httpie-cli/tests/test_auth.py

"""HTTP authentication-related tests."""
import mock
import pytest

from httpie.plugins.builtin import HTTPBasicAuth
from httpie.status import ExitStatus
from httpie.utils import ExplicitNullAuth
from utils import http, add_auth, HTTP_OK, MockEnvironment
import httpie.cli.constants
import httpie.cli.definition


def test_basic_auth(httpbin_both):
    r = http('--auth=user:password',
             'GET', httpbin_both + '/basic-auth/user/password')
    assert HTTP_OK in r
    assert r.json == {'authenticated': True, 'user': 'user'}


@pytest.mark.parametrize('argument_name', ['--auth-type', '-A'])
def test_digest_auth(httpbin_both, argument_name):
    r = http(argument_name + '=digest', '--auth=user:password',
             'GET', httpbin_both.url + '/digest-auth/auth/user/password')
    assert HTTP_OK in r
    assert r.json == {'authenticated': True, 'user': 'user'}


@mock.patch('httpie.cli.argtypes.AuthCredentials._getpass',
            new=lambda self, prompt: 'password')
def test_password_prompt(httpbin):
    r = http('--auth', 'user',
             'GET', httpbin.url + '/basic-auth/user/password')
    assert HTTP_OK in r
    assert r.json == {'authenticated': True, 'user': 'user'}


def test_credentials_in_url(httpbin_both):
    url = add_auth(httpbin_both.url + '/basic-auth/user/password',
                   auth='user:password')
    r = http('GET', url)
    assert HTTP_OK in r
    assert r.json == {'authenticated': True, 'user': 'user'}


def test_credentials_in_url_auth_flag_has_priority(httpbin_both):
    """When credentials are passed in URL and via -a at the same time,
     then the ones from -a are used."""
    url = add_auth(httpbin_both.url + '/basic-auth/user/password',
                   auth='user:wrong')
    r = http('--auth=user:password', 'GET', url)
    assert HTTP_OK in r
    assert r.json == {'authenticated': True, 'user': 'user'}


@pytest.mark.parametrize('url', [
    'username@example.org',
    'username:@example.org',
])
def test_only_username_in_url(url):
    """
    https://github.com/httpie/httpie/issues/242

    """
    args = httpie.cli.definition.parser.parse_args(args=[url], env=MockEnvironment())
    assert args.auth
    assert args.auth.username == 'username'
    assert args.auth.password == ''


def test_missing_auth(httpbin):
    r = http(
        '--auth-type=basic',
        'GET',
        httpbin + '/basic-auth/user/password',
        tolerate_error_exit_status=True
    )
    assert HTTP_OK not in r
    assert '--auth required' in r.stderr


def test_netrc(httpbin_both):
    # This one gets handled by requests (no --auth, --auth-type present),
    # that’s why we patch inside `requests.sessions`.
    with mock.patch('requests.sessions.get_netrc_auth') as get_netrc_auth:
        get_netrc_auth.return_value = ('httpie', 'password')
        r = http(httpbin_both + '/basic-auth/httpie/password')
        assert get_netrc_auth.call_count == 1
        assert HTTP_OK in r


def test_ignore_netrc(httpbin_both):
    with mock.patch('httpie.cli.argparser.get_netrc_auth') as get_netrc_auth:
        get_netrc_auth.return_value = ('httpie', 'password')
        r = http('--ignore-netrc', httpbin_both + '/basic-auth/httpie/password')
        assert get_netrc_auth.call_count == 0
        assert 'HTTP/1.1 401 UNAUTHORIZED' in r


def test_ignore_netrc_together_with_auth():
    args = httpie.cli.definition.parser.parse_args(
        args=['--ignore-netrc', '--auth=username:password', 'example.org'],
        env=MockEnvironment(),
    )
    assert isinstance(args.auth, HTTPBasicAuth)


def test_ignore_netrc_with_auth_type_resulting_in_missing_auth(httpbin):
    with mock.patch('httpie.cli.argparser.get_netrc_auth') as get_netrc_auth:
        get_netrc_auth.return_value = ('httpie', 'password')
        r = http(
            '--ignore-netrc',
            '--auth-type=basic',
            httpbin + '/basic-auth/httpie/password',
            tolerate_error_exit_status=True,
        )
    assert get_netrc_auth.call_count == 0
    assert r.exit_status == ExitStatus.ERROR
    assert '--auth required' in r.stderr


