%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /usr/lib/python3/dist-packages/twisted/web/test/__pycache__/
Upload File :
Create Path :
Current File : //usr/lib/python3/dist-packages/twisted/web/test/__pycache__/test_httpauth.cpython-312.pyc

�

Ϫ�f�\��&�dZddlZddlmZddlmZddlmZmZddl	m
Z
mZmZddl
mZddlmZdd	lmZdd
lmZddlmZddlmZdd
lmZddlmZmZddlmZddl m!Z!m"Z"ddl#m$Z$ddl%m&Z&m'Z'm(Z(ddl)m*Z*ddl+m,Z,ddl-m.Z.d�Z/Gd�d�Z0Gd�d�Z1Gd�de1e0ejd�Z3Gd�de1ejd�Z4Gd�d e1ejd�Z5eejl�Gd!�d"�Z7Gd#�d$ejd�Z8y)%z!
Tests for L{twisted.web._auth}.
�N)�implementer)�verifyObject)�error�portal)�	ANONYMOUS�AllowAnonymousAccess�'InMemoryUsernamePasswordDatabaseDontUse)�IUsernamePassword)�IPv4Address)�ConnectionDone)�EventLoggingObserver)�globalLogPublisher)�Failure)�unittest)�basic�digest)�BasicCredentialFactory)�HTTPAuthSessionWrapper�UnauthorizedResource)�ICredentialFactory)�	IResource�Resource�getChildForRequest��NOT_DONE_YET)�Data)�DummyRequestc�H�tj|�j�S�N)�base64�	b64encode�strip)�ss �@/usr/lib/python3/dist-packages/twisted/web/test/test_httpauth.pyr!r!%s�����A��$�$�&�&�c�<�eZdZdZd�Zd
d�Zd�Zd�Zd�Zd�Z	d	�Z
y)�BasicAuthTestsMixinz�
    L{TestCase} mixin class which defines a number of tests for
    L{basic.BasicCredentialFactory}.  Because this mixin defines C{setUp}, it
    must be inherited before L{TestCase}.
    c��|j�|_d|_d|_d|_tj|j�|_y)NsfoosdreidsS3CuR1Ty)�makeRequest�request�realm�username�passwordrr�credentialFactory��selfs r$�setUpzBasicAuthTestsMixin.setUp0s>���'�'�)�����
� ��
�#��
�!&�!=�!=�d�j�j�!I��r%Nc�2�t|j�d���)z�
        Create a request object to be passed to
        L{basic.BasicCredentialFactory.decode} along with a response value.
        Override this in a subclass.
        z did not implement makeRequest)�NotImplementedError�	__class__)r0�method�
clientAddresss   r$r)zBasicAuthTestsMixin.makeRequest7s��"�T�^�^�$6�6T�"U�V�Vr%c�V�|jtt|j��y)zM
        L{BasicCredentialFactory} implements L{ICredentialFactory}.
        N��
assertTruerrr.r/s r$�test_interfacez"BasicAuthTestsMixin.test_interface?���	
����%7��9O�9O�P�Qr%c��tdj|jd|jg��}|jj||j�}|jtj|��|j|j|j��|j|j|jdz��y)z�
        L{basic.BasicCredentialFactory.decode} turns a base64-encoded response
        into a L{UsernamePassword} object with a password which reflects the
        one which was encoded in the response.
        r%�:swrongN)r!�joinr,r-r.�decoder*r9r
�
providedBy�
checkPassword�assertFalse�r0�response�credss   r$�test_usernamePasswordz)BasicAuthTestsMixin.test_usernamePasswordEs����S�X�X�t�}�}�d�D�M�M�&J�K�L���&�&�-�-�h����E�����)�4�4�U�;�<�����+�+�D�M�M�:�;�����,�,�T�]�]�X�-E�F�Gr%c�f�tdj|jd|jg��}|j	d�}|j
j
||j�}|jtt|��|j|j|j��y)zz
        L{basic.BasicCredentialFactory.decode} decodes a base64-encoded
        response with incorrect padding.
        r%r=�=N)r!r>r,r-r"r.r?r*r9rr
rArCs   r$�test_incorrectPaddingz)BasicAuthTestsMixin.test_incorrectPaddingRs��
�S�X�X�t�}�}�d�D�M�M�&J�K�L���>�>�$�'���&�&�-�-�h����E������%6��>�?�����+�+�D�M�M�:�;r%c��d}|jtj|jj||j��y)z�
        L{basic.BasicCredentialFactory.decode} raises L{LoginFailed} if passed
        a response which is not base64-encoded.
        �xN)�assertRaisesr�LoginFailedr.r?r)�r0rDs  r$�test_invalidEncodingz(BasicAuthTestsMixin.test_invalidEncoding^s>��
���������"�"�)�)������		
r%c��td�}|jtj|jj
||j
��y)z�
        L{basic.BasicCredentialFactory.decode} raises L{LoginFailed} when
        passed a response which is not valid base64-encoded text.
        s123abc+/N)r!rLrrMr.r?r)rNs  r$�test_invalidCredentialsz+BasicAuthTestsMixin.test_invalidCredentialsksC��
�[�)���������"�"�)�)������		
r%��GETN)�__name__�
__module__�__qualname__�__doc__r1r)r:rFrIrOrQ�r%r$r'r')s.���J�W�R�H�
<�
�
r%r'c��eZdZdd�Zy)�RequestMixinNc�V�|�
tddd�}td�}||_||_|S)zo
        Create a L{DummyRequest} (change me to create a
        L{twisted.web.http.Request} instead).
