mirror of
https://github.com/classilla/tenfourfox.git
synced 2024-06-10 18:29:43 +00:00
410 lines
12 KiB
JavaScript
410 lines
12 KiB
JavaScript
/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
/**
|
|
* This tests the automatic login to the proxy with password,
|
|
* if the password is stored and the browser is restarted.
|
|
*
|
|
* <copied from="test_authentication.js"/>
|
|
*/
|
|
|
|
Cu.import("resource://testing-common/httpd.js");
|
|
Cu.import("resource://gre/modules/Services.jsm");
|
|
|
|
const FLAG_RETURN_FALSE = 1 << 0;
|
|
const FLAG_WRONG_PASSWORD = 1 << 1;
|
|
const FLAG_PREVIOUS_FAILED = 1 << 2;
|
|
|
|
function AuthPrompt2(proxyFlags, hostFlags) {
|
|
this.proxyCred.flags = proxyFlags;
|
|
this.hostCred.flags = hostFlags;
|
|
}
|
|
AuthPrompt2.prototype = {
|
|
proxyCred : { user: "proxy", pass: "guest",
|
|
realmExpected: "intern", flags : 0 },
|
|
hostCred : { user: "host", pass: "guest",
|
|
realmExpected: "extern", flags : 0 },
|
|
|
|
QueryInterface: function authprompt2_qi(iid) {
|
|
if (iid.equals(Ci.nsISupports) ||
|
|
iid.equals(Ci.nsIAuthPrompt2))
|
|
return this;
|
|
throw Cr.NS_ERROR_NO_INTERFACE;
|
|
},
|
|
|
|
promptAuth:
|
|
function ap2_promptAuth(channel, encryptionLevel, authInfo)
|
|
{
|
|
try {
|
|
|
|
// never HOST and PROXY set at the same time in prompt
|
|
do_check_eq((authInfo.flags & Ci.nsIAuthInformation.AUTH_HOST) != 0,
|
|
(authInfo.flags & Ci.nsIAuthInformation.AUTH_PROXY) == 0);
|
|
|
|
var isProxy = (authInfo.flags & Ci.nsIAuthInformation.AUTH_PROXY) != 0;
|
|
var cred = isProxy ? this.proxyCred : this.hostCred;
|
|
|
|
dump("with flags: " +
|
|
((cred.flags & FLAG_WRONG_PASSWORD) !=0 ? "wrong password" : "")+" "+
|
|
((cred.flags & FLAG_PREVIOUS_FAILED) !=0 ? "previous failed" : "")+" "+
|
|
((cred.flags & FLAG_RETURN_FALSE) !=0 ? "return false" : "") + "\n");
|
|
|
|
// PROXY properly set by necko (checked using realm)
|
|
do_check_eq(cred.realmExpected, authInfo.realm);
|
|
|
|
// PREVIOUS_FAILED properly set by necko
|
|
do_check_eq((cred.flags & FLAG_PREVIOUS_FAILED) != 0,
|
|
(authInfo.flags & Ci.nsIAuthInformation.PREVIOUS_FAILED) != 0);
|
|
|
|
if (cred.flags & FLAG_RETURN_FALSE)
|
|
{
|
|
cred.flags |= FLAG_PREVIOUS_FAILED;
|
|
cred.flags &= ~FLAG_RETURN_FALSE;
|
|
return false;
|
|
}
|
|
|
|
authInfo.username = cred.user;
|
|
if (cred.flags & FLAG_WRONG_PASSWORD) {
|
|
authInfo.password = cred.pass + ".wrong";
|
|
cred.flags |= FLAG_PREVIOUS_FAILED;
|
|
// Now clear the flag to avoid an infinite loop
|
|
cred.flags &= ~FLAG_WRONG_PASSWORD;
|
|
} else {
|
|
authInfo.password = cred.pass;
|
|
cred.flags &= ~FLAG_PREVIOUS_FAILED;
|
|
}
|
|
return true;
|
|
|
|
} catch (e) { do_throw(e); }
|
|
},
|
|
|
|
asyncPromptAuth:
|
|
function ap2_async(channel, callback, context, encryptionLevel, authInfo)
|
|
{
|
|
try {
|
|
var me = this;
|
|
var allOverAndDead = false;
|
|
do_execute_soon(function() {
|
|
try {
|
|
if (allOverAndDead)
|
|
throw "already canceled";
|
|
var ret = me.promptAuth(channel, encryptionLevel, authInfo);
|
|
if (!ret)
|
|
callback.onAuthCancelled(context, true);
