2014-04-24 14:07:31 +02:00
|
|
|
|
"""HTTP authentication-related tests."""
|
2021-04-30 15:08:27 +02:00
|
|
|
|
from unittest import mock
|
2014-04-24 15:17:23 +02:00
|
|
|
|
import pytest
|
2014-04-24 14:07:31 +02:00
|
|
|
|
|
2019-08-31 12:14:44 +02:00
|
|
|
|
from httpie.plugins.builtin import HTTPBasicAuth
|
2020-06-16 11:05:00 +02:00
|
|
|
|
from httpie.status import ExitStatus
|
2019-08-31 12:09:17 +02:00
|
|
|
|
from httpie.utils import ExplicitNullAuth
|
2021-05-05 14:13:39 +02:00
|
|
|
|
from .utils import http, add_auth, HTTP_OK, MockEnvironment
|
2019-08-31 15:17:10 +02:00
|
|
|
|
import httpie.cli.constants
|
|
|
|
|
import httpie.cli.definition
|
2014-04-24 14:07:31 +02:00
|
|
|
|
|
|
|
|
|
|
2016-03-06 10:42:35 +01:00
|
|
|
|
def test_basic_auth(httpbin_both):
|
2016-03-03 11:47:12 +01:00
|
|
|
|
r = http('--auth=user:password',
|
2016-03-06 10:42:35 +01:00
|
|
|
|
'GET', httpbin_both + '/basic-auth/user/password')
|
2016-03-03 11:47:12 +01:00
|
|
|
|
assert HTTP_OK in r
|
|
|
|
|
assert r.json == {'authenticated': True, 'user': 'user'}
|
|
|
|
|
|
2020-06-16 11:05:00 +02:00
|
|
|
|
|
2016-03-03 11:47:12 +01:00
|
|
|
|
@pytest.mark.parametrize('argument_name', ['--auth-type', '-A'])
|
2016-03-06 10:42:35 +01:00
|
|
|
|
def test_digest_auth(httpbin_both, argument_name):
|
2016-03-03 11:47:12 +01:00
|
|
|
|
r = http(argument_name + '=digest', '--auth=user:password',
|
2016-03-06 10:42:35 +01:00
|
|
|
|
'GET', httpbin_both.url + '/digest-auth/auth/user/password')
|
2016-03-03 11:47:12 +01:00
|
|
|
|
assert HTTP_OK in r
|
|
|
|
|
assert r.json == {'authenticated': True, 'user': 'user'}
|
|
|
|
|
|
|
|
|
|
|
2021-12-01 18:37:57 +01:00
|
|
|
|
@pytest.mark.parametrize('token', [
|
|
|
|
|
'token_1',
|
|
|
|
|
'long_token' * 5,
|
|
|
|
|
'user:style',
|
|
|
|
|
])
|
|
|
|
|
def test_bearer_auth(httpbin_both, token):
|
|
|
|
|
r = http('--auth-type', 'bearer', '--auth', token,
|
|
|
|
|
httpbin_both + '/bearer')
|
|
|
|
|
|
|
|
|
|
assert HTTP_OK in r
|
|
|
|
|
assert r.json == {'authenticated': True, 'token': token}
|
|
|
|
|
|
|
|
|
|
|
2019-08-31 15:17:10 +02:00
|
|
|
|
@mock.patch('httpie.cli.argtypes.AuthCredentials._getpass',
|
2016-03-03 11:47:12 +01:00
|
|
|
|
new=lambda self, prompt: 'password')
|
|
|
|
|
def test_password_prompt(httpbin):
|
|
|
|
|
r = http('--auth', 'user',
|
|
|
|
|
'GET', httpbin.url + '/basic-auth/user/password')
|
|
|
|
|
assert HTTP_OK in r
|
|
|
|
|
assert r.json == {'authenticated': True, 'user': 'user'}
|
|
|
|
|
|
|
|
|
|
|
2016-03-06 10:42:35 +01:00
|
|
|
|
def test_credentials_in_url(httpbin_both):
|
|
|
|
|
url = add_auth(httpbin_both.url + '/basic-auth/user/password',
|
2016-03-03 11:47:12 +01:00
|
|
|
|
auth='user:password')
|
|
|
|
|
r = http('GET', url)
|
|
|
|
|
assert HTTP_OK in r
|
|
|
|
|
assert r.json == {'authenticated': True, 'user': 'user'}
|
|
|
|
|
|
|
|
|
|
|
2016-03-06 10:42:35 +01:00
|
|
|
|
def test_credentials_in_url_auth_flag_has_priority(httpbin_both):
|
2016-03-03 11:47:12 +01:00
|
|
|
|
"""When credentials are passed in URL and via -a at the same time,
|
|
|
|
|
then the ones from -a are used."""