@pytest.mark.parametrize(
    argnames=['auth_type', 'endpoint'],
    argvalues=[
        ('basic', '/basic-auth/httpie/password'),
        ('digest', '/digest-auth/auth/httpie/password'),
    ],
)
def test_auth_plugin_netrc_parse(auth_type, endpoint, httpbin):
    # Test
    with mock.patch('httpie.cli.argparser.get_netrc_auth') as get_netrc_auth:
        get_netrc_auth.return_value = ('httpie', 'password')
        r = http('--auth-type', auth_type, httpbin + endpoint)
    assert get_netrc_auth.call_count == 1
    assert HTTP_OK in r


def test_ignore_netrc_null_auth():
    args = httpie.cli.definition.parser.parse_args(
        args=['--ignore-netrc', 'example.org'],
        env=MockEnvironment(),
    )
    assert isinstance(args.auth, ExplicitNullAuth)
-												Refactored tests into smaller modules.

											
										
										
											2014-04-24 14:07:31 +02:00
+								"""HTTP authentication-related tests."""
-												Cleanup tests

											
										
										
											2016-03-03 11:47:12 +01:00
+								import mock
-												Switched to @pytest.mark.skipif.

											
										
										
											2014-04-24 15:17:23 +02:00
+								import pytest
-												Refactored tests into smaller modules.

											
										
										
											2014-04-24 14:07:31 +02:00
-												Test that `--ignore-netrc` doesn't interfere with `--auth`

											
										
										
											2019-08-31 12:14:44 +02:00
+								from httpie.plugins.builtin import HTTPBasicAuth
-												Added netrc support for auth plugins.

Enabled for --auth-type=basic and digest, 3rd parties may opt in.

This closes #718, closes #719, closes #852, and also closes #934

											
										
										
											2020-06-16 11:05:00 +02:00
+								from httpie.status import ExitStatus
-												Allow bypassing .netrc with `--ignore-netrc` (close #730)

											
										
										
											2019-08-31 12:09:17 +02:00
+								from httpie.utils import ExplicitNullAuth
-												Rename `TestEnvironment` to `MockEnvironment` to avoid pytest warnings

Close #621

											
										
										
											2017-12-28 18:17:48 +01:00
+								from utils import http, add_auth, HTTP_OK, MockEnvironment
-												Refactoring

											
										
										
											2019-08-31 15:17:10 +02:00
+								import httpie.cli.constants
 								import httpie.cli.definition
-												Refactored tests into smaller modules.

											
										
										
											2014-04-24 14:07:31 +02:00
-												Run tests against both HTTP and HTTPS

Some of the tests now use the `httpbin_both` fixture from pytest-httpbin.
Also, made httpbin's CA trusted by default and added `httpbin_secure_untrusted`
fixture  to allow overriding that for particular tests.

											
										
										
											2016-03-06 10:42:35 +01:00
+								def test_basic_auth(httpbin_both):
-												Cleanup tests

											
										
										
											2016-03-03 11:47:12 +01:00
+								    r = http('--auth=user:password',
-												Run tests against both HTTP and HTTPS

Some of the tests now use the `httpbin_both` fixture from pytest-httpbin.
Also, made httpbin's CA trusted by default and added `httpbin_secure_untrusted`
fixture  to allow overriding that for particular tests.

