Mercurial > public > mercurial-scm > hg-stable
comparison mercurial/url.py @ 15025:0593e8f81c71 stable
http: pass user to readauthforuri() (fix 4a43e23b8c55)
urllib2 never handles URIs with credentials, we have to extract them and store
them in the password manager before handing the stripped URI. Half of the
changes deducing the username from the URI in 4a43e23b8c55 were incorrect.
Instead, we retrieve the username from the password manager before passing to
readauthforuri().
test-hgweb-auth.py was passing because the test itself was flawed: it was
passing URIs with credentials to find_password(), which never happens.
| author | Patrick Mezard <pmezard@gmail.com> |
|---|---|
| date | Fri, 05 Aug 2011 21:05:41 +0200 |
| parents | 4a43e23b8c55 |
| children | 1e45b92f4fb2 02734d2baa79 |
comparison
equal
deleted
inserted
replaced
| 15024:0f1311e829c9 | 15025:0593e8f81c71 |
|---|---|
| 24 if user and passwd: | 24 if user and passwd: |
| 25 self._writedebug(user, passwd) | 25 self._writedebug(user, passwd) |
| 26 return (user, passwd) | 26 return (user, passwd) |
| 27 | 27 |
| 28 if not user or not passwd: | 28 if not user or not passwd: |
| 29 res = httpconnectionmod.readauthforuri(self.ui, authuri) | 29 res = httpconnectionmod.readauthforuri(self.ui, authuri, user) |
| 30 if res: | 30 if res: |
| 31 group, auth = res | 31 group, auth = res |
| 32 user, passwd = auth.get('username'), auth.get('password') | 32 user, passwd = auth.get('username'), auth.get('password') |
| 33 self.ui.debug("using auth.%s.* for authentication\n" % group) | 33 self.ui.debug("using auth.%s.* for authentication\n" % group) |
| 34 if not user or not passwd: | 34 if not user or not passwd: |
| 50 return (user, passwd) | 50 return (user, passwd) |
| 51 | 51 |
| 52 def _writedebug(self, user, passwd): | 52 def _writedebug(self, user, passwd): |
| 53 msg = _('http auth: user %s, password %s\n') | 53 msg = _('http auth: user %s, password %s\n') |
| 54 self.ui.debug(msg % (user, passwd and '*' * len(passwd) or 'not set')) | 54 self.ui.debug(msg % (user, passwd and '*' * len(passwd) or 'not set')) |
| 55 | |
| 56 def find_stored_password(self, authuri): | |
| 57 return urllib2.HTTPPasswordMgrWithDefaultRealm.find_user_password( | |
| 58 self, None, authuri) | |
| 55 | 59 |
| 56 class proxyhandler(urllib2.ProxyHandler): | 60 class proxyhandler(urllib2.ProxyHandler): |
| 57 def __init__(self, ui): | 61 def __init__(self, ui): |
| 58 proxyurl = ui.config("http_proxy", "host") or os.getenv('http_proxy') | 62 proxyurl = ui.config("http_proxy", "host") or os.getenv('http_proxy') |
| 59 # XXX proxyauthinfo = None | 63 # XXX proxyauthinfo = None |
| 340 def _start_transaction(self, h, req): | 344 def _start_transaction(self, h, req): |
| 341 _generic_start_transaction(self, h, req) | 345 _generic_start_transaction(self, h, req) |
| 342 return keepalive.KeepAliveHandler._start_transaction(self, h, req) | 346 return keepalive.KeepAliveHandler._start_transaction(self, h, req) |
| 343 | 347 |
| 344 def https_open(self, req): | 348 def https_open(self, req): |
| 345 res = httpconnectionmod.readauthforuri(self.ui, req.get_full_url()) | 349 # req.get_full_url() does not contain credentials and we may |
| 350 # need them to match the certificates. | |
| 351 url = req.get_full_url() | |
| 352 user, password = self.pwmgr.find_stored_password(url) | |
| 353 res = httpconnectionmod.readauthforuri(self.ui, url, user) | |
| 346 if res: | 354 if res: |
| 347 group, auth = res | 355 group, auth = res |
| 348 self.auth = auth | 356 self.auth = auth |
| 349 self.ui.debug("using auth.%s.* for authentication\n" % group) | 357 self.ui.debug("using auth.%s.* for authentication\n" % group) |
| 350 else: | 358 else: |