mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
Bug 650208: part 2b: clean up basic auth mess in tests. r=philiKON
This commit is contained in:
parent
b778a7a33c
commit
6e6815e668
@ -402,3 +402,11 @@ function encryptPayload(cleartext) {
|
||||
hmac: Utils.sha256HMAC(cleartext, Utils.makeHMACKey(""))};
|
||||
}
|
||||
|
||||
function basic_auth_header(user, password) {
|
||||
return "Basic " + btoa(user + ":" + Utils.encodeUTF8(password));
|
||||
}
|
||||
|
||||
function basic_auth_matches(req, user, password) {
|
||||
return req.hasHeader("Authorization") &&
|
||||
(req.getHeader("Authorization") == basic_auth_header(user, password));
|
||||
}
|
||||
|
@ -22,9 +22,7 @@ function httpd_handler(statusCode, status, body) {
|
||||
}
|
||||
|
||||
function httpd_basic_auth_handler(body, metadata, response) {
|
||||
// no btoa() in xpcshell. it's guest:guest
|
||||
if (metadata.hasHeader("Authorization") &&
|
||||
metadata.getHeader("Authorization") == "Basic Z3Vlc3Q6Z3Vlc3Q=") {
|
||||
if (basic_auth_matches(metadata, "guest", "guest")) {
|
||||
response.setStatusLine(metadata.httpVersion, 200, "OK, authorized");
|
||||
response.setHeader("WWW-Authenticate", 'Basic realm="secret"', false);
|
||||
} else {
|
||||
|
@ -7,16 +7,19 @@ let logger;
|
||||
|
||||
function server_handler(metadata, response) {
|
||||
let body, statusCode, status;
|
||||
let guestHeader = basic_auth_header("guest", "guest");
|
||||
let johnHeader = basic_auth_header("johndoe", "moneyislike$£¥");
|
||||
|
||||
_("Guest header: " + guestHeader);
|
||||
_("John header: " + johnHeader);
|
||||
|
||||
switch (metadata.getHeader("Authorization")) {
|
||||
// guest:guest
|
||||
case "Basic Z3Vlc3Q6Z3Vlc3Q=":
|
||||
case guestHeader:
|
||||
body = "This path exists and is protected";
|
||||
statusCode = 200;
|
||||
status = "OK";
|
||||
break;
|
||||
// johndoe:moneyislike$\u20ac\xa5\u5143
|
||||
case "Basic am9obmRvZTptb25leWlzbGlrZSTigqzCpeWFgw==":
|
||||
case johnHeader:
|
||||
body = "This path exists and is protected by a UTF8 password";
|
||||
statusCode = 200;
|
||||
status = "OK";
|
||||
@ -33,20 +36,20 @@ function server_handler(metadata, response) {
|
||||
}
|
||||
|
||||
function run_test() {
|
||||
do_test_pending();
|
||||
logger = Log4Moz.repository.getLogger('Test');
|
||||
Log4Moz.repository.rootLogger.addAppender(new Log4Moz.DumpAppender());
|
||||
initTestLogging("Trace");
|
||||
|
||||
do_test_pending();
|
||||
let server = new nsHttpServer();
|
||||
server.registerPathHandler("/foo", server_handler);
|
||||
server.registerPathHandler("/bar", server_handler);
|
||||
server.start(8080);
|
||||
|
||||
let auth = new BasicAuthenticator(new Identity("secret", "guest", "guest"));
|
||||
let auth2 = new BasicAuthenticator(
|
||||
new Identity("secret2", "johndoe", "moneyislike$\u20ac\xa5\u5143"));
|
||||
Auth.defaultAuthenticator = auth;
|
||||
Auth.registerAuthenticator("bar$", auth2);
|
||||
let guestIdentity = new Identity("secret", "guest", "guest");
|
||||
let johnIdentity = new Identity("secret2", "johndoe", "moneyislike$£¥")
|
||||
let guestAuth = new BasicAuthenticator(guestIdentity);
|
||||
let johnAuth = new BasicAuthenticator(johnIdentity);
|
||||
Auth.defaultAuthenticator = guestAuth;
|
||||
Auth.registerAuthenticator("bar$", johnAuth);
|
||||
|
||||
try {
|
||||
let content = new Resource("http://localhost:8080/foo").get();
|
||||
|
@ -21,9 +21,7 @@ function server_open(metadata, response) {
|
||||
function server_protected(metadata, response) {
|
||||
let body;
|
||||
|
||||
// no btoa() in xpcshell. it's guest:guest
|
||||
if (metadata.hasHeader("Authorization") &&
|
||||
metadata.getHeader("Authorization") == "Basic Z3Vlc3Q6Z3Vlc3Q=") {
|
||||
if (basic_auth_matches(metadata, "guest", "guest")) {
|
||||
body = "This path exists and is protected";
|
||||
response.setStatusLine(metadata.httpVersion, 200, "OK, authorized");
|
||||
response.setHeader("WWW-Authenticate", 'Basic realm="secret"', false);
