Mercurial > hg
annotate tests/test-hgweb-auth.py @ 28407:63da8bd0c65e
blackbox: guard against recursion from dirty check
author | timeless <timeless@mozdev.org> |
---|---|
date | Tue, 08 Mar 2016 20:34:59 +0000 |
parents | 9de689d20230 |
children | 779addce6910 |
rev | line source |
---|---|
8333
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
1 from mercurial import demandimport; demandimport.enable() |
15024
0f1311e829c9
http: strip credentials from urllib2 manager URIs (issue2885)
Patrick Mezard <pmezard@gmail.com>
parents:
15005
diff
changeset
|
2 import urllib2 |
15005
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
3 from mercurial import ui, util |
8333
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
4 from mercurial import url |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
5 from mercurial.error import Abort |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
6 |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
7 class myui(ui.ui): |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
8 def interactive(self): |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
9 return False |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
10 |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
11 origui = myui() |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
12 |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
13 def writeauth(items): |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
14 ui = origui.copy() |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
15 for name, value in items.iteritems(): |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
16 ui.setconfig('auth', name, value) |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
17 return ui |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
18 |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
19 def dumpdict(dict): |
10282
08a0f04b56bd
many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents:
8333
diff
changeset
|
20 return '{' + ', '.join(['%s: %s' % (k, dict[k]) |
08a0f04b56bd
many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents:
8333
diff
changeset
|
21 for k in sorted(dict.iterkeys())]) + '}' |
8333
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
22 |
15005
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
23 def test(auth, urls=None): |
8333
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
24 print 'CFG:', dumpdict(auth) |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
25 prefixes = set() |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
26 for k in auth: |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
27 prefixes.add(k.split('.', 1)[0]) |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
28 for p in prefixes: |
15005
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
29 for name in ('.username', '.password'): |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
30 if (p + name) not in auth: |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
31 auth[p + name] = p |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
32 auth = dict((k, v) for k, v in auth.iteritems() if v is not None) |
8333
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
33 |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
34 ui = writeauth(auth) |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
35 |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
36 def _test(uri): |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
37 print 'URI:', uri |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
38 try: |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
39 pm = url.passwordmgr(ui) |
15025
0593e8f81c71
http: pass user to readauthforuri() (fix 4a43e23b8c55)
Patrick Mezard <pmezard@gmail.com>
parents:
15024
diff
changeset
|
40 u, authinfo = util.url(uri).authinfo() |
15005
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
41 if authinfo is not None: |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
42 pm.add_password(*authinfo) |
15025
0593e8f81c71
http: pass user to readauthforuri() (fix 4a43e23b8c55)
Patrick Mezard <pmezard@gmail.com>
parents:
15024
diff
changeset
|
43 print ' ', pm.find_user_password('test', u) |
19378
9de689d20230
cleanup: drop unused variables and an unused import
Simon Heimberg <simohe@besonet.ch>
parents:
15025
diff
changeset
|
44 except Abort: |
8333
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
45 print 'abort' |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
46 |
15005
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
47 if not urls: |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
48 urls = [ |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
49 'http://example.org/foo', |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
50 'http://example.org/foo/bar', |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
51 'http://example.org/bar', |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
52 'https://example.org/foo', |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
53 'https://example.org/foo/bar', |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
54 'https://example.org/bar', |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
55 'https://x@example.org/bar', |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
56 'https://y@example.org/bar', |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
57 ] |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
58 for u in urls: |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
59 _test(u) |
8333
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