        �TCP�	localhosti��/)rrr5�client)r0r5r6r*s    r$r)zRequestMixin.makeRequestzs5��
� �'��{�D�A�M��t�$�����&����r%rR)rTrUrVr)rXr%r$rZrZys��
r%rZc��eZdZdZy)�BasicAuthTestszK
    Basic authentication tests which use L{twisted.web.http.Request}.
    N)rTrUrVrWrXr%r$rara�s��r%rac�.�eZdZdZd�Zd�Zd�Zd�Zd�Zy)�DigestAuthTestszL
    Digest authentication tests which use L{twisted.web.http.Request}.
    c��d|_d|_tj|j|j�|_|j�|_y)z>
        Create a DigestCredentialFactory for testing
        �
test realm�md5N)r+�	algorithmr�DigestCredentialFactoryr.r)r*r/s r$r1zDigestAuthTests.setUp�sD��#��
����!'�!?�!?��N�N�D�J�J�"
����'�'�)��r%c�*������d�d�dg�t�������fd�}�j�jjd|��j	�td�d��}�jj
�|��j�d�y	)
z�
        L{digest.DigestCredentialFactory.decode} calls the C{decode} method on
        L{twisted.cred.digest.DigestCredentialFactory} with the HTTP method and
        host of the request.
        s169.254.0.1rSFc�|���j�|��j�|��j�|�d�d<y)NTr)�assertEqual)�	_response�_method�_host�done�hostr5rDr0s   �����r$�checkz*DigestAuthTests.test_decode.<locals>.check�s<������X�y�1����V�W�-����T�5�)��D��Gr%r?r\�QrN)�object�patchr.rr)rr?r9)r0rq�reqrorpr5rDs`  @@@@r$�test_decodezDigestAuthTests.test_decode�s���������w���8��	�	�	
�
�
�4�)�)�0�0�(�E�B����v�{�5�$��'C�D�����%�%�h��4�����Q�� r%c�V�|jtt|j��y)zN
        L{DigestCredentialFactory} implements L{ICredentialFactory}.
        Nr8r/s r$r:zDigestAuthTests.test_interface�r;r%c�b�|jj|j�}|j|dd�|j|dd�|j|dd�|j	d|�|j	d|�|j�D]}|j
d	|��y
)ah
        The challenge issued by L{DigestCredentialFactory.getChallenge} must
        include C{'qop'}, C{'realm'}, C{'algorithm'}, C{'nonce'}, and
        C{'opaque'} keys.  The values for the C{'realm'} and C{'algorithm'}
        keys must match the values supplied to the factory's initializer.
        None of the values may have newlines in them.
        �qop�authr+rergrf�nonce�opaque�
N)r.�getChallenger*rk�assertIn�values�assertNotIn)r0�	challenge�vs   r$�test_getChallengez!DigestAuthTests.test_getChallenge�s����*�*�7�7����E�	�����5�)�7�3�����7�+�]�;�����;�/��8��
�
�g�y�)��
�
�h�	�*��!�!�#�	'�A����U�A�&�	'r%c�$�|jdd�}|jj|�}|j|dd�|j|dd�|j|dd�|j	d	|�|j	d
|�y)z�
        L{DigestCredentialFactory.getChallenge} can issue a challenge even if
        the L{Request} it is passed returns L{None} from C{getClientIP}.
        rSNryrzr+rergrfr{r|)r)r.r~rkr)r0r*r�s   r$� test_getChallengeWithoutClientIPz0DigestAuthTests.test_getChallengeWithoutClientIP�s���
�"�"�6�4�0���*�*�7�7��@�	�����5�)�7�3�����7�+�]�;�����;�/��8��
�
�g�y�)��
�
�h�	�*r%N)	rTrUrVrWr1rvr:r�r�rXr%r$rcrc�s!���	*�!�,R�'�"+r%rcc�4�eZdZdZd�Zd�Zd�Zd�Zd�Zd�Z	y)	�UnauthorizedResourceTestsz,
    Tests for L{UnauthorizedResource}.
    c��tg�}|j|jdd�|�|j|jdd�|�y)zF
        An L{UnauthorizedResource} is every child of itself.
        �fooN�bar)r�assertIdentical�getChildWithDefault)r0�resources  r$�test_getChildWithDefaultz2UnauthorizedResourceTests.test_getChildWithDefault�sH��(��+�����X�9�9�%��F��Q����X�9�9�%��F��Qr%c���ttd�g�}|j|�|j|jd�|j|j
j
d�dg�y)z�
        Render L{UnauthorizedResource} for the given request object and verify
        that the response code is I{Unauthorized} and that a I{WWW-Authenticate}
        header is set in the response containing a challenge.
