2010-07-19 15:28:54 -07:00
Cu . import ( "resource://services-sync/auth.js" ) ;
Cu . import ( "resource://services-sync/resource.js" ) ;
Cu . import ( "resource://services-sync/util.js" ) ;
Cu . import ( "resource://services-sync/service.js" ) ;
const JAPANESE = "\u34ff\u35ff\u36ff\u37ff" ;
const APPLES = "\uf8ff\uf8ff\uf8ff\uf8ff" ;
const LOWBYTES = "\xff\xff\xff\xff" ;
// Poor man's /etc/passwd. Static since there's no btoa()/atob() in xpcshell.
let basicauth = { } ;
basicauth [ LOWBYTES ] = "Basic am9obmRvZTr/////" ;
basicauth [ Utils . encodeUTF8 ( JAPANESE ) ] = "Basic am9obmRvZTrjk7/jl7/jm7/jn78=" ;
// Global var for the server password, read by info_collections(),
// modified by change_password().
let server _password ;
function info _collections ( request , response ) {
let body , statusCode , status ;
let basic = basicauth [ server _password ] ;
if ( basic && ( request . getHeader ( "Authorization" ) == basic ) ) {
body = "{}" ;
statusCode = 200 ;
status = "OK" ;
} else {
statusCode = 401 ;
body = status = "Unauthorized" ;
}
response . setStatusLine ( request . httpVersion , statusCode , status ) ;
response . setHeader ( "WWW-Authenticate" , 'Basic realm="secret"' , false ) ;
response . bodyOutputStream . write ( body , body . length ) ;
}
function change _password ( request , response ) {
let body , statusCode , status ;
let basic = basicauth [ server _password ] ;
if ( basic && ( request . getHeader ( "Authorization" ) == basic ) ) {
server _password = readBytesFromInputStream ( request . bodyInputStream ) ;
body = "" ;
statusCode = 200 ;
status = "OK" ;
} else {
statusCode = 401 ;
body = status = "Unauthorized" ;
}
response . setStatusLine ( request . httpVersion , statusCode , status ) ;
response . setHeader ( "WWW-Authenticate" , 'Basic realm="secret"' , false ) ;
response . bodyOutputStream . write ( body , body . length ) ;
}
function run _test ( ) {
2010-11-29 16:41:17 -08:00
initTestLogging ( "Trace" ) ;
2010-08-02 22:37:13 -07:00
do _test _pending ( ) ;
2010-07-19 15:28:54 -07:00
let server = httpd _setup ( {
"/1.0/johndoe/info/collections" : info _collections ,
2010-11-29 16:41:17 -08:00
"/1.0/johndoe/storage/meta/global" : new ServerWBO ( ) . handler ( ) ,
"/1.0/johndoe/storage/crypto/keys" : new ServerWBO ( ) . handler ( ) ,
2010-07-19 15:28:54 -07:00
"/user/1.0/johndoe/password" : change _password
} ) ;
2010-08-25 15:49:45 -07:00
Service . username = "johndoe" ;
Service . password = JAPANESE ;
2010-11-29 16:41:17 -08:00
Service . passphrase = "cantentsveryrelevantabbbb" ;
2010-08-25 15:49:45 -07:00
Service . serverURL = "http://localhost:8080/" ;
2010-07-19 15:28:54 -07:00
try {
_ ( "Try to log in with the password." ) ;
server _password = "foobar" ;
2010-08-25 15:49:45 -07:00
do _check _false ( Service . verifyLogin ( ) ) ;
2010-07-19 15:28:54 -07:00
do _check _eq ( server _password , "foobar" ) ;
_ ( "Make the server password the low byte version of our password. Login should work and have transparently changed the password to the UTF8 version." ) ;
server _password = LOWBYTES ;
2010-08-25 15:49:45 -07:00
do _check _true ( Service . verifyLogin ( ) ) ;
2010-07-19 15:28:54 -07:00
do _check _eq ( server _password , Utils . encodeUTF8 ( JAPANESE ) ) ;
_ ( "Can't use a password that has the same low bytes as ours." ) ;
2010-08-25 15:49:45 -07:00
Service . password = APPLES ;
do _check _false ( Service . verifyLogin ( ) ) ;
2010-07-19 15:28:54 -07:00
do _check _eq ( server _password , Utils . encodeUTF8 ( JAPANESE ) ) ;
} finally {
2010-08-02 22:37:13 -07:00
server . stop ( do _test _finished ) ;
2010-08-25 15:49:45 -07:00
Svc . Prefs . resetBranch ( "" ) ;
2010-07-19 15:28:54 -07:00
}
}
