3 test_description
='test http auth header and credential helper interop'
6 .
"$TEST_DIRECTORY"/lib-httpd.sh
10 test_expect_success
'setup_credential_helper' '
11 mkdir "$TRASH_DIRECTORY/bin" &&
12 PATH=$PATH:"$TRASH_DIRECTORY/bin" &&
15 CREDENTIAL_HELPER="$TRASH_DIRECTORY/bin/git-credential-test-helper" &&
16 write_script "$CREDENTIAL_HELPER" <<-\EOF
18 teefile=$cmd-query.cred
19 catfile=$cmd-reply.cred
20 sed -n -e "/^$/q" -e "p" >>$teefile
21 if test "$cmd" = "get"
28 set_credential_reply
() {
29 cat >"$TRASH_DIRECTORY/$1-reply.cred"
32 expect_credential_query
() {
33 cat >"$TRASH_DIRECTORY/$1-expect.cred" &&
34 test_cmp
"$TRASH_DIRECTORY/$1-expect.cred" \
35 "$TRASH_DIRECTORY/$1-query.cred"
40 rm -f "$HTTPD_ROOT_PATH"/custom-auth.valid \
41 "$HTTPD_ROOT_PATH"/custom-auth.challenge
44 test_expect_success
'setup repository' '
46 git init --bare "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
47 git push --mirror "$HTTPD_DOCUMENT_ROOT_PATH/repo.git"
50 test_expect_success
'access using basic auth' '
51 test_when_finished "per_test_cleanup" &&
53 set_credential_reply get <<-EOF &&
55 password=secret-passwd
58 # Basic base64(alice:secret-passwd)
59 cat >"$HTTPD_ROOT_PATH/custom-auth.valid" <<-EOF &&
60 Basic YWxpY2U6c2VjcmV0LXBhc3N3ZA==
63 cat >"$HTTPD_ROOT_PATH/custom-auth.challenge" <<-EOF &&
64 WWW-Authenticate: Basic realm="example.com"
67 test_config_global credential.helper test-helper &&
68 git ls-remote "$HTTPD_URL/custom_auth/repo.git" &&
70 expect_credential_query get <<-EOF &&
73 wwwauth[]=Basic realm="example.com"
76 expect_credential_query store <<-EOF
80 password=secret-passwd
84 test_expect_success
'access using basic auth invalid credentials' '
85 test_when_finished "per_test_cleanup" &&
87 set_credential_reply get <<-EOF &&
92 # Basic base64(alice:secret-passwd)
93 cat >"$HTTPD_ROOT_PATH/custom-auth.valid" <<-EOF &&
94 Basic YWxpY2U6c2VjcmV0LXBhc3N3ZA==
97 cat >"$HTTPD_ROOT_PATH/custom-auth.challenge" <<-EOF &&
98 WWW-Authenticate: Basic realm="example.com"
101 test_config_global credential.helper test-helper &&
102 test_must_fail git ls-remote "$HTTPD_URL/custom_auth/repo.git" &&
104 expect_credential_query get <<-EOF &&
107 wwwauth[]=Basic realm="example.com"
110 expect_credential_query erase <<-EOF
114 password=wrong-passwd
115 wwwauth[]=Basic realm="example.com"
119 test_expect_success
'access using basic auth with extra challenges' '
120 test_when_finished "per_test_cleanup" &&
122 set_credential_reply get <<-EOF &&
124 password=secret-passwd
127 # Basic base64(alice:secret-passwd)
128 cat >"$HTTPD_ROOT_PATH/custom-auth.valid" <<-EOF &&
129 Basic YWxpY2U6c2VjcmV0LXBhc3N3ZA==
132 cat >"$HTTPD_ROOT_PATH/custom-auth.challenge" <<-EOF &&
133 WWW-Authenticate: FooBar param1="value1" param2="value2"
134 WWW-Authenticate: Bearer authorize_uri="id.example.com" p=1 q=0
135 WWW-Authenticate: Basic realm="example.com"
138 test_config_global credential.helper test-helper &&
139 git ls-remote "$HTTPD_URL/custom_auth/repo.git" &&
141 expect_credential_query get <<-EOF &&
144 wwwauth[]=FooBar param1="value1" param2="value2"
145 wwwauth[]=Bearer authorize_uri="id.example.com" p=1 q=0
146 wwwauth[]=Basic realm="example.com"
149 expect_credential_query store <<-EOF
153 password=secret-passwd
157 test_expect_success
'access using basic auth mixed-case wwwauth header name' '
158 test_when_finished "per_test_cleanup" &&
160 set_credential_reply get <<-EOF &&
162 password=secret-passwd
165 # Basic base64(alice:secret-passwd)
166 cat >"$HTTPD_ROOT_PATH/custom-auth.valid" <<-EOF &&
167 Basic YWxpY2U6c2VjcmV0LXBhc3N3ZA==
170 cat >"$HTTPD_ROOT_PATH/custom-auth.challenge" <<-EOF &&
171 www-authenticate: foobar param1="value1" param2="value2"
172 WWW-AUTHENTICATE: BEARER authorize_uri="id.example.com" p=1 q=0
173 WwW-aUtHeNtIcAtE: baSiC realm="example.com"
176 test_config_global credential.helper test-helper &&
177 git ls-remote "$HTTPD_URL/custom_auth/repo.git" &&
179 expect_credential_query get <<-EOF &&
182 wwwauth[]=foobar param1="value1" param2="value2"
183 wwwauth[]=BEARER authorize_uri="id.example.com" p=1 q=0
184 wwwauth[]=baSiC realm="example.com"
187 expect_credential_query store <<-EOF
191 password=secret-passwd
195 test_expect_success
'access using basic auth with wwwauth header continuations' '
196 test_when_finished "per_test_cleanup" &&
198 set_credential_reply get <<-EOF &&
200 password=secret-passwd
203 # Basic base64(alice:secret-passwd)
204 cat >"$HTTPD_ROOT_PATH/custom-auth.valid" <<-EOF &&
205 Basic YWxpY2U6c2VjcmV0LXBhc3N3ZA==
208 # Note that leading and trailing whitespace is important to correctly
209 # simulate a continuation/folded header.