|
||||
|
@ -21,9 +21,7 @@ function server_open(metadata, response) {
|
||||
function server_protected(metadata, response) {
|
||||
let body;
|
||||
|
||||
// no btoa() in xpcshell. it's guest:guest
|
||||
if (metadata.hasHeader("Authorization") &&
|
||||
metadata.getHeader("Authorization") == "Basic Z3Vlc3Q6Z3Vlc3Q=") {
|
||||
if (basic_auth_matches(metadata, "guest", "guest")) {
|
||||
body = "This path exists and is protected";
|
||||
response.setStatusLine(metadata.httpVersion, 200, "OK, authorized");
|
||||
response.setHeader("WWW-Authenticate", 'Basic realm="secret"', false);
|
||||
|
@ -43,10 +43,11 @@ function run_test() {
|
||||
do_check_eq(logins[0].password, "ILoveJane83");
|
||||
|
||||
_("A non-ASCII password is UTF-8 encoded.");
|
||||
res = Weave.Service.changePassword("moneyislike$\u20ac\xa5\u5143");
|
||||
const moneyPassword = "moneyislike$£¥";
|
||||
res = Weave.Service.changePassword(moneyPassword);
|
||||
do_check_true(res);
|
||||
do_check_eq(Weave.Service.password, "moneyislike$\u20ac\xa5\u5143");
|
||||
do_check_eq(requestBody, Utils.encodeUTF8("moneyislike$\u20ac\xa5\u5143"));
|
||||
do_check_eq(Weave.Service.password, moneyPassword);
|
||||
do_check_eq(requestBody, Utils.encodeUTF8(moneyPassword));
|
||||
|
||||
_("changePassword() returns false for a server error, the password won't change.");
|
||||
Weave.Svc.Login.removeAllLogins();
|
||||
|
@ -39,12 +39,12 @@ function run_test() {
|
||||
do_check_eq(payload["captcha-response"], "response");
|
||||
|
||||
_("A non-ASCII password is UTF-8 encoded.");
|
||||
res = Service.createAccount("john@doe.com", "moneyislike$\u20ac\xa5\u5143",
|
||||
const moneyPassword = "moneyislike$£¥";
|
||||
res = Service.createAccount("john@doe.com", moneyPassword,
|
||||
"challenge", "response");
|
||||
do_check_eq(res, null);
|
||||
payload = JSON.parse(requestBody);
|
||||
do_check_eq(payload.password,
|
||||
Utils.encodeUTF8("moneyislike$\u20ac\xa5\u5143"));
|
||||
do_check_eq(payload.password, Utils.encodeUTF8(moneyPassword));
|
||||
|
||||
_("Invalid captcha or other user-friendly error.");
|
||||
res = Service.createAccount("jane@doe.com", "anothersecretpw",
|
||||
|
@ -6,12 +6,8 @@ Cu.import("resource://services-sync/util.js");
|
||||
|
||||
function login_handling(handler) {
|
||||
return function (request, response) {
|
||||
// btoa('johndoe:ilovejane') == am9obmRvZTppbG92ZWphbmU=
|
||||
// btoa('janedoe:ilovejohn') == amFuZWRvZTppbG92ZWpvaG4=
|
||||
let header = request.getHeader("Authorization");
|
||||
if (header &&
|
||||
header == "Basic am9obmRvZTppbG92ZWphbmU=" ||
|
||||
header == "Basic amFuZWRvZTppbG92ZWpvaG4=") {
|
||||
if (basic_auth_matches(request, "johndoe", "ilovejane") ||
|
||||
basic_auth_matches(request, "janedoe", "ilovejohn")) {
|
||||
handler(request, response);
|
||||
} else {
|
||||
let body = "Unauthorized";
|
||||
|
@ -2,9 +2,7 @@ Cu.import("resource://services-sync/main.js");
|
||||
|
||||
function login_handling(handler) {
|
||||
return function (request, response) {
|
||||
// btoa('johndoe:ilovejane') == am9obmRvZTppbG92ZWphbmU=
|
||||
if (request.hasHeader("Authorization") &&
|
||||
request.getHeader("Authorization") == "Basic am9obmRvZTppbG92ZWphbmU=") {
|
||||
if (basic_auth_matches(request, "johndoe", "ilovejane")) {
|
||||
handler(request, response);
|
||||
} else {
|
||||
let body = "Unauthorized";
|
||||
|
@ -6,9 +6,7 @@ Cu.import("resource://services-sync/util.js");
|
||||
|
||||
function login_handling(handler) {
|
||||
return function (request, response) {
|
||||
// btoa('johndoe:ilovejane') == am9obmRvZTppbG92ZWphbmU=
|
||||
if (request.hasHeader("Authorization") &&
|
||||
request.getHeader("Authorization") == "Basic am9obmRvZTppbG92ZWphbmU=") {
|
||||
if (basic_auth_matches(request, "johndoe", "ilovejane")) {
|
||||
handler(request, response);
|
||||
} else {
|
||||
let body = "Unauthorized";
|
||||
|
Loading…
Reference in New Issue
Block a user