											
										
										
											2016-03-06 10:42:35 +01:00
+								             'GET', httpbin_both + '/basic-auth/user/password')
-												Cleanup tests

											
										
										
											2016-03-03 11:47:12 +01:00
+								    assert HTTP_OK in r
 								    assert r.json == {'authenticated': True, 'user': 'user'}
-												Added netrc support for auth plugins.

Enabled for --auth-type=basic and digest, 3rd parties may opt in.

This closes #718, closes #719, closes #852, and also closes #934

											
										
										
											2020-06-16 11:05:00 +02:00
-												Cleanup tests

											
										
										
											2016-03-03 11:47:12 +01:00
+								@pytest.mark.parametrize('argument_name', ['--auth-type', '-A'])
-												Run tests against both HTTP and HTTPS

Some of the tests now use the `httpbin_both` fixture from pytest-httpbin.
Also, made httpbin's CA trusted by default and added `httpbin_secure_untrusted`
fixture  to allow overriding that for particular tests.

											
										
										
											2016-03-06 10:42:35 +01:00
+								def test_digest_auth(httpbin_both, argument_name):
-												Cleanup tests

											
										
										
											2016-03-03 11:47:12 +01:00
+								    r = http(argument_name + '=digest', '--auth=user:password',
-												Run tests against both HTTP and HTTPS

Some of the tests now use the `httpbin_both` fixture from pytest-httpbin.
Also, made httpbin's CA trusted by default and added `httpbin_secure_untrusted`
fixture  to allow overriding that for particular tests.

											
										
										
											2016-03-06 10:42:35 +01:00
+								             'GET', httpbin_both.url + '/digest-auth/auth/user/password')
-												Cleanup tests

											
										
										
											2016-03-03 11:47:12 +01:00
+								    assert HTTP_OK in r
 								    assert r.json == {'authenticated': True, 'user': 'user'}
-												Refactoring

											
										
										
											2019-08-31 15:17:10 +02:00
+								@mock.patch('httpie.cli.argtypes.AuthCredentials._getpass',
-												Cleanup tests

											
										
										
											2016-03-03 11:47:12 +01:00
+								            new=lambda self, prompt: 'password')
 								def test_password_prompt(httpbin):
 								    r = http('--auth', 'user',
 								             'GET', httpbin.url + '/basic-auth/user/password')
 								    assert HTTP_OK in r
 								    assert r.json == {'authenticated': True, 'user': 'user'}
-												Run tests against both HTTP and HTTPS

Some of the tests now use the `httpbin_both` fixture from pytest-httpbin.
Also, made httpbin's CA trusted by default and added `httpbin_secure_untrusted`
fixture  to allow overriding that for particular tests.

											
										
										
											2016-03-06 10:42:35 +01:00
+								def test_credentials_in_url(httpbin_both):
 								    url = add_auth(httpbin_both.url + '/basic-auth/user/password',
-												Cleanup tests

											
										
										
											2016-03-03 11:47:12 +01:00
+								                   auth='user:password')
 								    r = http('GET', url)
 								    assert HTTP_OK in r
 								    assert r.json == {'authenticated': True, 'user': 'user'}
-												Run tests against both HTTP and HTTPS

Some of the tests now use the `httpbin_both` fixture from pytest-httpbin.
Also, made httpbin's CA trusted by default and added `httpbin_secure_untrusted`
fixture  to allow overriding that for particular tests.

											
										
										
											2016-03-06 10:42:35 +01:00
+								def test_credentials_in_url_auth_flag_has_priority(httpbin_both):
-												Cleanup tests

											
										
										
											2016-03-03 11:47:12 +01:00
+								    """When credentials are passed in URL and via -a at the same time,
 								     then the ones from -a are used."""
-												Run tests against both HTTP and HTTPS

Some of the tests now use the `httpbin_both` fixture from pytest-httpbin.
Also, made httpbin's CA trusted by default and added `httpbin_secure_untrusted`
fixture  to allow overriding that for particular tests.

