From 018c229ae40d93f0f0987a37a33256db57cdc62c Mon Sep 17 00:00:00 2001 From: Aldo Cortesi Date: Mon, 31 Dec 2012 09:15:56 +1300 Subject: Start solidifying proxy authentication - Add a unit test file - Remove some extraneous methods - Change the auth API to make the authenticate method take a header object. --- test/test_authentication.py | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 test/test_authentication.py (limited to 'test/test_authentication.py') diff --git a/test/test_authentication.py b/test/test_authentication.py new file mode 100644 index 00000000..25714263 --- /dev/null +++ b/test/test_authentication.py @@ -0,0 +1,18 @@ +from libmproxy import authentication +from netlib import odict + + +class TestNullProxyAuth: + def test_simple(self): + na = authentication.NullProxyAuth(authentication.PermissivePasswordManager()) + assert not na.auth_challenge_headers() + assert na.authenticate("foo") + + +class TestBasicProxyAuth: + def test_simple(self): + ba = authentication.BasicProxyAuth(authentication.PermissivePasswordManager()) + h = odict.ODictCaseless() + assert ba.auth_challenge_headers() + assert not ba.authenticate(h) + -- cgit v1.2.3 From 3b84111493dee7c21c4dd6ba390fd70cb13a8674 Mon Sep 17 00:00:00 2001 From: Aldo Cortesi Date: Mon, 31 Dec 2012 10:34:25 +1300 Subject: Test and robustify BasicProxyAuth.parse_auth_value - This is partly in preparation for moving the implementation to netlib - Also add an unparse_auth_value for testing (and use in pathod once the move is done) --- test/test_authentication.py | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'test/test_authentication.py') diff --git a/test/test_authentication.py b/test/test_authentication.py index 25714263..cc797d68 100644 --- a/test/test_authentication.py +++ b/test/test_authentication.py @@ -1,5 +1,7 @@ +import binascii from libmproxy import authentication from netlib import odict +import tutils class TestNullProxyAuth: @@ -16,3 +18,13 @@ class TestBasicProxyAuth: assert ba.auth_challenge_headers() assert not ba.authenticate(h) + def test_parse_auth_value(self): + ba = authentication.BasicProxyAuth(authentication.PermissivePasswordManager()) + vals = ("basic", "foo", "bar") + assert ba.parse_auth_value(ba.unparse_auth_value(*vals)) == vals + tutils.raises(ValueError, ba.parse_auth_value, "") + tutils.raises(ValueError, ba.parse_auth_value, "foo bar") + + v = "basic " + binascii.b2a_base64("foo") + tutils.raises(ValueError, ba.parse_auth_value, v) + -- cgit v1.2.3 From 5347cb9c269acdbc2fc36f92e3545fcbb9de45a1 Mon Sep 17 00:00:00 2001 From: Aldo Cortesi Date: Mon, 31 Dec 2012 10:56:44 +1300 Subject: More work on proxy auth - Strip auth header if auth succeeds, so it's not passed upstream - Actually use realm specification to BasicProxyAuth, and make it mandatory - Cleanups and unit tests --- test/test_authentication.py | 32 ++++++++++++++++++++++++++++++-- 1 file changed, 30 insertions(+), 2 deletions(-) (limited to 'test/test_authentication.py') diff --git a/test/test_authentication.py b/test/test_authentication.py index cc797d68..f7a5ecd3 100644 --- a/test/test_authentication.py +++ b/test/test_authentication.py @@ -9,17 +9,18 @@ class TestNullProxyAuth: na = authentication.NullProxyAuth(authentication.PermissivePasswordManager()) assert not na.auth_challenge_headers() assert na.authenticate("foo") + na.clean({}) class TestBasicProxyAuth: def test_simple(self): - ba = authentication.BasicProxyAuth(authentication.PermissivePasswordManager()) + ba = authentication.BasicProxyAuth(authentication.PermissivePasswordManager(), "test") h = odict.ODictCaseless() assert ba.auth_challenge_headers() assert not ba.authenticate(h) def test_parse_auth_value(self): - ba = authentication.BasicProxyAuth(authentication.PermissivePasswordManager()) + ba = authentication.BasicProxyAuth(authentication.PermissivePasswordManager(), "test") vals = ("basic", "foo", "bar") assert ba.parse_auth_value(ba.unparse_auth_value(*vals)) == vals tutils.raises(ValueError, ba.parse_auth_value, "") @@ -28,3 +29,30 @@ class TestBasicProxyAuth: v = "basic " + binascii.b2a_base64("foo") tutils.raises(ValueError, ba.parse_auth_value, v) + def test_authenticate_clean(self): + ba = authentication.BasicProxyAuth(authentication.PermissivePasswordManager(), "test") + + hdrs = odict.ODictCaseless() + vals = ("basic", "foo", "bar") + hdrs[ba.AUTH_HEADER] = [ba.unparse_auth_value(*vals)] + assert ba.authenticate(hdrs) + + ba.clean(hdrs) + assert not ba.AUTH_HEADER in hdrs + + + hdrs[ba.AUTH_HEADER] = [""] + assert not ba.authenticate(hdrs) + + hdrs[ba.AUTH_HEADER] = ["foo"] + assert not ba.authenticate(hdrs) + + vals = ("foo", "foo", "bar") + hdrs[ba.AUTH_HEADER] = [ba.unparse_auth_value(*vals)] + assert not ba.authenticate(hdrs) + + ba = authentication.BasicProxyAuth(authentication.PasswordManager(), "test") + vals = ("basic", "foo", "bar") + hdrs[ba.AUTH_HEADER] = [ba.unparse_auth_value(*vals)] + assert not ba.authenticate(hdrs) + -- cgit v1.2.3