2010-07-19 15:28:54 -07:00
Cu . import ( "resource://services-sync/resource.js" ) ;
Cu . import ( "resource://services-sync/util.js" ) ;
Cu . import ( "resource://services-sync/service.js" ) ;
const JAPANESE = "\u34ff\u35ff\u36ff\u37ff" ;
const APPLES = "\uf8ff\uf8ff\uf8ff\uf8ff" ;
const LOWBYTES = "\xff\xff\xff\xff" ;
// Poor man's /etc/passwd. Static since there's no btoa()/atob() in xpcshell.
let basicauth = { } ;
basicauth [ LOWBYTES ] = "Basic am9obmRvZTr/////" ;
basicauth [ Utils . encodeUTF8 ( JAPANESE ) ] = "Basic am9obmRvZTrjk7/jl7/jm7/jn78=" ;
// Global var for the server password, read by info_collections(),
// modified by change_password().
let server _password ;
2011-04-18 13:25:25 -07:00
function login _handling ( handler ) {
return function ( request , response ) {
let basic = basicauth [ server _password ] ;
2010-07-19 15:28:54 -07:00
2011-04-18 13:25:25 -07:00
if ( basic && ( request . getHeader ( "Authorization" ) == basic ) ) {
handler ( request , response ) ;
} else {
let body = "Unauthorized" ;
response . setStatusLine ( request . httpVersion , 401 , "Unauthorized" ) ;
response . setHeader ( "WWW-Authenticate" , 'Basic realm="secret"' , false ) ;
response . bodyOutputStream . write ( body , body . length ) ;
}
} ;
2010-07-19 15:28:54 -07:00
}
function change _password ( request , response ) {
let body , statusCode , status ;
let basic = basicauth [ server _password ] ;
if ( basic && ( request . getHeader ( "Authorization" ) == basic ) ) {
server _password = readBytesFromInputStream ( request . bodyInputStream ) ;
body = "" ;
statusCode = 200 ;
status = "OK" ;
} else {
statusCode = 401 ;
body = status = "Unauthorized" ;
}
response . setStatusLine ( request . httpVersion , statusCode , status ) ;
response . setHeader ( "WWW-Authenticate" , 'Basic realm="secret"' , false ) ;
response . bodyOutputStream . write ( body , body . length ) ;
}
function run _test ( ) {
2010-11-29 16:41:17 -08:00
initTestLogging ( "Trace" ) ;
2011-04-18 13:25:25 -07:00
let collectionsHelper = track _collections _helper ( ) ;
let upd = collectionsHelper . with _updated _collection ;
let collections = collectionsHelper . collections ;
2010-11-29 16:41:17 -08:00
2010-08-02 22:37:13 -07:00
do _test _pending ( ) ;
2010-07-19 15:28:54 -07:00
let server = httpd _setup ( {
2011-04-18 13:25:25 -07:00
"/1.1/johndoe/info/collections" : login _handling ( collectionsHelper . handler ) ,
"/1.1/johndoe/storage/meta/global" : upd ( "meta" , new ServerWBO ( "global" ) . handler ( ) ) ,
"/1.1/johndoe/storage/crypto/keys" : upd ( "crypto" , new ServerWBO ( "keys" ) . handler ( ) ) ,
"/user/1.0/johndoe/password" : change _password
2010-07-19 15:28:54 -07:00
} ) ;
2010-08-25 15:49:45 -07:00
Service . username = "johndoe" ;
Service . password = JAPANESE ;
2010-11-29 16:41:17 -08:00
Service . passphrase = "cantentsveryrelevantabbbb" ;
2010-08-25 15:49:45 -07:00
Service . serverURL = "http://localhost:8080/" ;
2010-07-19 15:28:54 -07:00
try {
_ ( "Try to log in with the password." ) ;
server _password = "foobar" ;
2010-08-25 15:49:45 -07:00
do _check _false ( Service . verifyLogin ( ) ) ;
2010-07-19 15:28:54 -07:00
do _check _eq ( server _password , "foobar" ) ;
_ ( "Make the server password the low byte version of our password. Login should work and have transparently changed the password to the UTF8 version." ) ;
server _password = LOWBYTES ;
2010-08-25 15:49:45 -07:00
do _check _true ( Service . verifyLogin ( ) ) ;
2010-07-19 15:28:54 -07:00
do _check _eq ( server _password , Utils . encodeUTF8 ( JAPANESE ) ) ;
_ ( "Can't use a password that has the same low bytes as ours." ) ;
2010-08-25 15:49:45 -07:00
Service . password = APPLES ;
do _check _false ( Service . verifyLogin ( ) ) ;
2010-07-19 15:28:54 -07:00
do _check _eq ( server _password , Utils . encodeUTF8 ( JAPANESE ) ) ;
} finally {
2010-08-02 22:37:13 -07:00
server . stop ( do _test _finished ) ;
2010-08-25 15:49:45 -07:00
Svc . Prefs . resetBranch ( "" ) ;
2010-07-19 15:28:54 -07:00
}
}