											
										
										
											2016-03-06 10:42:35 +01:00
+								    url = add_auth(httpbin_both.url + '/basic-auth/user/password',
-												Cleanup tests

											
										
										
											2016-03-03 11:47:12 +01:00
+								                   auth='user:wrong')
 								    r = http('--auth=user:password', 'GET', url)
 								    assert HTTP_OK in r
 								    assert r.json == {'authenticated': True, 'user': 'user'}
 								@pytest.mark.parametrize('url', [
 								    'username@example.org',
 								    'username:@example.org',
 								])
 								def test_only_username_in_url(url):
 								    """
-												Update URLs

											
										
										
											2020-12-23 22:07:27 +01:00
+								    https://github.com/httpie/httpie/issues/242
-												Cleanup tests

											
										
										
											2016-03-03 11:47:12 +01:00
 								    """
-												Refactoring

											
										
										
											2019-08-31 15:17:10 +02:00
+								    args = httpie.cli.definition.parser.parse_args(args=[url], env=MockEnvironment())
-												Cleanup tests

											
										
										
											2016-03-03 11:47:12 +01:00
+								    assert args.auth
-												Extend auth plugin API

This extends the `AuthPlugin` API by the following attributes:

* `auth_require`: set to `False` to make `--auth, -a` optional
* `auth_parse`: set to `False` to disable `username:password` parsing
  (access the raw value passed to `-a` via `self.raw_auth`).
* `prompt_password`: set to`False` to disable password prompt when
   no password provided (only relevant when `auth_parse == True`)

 These changes should be 100% backwards-compatible.

 What needs more testing is auth support in sessions.

Close #433
Close #431
Close #378
Ping teracyhq/httpie-jwt-auth#3

											
										
										
											2016-11-23 22:01:58 +01:00
+								    assert args.auth.username == 'username'
 								    assert args.auth.password == ''
-												Add more plugin API tests

											
										
										
											2016-11-23 23:09:45 +01:00
 								def test_missing_auth(httpbin):
 								    r = http(
 								        '--auth-type=basic',
 								        'GET',
 								        httpbin + '/basic-auth/user/password',
-												Add one-by-one processing of each HTTP request or response and --offline

											
										
										
											2019-09-03 17:14:39 +02:00
+								        tolerate_error_exit_status=True
-												Add more plugin API tests

											
										
										
											2016-11-23 23:09:45 +01:00
+								    )
 								    assert HTTP_OK not in r
 								    assert '--auth required' in r.stderr
-												Allow bypassing .netrc with `--ignore-netrc` (close #730)

											
										
										
											2019-08-31 12:09:17 +02:00
 								def test_netrc(httpbin_both):
-												Added netrc support for auth plugins.

Enabled for --auth-type=basic and digest, 3rd parties may opt in.

This closes #718, closes #719, closes #852, and also closes #934

											
										
										
											2020-06-16 11:05:00 +02:00
+								    # This one gets handled by requests (no --auth, --auth-type present),
 								    # that’s why we patch inside `requests.sessions`.
-												Allow bypassing .netrc with `--ignore-netrc` (close #730)

											
										
										
											2019-08-31 12:09:17 +02:00
+								    with mock.patch('requests.sessions.get_netrc_auth') as get_netrc_auth:
 								        get_netrc_auth.return_value = ('httpie', 'password')
 								        r = http(httpbin_both + '/basic-auth/httpie/password')
 								        assert get_netrc_auth.call_count == 1
 								        assert HTTP_OK in r
 								def test_ignore_netrc(httpbin_both):
-												Added netrc support for auth plugins.

Enabled for --auth-type=basic and digest, 3rd parties may opt in.

