/usr/lib/python2.7/dist-packages/twext/web2/dav/test/test_auth.py is in calendarserver 5.2+dfsg-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 | ##
# Copyright (c) 2012-2014 Apple Computer, Inc. All rights reserved.
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in all
# copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
# SOFTWARE.
#
# DRI: Wilfredo Sanchez, wsanchez@apple.com
##
import collections
from twext.web2.dav.auth import AuthenticationWrapper
import twext.web2.dav.test.util
class AutoWrapperTestCase(twext.web2.dav.test.util.TestCase):
def test_basicAuthPrevention(self):
"""
Ensure authentication factories which are not safe to use over an
"unencrypted wire" are not advertised when an insecure (i.e. non-SSL
connection is made.
"""
FakeFactory = collections.namedtuple("FakeFactory", ("scheme,"))
wireEncryptedfactories = [FakeFactory("basic"), FakeFactory("digest"), FakeFactory("xyzzy")]
wireUnencryptedfactories = [FakeFactory("digest"), FakeFactory("xyzzy")]
class FakeChannel(object):
def __init__(self, secure):
self.secure = secure
def getHostInfo(self):
return "ignored", self.secure
class FakeRequest(object):
def __init__(self, secure):
self.portal = None
self.loginInterfaces = None
self.credentialFactories = None
self.chanRequest = FakeChannel(secure)
wrapper = AuthenticationWrapper(None, None,
wireEncryptedfactories, wireUnencryptedfactories, None)
req = FakeRequest(True) # Connection is over SSL
wrapper.hook(req)
self.assertEquals(
set(req.credentialFactories.keys()),
set(["basic", "digest", "xyzzy"])
)
req = FakeRequest(False) # Connection is not over SSL
wrapper.hook(req)
self.assertEquals(
set(req.credentialFactories.keys()),
set(["digest", "xyzzy"])
)
|