210 cat >"$HTTPD_ROOT_PATH/custom-auth.challenge" <<-EOF &&
211 WWW-Authenticate: FooBar param1="value1"
213 WWW-Authenticate: Bearer authorize_uri="id.example.com"
216 WWW-Authenticate: Basic realm="example.com"
219 test_config_global credential.helper test-helper &&
220 git ls-remote "$HTTPD_URL/custom_auth/repo.git" &&
222 expect_credential_query get <<-EOF &&
225 wwwauth[]=FooBar param1="value1" param2="value2"
226 wwwauth[]=Bearer authorize_uri="id.example.com" p=1 q=0
227 wwwauth[]=Basic realm="example.com"
230 expect_credential_query store <<-EOF
234 password=secret-passwd
238 test_expect_success
'access using basic auth with wwwauth header empty continuations' '
239 test_when_finished "per_test_cleanup" &&
241 set_credential_reply get <<-EOF &&
243 password=secret-passwd
246 # Basic base64(alice:secret-passwd)
247 cat >"$HTTPD_ROOT_PATH/custom-auth.valid" <<-EOF &&
248 Basic YWxpY2U6c2VjcmV0LXBhc3N3ZA==
251 CHALLENGE="$HTTPD_ROOT_PATH/custom-auth.challenge" &&
253 # Note that leading and trailing whitespace is important to correctly
254 # simulate a continuation/folded header.
255 printf "WWW-Authenticate: FooBar param1=\"value1\"\r\n" >"$CHALLENGE" &&
256 printf " \r\n" >>"$CHALLENGE" &&
257 printf " param2=\"value2\"\r\n" >>"$CHALLENGE" &&
258 printf "WWW-Authenticate: Bearer authorize_uri=\"id.example.com\"\r\n" >>"$CHALLENGE" &&
259 printf " p=1\r\n" >>"$CHALLENGE" &&
260 printf " \r\n" >>"$CHALLENGE" &&
261 printf " q=0\r\n" >>"$CHALLENGE" &&
262 printf "WWW-Authenticate: Basic realm=\"example.com\"\r\n" >>"$CHALLENGE" &&
264 test_config_global credential.helper test-helper &&
265 git ls-remote "$HTTPD_URL/custom_auth/repo.git" &&
267 expect_credential_query get <<-EOF &&
270 wwwauth[]=FooBar param1="value1" param2="value2"
271 wwwauth[]=Bearer authorize_uri="id.example.com" p=1 q=0
272 wwwauth[]=Basic realm="example.com"
275 expect_credential_query store <<-EOF
279 password=secret-passwd
283 test_expect_success
'access using basic auth with wwwauth header mixed line-endings' '
284 test_when_finished "per_test_cleanup" &&
286 set_credential_reply get <<-EOF &&
288 password=secret-passwd
291 # Basic base64(alice:secret-passwd)
292 cat >"$HTTPD_ROOT_PATH/custom-auth.valid" <<-EOF &&
293 Basic YWxpY2U6c2VjcmV0LXBhc3N3ZA==
296 CHALLENGE="$HTTPD_ROOT_PATH/custom-auth.challenge" &&
298 # Note that leading and trailing whitespace is important to correctly
299 # simulate a continuation/folded header.
300 printf "WWW-Authenticate: FooBar param1=\"value1\"\r\n" >"$CHALLENGE" &&
301 printf " \r\n" >>"$CHALLENGE" &&
302 printf "\tparam2=\"value2\"\r\n" >>"$CHALLENGE" &&
303 printf "WWW-Authenticate: Basic realm=\"example.com\"" >>"$CHALLENGE" &&
305 test_config_global credential.helper test-helper &&
306 git ls-remote "$HTTPD_URL/custom_auth/repo.git" &&
308 expect_credential_query get <<-EOF &&
311 wwwauth[]=FooBar param1="value1" param2="value2"
312 wwwauth[]=Basic realm="example.com"
315 expect_credential_query store <<-EOF
319 password=secret-passwd