|
|
else
|
|
callback.onAuthAvailable(context, authInfo);
|
|
allOverAndDead = true;
|
|
} catch (e) { do_throw(e); }
|
|
});
|
|
return new Cancelable(function() {
|
|
if (allOverAndDead)
|
|
throw "can't cancel, already ran";
|
|
callback.onAuthAvailable(context, authInfo);
|
|
allOverAndDead = true;
|
|
});
|
|
} catch (e) { do_throw(e); }
|
|
}
|
|
};
|
|
|
|
function Cancelable(onCancelFunc) {
|
|
this.onCancelFunc = onCancelFunc;
|
|
}
|
|
Cancelable.prototype = {
|
|
QueryInterface: function cancelable_qi(iid) {
|
|
if (iid.equals(Ci.nsISupports) ||
|
|
iid.equals(Ci.nsICancelable))
|
|
return this;
|
|
throw Cr.NS_ERROR_NO_INTERFACE;
|
|
},
|
|
cancel: function cancel() {
|
|
try {
|
|
this.onCancelFunc();
|
|
} catch (e) { do_throw(e); }
|
|
}
|
|
};
|
|
|
|
function Requestor(proxyFlags, hostFlags) {
|
|
this.proxyFlags = proxyFlags;
|
|
this.hostFlags = hostFlags;
|
|
}
|
|
Requestor.prototype = {
|
|
QueryInterface: function requestor_qi(iid) {
|
|
if (iid.equals(Ci.nsISupports) ||
|
|
iid.equals(Ci.nsIInterfaceRequestor))
|
|
return this;
|
|
throw Cr.NS_ERROR_NO_INTERFACE;
|
|
},
|
|
|
|
getInterface: function requestor_gi(iid) {
|
|
if (iid.equals(Ci.nsIAuthPrompt)) {
|
|
dump("authprompt1 not implemented\n");
|
|
throw Cr.NS_ERROR_NO_INTERFACE;
|
|
}
|
|
if (iid.equals(Ci.nsIAuthPrompt2)) {
|
|
try {
|
|
// Allow the prompt to store state by caching it here
|
|
if (!this.prompt2)
|
|
this.prompt2 = new AuthPrompt2(this.proxyFlags, this.hostFlags);
|
|
return this.prompt2;
|
|
} catch (e) { do_throw(e); }
|
|
}
|
|
throw Cr.NS_ERROR_NO_INTERFACE;
|
|
},
|
|
|
|
prompt2: null
|
|
};
|
|
|
|
var listener = {
|
|
expectedCode: -1, // uninitialized
|
|
|
|
onStartRequest: function test_onStartR(request, ctx) {
|
|
try {
|
|
// Proxy auth cancellation return failures to avoid spoofing
|
|
if (!Components.isSuccessCode(request.status) &&
|
|
(this.expectedCode != 407))
|
|
do_throw("Channel should have a success code!");
|
|
|
|
if (!(request instanceof Ci.nsIHttpChannel))
|
|
do_throw("Expecting an HTTP channel");
|
|
|
|
do_check_eq(this.expectedCode, request.responseStatus);
|
|
// If we expect 200, the request should have succeeded
|
|
do_check_eq(this.expectedCode == 200, request.requestSucceeded);
|
|
|
|
var cookie = "";
|
|
try {
|
|
cookie = request.getRequestHeader("Cookie");
|
|
} catch (e) { }
|
|
do_check_eq(cookie, "");
|
|
|
|
} catch (e) {
|
|
do_throw("Unexpected exception: " + e);
|
|
}
|
|
|
|
throw Cr.NS_ERROR_ABORT;
|
|
},
|
|
|
|
onDataAvailable: function test_ODA() {
|
|
do_throw("Should not get any data!");
|
|
},
|
|
|
|
onStopRequest: function test_onStopR(request, ctx, status) {
|
|
do_check_eq(status, Cr.NS_ERROR_ABORT);
|
|
|
|
if (current_test < (tests.length - 1)) {
|
|
// First, need to clear the auth cache
|
|
Cc["@mozilla.org/network/http-auth-manager;1"]
|
|
.getService(Ci.nsIHttpAuthManager)
|
|
.clearAll();
|
|
|
|
current_test++;
|
|
tests[current_test]();
|
|
} else {
|
|
do_test_pending();
|
|
httpserv.stop(do_test_finished);
|
|
}
|
|
|
|
do_test_finished();
|
|
}
|
|
};
|
|
|
|
