, value):
"""Update a value in auth marking the auth as modified if needed"""
old_value = auth.get(key, None)
@@ -1162,7 +1178,7 @@
requires_username = False
def auth_match(self, header, auth):
- scheme = header.lower()
+ scheme, raw_auth = self._parse_auth_header(header)
if scheme != 'negotiate':
return False
self.update_auth(auth, 'scheme', scheme)
@@ -1214,11 +1230,7 @@
return auth_header
def auth_match(self, header, auth):
- try:
- scheme, raw_auth = header.split(None, 1)
- except ValueError:
- return False
- scheme = scheme.lower()
+ scheme, raw_auth = self._parse_auth_header(header)
if scheme != 'basic':
return False
@@ -1277,11 +1289,7 @@
return auth.get('scheme', None) == 'digest'
def auth_match(self, header, auth):
- try:
- scheme, raw_auth = header.split(None, 1)
- except ValueError:
- return False
- scheme = scheme.lower()
+ scheme, raw_auth = self._parse_auth_header(header)
if scheme != 'digest':
return False
More information about the bazaar-commits
mailing list