quickjs-tart

quickjs-based runtime for wallet-core logic
Log | Files | Refs | README | LICENSE

test_14_auth.py (6378B)

      1 #!/usr/bin/env python3
      2 # -*- coding: utf-8 -*-
      3 #***************************************************************************
      4 #                                  _   _ ____  _
      5 #  Project                     ___| | | |  _ \| |
      6 #                             / __| | | | |_) | |
      7 #                            | (__| |_| |  _ <| |___
      8 #                             \___|\___/|_| \_\_____|
      9 #
     10 # Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
     11 #
     12 # This software is licensed as described in the file COPYING, which
     13 # you should have received as part of this distribution. The terms
     14 # are also available at https://curl.se/docs/copyright.html.
     15 #
     16 # You may opt to use, copy, modify, merge, publish, distribute and/or sell
     17 # copies of the Software, and permit persons to whom the Software is
     18 # furnished to do so, under the terms of the COPYING file.
     19 #
     20 # This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
     21 # KIND, either express or implied.
     22 #
     23 # SPDX-License-Identifier: curl
     24 #
     25 ###########################################################################
     26 #
     27 import logging
     28 import os
     29 import pytest
     30 
     31 from testenv import Env, CurlClient
     32 
     33 
     34 log = logging.getLogger(__name__)
     35 
     36 
     37 class TestAuth:
     38 
     39     @pytest.fixture(autouse=True, scope='class')
     40     def _class_scope(self, env, httpd, nghttpx):
     41         env.make_data_file(indir=env.gen_dir, fname="data-10m", fsize=10*1024*1024)
     42 
     43     # download 1 file, not authenticated
     44     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     45     def test_14_01_digest_get_noauth(self, env: Env, httpd, nghttpx, proto):
     46         if proto == 'h3' and not env.have_h3():
     47             pytest.skip("h3 not supported")
     48         curl = CurlClient(env=env)
     49         url = f'https://{env.authority_for(env.domain1, proto)}/restricted/digest/data.json'
     50         r = curl.http_download(urls=[url], alpn_proto=proto)
     51         r.check_response(http_status=401)
     52 
     53     # download 1 file, authenticated
     54     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     55     def test_14_02_digest_get_auth(self, env: Env, httpd, nghttpx, proto):
     56         if not env.curl_has_feature('digest'):
     57             pytest.skip("curl built without digest")
     58         if proto == 'h3' and not env.have_h3():
     59             pytest.skip("h3 not supported")
     60         curl = CurlClient(env=env)
     61         url = f'https://{env.authority_for(env.domain1, proto)}/restricted/digest/data.json'
     62         r = curl.http_download(urls=[url], alpn_proto=proto, extra_args=[
     63             '--digest', '--user', 'test:test'
     64         ])
     65         r.check_response(http_status=200)
     66 
     67     # PUT data, authenticated
     68     @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])
     69     def test_14_03_digest_put_auth(self, env: Env, httpd, nghttpx, proto):
     70         if not env.curl_has_feature('digest'):
     71             pytest.skip("curl built without digest")
     72         if proto == 'h3' and not env.have_h3():
     73             pytest.skip("h3 not supported")
     74         if proto == 'h3' and env.curl_uses_ossl_quic():
     75             pytest.skip("openssl-quic is flaky in retrying POST")
     76         data='0123456789'
     77         curl = CurlClient(env=env)
     78         url = f'https://{env.authority_for(env.domain1, proto)}/restricted/digest/data.json'
     79         r = curl.http_upload(urls=[url], data=data, alpn_proto=proto, extra_args=[
     80             '--digest', '--user', 'test:test'
     81         ])
     82         r.check_response(http_status=200)
     83 
     84     # PUT data, digest auth large pw
     85     @pytest.mark.parametrize("proto", ['h2', 'h3'])
     86     def test_14_04_digest_large_pw(self, env: Env, httpd, nghttpx, proto):
     87         if not env.curl_has_feature('digest'):
     88             pytest.skip("curl built without digest")
     89         if proto == 'h3' and not env.have_h3():
     90             pytest.skip("h3 not supported")
     91         data='0123456789'
     92         password = 'x' * 65535
     93         curl = CurlClient(env=env)
     94         url = f'https://{env.authority_for(env.domain1, proto)}/restricted/digest/data.json'
     95         r = curl.http_upload(urls=[url], data=data, alpn_proto=proto, extra_args=[
     96             '--digest', '--user', f'test:{password}',
     97             '--trace-config', 'http/2,http/3'
     98         ])
     99         # digest does not submit the password, but a hash of it, so all
    100         # works and, since the pw is not correct, we get a 401
    101         r.check_response(http_status=401)
    102 
    103     # PUT data, basic auth large pw
    104     @pytest.mark.parametrize("proto", ['h2', 'h3'])
    105     def test_14_05_basic_large_pw(self, env: Env, httpd, nghttpx, proto):
    106         if proto == 'h3' and not env.have_h3():
    107             pytest.skip("h3 not supported")
    108         if proto == 'h3' and not env.curl_uses_lib('ngtcp2'):
    109             # See <https://github.com/cloudflare/quiche/issues/1573>
    110             pytest.skip("quiche/openssl-quic have problems with large requests")
    111         # just large enough that nghttp2 will submit
    112         password = 'x' * (47 * 1024)
    113         fdata = os.path.join(env.gen_dir, 'data-10m')
    114         curl = CurlClient(env=env)
    115         url = f'https://{env.authority_for(env.domain1, proto)}/restricted/digest/data.json'
    116         r = curl.http_upload(urls=[url], data=f'@{fdata}', alpn_proto=proto, extra_args=[
    117             '--basic', '--user', f'test:{password}',
    118             '--trace-config', 'http/2,http/3'
    119         ])
    120         # but apache denies on length limit
    121         r.check_response(http_status=431)
    122 
    123     # PUT data, basic auth with very large pw
    124     @pytest.mark.parametrize("proto", ['h2', 'h3'])
    125     def test_14_06_basic_very_large_pw(self, env: Env, httpd, nghttpx, proto):
    126         if proto == 'h3' and not env.have_h3():
    127             pytest.skip("h3 not supported")
    128         if proto == 'h3' and env.curl_uses_lib('quiche'):
    129             # See <https://github.com/cloudflare/quiche/issues/1573>
    130             pytest.skip("quiche has problems with large requests")
    131         password = 'x' * (64 * 1024)
    132         fdata = os.path.join(env.gen_dir, 'data-10m')
    133         curl = CurlClient(env=env)
    134         url = f'https://{env.authority_for(env.domain1, proto)}/restricted/digest/data.json'
    135         r = curl.http_upload(urls=[url], data=f'@{fdata}', alpn_proto=proto, extra_args=[
    136             '--basic', '--user', f'test:{password}'
    137         ])
    138         # Depending on protocol, we might have an error sending or
    139         # the server might shutdown the connection and we see the error
    140         # on receiving
    141         assert r.exit_code in [55, 56, 95], f'{r.dump_logs()}'