function makeChan(url) {
|
|
if (!url)
|
|
url = "http://somesite/";
|
|
var ios = Cc["@mozilla.org/network/io-service;1"]
|
|
.getService(Ci.nsIIOService);
|
|
var chan = ios.newChannel2(url,
|
|
null,
|
|
null,
|
|
null, // aLoadingNode
|
|
Services.scriptSecurityManager.getSystemPrincipal(),
|
|
null, // aTriggeringPrincipal
|
|
Ci.nsILoadInfo.SEC_NORMAL,
|
|
Ci.nsIContentPolicy.TYPE_OTHER)
|
|
.QueryInterface(Ci.nsIHttpChannel);
|
|
|
|
return chan;
|
|
}
|
|
|
|
var current_test = 0;
|
|
var httpserv = null;
|
|
|
|
function run_test() {
|
|
httpserv = new HttpServer();
|
|
httpserv.registerPathHandler("/", proxyAuthHandler);
|
|
httpserv.identity.add("http", "somesite", 80);
|
|
httpserv.start(-1);
|
|
|
|
const prefs = Cc["@mozilla.org/preferences-service;1"]
|
|
.getService(Ci.nsIPrefBranch);
|
|
prefs.setCharPref("network.proxy.http", "localhost");
|
|
prefs.setIntPref("network.proxy.http_port", httpserv.identity.primaryPort);
|
|
prefs.setCharPref("network.proxy.no_proxies_on", "");
|
|
prefs.setIntPref("network.proxy.type", 1);
|
|
|
|
// Turn off the authentication dialog blocking for this test.
|
|
prefs.setIntPref("network.auth.subresource-http-auth-allow", 2);
|
|
|
|
tests[current_test]();
|
|
}
|
|
|
|
function test_proxy_returnfalse() {
|
|
dump("\ntest: proxy returnfalse\n");
|
|
var chan = makeChan();
|
|
chan.notificationCallbacks = new Requestor(FLAG_RETURN_FALSE, 0);
|
|
listener.expectedCode = 407; // Proxy Unauthorized
|
|
chan.asyncOpen(listener, null);
|
|
|
|
do_test_pending();
|
|
}
|
|
|
|
function test_proxy_wrongpw() {
|
|
dump("\ntest: proxy wrongpw\n");
|
|
var chan = makeChan();
|
|
chan.notificationCallbacks = new Requestor(FLAG_WRONG_PASSWORD, 0);
|
|
listener.expectedCode = 200; // Eventually OK
|
|
chan.asyncOpen(listener, null);
|
|
do_test_pending();
|
|
}
|
|
|
|
function test_all_ok() {
|
|
dump("\ntest: all ok\n");
|
|
var chan = makeChan();
|
|
chan.notificationCallbacks = new Requestor(0, 0);
|
|
listener.expectedCode = 200; // OK
|
|
chan.asyncOpen(listener, null);
|
|
do_test_pending();
|
|
}
|
|
|
|
function test_proxy_407_cookie() {
|
|
var chan = makeChan();
|
|
chan.notificationCallbacks = new Requestor(FLAG_RETURN_FALSE, 0);
|
|
chan.setRequestHeader("X-Set-407-Cookie", "1", false);
|
|
listener.expectedCode = 407; // Proxy Unauthorized
|
|
chan.asyncOpen(listener, null);
|
|
|
|
do_test_pending();
|
|
}
|
|
|
|
function test_proxy_200_cookie() {
|
|
var chan = makeChan();
|
|
chan.notificationCallbacks = new Requestor(0, 0);
|
|
chan.setRequestHeader("X-Set-407-Cookie", "1", false);
|
|
listener.expectedCode = 200; // OK
|
|
chan.asyncOpen(listener, null);
|
|
do_test_pending();
|
|
}
|
|
|
|
function test_host_returnfalse() {
|
|
dump("\ntest: host returnfalse\n");
|
|
var chan = makeChan();
|
|
chan.notificationCallbacks = new Requestor(0, FLAG_RETURN_FALSE);
|
|
listener.expectedCode = 401; // Host Unauthorized
|
|
chan.asyncOpen(listener, null);
|
|
|
|
do_test_pending();
|
|
}
|
|
|
|
function test_host_wrongpw() {
|
|
dump("\ntest: host wrongpw\n");
|
|
var chan = makeChan();
|
