diff options
author | Aldo Cortesi <aldo@nullcube.com> | 2012-12-31 10:56:44 +1300 |
---|---|---|
committer | Aldo Cortesi <aldo@nullcube.com> | 2012-12-31 10:56:44 +1300 |
commit | 5347cb9c269acdbc2fc36f92e3545fcbb9de45a1 (patch) | |
tree | 0bc590a4539f78ecce202e8891644a20507b41d9 /libmproxy/proxy.py | |
parent | 3b84111493dee7c21c4dd6ba390fd70cb13a8674 (diff) | |
download | mitmproxy-5347cb9c269acdbc2fc36f92e3545fcbb9de45a1.tar.gz mitmproxy-5347cb9c269acdbc2fc36f92e3545fcbb9de45a1.tar.bz2 mitmproxy-5347cb9c269acdbc2fc36f92e3545fcbb9de45a1.zip |
More work on proxy auth
- Strip auth header if auth succeeds, so it's not passed upstream
- Actually use realm specification to BasicProxyAuth, and make it mandatory
- Cleanups and unit tests
Diffstat (limited to 'libmproxy/proxy.py')
-rw-r--r-- | libmproxy/proxy.py | 17 |
1 files changed, 10 insertions, 7 deletions
diff --git a/libmproxy/proxy.py b/libmproxy/proxy.py index 2c62a880..0cba4cbc 100644 --- a/libmproxy/proxy.py +++ b/libmproxy/proxy.py @@ -356,12 +356,15 @@ class ProxyHandler(tcp.BaseHandler): headers = http.read_headers(self.rfile) if headers is None: raise ProxyError(400, "Invalid headers") - if authenticate and self.config.authenticator and not self.config.authenticator.authenticate(headers): - raise ProxyError( - 407, - "Proxy Authentication Required", - self.config.authenticator.auth_challenge_headers() - ) + if authenticate and self.config.authenticator: + if self.config.authenticator.authenticate(headers): + self.config.authenticator.clean(headers) + else: + raise ProxyError( + 407, + "Proxy Authentication Required", + self.config.authenticator.auth_challenge_headers() + ) return headers def send_response(self, response): @@ -552,7 +555,7 @@ def process_proxy_options(parser, options): password_manager = authentication.HtpasswdPasswordManager(options.auth_htpasswd) # in the meanwhile, basic auth is the only true authentication scheme we support # so just use it - authenticator = authentication.BasicProxyAuth(password_manager) + authenticator = authentication.BasicProxyAuth(password_manager, "mitmproxy") else: authenticator = authentication.NullProxyAuth(None) |