Ticket #3924: 3924-anonymous-checkers-httpauthsessionwrapper.patch

File 3924-anonymous-checkers-httpauthsessionwrapper.patch, 5.7 KB (added by esteve, 5 years ago)
  • twisted/web/_auth/wrapper.py

    # Bazaar merge directive format 2 (Bazaar 0.90)
    # revision_id: esteve@fluidinfo.com-20090720181923-bjpis47kq4prtugw
    # target_branch: ../trunk/
    # testament_sha1: 671b6ccbb7d5a0465a6ebaafa0ea251fbd4b7b5e
    # timestamp: 2009-07-20 20:26:54 +0200
    # base_revision_id: svn-v4:bbbe8e31-12d6-0310-92fd-\
    #   ac37d47ddeeb:trunk:27161
    # 
    # Begin patch
    === modified file 'twisted/web/_auth/wrapper.py'
     
    1818from twisted.web.resource import IResource, ErrorPage 
    1919from twisted.web import util 
    2020from twisted.cred import error 
    21  
     21from twisted.cred.credentials import Anonymous 
    2222 
    2323class UnauthorizedResource(object): 
    2424    """ 
     
    105105        """ 
    106106        authheader = request.getHeader('authorization') 
    107107        if not authheader: 
    108             return UnauthorizedResource(self._credentialFactories) 
     108            return util.DeferredResource(self._login(Anonymous())) 
    109109 
    110110        factory, respString = self._selectParseHeader(authheader) 
    111111        if factory is None: 
  • twisted/web/test/test_httpauth.py

    === modified file 'twisted/web/test/test_httpauth.py'
     
    1414from twisted.internet.address import IPv4Address 
    1515 
    1616from twisted.cred import error, portal 
    17 from twisted.cred.checkers import InMemoryUsernamePasswordDatabaseDontUse 
     17from twisted.cred.checkers import InMemoryUsernamePasswordDatabaseDontUse, \ 
     18    ANONYMOUS, AllowAnonymousAccess 
    1819from twisted.cred.credentials import IUsernamePassword 
    1920 
    2021from twisted.web.iweb import ICredentialFactory 
     
    350351        """ 
    351352        request = self.makeRequest([self.childName]) 
    352353        child = self.wrapper.getChildWithDefault(self.childName, request) 
    353         self.assertIsInstance(child, UnauthorizedResource) 
     354        d = request.notifyFinish() 
     355        def cbFinished(result): 
     356            self.assertEqual(request.responseCode, 401) 
     357        d.addCallback(cbFinished) 
     358        render(child, request) 
     359        return d 
    354360 
    355361 
    356362    def _invalidAuthorizationTest(self, response): 
     
    545551        render(child, request) 
    546552        self.assertEqual(request.responseCode, 500) 
    547553        self.assertEqual(len(self.flushLoggedErrors(UnexpectedException)), 1) 
     554 
     555    def test_anonymousAccess(self): 
     556        """ 
     557        Anonymous requests are allowed if a L{Portal} has an anonymous checker 
     558        registered. 
     559        """ 
     560        unprotectedContents = "contents of the unprotected child resource" 
     561 
     562        class UnprotectedResource(Resource): 
     563 
     564            def render_GET(self, request): 
     565                return unprotectedContents 
     566 
     567        self.avatars[ANONYMOUS] = UnprotectedResource() 
     568        self.portal.registerChecker(AllowAnonymousAccess()) 
     569        self.credentialFactories.append(BasicCredentialFactory('example.com')) 
     570        request = self.makeRequest([self.childName]) 
     571        child = getChildForRequest(self.wrapper, request) 
     572        d = request.notifyFinish() 
     573        def cbFinished(ignored): 
     574            self.assertEquals(request.written, [unprotectedContents]) 
     575        d.addCallback(cbFinished) 
     576        render(child, request) 
     577        return d