diff options
author | Aldo Cortesi <aldo@nullcube.com> | 2012-12-31 10:34:25 +1300 |
---|---|---|
committer | Aldo Cortesi <aldo@nullcube.com> | 2012-12-31 10:34:25 +1300 |
commit | 3b84111493dee7c21c4dd6ba390fd70cb13a8674 (patch) | |
tree | b37bda18c09f4b60928f782702ebad3c88733674 /libmproxy | |
parent | 018c229ae40d93f0f0987a37a33256db57cdc62c (diff) | |
download | mitmproxy-3b84111493dee7c21c4dd6ba390fd70cb13a8674.tar.gz mitmproxy-3b84111493dee7c21c4dd6ba390fd70cb13a8674.tar.bz2 mitmproxy-3b84111493dee7c21c4dd6ba390fd70cb13a8674.zip |
Test and robustify BasicProxyAuth.parse_auth_value
- This is partly in preparation for moving the implementation to netlib
- Also add an unparse_auth_value for testing (and use in pathod once the move is done)
Diffstat (limited to 'libmproxy')
-rw-r--r-- | libmproxy/authentication.py | 23 |
1 files changed, 17 insertions, 6 deletions
diff --git a/libmproxy/authentication.py b/libmproxy/authentication.py index c928ebbd..675f5dc5 100644 --- a/libmproxy/authentication.py +++ b/libmproxy/authentication.py @@ -32,8 +32,8 @@ class BasicProxyAuth(NullProxyAuth): if not auth_value: return False try: - scheme, username, password = self.parse_authorization_header(auth_value[0]) - except: + scheme, username, password = self.parse_auth_value(auth_value[0]) + except ValueError: return False if scheme.lower()!='basic': return False @@ -45,12 +45,23 @@ class BasicProxyAuth(NullProxyAuth): def auth_challenge_headers(self): return {'Proxy-Authenticate':'Basic realm="%s"'%self.realm} - def parse_authorization_header(self, auth_value): + def unparse_auth_value(self, scheme, username, password): + v = binascii.b2a_base64(username + ":" + password) + return scheme + " " + v + + def parse_auth_value(self, auth_value): words = auth_value.split() + if len(words) != 2: + raise ValueError("Invalid basic auth credential.") scheme = words[0] - user = binascii.a2b_base64(words[1]) - username, password = user.split(':') - return scheme, username, password + try: + user = binascii.a2b_base64(words[1]) + except binascii.Error: + raise ValueError("Invalid basic auth credential: user:password pair not valid base64: %s"%words[1]) + parts = user.split(':') + if len(parts) != 2: + raise ValueError("Invalid basic auth credential: decoded user:password pair not valid: %s"%user) + return scheme, parts[0], parts[1] class PasswordManager(): |