88e8431437
* Add cookies from the response to the retried request * Conditionally add cookies from the response * Fix failing auth module tests * Fix linting error * Add tests to check set cookies from server
143 lines
4.9 KiB
Python
143 lines
4.9 KiB
Python
"""
|
|
Unit tests for auth classes.
|
|
|
|
Integration tests also exist in tests/client/test_auth.py
|
|
"""
|
|
from urllib.request import parse_keqv_list
|
|
|
|
import pytest
|
|
|
|
import httpx
|
|
|
|
|
|
def test_basic_auth():
|
|
auth = httpx.BasicAuth(username="user", password="pass")
|
|
request = httpx.Request("GET", "https://www.example.com")
|
|
|
|
# The initial request should include a basic auth header.
|
|
flow = auth.sync_auth_flow(request)
|
|
request = next(flow)
|
|
assert request.headers["Authorization"].startswith("Basic")
|
|
|
|
# No other requests are made.
|
|
response = httpx.Response(content=b"Hello, world!", status_code=200)
|
|
with pytest.raises(StopIteration):
|
|
flow.send(response)
|
|
|
|
|
|
def test_digest_auth_with_200():
|
|
auth = httpx.DigestAuth(username="user", password="pass")
|
|
request = httpx.Request("GET", "https://www.example.com")
|
|
|
|
# The initial request should not include an auth header.
|
|
flow = auth.sync_auth_flow(request)
|
|
request = next(flow)
|
|
assert "Authorization" not in request.headers
|
|
|
|
# If a 200 response is returned, then no other requests are made.
|
|
response = httpx.Response(content=b"Hello, world!", status_code=200)
|
|
with pytest.raises(StopIteration):
|
|
flow.send(response)
|
|
|
|
|
|
def test_digest_auth_with_401():
|
|
auth = httpx.DigestAuth(username="user", password="pass")
|
|
request = httpx.Request("GET", "https://www.example.com")
|
|
|
|
# The initial request should not include an auth header.
|
|
flow = auth.sync_auth_flow(request)
|
|
request = next(flow)
|
|
assert "Authorization" not in request.headers
|
|
|
|
# If a 401 response is returned, then a digest auth request is made.
|
|
headers = {
|
|
"WWW-Authenticate": 'Digest realm="...", qop="auth", nonce="...", opaque="..."'
|
|
}
|
|
response = httpx.Response(
|
|
content=b"Auth required", status_code=401, headers=headers, request=request
|
|
)
|
|
request = flow.send(response)
|
|
assert request.headers["Authorization"].startswith("Digest")
|
|
|
|
# No other requests are made.
|
|
response = httpx.Response(content=b"Hello, world!", status_code=200)
|
|
with pytest.raises(StopIteration):
|
|
flow.send(response)
|
|
|
|
|
|
def test_digest_auth_with_401_nonce_counting():
|
|
auth = httpx.DigestAuth(username="user", password="pass")
|
|
request = httpx.Request("GET", "https://www.example.com")
|
|
|
|
# The initial request should not include an auth header.
|
|
flow = auth.sync_auth_flow(request)
|
|
request = next(flow)
|
|
assert "Authorization" not in request.headers
|
|
|
|
# If a 401 response is returned, then a digest auth request is made.
|
|
headers = {
|
|
"WWW-Authenticate": 'Digest realm="...", qop="auth", nonce="...", opaque="..."'
|
|
}
|
|
response = httpx.Response(
|
|
content=b"Auth required", status_code=401, headers=headers, request=request
|
|
)
|
|
first_request = flow.send(response)
|
|
assert first_request.headers["Authorization"].startswith("Digest")
|
|
|
|
# Each subsequent request contains the digest header by default...
|
|
request = httpx.Request("GET", "https://www.example.com")
|
|
flow = auth.sync_auth_flow(request)
|
|
second_request = next(flow)
|
|
assert second_request.headers["Authorization"].startswith("Digest")
|
|
|
|
# ... and the client nonce count (nc) is increased
|
|
first_nc = parse_keqv_list(first_request.headers["Authorization"].split(", "))["nc"]
|
|
second_nc = parse_keqv_list(second_request.headers["Authorization"].split(", "))[
|
|
"nc"
|
|
]
|
|
assert int(first_nc, 16) + 1 == int(second_nc, 16)
|
|
|
|
# No other requests are made.
|
|
response = httpx.Response(content=b"Hello, world!", status_code=200)
|
|
with pytest.raises(StopIteration):
|
|
flow.send(response)
|
|
|
|
|
|
def set_cookies(request: httpx.Request) -> httpx.Response:
|
|
headers = {
|
|
"Set-Cookie": "session=.session_value...",
|
|
"WWW-Authenticate": 'Digest realm="...", qop="auth", nonce="...", opaque="..."',
|
|
}
|
|
if request.url.path == "/auth":
|
|
return httpx.Response(
|
|
content=b"Auth required", status_code=401, headers=headers
|
|
)
|
|
else:
|
|
raise NotImplementedError() # pragma: no cover
|
|
|
|
|
|
def test_digest_auth_setting_cookie_in_request():
|
|
url = "https://www.example.com/auth"
|
|
client = httpx.Client(transport=httpx.MockTransport(set_cookies))
|
|
request = client.build_request("GET", url)
|
|
|
|
auth = httpx.DigestAuth(username="user", password="pass")
|
|
flow = auth.sync_auth_flow(request)
|
|
request = next(flow)
|
|
assert "Authorization" not in request.headers
|
|
|
|
response = client.get(url)
|
|
assert len(response.cookies) > 0
|
|
assert response.cookies["session"] == ".session_value..."
|
|
|
|
request = flow.send(response)
|
|
assert request.headers["Authorization"].startswith("Digest")
|
|
assert request.headers["Cookie"] == "session=.session_value..."
|
|
|
|
# No other requests are made.
|
|
response = httpx.Response(
|
|
content=b"Hello, world!", status_code=200, request=request
|
|
)
|
|
with pytest.raises(StopIteration):
|
|
flow.send(response)
|