repoze/who/plugins/basicauth.py | ●●●●● patch | view | raw | blame | history | |
repoze/who/plugins/tests/test_basicauth.py | ●●●●● patch | view | raw | blame | history |
repoze/who/plugins/basicauth.py
@@ -7,6 +7,7 @@ from repoze.who.interfaces import IChallenger from repoze.who._compat import AUTHORIZATION from repoze.who._compat import decodebytes from repoze.who._compat import must_decode @implementer(IIdentifier, IChallenger) class BasicAuthPlugin(object): @@ -24,7 +25,7 @@ authmeth, auth = authorization.split(b' ', 1) except ValueError: # not enough values to unpack return None if authmeth.lower() == 'basic': if authmeth.lower() == b'basic': try: auth = auth.strip() auth = decodebytes(auth) @@ -34,7 +35,8 @@ login, password = auth.split(b':', 1) except ValueError: # not enough values to unpack return None auth = {'login': login, 'password': password} auth = {'login': must_decode(login), 'password': must_decode(password)} return auth return None repoze/who/plugins/tests/test_basicauth.py
@@ -72,6 +72,28 @@ creds = plugin.identify(environ) self.assertEqual(creds, {'login':'foo', 'password':'bar'}) def test_identify_basic_ok_utf8_values(self): from repoze.who._compat import encodebytes LOGIN = b'b\xc3\xa2tard' PASSWD = b'l\xc3\xa0 demain' plugin = self._makeOne('realm') value = encodebytes(b':'.join((LOGIN, PASSWD))).decode('ascii') environ = self._makeEnviron({'HTTP_AUTHORIZATION':'Basic %s' % value}) creds = plugin.identify(environ) self.assertEqual(creds, {'login': LOGIN.decode('utf-8'), 'password': PASSWD.decode('utf-8')}) def test_identify_basic_ok_latin1_values(self): from repoze.who._compat import encodebytes LOGIN = b'b\xe2tard' PASSWD = b'l\xe0 demain' plugin = self._makeOne('realm') value = encodebytes(b':'.join((LOGIN, PASSWD))).decode('ascii') environ = self._makeEnviron({'HTTP_AUTHORIZATION':'Basic %s' % value}) creds = plugin.identify(environ) self.assertEqual(creds, {'login': LOGIN.decode('latin1'), 'password': PASSWD.decode('latin1')}) def test_remember(self): plugin = self._makeOne('realm') creds = {}