|
2016-03-06 10:42:35 +01:00
|
|
|
|
url = add_auth(httpbin_both.url + '/basic-auth/user/password',
|
2016-03-03 11:47:12 +01:00
|
|
|
|
auth='user:wrong')
|
|
|
|
|
r = http('--auth=user:password', 'GET', url)
|
|
|
|
|
assert HTTP_OK in r
|
|
|
|
|
assert r.json == {'authenticated': True, 'user': 'user'}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@pytest.mark.parametrize('url', [
|
|
|
|
|
'username@example.org',
|
|
|
|
|
'username:@example.org',
|
|
|
|
|
])
|
|
|
|
|
def test_only_username_in_url(url):
|
|
|
|
|
"""
|
2023-08-06 14:04:32 +02:00
|
|
|
|
https://github.com/httpie/cli/issues/242
|
2016-03-03 11:47:12 +01:00
|
|
|
|
|
|
|
|
|
"""
|
2019-08-31 15:17:10 +02:00
|
|
|
|
args = httpie.cli.definition.parser.parse_args(args=[url], env=MockEnvironment())
|
2016-03-03 11:47:12 +01:00
|
|
|
|
assert args.auth
|
2016-11-23 22:01:58 +01:00
|
|
|
|
assert args.auth.username == 'username'
|
|
|
|
|
assert args.auth.password == ''
|
2016-11-23 23:09:45 +01:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_missing_auth(httpbin):
|
|
|
|
|
r = http(
|
|
|
|
|
'--auth-type=basic',
|
|
|
|
|
'GET',
|
|
|
|
|
httpbin + '/basic-auth/user/password',
|
2019-09-03 17:14:39 +02:00
|
|
|
|
tolerate_error_exit_status=True
|
2016-11-23 23:09:45 +01:00
|
|
|
|
)
|
|
|
|
|
assert HTTP_OK not in r
|
|
|
|
|
assert '--auth required' in r.stderr
|
2019-08-31 12:09:17 +02:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_netrc(httpbin_both):
|
2020-06-16 11:05:00 +02:00
|
|
|
|
# This one gets handled by requests (no --auth, --auth-type present),
|
|
|
|
|
# that’s why we patch inside `requests.sessions`.
|
2019-08-31 12:09:17 +02:00
|
|
|
|
with mock.patch('requests.sessions.get_netrc_auth') as get_netrc_auth:
|
|
|
|
|
get_netrc_auth.return_value = ('httpie', 'password')
|
|
|
|
|
r = http(httpbin_both + '/basic-auth/httpie/password')
|
|
|
|
|
assert get_netrc_auth.call_count == 1
|
|
|
|
|
assert HTTP_OK in r
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_ignore_netrc(httpbin_both):
|
2020-06-16 11:05:00 +02:00
|
|
|
|
with mock.patch('httpie.cli.argparser.get_netrc_auth') as get_netrc_auth:
|
2019-08-31 12:09:17 +02:00
|
|
|
|
get_netrc_auth.return_value = ('httpie', 'password')
|
|
|
|
|
r = http('--ignore-netrc', httpbin_both + '/basic-auth/httpie/password')
|
|
|
|
|
assert get_netrc_auth.call_count == 0
|
|
|
|
|
assert 'HTTP/1.1 401 UNAUTHORIZED' in r
|
|
|
|
|
|
|
|
|
|
|
2019-08-31 12:14:44 +02:00
|
|
|
|
def test_ignore_netrc_together_with_auth():
|
2019-08-31 15:17:10 +02:00
|
|
|
|
args = httpie.cli.definition.parser.parse_args(
|
2019-08-31 12:14:44 +02:00
|
|
|
|
args=['--ignore-netrc', '--auth=username:password', 'example.org'],
|
|
|
|
|
env=MockEnvironment(),
|
|
|
|
|
)
|
|
|
|
|
assert isinstance(args.auth, HTTPBasicAuth)
|
2020-06-10 01:21:48 +02:00
|
|
|
|
|
2020-06-16 11:05:00 +02:00
|
|
|
|
|
|
|
|
|
def test_ignore_netrc_with_auth_type_resulting_in_missing_auth(httpbin):
|
|
|
|
|
with mock.patch('httpie.cli.argparser.get_netrc_auth') as get_netrc_auth:
|
2020-06-10 01:21:48 +02:00
|
|
|
|
get_netrc_auth.return_value = ('httpie', 'password')
|
2020-06-16 11:05:00 +02:00
|
|
|
|
r = http(
|
|
|
|
|
'--ignore-netrc',
|
|
|
|
|
'--auth-type=basic',
|
|
|
|
|
httpbin + '/basic-auth/httpie/password',
|
|
|
|
|
tolerate_error_exit_status=True,
|
|
|
|
|
)
|
|
|
|
|
assert get_netrc_auth.call_count == 0
|
|
|
|
|
assert r.exit_status == ExitStatus.ERROR
|
|
|
|
|
assert '--auth required' in r.stderr
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@pytest.mark.parametrize(
|
2021-10-06 17:27:07 +02:00
|
|
|
|
'auth_type, endpoint',
|
|
|
|
|
[
|
2020-06-16 11:05:00 +02:00
|
|
|
|
('basic', '/basic-auth/httpie/password'),
|
|
|
|
|
('digest', '/digest-auth/auth/httpie/password'),
|
2021-10-06 17:27:07 +02:00
|
|
|
|
]
|
2020-06-16 11:05:00 +02:00
|
|
|
|
)
|
|
|
|
|
def test_auth_plugin_netrc_parse(auth_type, endpoint, httpbin):
|
|
|
|
|
# Test
|
|
|
|
|
with mock.patch('httpie.cli.argparser.get_netrc_auth') as get_netrc_auth:
|
|
|
|
|
get_netrc_auth.return_value = ('httpie', 'password')
|
|
|
|
|
r = http('--auth-type', auth_type, httpbin + endpoint)
|
|
|
|
|
assert get_netrc_auth.call_count == 1
|
|
|
|
|
assert HTTP_OK in r
|
|
|
|
|
|
2020-06-10 01:21:48 +02:00
|
|
|
|
|
2020-06-16 11:05:00 +02:00
|
|
|
|
def test_ignore_netrc_null_auth():
|
|
|
|
|
args = httpie.cli.definition.parser.parse_args(
|
|
|
|
|
args=['--ignore-netrc', 'example.org'],
|
|
|
|
|
env=MockEnvironment(),
|
|
|
|
|
)
|
|
|
|
|
assert isinstance(args.auth, ExplicitNullAuth)
|