|
chan.notificationCallbacks = new Requestor(0, FLAG_WRONG_PASSWORD);
|
|
listener.expectedCode = 200; // Eventually OK
|
|
chan.asyncOpen(listener, null);
|
|
do_test_pending();
|
|
}
|
|
|
|
function test_proxy_wrongpw_host_wrongpw() {
|
|
dump("\ntest: proxy wrongpw, host wrongpw\n");
|
|
var chan = makeChan();
|
|
chan.notificationCallbacks =
|
|
new Requestor(FLAG_WRONG_PASSWORD, FLAG_WRONG_PASSWORD);
|
|
listener.expectedCode = 200; // OK
|
|
chan.asyncOpen(listener, null);
|
|
do_test_pending();
|
|
}
|
|
|
|
function test_proxy_wrongpw_host_returnfalse() {
|
|
dump("\ntest: proxy wrongpw, host return false\n");
|
|
var chan = makeChan();
|
|
chan.notificationCallbacks =
|
|
new Requestor(FLAG_WRONG_PASSWORD, FLAG_RETURN_FALSE);
|
|
listener.expectedCode = 401; // Host Unauthorized
|
|
chan.asyncOpen(listener, null);
|
|
do_test_pending();
|
|
}
|
|
|
|
var tests = [test_proxy_returnfalse, test_proxy_wrongpw, test_all_ok,
|
|
test_proxy_407_cookie, test_proxy_200_cookie,
|
|
test_host_returnfalse, test_host_wrongpw,
|
|
test_proxy_wrongpw_host_wrongpw, test_proxy_wrongpw_host_returnfalse];
|
|
|
|
|
|
// PATH HANDLERS
|
|
|
|
// Proxy
|
|
function proxyAuthHandler(metadata, response) {
|
|
try {
|
|
var realm = "intern";
|
|
// btoa("proxy:guest"), but that function is not available here
|
|
var expectedHeader = "Basic cHJveHk6Z3Vlc3Q=";
|
|
|
|
var body;
|
|
if (metadata.hasHeader("Proxy-Authorization") &&
|
|
metadata.getHeader("Proxy-Authorization") == expectedHeader)
|
|
{
|
|
dump("proxy password ok\n");
|
|
response.setHeader("Proxy-Authenticate",
|
|
'Basic realm="' + realm + '"', false);
|
|
|
|
hostAuthHandler(metadata, response);
|
|
}
|
|
else
|
|
{
|
|
dump("proxy password required\n");
|
|
response.setStatusLine(metadata.httpVersion, 407,
|
|
"Unauthorized by HTTP proxy");
|
|
response.setHeader("Proxy-Authenticate",
|
|
'Basic realm="' + realm + '"', false);
|
|
if (metadata.hasHeader("X-Set-407-Cookie")) {
|
|
response.setHeader("Set-Cookie", "chewy", false);
|
|
}
|
|
body = "failed";
|
|
response.bodyOutputStream.write(body, body.length);
|
|
}
|
|
} catch (e) { do_throw(e); }
|
|
}
|
|
|
|
// Host /auth
|
|
function hostAuthHandler(metadata, response) {
|
|
try {
|
|
var realm = "extern";
|
|
// btoa("host:guest"), but that function is not available here
|
|
var expectedHeader = "Basic aG9zdDpndWVzdA==";
|
|
|
|
var body;
|
|
if (metadata.hasHeader("Authorization") &&
|
|
metadata.getHeader("Authorization") == expectedHeader)
|
|
{
|
|
dump("host password ok\n");
|
|
response.setStatusLine(metadata.httpVersion, 200,
|
|
"OK, authorized for host");
|
|
response.setHeader("WWW-Authenticate",
|
|
'Basic realm="' + realm + '"', false);
|
|
body = "success";
|
|
}
|
|
else
|
|
{
|
|
dump("host password required\n");
|
|
response.setStatusLine(metadata.httpVersion, 401,
|
|
"Unauthorized by HTTP server host");
|
|
response.setHeader("WWW-Authenticate",
|
|
'Basic realm="' + realm + '"', false);
|
|
body = "failed";
|
|
}
|
|
response.bodyOutputStream.write(body, body.length);
|
|
} catch (e) { do_throw(e); }
|
|
}
|