mitmproxy/test/http/test_authentication.py

import binascii

from netlib import tutils
from netlib.http import authentication, Headers


def test_parse_http_basic_auth():
    vals = (b"basic", b"foo", b"bar")
    assert authentication.parse_http_basic_auth(
        authentication.assemble_http_basic_auth(*vals)
    ) == vals
    assert not authentication.parse_http_basic_auth("")
    assert not authentication.parse_http_basic_auth("foo bar")
    v = b"basic " + binascii.b2a_base64(b"foo")
    assert not authentication.parse_http_basic_auth(v)


class TestPassManNonAnon:

    def test_simple(self):
        p = authentication.PassManNonAnon()
        assert not p.test("", "")
        assert p.test("user", "")


class TestPassManHtpasswd:

    def test_file_errors(self):
        tutils.raises(
            "malformed htpasswd file",
            authentication.PassManHtpasswd,
            tutils.test_data.path("data/server.crt"))

    def test_simple(self):
        pm = authentication.PassManHtpasswd(tutils.test_data.path("data/htpasswd"))

        vals = (b"basic", b"test", b"test")
        authentication.assemble_http_basic_auth(*vals)
        assert pm.test("test", "test")
        assert not pm.test("test", "foo")
        assert not pm.test("foo", "test")
        assert not pm.test("test", "")
        assert not pm.test("", "")


class TestPassManSingleUser:

    def test_simple(self):
        pm = authentication.PassManSingleUser("test", "test")
        assert pm.test("test", "test")
        assert not pm.test("test", "foo")
        assert not pm.test("foo", "test")


class TestNullProxyAuth:

    def test_simple(self):
        na = authentication.NullProxyAuth(authentication.PassManNonAnon())
        assert not na.auth_challenge_headers()
        assert na.authenticate("foo")
        na.clean({})


class TestBasicProxyAuth:

    def test_simple(self):
        ba = authentication.BasicProxyAuth(authentication.PassManNonAnon(), "test")
        headers = Headers()
        assert ba.auth_challenge_headers()
        assert not ba.authenticate(headers)

    def test_authenticate_clean(self):
        ba = authentication.BasicProxyAuth(authentication.PassManNonAnon(), "test")

        headers = Headers()
        vals = (b"basic", b"foo", b"bar")
        headers[ba.AUTH_HEADER] = authentication.assemble_http_basic_auth(*vals)
        assert ba.authenticate(headers)

        ba.clean(headers)
        assert not ba.AUTH_HEADER in headers

        headers[ba.AUTH_HEADER] = ""
        assert not ba.authenticate(headers)

        headers[ba.AUTH_HEADER] = "foo"
        assert not ba.authenticate(headers)

        vals = (b"foo", b"foo", b"bar")
        headers[ba.AUTH_HEADER] = authentication.assemble_http_basic_auth(*vals)
        assert not ba.authenticate(headers)

        ba = authentication.BasicProxyAuth(authentication.PassMan(), "test")
        vals = (b"basic", b"foo", b"bar")
        headers[ba.AUTH_HEADER] = authentication.assemble_http_basic_auth(*vals)
        assert not ba.authenticate(headers)


class Bunch:
    pass


class TestAuthAction:

    def test_nonanonymous(self):
        m = Bunch()
        aa = authentication.NonanonymousAuthAction(None, "authenticator")
        aa(None, m, None, None)
        assert m.authenticator

    def test_singleuser(self):
        m = Bunch()
        aa = authentication.SingleuserAuthAction(None, "authenticator")
        aa(None, m, "foo:bar", None)
        assert m.authenticator
        tutils.raises("invalid", aa, None, m, "foo", None)

    def test_httppasswd(self):
        m = Bunch()
        aa = authentication.HtpasswdAuthAction(None, "authenticator")
        aa(None, m, tutils.test_data.path("data/htpasswd"), None)
        assert m.authenticator
extract authentication methods from protocol 2015-07-15 20:32:14 +00:00			`import binascii`

headers: adjust everything 2015-09-05 16:15:47 +00:00			`from netlib import tutils`
			`from netlib.http import authentication, Headers`
Integrate HTTP auth, test to 100% 2013-03-02 21:37:28 +00:00
cleanup code with autopep8 run the following command: $ autopep8 -i -r -a -a . 2015-05-27 09:18:54 +00:00
extract authentication methods from protocol 2015-07-15 20:32:14 +00:00			`def test_parse_http_basic_auth():`
wip 2015-09-15 17:12:15 +00:00			`vals = (b"basic", b"foo", b"bar")`
headers: adjust everything 2015-09-05 16:15:47 +00:00			`assert authentication.parse_http_basic_auth(`
			`authentication.assemble_http_basic_auth(*vals)`
extract authentication methods from protocol 2015-07-15 20:32:14 +00:00			`) == vals`
headers: adjust everything 2015-09-05 16:15:47 +00:00			`assert not authentication.parse_http_basic_auth("")`
			`assert not authentication.parse_http_basic_auth("foo bar")`
python3++ 2015-09-20 18:35:45 +00:00			`v = b"basic " + binascii.b2a_base64(b"foo")`
headers: adjust everything 2015-09-05 16:15:47 +00:00			`assert not authentication.parse_http_basic_auth(v)`
extract authentication methods from protocol 2015-07-15 20:32:14 +00:00

