mercurial-scm/hg-stable: tests/test-hgweb-auth.py annotate

annotate tests/test-hgweb-auth.py @ 15005:4a43e23b8c55 stable 1.9.1

hgweb: do not ignore [auth] if url has a username (issue2822) The [auth] section was ignored when handling URLs like: http://user@example.com/foo Instead, we look in [auth] for an entry matching the URL and supplied user name. Entries without username can match URL with a username. Prefix length ties are resolved in favor of entries matching the username. With: foo.prefix = http://example.org foo.username = user foo.password = password bar.prefix = http://example.org/bar and the input URL: http://user@example.org/bar the 'bar' entry will be selected because of prefix length, therefore prompting for a password. This behaviour ensure that entries selection is consistent when looking for credentials or for certificates, and that certificates can be picked even if their entries do no define usernames while the URL does. Additionally, entries without a username matched against a username are returned as if they did have requested username set to avoid prompting again for a username if the password is not set. v2: reparse the URL in readauthforuri() to handle HTTP and HTTPS similarly. v3: allow unset usernames to match URL usernames to pick certificates. Resolve prefix length ties in favor of entries with usernames.

author	Patrick Mezard <pmezard@gmail.com>
date	Mon, 01 Aug 2011 23:58:50 +0200
parents	08a0f04b56bd
children	0f1311e829c9

rev	line source
8333 89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	1 from mercurial import demandimport; demandimport.enable()
15005 4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	2 from mercurial import ui, util
8333 89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	3 from mercurial import url
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	4 from mercurial.error import Abort
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	5
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	6 class myui(ui.ui):
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	7 def interactive(self):
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	8 return False
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	9
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	10 origui = myui()
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	11
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	12 def writeauth(items):
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	13 ui = origui.copy()
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	14 for name, value in items.iteritems():
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	15 ui.setconfig('auth', name, value)
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	16 return ui
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	17
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	18 def dumpdict(dict):
10282 08a0f04b56bd many, many trivial check-code fixups Matt Mackall <mpm@selenic.com> parents: 8333 diff changeset	19 return '{' + ', '.join(['%s: %s' % (k, dict[k])
08a0f04b56bd many, many trivial check-code fixups Matt Mackall <mpm@selenic.com> parents: 8333 diff changeset	20 for k in sorted(dict.iterkeys())]) + '}'
8333 89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	21
15005 4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	22 def test(auth, urls=None):
8333 89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	23 print 'CFG:', dumpdict(auth)
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	24 prefixes = set()
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	25 for k in auth:
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	26 prefixes.add(k.split('.', 1)[0])
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	27 for p in prefixes:
15005 4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	28 for name in ('.username', '.password'):
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	29 if (p + name) not in auth:
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	30 auth[p + name] = p
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	31 auth = dict((k, v) for k, v in auth.iteritems() if v is not None)
8333 89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	32
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	33 ui = writeauth(auth)
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	34
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	35 def _test(uri):
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	36 print 'URI:', uri
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	37 try:
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	38 pm = url.passwordmgr(ui)
15005 4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	39 authinfo = util.url(uri).authinfo()[1]
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	40 if authinfo is not None:
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	41 pm.add_password(*authinfo)
8333 89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	42 print ' ', pm.find_user_password('test', uri)
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	43 except Abort, e:
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	44 print 'abort'
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	45
15005 4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	46 if not urls:
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	47 urls = [
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	48 'http://example.org/foo',
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	49 'http://example.org/foo/bar',
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	50 'http://example.org/bar',
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	51 'https://example.org/foo',
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	52 'https://example.org/foo/bar',
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	53 'https://example.org/bar',
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	54 'https://x@example.org/bar',
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	55 'https://y@example.org/bar',
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	56 ]
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	57 for u in urls:
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	58 _test(u)
8333 89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	59
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	60
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	61 print '\n*** Test in-uri schemes\n'
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	62 test({'x.prefix': 'http://example.org'})
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	63 test({'x.prefix': 'https://example.org'})
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	64 test({'x.prefix': 'http://example.org', 'x.schemes': 'https'})
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	65 test({'x.prefix': 'https://example.org', 'x.schemes': 'http'})
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	66
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	67 print '\n*** Test separately configured schemes\n'
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	68 test({'x.prefix': 'example.org', 'x.schemes': 'http'})
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	69 test({'x.prefix': 'example.org', 'x.schemes': 'https'})
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	70 test({'x.prefix': 'example.org', 'x.schemes': 'http https'})
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	71
89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	72 print '\n*** Test prefix matching\n'
10282 08a0f04b56bd many, many trivial check-code fixups Matt Mackall <mpm@selenic.com> parents: 8333 diff changeset	73 test({'x.prefix': 'http://example.org/foo',
08a0f04b56bd many, many trivial check-code fixups Matt Mackall <mpm@selenic.com> parents: 8333 diff changeset	74 'y.prefix': 'http://example.org/bar'})
08a0f04b56bd many, many trivial check-code fixups Matt Mackall <mpm@selenic.com> parents: 8333 diff changeset	75 test({'x.prefix': 'http://example.org/foo',
08a0f04b56bd many, many trivial check-code fixups Matt Mackall <mpm@selenic.com> parents: 8333 diff changeset	76 'y.prefix': 'http://example.org/foo/bar'})
8333 89c80c3dc584 allow http authentication information to be specified in the configuration Sune Foldager <cryo@cyanite.org> parents: diff changeset	77 test({'x.prefix': '*', 'y.prefix': 'https://example.org/bar'})
15005 4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	78
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	79 print '\n*** Test user matching\n'
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	80 test({'x.prefix': 'http://example.org/foo',
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	81 'x.username': None,
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	82 'x.password': 'xpassword'},
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	83 urls=['http://y@example.org/foo'])
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	84 test({'x.prefix': 'http://example.org/foo',
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	85 'x.username': None,
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	86 'x.password': 'xpassword',
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	87 'y.prefix': 'http://example.org/foo',
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	88 'y.username': 'y',
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	89 'y.password': 'ypassword'},
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	90 urls=['http://y@example.org/foo'])
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	91 test({'x.prefix': 'http://example.org/foo/bar',
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	92 'x.username': None,
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	93 'x.password': 'xpassword',
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	94 'y.prefix': 'http://example.org/foo',
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	95 'y.username': 'y',
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	96 'y.password': 'ypassword'},
4a43e23b8c55 hgweb: do not ignore [auth] if url has a username (issue2822) Patrick Mezard <pmezard@gmail.com> parents: 10282 diff changeset	97 urls=['http://y@example.org/foo/bar'])

Mercurial > public > mercurial-scm > hg-stable

annotate tests/test-hgweb-auth.py @ 15005:4a43e23b8c55 stable 1.9.1