Почетна Преглед Помоћ
Пријавите се
mirrors
/
Radicale
огледало од https://github.com/Kozea/Radicale
1
0
Креирај огранак 0
Датотеке Дискусије 0 Вики
Дрво: e1e563cc28
Гране Ознаке
Radicale
/
radicale
/
tests
/
test_auth.py

test_auth.py 6.5 KB
Историја Датотека

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158 
  1. # This file is part of Radicale - CalDAV and CardDAV server
    2. 

  2. # Copyright © 2012-2016 Jean-Marc Martins
    3. 

  3. # Copyright © 2012-2017 Guillaume Ayoub
    4. 

  4. # Copyright © 2017-2019 Unrud <unrud@outlook.com>
    5. 

  5. #
    6. 

  6. # This library is free software: you can redistribute it and/or modify
    7. 

  7. # it under the terms of the GNU General Public License as published by
    8. 

  8. # the Free Software Foundation, either version 3 of the License, or
    9. 

  9. # (at your option) any later version.
    10. 

  10. #
    11. 

  11. # This library is distributed in the hope that it will be useful,
    12. 

  12. # but WITHOUT ANY WARRANTY; without even the implied warranty of
    13. 

  13. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    14. 

  14. # GNU General Public License for more details.
    15. 

  15. #
    16. 

  16. # You should have received a copy of the GNU General Public License
    17. 

  17. # along with Radicale.  If not, see <http://www.gnu.org/licenses/>.
    18. 

  18. 

  19. """
    20. 

  20. Radicale tests with simple requests and authentication.
    21. 

  21. 

  22. """
    23. 

  23. 

  24. import os
    25. 

  25. import sys
    26. 

  26. from typing import Iterable, Tuple, Union
    27. 

  27. 

  28. import pytest
    29. 

  29. 

  30. from radicale import xmlutils
    31. 

  31. from radicale.tests import BaseTest
    32. 

  32. 

  33. 

  34. class TestBaseAuthRequests(BaseTest):
    35. 

  35.     """Tests basic requests with auth.
    36. 

  36. 

  37.     We should setup auth for each type before creating the Application object.
    38. 

  38. 

  39.     """
    40. 

  40. 

  41.     def _test_htpasswd(self, htpasswd_encryption: str, htpasswd_content: str,
    42. 

  42.                        test_matrix: Union[str, Iterable[Tuple[str, str, bool]]]
    43. 

  43.                        = "ascii") -> None:
    44. 

  44.         """Test htpasswd authentication with user "tmp" and password "bepo" for
    45. 

  45.            ``test_matrix`` "ascii" or user "😀" and password "🔑" for
    46. 

  46.            ``test_matrix`` "unicode"."""
    47. 

  47.         if htpasswd_encryption == "bcrypt":
    48. 

  48.             try:
    49. 

  49.                 from passlib.exc import MissingBackendError
    50. 

  50.                 from passlib.hash import bcrypt
    51. 

  51.             except ImportError:
    52. 

  52.                 pytest.skip("passlib[bcrypt] is not installed")
    53. 

  53.             try:
    54. 

  54.                 bcrypt.hash("test-bcrypt-backend")
    55. 

  55.             except MissingBackendError:
    56. 

  56.                 pytest.skip("bcrypt backend for passlib is not installed")
    57. 

  57.         htpasswd_file_path = os.path.join(self.colpath, ".htpasswd")
    58. 

  58.         encoding: str = self.configuration.get("encoding", "stock")
    59. 

  59.         with open(htpasswd_file_path, "w", encoding=encoding) as f:
    60. 

  60.             f.write(htpasswd_content)
    61. 

  61.         self.configure({"auth": {"type": "htpasswd",
    62. 

  62.                                  "htpasswd_filename": htpasswd_file_path,
    63. 

  63.                                  "htpasswd_encryption": htpasswd_encryption}})
    64. 

  64.         if test_matrix == "ascii":
    65. 

  65.             test_matrix = (("tmp", "bepo", True), ("tmp", "tmp", False),
    66. 

  66.                            ("tmp", "", False), ("unk", "unk", False),
    67. 

  67.                            ("unk", "", False), ("", "", False))
    68. 

  68.         elif test_matrix == "unicode":
    69. 

  69.             test_matrix = (("😀", "🔑", True), ("😀", "🌹", False),
    70. 

  70.                            ("😁", "🔑", False), ("😀", "", False),
    71. 

  71.                            ("", "🔑", False), ("", "", False))
    72. 

  72.         elif isinstance(test_matrix, str):
    73. 

  73.             raise ValueError("Unknown test matrix %r" % test_matrix)
    74. 

  74.         for user, password, valid in test_matrix:
    75. 

  75.             self.propfind("/", check=207 if valid else 401,
    76. 

  76.                           login="%s:%s" % (user, password))
    77. 

  77. 

  78.     def test_htpasswd_plain(self) -> None:
    79. 

  79.         self._test_htpasswd("plain", "tmp:bepo")
    80. 

  80. 

  81.     def test_htpasswd_plain_password_split(self) -> None:
    82. 

