# HG changeset patch # User Mads Kiilerich # Date 1312497594 -7200 # Node ID f32a2989ff585f0f452f25806750477fc631fc9a # Parent 0593e8f81c712eb29ee3593c22d8b777a6d6f076 test-http: test http authentication The extension hack is based on Henrik Stuart's hg-textauth. diff -r 0593e8f81c71 -r f32a2989ff58 tests/test-http.t --- a/tests/test-http.t Fri Aug 05 21:05:41 2011 +0200 +++ b/tests/test-http.t Fri Aug 05 00:39:54 2011 +0200 @@ -110,6 +110,55 @@ abort: HTTP Error 404: Not Found [255] +test http authentication + + $ cd test + $ cat << EOT > userpass.py + > import base64 + > from mercurial.hgweb import common + > def perform_authentication(hgweb, req, op): + > auth = req.env.get('HTTP_AUTHORIZATION') + > if not auth: + > raise common.ErrorResponse(common.HTTP_UNAUTHORIZED, 'who', + > [('WWW-Authenticate', 'Basic Realm="mercurial"')]) + > if base64.b64decode(auth.split()[1]).split(':', 1) != ['user', 'pass']: + > raise common.ErrorResponse(common.HTTP_FORBIDDEN, 'no') + > def extsetup(): + > common.permhooks.insert(0, perform_authentication) + > EOT + $ hg --config extensions.x=userpass.py serve -p $HGPORT2 -d --pid-file=pid + $ cat pid >> $DAEMON_PIDS + + $ hg id http://localhost:$HGPORT2/ + abort: http authorization required + [255] + $ hg id http://user@localhost:$HGPORT2/ + abort: http authorization required + [255] + $ hg id http://user:pass@localhost:$HGPORT2/ + 5fed3813f7f5 + $ echo '[auth]' >> .hg/hgrc + $ echo 'l.schemes=http' >> .hg/hgrc + $ echo 'l.prefix=lo' >> .hg/hgrc + $ echo 'l.username=user' >> .hg/hgrc + $ echo 'l.password=pass' >> .hg/hgrc + $ hg id http://localhost:$HGPORT2/ + 5fed3813f7f5 + $ hg id http://localhost:$HGPORT2/ + 5fed3813f7f5 + $ hg id http://user@localhost:$HGPORT2/ + 5fed3813f7f5 + $ hg id http://user:pass@localhost:$HGPORT2/ + 5fed3813f7f5 + $ hg id http://user2@localhost:$HGPORT2/ + abort: http authorization required + [255] + $ hg id http://user:pass2@localhost:$HGPORT2/ + abort: HTTP Error 403: no + [255] + + $ cd .. + check error log $ cat error.log