Integrate HTTP auth, test to 100% 2013-03-02 21:37:28 +00:00			`class TestPassManNonAnon:`
cleanup code with autopep8 run the following command: $ autopep8 -i -r -a -a . 2015-05-27 09:18:54 +00:00
Integrate HTTP auth, test to 100% 2013-03-02 21:37:28 +00:00			`def test_simple(self):`
move bits around 2015-07-14 21:02:14 +00:00			`p = authentication.PassManNonAnon()`
Integrate HTTP auth, test to 100% 2013-03-02 21:37:28 +00:00			`assert not p.test("", "")`
			`assert p.test("user", "")`


			`class TestPassManHtpasswd:`
cleanup code with autopep8 run the following command: $ autopep8 -i -r -a -a . 2015-05-27 09:18:54 +00:00
Integrate HTTP auth, test to 100% 2013-03-02 21:37:28 +00:00			`def test_file_errors(self):`
Adjust pep8 parameters, reformat 2015-05-30 00:02:58 +00:00			`tutils.raises(`
			`"malformed htpasswd file",`
move bits around 2015-07-14 21:02:14 +00:00			`authentication.PassManHtpasswd,`
Adjust pep8 parameters, reformat 2015-05-30 00:02:58 +00:00			`tutils.test_data.path("data/server.crt"))`
Integrate HTTP auth, test to 100% 2013-03-02 21:37:28 +00:00
			`def test_simple(self):`
move bits around 2015-07-14 21:02:14 +00:00			`pm = authentication.PassManHtpasswd(tutils.test_data.path("data/htpasswd"))`
Integrate HTTP auth, test to 100% 2013-03-02 21:37:28 +00:00
python3++ 2015-09-20 18:35:45 +00:00			`vals = (b"basic", b"test", b"test")`
extract authentication methods from protocol 2015-07-15 20:32:14 +00:00			`authentication.assemble_http_basic_auth(*vals)`
Integrate HTTP auth, test to 100% 2013-03-02 21:37:28 +00:00			`assert pm.test("test", "test")`
			`assert not pm.test("test", "foo")`
			`assert not pm.test("foo", "test")`
			`assert not pm.test("test", "")`
			`assert not pm.test("", "")`


			`class TestPassManSingleUser:`
cleanup code with autopep8 run the following command: $ autopep8 -i -r -a -a . 2015-05-27 09:18:54 +00:00
Integrate HTTP auth, test to 100% 2013-03-02 21:37:28 +00:00			`def test_simple(self):`
move bits around 2015-07-14 21:02:14 +00:00			`pm = authentication.PassManSingleUser("test", "test")`
Integrate HTTP auth, test to 100% 2013-03-02 21:37:28 +00:00			`assert pm.test("test", "test")`
			`assert not pm.test("test", "foo")`
			`assert not pm.test("foo", "test")`


			`class TestNullProxyAuth:`
cleanup code with autopep8 run the following command: $ autopep8 -i -r -a -a . 2015-05-27 09:18:54 +00:00
Integrate HTTP auth, test to 100% 2013-03-02 21:37:28 +00:00			`def test_simple(self):`
move bits around 2015-07-14 21:02:14 +00:00			`na = authentication.NullProxyAuth(authentication.PassManNonAnon())`
Integrate HTTP auth, test to 100% 2013-03-02 21:37:28 +00:00			`assert not na.auth_challenge_headers()`
			`assert na.authenticate("foo")`
			`na.clean({})`