  82.         self._test_htpasswd("plain", "tmp:be:po", (
    83. 

  83.             ("tmp", "be:po", True), ("tmp", "bepo", False)))
    84. 

  84. 

  85.     def test_htpasswd_plain_unicode(self) -> None:
    86. 

  86.         self._test_htpasswd("plain", "😀:🔑", "unicode")
    87. 

  87. 

  88.     def test_htpasswd_md5(self) -> None:
    89. 

  89.         self._test_htpasswd("md5", "tmp:$apr1$BI7VKCZh$GKW4vq2hqDINMr8uv7lDY/")
    90. 

  90. 

  91.     def test_htpasswd_md5_unicode(self):
    92. 

  92.         self._test_htpasswd(
    93. 

  93.             "md5", "😀:$apr1$w4ev89r1$29xO8EvJmS2HEAadQ5qy11", "unicode")
    94. 

  94. 

  95.     def test_htpasswd_bcrypt(self) -> None:
    96. 

  96.         self._test_htpasswd("bcrypt", "tmp:$2y$05$oD7hbiQFQlvCM7zoalo/T.MssV3V"
    97. 

  97.                             "NTRI3w5KDnj8NTUKJNWfVpvRq")
    98. 

  98. 

  99.     def test_htpasswd_bcrypt_unicode(self) -> None:
    100. 

  100.         self._test_htpasswd("bcrypt", "😀:$2y$10$Oyz5aHV4MD9eQJbk6GPemOs4T6edK"
    101. 

  101.                             "6U9Sqlzr.W1mMVCS8wJUftnW", "unicode")
    102. 

  102. 

  103.     def test_htpasswd_multi(self) -> None:
    104. 

  104.         self._test_htpasswd("plain", "ign:ign\ntmp:bepo")
    105. 

  105. 

  106.     @pytest.mark.skipif(sys.platform == "win32", reason="leading and trailing "
    107. 

  107.                         "whitespaces not allowed in file names")
    108. 

  108.     def test_htpasswd_whitespace_user(self) -> None:
    109. 

  109.         for user in (" tmp", "tmp ", " tmp "):
    110. 

  110.             self._test_htpasswd("plain", "%s:bepo" % user, (
    111. 

  111.                 (user, "bepo", True), ("tmp", "bepo", False)))
    112. 

  112. 

  113.     def test_htpasswd_whitespace_password(self) -> None:
    114. 

  114.         for password in (" bepo", "bepo ", " bepo "):
    115. 

  115.             self._test_htpasswd("plain", "tmp:%s" % password, (
    116. 

  116.                 ("tmp", password, True), ("tmp", "bepo", False)))
    117. 

  117. 

  118.     def test_htpasswd_comment(self) -> None:
    119. 

  119.         self._test_htpasswd("plain", "#comment\n #comment\n \ntmp:bepo\n\n")
    120. 

  120. 

  121.     def test_remote_user(self) -> None:
    122. 

  122.         self.configure({"auth": {"type": "remote_user"}})
    123. 

  123.         _, responses = self.propfind("/", """\
    124. 

  124. <?xml version="1.0" encoding="utf-8"?>
    125. 

  125. <propfind xmlns="DAV:">
    126. 

  126.     <prop>
    127. 

  127.         <current-user-principal />
    128. 

  128.     </prop>
    129. 

  129. </propfind>""", REMOTE_USER="test")
    130. 

  130.         assert responses is not None
    131. 

  131.         response = responses["/"]
    132. 

  132.         assert not isinstance(response, int)
    133. 

  133.         status, prop = response["D:current-user-principal"]
    134. 

  134.         assert status == 200
    135. 

  135.         href_element = prop.find(xmlutils.make_clark("D:href"))
    136. 

  136.         assert href_element is not None and href_element.text == "/test/"
    137. 

  137. 

  138.     def test_http_x_remote_user(self) -> None:
    139. 

  139.         self.configure({"auth": {"type": "http_x_remote_user"}})
    140. 

  140.         _, responses = self.propfind("/", """\
    141. 

  141. <?xml version="1.0" encoding="utf-8"?>
    142. 

  142. <propfind xmlns="DAV:">
    143. 

  143.     <prop>
    144. 

  144.         <current-user-principal />
    145. 

  145.     </prop>
    146. 

  146. </propfind>""", HTTP_X_REMOTE_USER="test")
    147. 

  147.         assert responses is not None
    148. 

  148.         response = responses["/"]
    149. 

  149.         assert not isinstance(response, int)
    150. 

  150.         status, prop = response["D:current-user-principal"]
    151. 

  151.         assert status == 200
    152. 

  152.         href_element = prop.find(xmlutils.make_clark("D:href"))
    153. 

  153.         assert href_element is not None and href_element.text == "/test/"
    154. 

  154. 

  155.     def test_custom(self) -> None:
    156. 

  156.         """Custom authentication."""
    157. 

  157.         self.configure({"auth": {"type": "radicale.tests.custom.auth"}})
    158. 

  158.         self.propfind("/tmp/", login="tmp:")
    159.