60 |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
61 |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
62 print '\n*** Test in-uri schemes\n' |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
63 test({'x.prefix': 'http://example.org'}) |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
64 test({'x.prefix': 'https://example.org'}) |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
65 test({'x.prefix': 'http://example.org', 'x.schemes': 'https'}) |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
66 test({'x.prefix': 'https://example.org', 'x.schemes': 'http'}) |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
67 |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
68 print '\n*** Test separately configured schemes\n' |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
69 test({'x.prefix': 'example.org', 'x.schemes': 'http'}) |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
70 test({'x.prefix': 'example.org', 'x.schemes': 'https'}) |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
71 test({'x.prefix': 'example.org', 'x.schemes': 'http https'}) |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
72 |
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
73 print '\n*** Test prefix matching\n' |
10282
08a0f04b56bd
many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents:
8333
diff
changeset
|
74 test({'x.prefix': 'http://example.org/foo', |
08a0f04b56bd
many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents:
8333
diff
changeset
|
75 'y.prefix': 'http://example.org/bar'}) |
08a0f04b56bd
many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents:
8333
diff
changeset
|
76 test({'x.prefix': 'http://example.org/foo', |
08a0f04b56bd
many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents:
8333
diff
changeset
|
77 'y.prefix': 'http://example.org/foo/bar'}) |
8333
89c80c3dc584
allow http authentication information to be specified in the configuration
Sune Foldager <cryo@cyanite.org>
parents:
diff
changeset
|
78 test({'x.prefix': '*', 'y.prefix': 'https://example.org/bar'}) |
15005
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
79 |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
80 print '\n*** Test user matching\n' |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
81 test({'x.prefix': 'http://example.org/foo', |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
82 'x.username': None, |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
83 'x.password': 'xpassword'}, |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
84 urls=['http://y@example.org/foo']) |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
85 test({'x.prefix': 'http://example.org/foo', |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
86 'x.username': None, |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
87 'x.password': 'xpassword', |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
88 'y.prefix': 'http://example.org/foo', |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
89 'y.username': 'y', |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
90 'y.password': 'ypassword'}, |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
91 urls=['http://y@example.org/foo']) |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
92 test({'x.prefix': 'http://example.org/foo/bar', |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
93 'x.username': None, |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
94 'x.password': 'xpassword', |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
95 'y.prefix': 'http://example.org/foo', |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
96 'y.username': 'y', |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
97 'y.password': 'ypassword'}, |
4a43e23b8c55
hgweb: do not ignore [auth] if url has a username (issue2822)
Patrick Mezard <pmezard@gmail.com>
parents:
10282
diff
changeset
|
98 urls=['http://y@example.org/foo/bar']) |
15024
0f1311e829c9
http: strip credentials from urllib2 manager URIs (issue2885)
Patrick Mezard <pmezard@gmail.com>
parents:
15005
diff
changeset
|
99 |
0f1311e829c9
http: strip credentials from urllib2 manager URIs (issue2885)
Patrick Mezard <pmezard@gmail.com>
parents:
15005
diff
changeset
|
100 def testauthinfo(fullurl, authurl): |
0f1311e829c9
http: strip credentials from urllib2 manager URIs (issue2885)
Patrick Mezard <pmezard@gmail.com>
parents:
15005
diff
changeset
|
101 print 'URIs:', fullurl, authurl |
0f1311e829c9
http: strip credentials from urllib2 manager URIs (issue2885)
Patrick Mezard <pmezard@gmail.com>
parents:
15005
diff
changeset
|
102 pm = urllib2.HTTPPasswordMgrWithDefaultRealm() |
0f1311e829c9
http: strip credentials from urllib2 manager URIs (issue2885)
Patrick Mezard <pmezard@gmail.com>
parents:
15005
diff
changeset
|
103 pm.add_password(*util.url(fullurl).authinfo()[1]) |
0f1311e829c9
http: strip credentials from urllib2 manager URIs (issue2885)
Patrick Mezard <pmezard@gmail.com>
parents:
15005
diff
changeset
|
104 print pm.find_user_password('test', authurl) |
0f1311e829c9
http: strip credentials from urllib2 manager URIs (issue2885)
Patrick Mezard <pmezard@gmail.com>
parents:
15005
diff
changeset
|
105 |
0f1311e829c9
http: strip credentials from urllib2 manager URIs (issue2885)
Patrick Mezard <pmezard@gmail.com>
parents:
15005
diff
changeset
|
106 print '\n*** Test urllib2 and util.url\n' |
0f1311e829c9
http: strip credentials from urllib2 manager URIs (issue2885)
Patrick Mezard <pmezard@gmail.com>
parents:
15005
diff
changeset
|
107 testauthinfo('http://user@example.com:8080/foo', 'http://example.com:8080/foo') |