This closes #718, closes #719, closes #852, and also closes #934

											
										
										
											2020-06-16 11:05:00 +02:00
+								    with mock.patch('httpie.cli.argparser.get_netrc_auth') as get_netrc_auth:
-												Allow bypassing .netrc with `--ignore-netrc` (close #730)

											
										
										
											2019-08-31 12:09:17 +02:00
+								        get_netrc_auth.return_value = ('httpie', 'password')
 								        r = http('--ignore-netrc', httpbin_both + '/basic-auth/httpie/password')
 								        assert get_netrc_auth.call_count == 0
 								        assert 'HTTP/1.1 401 UNAUTHORIZED' in r
-												Test that `--ignore-netrc` doesn't interfere with `--auth`

											
										
										
											2019-08-31 12:14:44 +02:00
+								def test_ignore_netrc_together_with_auth():
-												Refactoring

											
										
										
											2019-08-31 15:17:10 +02:00
+								    args = httpie.cli.definition.parser.parse_args(
-												Test that `--ignore-netrc` doesn't interfere with `--auth`

											
										
										
											2019-08-31 12:14:44 +02:00
+								        args=['--ignore-netrc', '--auth=username:password', 'example.org'],
 								        env=MockEnvironment(),
 								    )
 								    assert isinstance(args.auth, HTTPBasicAuth)
-												Added a test that verifies .netrc is honored when only --auth-type is passed

											
										
										
											2020-06-10 01:21:48 +02:00
-												Added netrc support for auth plugins.

Enabled for --auth-type=basic and digest, 3rd parties may opt in.

This closes #718, closes #719, closes #852, and also closes #934

											
										
										
											2020-06-16 11:05:00 +02:00
 								def test_ignore_netrc_with_auth_type_resulting_in_missing_auth(httpbin):
 								    with mock.patch('httpie.cli.argparser.get_netrc_auth') as get_netrc_auth:
-												Added a test that verifies .netrc is honored when only --auth-type is passed

											
										
										
											2020-06-10 01:21:48 +02:00
+								        get_netrc_auth.return_value = ('httpie', 'password')
-												Added netrc support for auth plugins.

Enabled for --auth-type=basic and digest, 3rd parties may opt in.

This closes #718, closes #719, closes #852, and also closes #934

											
										
										
											2020-06-16 11:05:00 +02:00
+								        r = http(
 								            '--ignore-netrc',
 								            '--auth-type=basic',
 								            httpbin + '/basic-auth/httpie/password',
 								            tolerate_error_exit_status=True,
 								        )
 								    assert get_netrc_auth.call_count == 0
 								    assert r.exit_status == ExitStatus.ERROR
 								    assert '--auth required' in r.stderr
 								@pytest.mark.parametrize(
 								    argnames=['auth_type', 'endpoint'],
 								    argvalues=[
 								        ('basic', '/basic-auth/httpie/password'),
 								        ('digest', '/digest-auth/auth/httpie/password'),
 								    ],
 								)
 								def test_auth_plugin_netrc_parse(auth_type, endpoint, httpbin):
 								    # Test
 								    with mock.patch('httpie.cli.argparser.get_netrc_auth') as get_netrc_auth:
 								        get_netrc_auth.return_value = ('httpie', 'password')
 								        r = http('--auth-type', auth_type, httpbin + endpoint)
 								    assert get_netrc_auth.call_count == 1
 								    assert HTTP_OK in r
-												Added a test that verifies .netrc is honored when only --auth-type is passed

											
										
										
											2020-06-10 01:21:48 +02:00
-												Added netrc support for auth plugins.

Enabled for --auth-type=basic and digest, 3rd parties may opt in.

This closes #718, closes #719, closes #852, and also closes #934

											
										
										
											2020-06-16 11:05:00 +02:00
+								def test_ignore_netrc_null_auth():
 								    args = httpie.cli.definition.parser.parse_args(
 								        args=['--ignore-netrc', 'example.org'],
 								        env=MockEnvironment(),
 								    )
 								    assert isinstance(args.auth, ExplicitNullAuth)