Mercurial > hg
annotate tests/test-hgweb-auth.py @ 15025:0593e8f81c71 stable
http: pass user to readauthforuri() (fix 4a43e23b8c55)
urllib2 never handles URIs with credentials, we have to extract them and store
them in the password manager before handing the stripped URI. Half of the
changes deducing the username from the URI in 4a43e23b8c55 were incorrect.
Instead, we retrieve the username from the password manager before passing to
readauthforuri().
test-hgweb-auth.py was passing because the test itself was flawed: it was
passing URIs with credentials to find_password(), which never happens.
| author | Patrick Mezard <pmezard@gmail.com> |
|---|---|
| date | Fri, 05 Aug 2011 21:05:41 +0200 |
| parents | 0f1311e829c9 |
| children | 9de689d20230 |
| rev | line source |
|---|---|
|
8333
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
1 from mercurial import demandimport; demandimport.enable() |
|
15024
0f1311e829c9
http: strip credentials from urllib2 manager URIs (issue2885)
Patrick Mezard <pmezard@gmail.com>
parents:
15005
diff
changeset
|
2 import urllib2 |
|
15005
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
3 from mercurial import ui, util |
|
8333
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
4 from mercurial import url |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
5 from mercurial.error import Abort |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
6 |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
7 class myui(ui.ui): |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
8 def interactive(self): |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
9 return False |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
10 |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
11 origui = myui() |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
12 |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
13 def writeauth(items): |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
14 ui = origui.copy() |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
15 for name, value in items.iteritems(): |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
16 ui.setconfig('auth', name, value) |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
17 return ui |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
18 |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
19 def dumpdict(dict): |
|
10282
08a0f04b56bd
many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents:
8333
diff
changeset
|
20 return '{' + ', '.join(['%s: %s' % (k, dict[k]) |
|
08a0f04b56bd
many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents:
8333
diff
changeset
|
21 for k in sorted(dict.iterkeys())]) + '}' |
|
8333
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
22 |
|
15005
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
23 def test(auth, urls=None): |
|
8333
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
24 print 'CFG:', dumpdict(auth) |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
25 prefixes = set() |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
26 for k in auth: |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
27 prefixes.add(k.split('.', 1)[0]) |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
28 for p in prefixes: |
|
15005
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
29 for name in ('.username', '.password'): |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
30 if (p + name) not in auth: |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
31 auth[p + name] = p |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
32 auth = dict((k, v) for k, v in auth.iteritems() if v is not None) |
|
8333
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
33 |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
34 ui = writeauth(auth) |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
35 |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
36 def _test(uri): |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
37 print 'URI:', uri |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
38 try: |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
39 pm = url.passwordmgr(ui) |
|
15025
0593e8f81c71
http: pass user to readauthforuri() (fix 4a43e23b8c55)
Patrick Mezard <pmezard@gmail.com>
parents:
15024
diff
changeset
|
40 u, authinfo = util.url(uri).authinfo() |
|
15005
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
41 if authinfo is not None: |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
42 pm.add_password(*authinfo) |
|
15025
0593e8f81c71
http: pass user to readauthforuri() (fix 4a43e23b8c55)
Patrick Mezard <pmezard@gmail.com>
parents:
15024
diff
changeset
|
43 print ' ', pm.find_user_password('test', u) |
|
8333
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
44 except Abort, e: |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
45 print 'abort' |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
46 |
|
15005
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
47 if not urls: |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
48 urls = [ |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
49 'http://example.org/foo', |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
50 'http://example.org/foo/bar', |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
51 'http://example.org/bar', |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
52 'https://example.org/foo', |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
53 'https://example.org/foo/bar', |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
54 'https://example.org/bar', |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
55 'https://x@example.org/bar', |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
