tests/test-hgweb-auth.py
author Gregory Szorc <gregory.szorc@gmail.com>
Sun, 15 May 2016 11:32:11 -0700
changeset 29226 33006bd6a1d7
parent 28883 032c4c2f802a
child 29377 2c019aac6b99
permissions -rw-r--r--
sslutil: store and use hostname and ui in socket instance Currently, we pass a hostname and ui to sslutil.wrap_socket() then create a separate sslutil.validator instance also from a hostname and ui. There is a 1:1 mapping between a wrapped socket and a validator instance. This commit lays the groundwork for making the validation function generic by storing the hostname and ui instance in the state dict attached to the socket instance and then using these variables in the validator function. Since the arguments to sslutil.validator.__init__ are no longer used, we make them optional and make __init__ a no-op.
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
28748
c2ba5a810fa1 py3: use print_function in test-hgweb-auth.py
Robert Stanca <robert.stanca7@gmail.com>
parents: 28747
diff changeset
     1
from __future__ import absolute_import, print_function
28747
779addce6910 py3: use absolute_import in test-hgweb-auth.py
Robert Stanca <robert.stanca7@gmail.com>
parents: 19378
diff changeset
     2
8333
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
     3
from mercurial import demandimport; demandimport.enable()
28747
779addce6910 py3: use absolute_import in test-hgweb-auth.py
Robert Stanca <robert.stanca7@gmail.com>
parents: 19378
diff changeset
     4
from mercurial import (
28808
10c2ce44c35d test-hgweb-auth: stop direct symbol import of mercurial.error.Abort
Yuya Nishihara <yuya@tcha.org>
parents: 28807
diff changeset
     5
    error,
28807
736f64b23a24 test-hgweb-auth: alias ui as uimod
Yuya Nishihara <yuya@tcha.org>
parents: 28748
diff changeset
     6
    ui as uimod,
28747
779addce6910 py3: use absolute_import in test-hgweb-auth.py
Robert Stanca <robert.stanca7@gmail.com>
parents: 19378
diff changeset
     7
    url,
779addce6910 py3: use absolute_import in test-hgweb-auth.py
Robert Stanca <robert.stanca7@gmail.com>
parents: 19378
diff changeset
     8
    util,
779addce6910 py3: use absolute_import in test-hgweb-auth.py
Robert Stanca <robert.stanca7@gmail.com>
parents: 19378
diff changeset
     9
)
8333
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    10
28883
032c4c2f802a pycompat: switch to util.urlreq/util.urlerr for py3 compat
timeless <timeless@mozdev.org>
parents: 28808
diff changeset
    11
urlerr = util.urlerr
032c4c2f802a pycompat: switch to util.urlreq/util.urlerr for py3 compat
timeless <timeless@mozdev.org>
parents: 28808
diff changeset
    12
urlreq = util.urlreq
032c4c2f802a pycompat: switch to util.urlreq/util.urlerr for py3 compat
timeless <timeless@mozdev.org>
parents: 28808
diff changeset
    13
28807
736f64b23a24 test-hgweb-auth: alias ui as uimod
Yuya Nishihara <yuya@tcha.org>
parents: 28748
diff changeset
    14
class myui(uimod.ui):
8333
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    15
    def interactive(self):
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    16
        return False
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    17
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    18
origui = myui()
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    19
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    20
def writeauth(items):
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    21
    ui = origui.copy()
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    22
    for name, value in items.iteritems():
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    23
        ui.setconfig('auth', name, value)
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    24
    return ui
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    25
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    26
def dumpdict(dict):
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 8333
diff changeset
    27
    return '{' + ', '.join(['%s: %s' % (k, dict[k])
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 8333
diff changeset
    28
                            for k in sorted(dict.iterkeys())]) + '}'
8333
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    29
15005
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
    30
def test(auth, urls=None):
28748
c2ba5a810fa1 py3: use print_function in test-hgweb-auth.py
Robert Stanca <robert.stanca7@gmail.com>
parents: 28747
diff changeset
    31
    print('CFG:', dumpdict(auth))
8333
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    32
    prefixes = set()
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    33
    for k in auth:
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    34
        prefixes.add(k.split('.', 1)[0])
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    35
    for p in prefixes:
15005
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
    36
        for name in ('.username', '.password'):
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
    37
            if (p + name) not in auth:
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
    38
                auth[p + name] = p
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
    39
    auth = dict((k, v) for k, v in auth.iteritems() if v is not None)
8333
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    40
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    41
    ui = writeauth(auth)
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    42
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    43
    def _test(uri):
28748
c2ba5a810fa1 py3: use print_function in test-hgweb-auth.py
Robert Stanca <robert.stanca7@gmail.com>
parents: 28747
diff changeset
    44
        print('URI:', uri)
8333
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    45
        try:
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    46
            pm = url.passwordmgr(ui)
15025
0593e8f81c71 http: pass user to readauthforuri() (fix 4a43e23b8c55)
Patrick Mezard <pmezard@gmail.com>
parents: 15024
diff changeset
    47
            u, authinfo = util.url(uri).authinfo()
15005
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
    48
            if authinfo is not None:
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
    49
                pm.add_password(*authinfo)
28748
c2ba5a810fa1 py3: use print_function in test-hgweb-auth.py
Robert Stanca <robert.stanca7@gmail.com>
parents: 28747
diff changeset
    50
            print('    ', pm.find_user_password('test', u))
28808
10c2ce44c35d test-hgweb-auth: stop direct symbol import of mercurial.error.Abort
Yuya Nishihara <yuya@tcha.org>
parents: 28807
diff changeset
    51
        except error.Abort:
28748
c2ba5a810fa1 py3: use print_function in test-hgweb-auth.py
Robert Stanca <robert.stanca7@gmail.com>
parents: 28747
diff changeset
    52
            print('    ','abort')
8333
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    53
15005
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
    54
    if not urls:
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
    55
        urls = [
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
    56
            'http://example.org/foo',
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
    57
            'http://example.org/foo/bar',
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
    58
            'http://example.org/bar',
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
    59
            'https://example.org/foo',
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
    60
            'https://example.org/foo/bar',
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
    61
            'https://example.org/bar',
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
    62
            'https://x@example.org/bar',
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
    63
            'https://y@example.org/bar',
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
    64
            ]
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
    65
    for u in urls:
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
    66
        _test(u)
8333
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    67
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    68
28748
c2ba5a810fa1 py3: use print_function in test-hgweb-auth.py
Robert Stanca <robert.stanca7@gmail.com>
parents: 28747
diff changeset
    69
print('\n*** Test in-uri schemes\n')
8333
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    70
test({'x.prefix': 'http://example.org'})
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    71
test({'x.prefix': 'https://example.org'})
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    72
test({'x.prefix': 'http://example.org', 'x.schemes': 'https'})
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    73
test({'x.prefix': 'https://example.org', 'x.schemes': 'http'})
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    74
28748
c2ba5a810fa1 py3: use print_function in test-hgweb-auth.py
Robert Stanca <robert.stanca7@gmail.com>
parents: 28747
diff changeset
    75
print('\n*** Test separately configured schemes\n')
8333
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    76
test({'x.prefix': 'example.org', 'x.schemes': 'http'})
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    77
test({'x.prefix': 'example.org', 'x.schemes': 'https'})
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    78
test({'x.prefix': 'example.org', 'x.schemes': 'http https'})
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    79
28748
c2ba5a810fa1 py3: use print_function in test-hgweb-auth.py
Robert Stanca <robert.stanca7@gmail.com>
parents: 28747
diff changeset
    80
print('\n*** Test prefix matching\n')
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 8333
diff changeset
    81
test({'x.prefix': 'http://example.org/foo',
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 8333
diff changeset
    82
      'y.prefix': 'http://example.org/bar'})
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 8333
diff changeset
    83
test({'x.prefix': 'http://example.org/foo',
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 8333
diff changeset
    84
      'y.prefix': 'http://example.org/foo/bar'})
8333
89c80c3dc584 allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff changeset
    85
test({'x.prefix': '*', 'y.prefix': 'https://example.org/bar'})
15005
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
    86
28748
c2ba5a810fa1 py3: use print_function in test-hgweb-auth.py
Robert Stanca <robert.stanca7@gmail.com>
parents: 28747
diff changeset
    87
print('\n*** Test user matching\n')
15005
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
    88
test({'x.prefix': 'http://example.org/foo',
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
    89
      'x.username': None,
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
    90
      'x.password': 'xpassword'},
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
    91
     urls=['http://y@example.org/foo'])
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
    92
test({'x.prefix': 'http://example.org/foo',
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
    93
      'x.username': None,
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
    94
      'x.password': 'xpassword',
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
    95
      'y.prefix': 'http://example.org/foo',
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
    96
      'y.username': 'y',
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
    97
      'y.password': 'ypassword'},
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
    98
     urls=['http://y@example.org/foo'])
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
    99
test({'x.prefix': 'http://example.org/foo/bar',
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
   100
      'x.username': None,
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
   101
      'x.password': 'xpassword',
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
   102
      'y.prefix': 'http://example.org/foo',
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
   103
      'y.username': 'y',
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
   104
      'y.password': 'ypassword'},
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents: 10282
diff changeset
   105
     urls=['http://y@example.org/foo/bar'])
15024
0f1311e829c9 http: strip credentials from urllib2 manager URIs (issue2885)
Patrick Mezard <pmezard@gmail.com>
parents: 15005
diff changeset
   106
0f1311e829c9 http: strip credentials from urllib2 manager URIs (issue2885)
Patrick Mezard <pmezard@gmail.com>
parents: 15005
diff changeset
   107
def testauthinfo(fullurl, authurl):
28748
c2ba5a810fa1 py3: use print_function in test-hgweb-auth.py
Robert Stanca <robert.stanca7@gmail.com>
parents: 28747
diff changeset
   108
    print('URIs:', fullurl, authurl)
28883
032c4c2f802a pycompat: switch to util.urlreq/util.urlerr for py3 compat
timeless <timeless@mozdev.org>
parents: 28808
diff changeset
   109
    pm = urlreq.httppasswordmgrwithdefaultrealm()
15024
0f1311e829c9 http: strip credentials from urllib2 manager URIs (issue2885)
Patrick Mezard <pmezard@gmail.com>
parents: 15005
diff changeset
   110
    pm.add_password(*util.url(fullurl).authinfo()[1])
28748
c2ba5a810fa1 py3: use print_function in test-hgweb-auth.py
Robert Stanca <robert.stanca7@gmail.com>
parents: 28747
diff changeset
   111
    print(pm.find_user_password('test', authurl))
15024
0f1311e829c9 http: strip credentials from urllib2 manager URIs (issue2885)
Patrick Mezard <pmezard@gmail.com>
parents: 15005
diff changeset
   112
28748
c2ba5a810fa1 py3: use print_function in test-hgweb-auth.py
Robert Stanca <robert.stanca7@gmail.com>
parents: 28747
diff changeset
   113
print('\n*** Test urllib2 and util.url\n')
15024
0f1311e829c9 http: strip credentials from urllib2 manager URIs (issue2885)
Patrick Mezard <pmezard@gmail.com>
parents: 15005
diff changeset
   114
testauthinfo('http://user@example.com:8080/foo', 'http://example.com:8080/foo')