Mercurial > hg
annotate tests/test-hgweb-auth.py @ 15005:4a43e23b8c55 stable 1.9.1
hgweb: do not ignore [auth] if url has a username (issue2822)
The [auth] section was ignored when handling URLs like:
http://user@example.com/foo
Instead, we look in [auth] for an entry matching the URL and supplied user
name. Entries without username can match URL with a username. Prefix length
ties are resolved in favor of entries matching the username. With:
foo.prefix = http://example.org
foo.username = user
foo.password = password
bar.prefix = http://example.org/bar
and the input URL:
http://user@example.org/bar
the 'bar' entry will be selected because of prefix length, therefore prompting
for a password. This behaviour ensure that entries selection is consistent when
looking for credentials or for certificates, and that certificates can be
picked even if their entries do no define usernames while the URL does.
Additionally, entries without a username matched against a username are
returned as if they did have requested username set to avoid prompting again
for a username if the password is not set.
v2: reparse the URL in readauthforuri() to handle HTTP and HTTPS similarly.
v3: allow unset usernames to match URL usernames to pick certificates. Resolve
prefix length ties in favor of entries with usernames.
| author | Patrick Mezard <pmezard@gmail.com> |
|---|---|
| date | Mon, 01 Aug 2011 23:58:50 +0200 |
| parents | 08a0f04b56bd |
| children | 0f1311e829c9 |
| rev | line source |
|---|---|
|
8333
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
1 from mercurial import demandimport; demandimport.enable() |
|
15005
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
2 from mercurial import ui, util |
|
8333
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
3 from mercurial import url |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
4 from mercurial.error import Abort |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
5 |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
6 class myui(ui.ui): |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
7 def interactive(self): |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
8 return False |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
9 |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
10 origui = myui() |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
11 |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
12 def writeauth(items): |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
13 ui = origui.copy() |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
14 for name, value in items.iteritems(): |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
15 ui.setconfig('auth', name, value) |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
16 return ui |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
17 |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
18 def dumpdict(dict): |
|
10282
08a0f04b56bd
many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents:
8333
diff
changeset
|
19 return '{' + ', '.join(['%s: %s' % (k, dict[k]) |
|
08a0f04b56bd
many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents:
8333
diff
changeset
|
20 for k in sorted(dict.iterkeys())]) + '}' |
|
8333
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
21 |
|
15005
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
22 def test(auth, urls=None): |
|
8333
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
23 print 'CFG:', dumpdict(auth) |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
24 prefixes = set() |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
25 for k in auth: |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
26 prefixes.add(k.split('.', 1)[0]) |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
27 for p in prefixes: |
|
15005
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
28 for name in ('.username', '.password'): |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
29 if (p + name) not in auth: |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
30 auth[p + name] = p |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
31 auth = dict((k, v) for k, v in auth.iteritems() if v is not None) |
|
8333
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
32 |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
33 ui = writeauth(auth) |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
34 |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
35 def _test(uri): |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
36 print 'URI:', uri |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
37 try: |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
38 pm = url.passwordmgr(ui) |
|
15005
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
39 authinfo = util.url(uri).authinfo()[1] |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
40 if authinfo is not None: |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
41 pm.add_password(*authinfo) |
|
8333
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
42 print ' ', pm.find_user_password('test', uri) |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
43 except Abort, e: |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
44 print 'abort' |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
45 |
|
15005
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
46 if not urls: |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
47 urls = [ |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
48 'http://example.org/foo', |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
49 'http://example.org/foo/bar', |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
50 'http://example.org/bar', |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
51 'https://example.org/foo', |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
52 'https://example.org/foo/bar', |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
53 'https://example.org/bar', |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
54 'https://x@example.org/bar', |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
55 'https://y@example.org/bar', |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
56 ] |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
57 for u in urls: |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
58 _test(u) |
|
8333
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
59 |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
60 |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
61 print '\n*** Test in-uri schemes\n' |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
62 test({'x.prefix': 'http://example.org'}) |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
63 test({'x.prefix': 'https://example.org'}) |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
64 test({'x.prefix': 'http://example.org', 'x.schemes': 'https'}) |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
65 test({'x.prefix': 'https://example.org', 'x.schemes': 'http'}) |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
66 |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
67 print '\n*** Test separately configured schemes\n' |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
68 test({'x.prefix': 'example.org', 'x.schemes': 'http'}) |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
69 test({'x.prefix': 'example.org', 'x.schemes': 'https'}) |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
70 test({'x.prefix': 'example.org', 'x.schemes': 'http https'}) |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
71 |
|
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
72 print '\n*** Test prefix matching\n' |
|
10282
08a0f04b56bd
many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents:
8333
diff
changeset
|
73 test({'x.prefix': 'http://example.org/foo', |
|
08a0f04b56bd
many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents:
8333
diff
changeset
|
74 'y.prefix': 'http://example.org/bar'}) |
|
08a0f04b56bd
many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents:
8333
diff
changeset
|
75 test({'x.prefix': 'http://example.org/foo', |
|
08a0f04b56bd
many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents:
8333
diff
changeset
|
76 'y.prefix': 'http://example.org/foo/bar'}) |
|
8333
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
77 test({'x.prefix': '*', 'y.prefix': 'https://example.org/bar'}) |
|
15005
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
78 |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
79 print '\n*** Test user matching\n' |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
80 test({'x.prefix': 'http://example.org/foo', |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
81 'x.username': None, |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
82 'x.password': 'xpassword'}, |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
83 urls=['http://y@example.org/foo']) |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
84 test({'x.prefix': 'http://example.org/foo', |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
85 'x.username': None, |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
86 'x.password': 'xpassword', |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
87 'y.prefix': 'http://example.org/foo', |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
88 'y.username': 'y', |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
89 'y.password': 'ypassword'}, |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
90 urls=['http://y@example.org/foo']) |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
91 test({'x.prefix': 'http://example.org/foo/bar', |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
92 'x.username': None, |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
93 'x.password': 'xpassword', |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
94 'y.prefix': 'http://example.org/foo', |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
95 'y.username': 'y', |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
96 'y.password': 'ypassword'}, |
|
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
97 urls=['http://y@example.org/foo/bar']) |