56 'https://y@example.org/bar', |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
57 ] |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
58 for u in urls: |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
59 _test(u) |
|
8333
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
60 |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
61 |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
62 print '\n*** Test in-uri schemes\n' |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
63 test({'x.prefix': 'http://example.org'}) |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
64 test({'x.prefix': 'https://example.org'}) |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
65 test({'x.prefix': 'http://example.org', 'x.schemes': 'https'}) |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
66 test({'x.prefix': 'https://example.org', 'x.schemes': 'http'}) |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
67 |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
68 print '\n*** Test separately configured schemes\n' |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
69 test({'x.prefix': 'example.org', 'x.schemes': 'http'}) |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
70 test({'x.prefix': 'example.org', 'x.schemes': 'https'}) |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
71 test({'x.prefix': 'example.org', 'x.schemes': 'http https'}) |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
72 |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
73 print '\n*** Test prefix matching\n' |
|
10282
08a0f04b56bd
many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents:
8333
diff
changeset
|
74 test({'x.prefix': 'http://example.org/foo', |
|
08a0f04b56bd
many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents:
8333
diff
changeset
|
75 'y.prefix': 'http://example.org/bar'}) |
|
08a0f04b56bd
many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents:
8333
diff
changeset
|
76 test({'x.prefix': 'http://example.org/foo', |
|
08a0f04b56bd
many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents:
8333
diff
changeset
|
77 'y.prefix': 'http://example.org/foo/bar'}) |
|
8333
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
78 test({'x.prefix': '*', 'y.prefix': 'https://example.org/bar'}) |
|
15005
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
79 |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
80 print '\n*** Test user matching\n' |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
81 test({'x.prefix': 'http://example.org/foo', |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
82 'x.username': None, |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
83 'x.password': 'xpassword'}, |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
84 urls=['http://y@example.org/foo']) |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
85 test({'x.prefix': 'http://example.org/foo', |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
86 'x.username': None, |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
87 'x.password': 'xpassword', |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
88 'y.prefix': 'http://example.org/foo', |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
89 'y.username': 'y', |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
90 'y.password': 'ypassword'}, |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
91 urls=['http://y@example.org/foo']) |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
92 test({'x.prefix': 'http://example.org/foo/bar', |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
93 'x.username': None, |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
94 'x.password': 'xpassword', |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
95 'y.prefix': 'http://example.org/foo', |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
96 'y.username': 'y', |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
97 'y.password': 'ypassword'}, |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
98 urls=['http://y@example.org/foo/bar']) |
|
15024
0f1311e829c9
http: strip credentials from urllib2 manager URIs (issue2885)
Patrick Mezard <pmezard@gmail.com>
parents:
15005
diff
changeset
|
99 |
|
0f1311e829c9
http: strip credentials from urllib2 manager URIs (issue2885)
Patrick Mezard <pmezard@gmail.com>
parents:
15005
diff
changeset
|
100 def testauthinfo(fullurl, authurl): |
|
0f1311e829c9
http: strip credentials from urllib2 manager URIs (issue2885)
Patrick Mezard <pmezard@gmail.com>
parents:
15005
diff
changeset
|
101 print 'URIs:', fullurl, authurl |
|
0f1311e829c9
http: strip credentials from urllib2 manager URIs (issue2885)
Patrick Mezard <pmezard@gmail.com>
parents:
15005
diff
changeset
|
102 pm = urllib2.HTTPPasswordMgrWithDefaultRealm() |
|
0f1311e829c9
http: strip credentials from urllib2 manager URIs (issue2885)
Patrick Mezard <pmezard@gmail.com>
parents:
15005
diff
changeset
|
103 pm.add_password(*util.url(fullurl).authinfo()[1]) |
|
0f1311e829c9
http: strip credentials from urllib2 manager URIs (issue2885)
Patrick Mezard <pmezard@gmail.com>
parents:
15005
diff
changeset
|
104 print pm.find_user_password('test', authurl) |
|
0f1311e829c9
http: strip credentials from urllib2 manager URIs (issue2885)
Patrick Mezard <pmezard@gmail.com>
parents:
15005
diff
changeset
|
105 |
|
0f1311e829c9
http: strip credentials from urllib2 manager URIs (issue2885)
Patrick Mezard <pmezard@gmail.com>
parents:
15005
diff
changeset
|
106 print '\n*** Test urllib2 and util.url\n' |
|
0f1311e829c9
http: strip credentials from urllib2 manager URIs (issue2885)
Patrick Mezard <pmezard@gmail.com>
parents:
15005
diff
changeset
|
107 testauthinfo('http://user@example.com:8080/foo', 'http://example.com:8080/foo') |