			`class TestBasicProxyAuth:`
cleanup code with autopep8 run the following command: $ autopep8 -i -r -a -a . 2015-05-27 09:18:54 +00:00
Integrate HTTP auth, test to 100% 2013-03-02 21:37:28 +00:00			`def test_simple(self):`
move bits around 2015-07-14 21:02:14 +00:00			`ba = authentication.BasicProxyAuth(authentication.PassManNonAnon(), "test")`
headers: adjust everything 2015-09-05 16:15:47 +00:00			`headers = Headers()`
Integrate HTTP auth, test to 100% 2013-03-02 21:37:28 +00:00			`assert ba.auth_challenge_headers()`
headers: adjust everything 2015-09-05 16:15:47 +00:00			`assert not ba.authenticate(headers)`
Integrate HTTP auth, test to 100% 2013-03-02 21:37:28 +00:00
			`def test_authenticate_clean(self):`
move bits around 2015-07-14 21:02:14 +00:00			`ba = authentication.BasicProxyAuth(authentication.PassManNonAnon(), "test")`
Integrate HTTP auth, test to 100% 2013-03-02 21:37:28 +00:00
headers: adjust everything 2015-09-05 16:15:47 +00:00			`headers = Headers()`
python3++ 2015-09-20 18:35:45 +00:00			`vals = (b"basic", b"foo", b"bar")`
headers: adjust everything 2015-09-05 16:15:47 +00:00			`headers[ba.AUTH_HEADER] = authentication.assemble_http_basic_auth(*vals)`
			`assert ba.authenticate(headers)`
Integrate HTTP auth, test to 100% 2013-03-02 21:37:28 +00:00
headers: adjust everything 2015-09-05 16:15:47 +00:00			`ba.clean(headers)`
			`assert not ba.AUTH_HEADER in headers`
Integrate HTTP auth, test to 100% 2013-03-02 21:37:28 +00:00
headers: adjust everything 2015-09-05 16:15:47 +00:00			`headers[ba.AUTH_HEADER] = ""`
			`assert not ba.authenticate(headers)`
Integrate HTTP auth, test to 100% 2013-03-02 21:37:28 +00:00
headers: adjust everything 2015-09-05 16:15:47 +00:00			`headers[ba.AUTH_HEADER] = "foo"`
			`assert not ba.authenticate(headers)`
Integrate HTTP auth, test to 100% 2013-03-02 21:37:28 +00:00
python3++ 2015-09-20 18:35:45 +00:00			`vals = (b"foo", b"foo", b"bar")`
headers: adjust everything 2015-09-05 16:15:47 +00:00			`headers[ba.AUTH_HEADER] = authentication.assemble_http_basic_auth(*vals)`
			`assert not ba.authenticate(headers)`
Integrate HTTP auth, test to 100% 2013-03-02 21:37:28 +00:00
move bits around 2015-07-14 21:02:14 +00:00			`ba = authentication.BasicProxyAuth(authentication.PassMan(), "test")`
python3++ 2015-09-20 18:35:45 +00:00			`vals = (b"basic", b"foo", b"bar")`
headers: adjust everything 2015-09-05 16:15:47 +00:00			`headers[ba.AUTH_HEADER] = authentication.assemble_http_basic_auth(*vals)`
			`assert not ba.authenticate(headers)`
Integrate HTTP auth, test to 100% 2013-03-02 21:37:28 +00:00
Unit test auth actions. 2013-12-08 00:35:42 +00:00
cleanup code with autopep8 run the following command: $ autopep8 -i -r -a -a . 2015-05-27 09:18:54 +00:00			`class Bunch:`
			`pass`
Unit test auth actions. 2013-12-08 00:35:42 +00:00
fix AuthAction tests failures from last merge 2013-12-08 01:24:00 +00:00
Unit test auth actions. 2013-12-08 00:35:42 +00:00			`class TestAuthAction:`
cleanup code with autopep8 run the following command: $ autopep8 -i -r -a -a . 2015-05-27 09:18:54 +00:00
Unit test auth actions. 2013-12-08 00:35:42 +00:00			`def test_nonanonymous(self):`
			`m = Bunch()`
move bits around 2015-07-14 21:02:14 +00:00			`aa = authentication.NonanonymousAuthAction(None, "authenticator")`
Unit test auth actions. 2013-12-08 00:35:42 +00:00			`aa(None, m, None, None)`
cleanup code with autopep8 run the following command: $ autopep8 -i -r -a -a . 2015-05-27 09:18:54 +00:00			`assert m.authenticator`
Unit test auth actions. 2013-12-08 00:35:42 +00:00
			`def test_singleuser(self):`
			`m = Bunch()`
move bits around 2015-07-14 21:02:14 +00:00			`aa = authentication.SingleuserAuthAction(None, "authenticator")`
Unit test auth actions. 2013-12-08 00:35:42 +00:00			`aa(None, m, "foo:bar", None)`
cleanup code with autopep8 run the following command: $ autopep8 -i -r -a -a . 2015-05-27 09:18:54 +00:00			`assert m.authenticator`
Unit test auth actions. 2013-12-08 00:35:42 +00:00			`tutils.raises("invalid", aa, None, m, "foo", None)`

			`def test_httppasswd(self):`
			`m = Bunch()`
move bits around 2015-07-14 21:02:14 +00:00			`aa = authentication.HtpasswdAuthAction(None, "authenticator")`
Unit test auth actions. 2013-12-08 00:35:42 +00:00			`aa(None, m, tutils.test_data.path("data/htpasswd"), None)`
cleanup code with autopep8 run the following command: $ autopep8 -i -r -a -a . 2015-05-27 09:18:54 +00:00			`assert m.authenticator`