        �example.com��www-authenticatesbasic realm="example.com"N)rr�renderrk�responseCode�responseHeaders�
getRawHeaders)r0r*r�s   r$�_unauthorizedRenderTestz1UnauthorizedResourceTests._unauthorizedRenderTest�sb��(�)?�
�)N�(O�P�����x� �����-�-�s�3�����#�#�1�1�2E�F�
)�*�	
r%c��|j�}|j|�|jddj|j��y)z�
        L{UnauthorizedResource} renders with a 401 response code and a
        I{WWW-Authenticate} header and puts a simple unauthorized message
        into the response body.
        sUnauthorizedr%N�r)r�rkr>�written�r0r*s  r$�test_renderz%UnauthorizedResourceTests.test_render�s=���"�"�$���$�$�W�-�����#�(�(�7�?�?�*C�Dr%c��|jd��}|j|�|jddj|j��y)z�
        The rendering behavior of L{UnauthorizedResource} for a I{HEAD} request
        is like its handling of a I{GET} request, but no response body is
        written.
        sHEAD)r5r%Nr�r�s  r$�test_renderHEADz)UnauthorizedResourceTests.test_renderHEAD�sB���"�"�'�"�2���$�$�W�-�����c�h�h�w���7�8r%c���ttd�g�}|j�}|j|�|j	|j
j
d�dg�y)z�
        The realm value included in the I{WWW-Authenticate} header set in
        the response when L{UnauthorizedResounrce} is rendered has quotes
        and backslashes escaped.
        zexample\"foor�sbasic realm="example\\\"foo"N)rrr)r�rkr�r�)r0r�r*s   r$�test_renderQuotesRealmz0UnauthorizedResourceTests.test_renderQuotesRealmsZ��(�)?��)P�(Q�R���"�"�$�����x� �����#�#�1�1�2E�F�
/�0�	
r%c�
�ttjdd�g�}|j�}|j	|�|j
j
d�d}|jd|�|jd|�y)z�
        The digest value included in the I{WWW-Authenticate} header
        set in the response when L{UnauthorizedResource} is rendered
        has quotes and backslashes escaped.
        rfsexample\"foor�rsrealm="example\\\"foo"shm="md5N)rrrhr)r�r�r�r)r0r�r*�
authHeaders    r$�test_renderQuotesDigestz1UnauthorizedResourceTests.test_renderQuotesDigestsx��(�
�
+�
+�F�4D�
E�F�
���"�"�$�����x� ��,�,�:�:�;N�O�PQ�R�
��
�
�2�J�?��
�
�j�*�-r%N)
rTrUrVrWr�r�r�r�r�r�rXr%r$r�r��s'���R�
�E�9�
�
.r%r�c�"�eZdZdZd�Zd�Zd�Zy)�RealmaJ
    A simple L{IRealm} implementation which gives out L{WebAvatar} for any
    avatarId.

    @type loggedIn: C{int}
    @ivar loggedIn: The number of times C{requestAvatar} has been invoked for
        L{IResource}.

    @type loggedOut: C{int}
    @ivar loggedOut: The number of times the logout callback has been invoked.
    c�.�d|_d|_||_y)Nr)�	loggedOut�loggedIn�
avatarFactory)r0r�s  r$�__init__zRealm.__init__5s�������
�*��r%c��t|vr7|xjdz
c_t|j|�|jfSt	���N�)rr�r��logoutr3)r0�avatarId�mind�
interfacess    r$�
requestAvatarzRealm.requestAvatar:s=���
�"��M�M�Q��M��d�0�0��:�D�K�K�G�G�!�#�#r%c�.�|xjdz
c_yr�)r�r/s r$r�zRealm.logout@s�����!��r%N)rTrUrVrWr�r�r�rXr%r$r�r�(s��
�+�
$�r%r�c��eZdZdZeZd�Zd�Zd�Zd�Z	d�Z
d�Zd�Zd	�Z
d
�Zd�Zd�Zd
�Zd�Zd�Zd�Zd�Zd�Zd�Zy)�HTTPAuthHeaderTestsz.
    Tests for L{HTTPAuthSessionWrapper}.
    c��d|_d|_d|_d|_d|_t�|_|jj|j|j�t|jd�|_	|jj|jt|jd��|j|ji|_t|jj�|_tj |j|jg�|_g|_t%|j|j"�|_y)z\
        Create a realm, portal, and L{HTTPAuthSessionWrapper} to use in the tests.
        sfoo barsbar bazs&contents of the avatar resource itselfs	foo-childs'contents of the foo child of the avatar�
text/plainN)r,r-�
avatarContent�	childName�childContentr	�checker�addUserr�avatar�putChild�avatarsr��getr+r�Portal�credentialFactoriesr�wrapperr/s r$r1zHTTPAuthHeaderTests.setUpKs���#��
�"��
�F���%���F���>�@��������T�]�]�D�M�M�:��4�-�-�|�<��������T�^�^�T�$�2C�2C�\�-R�S��
�
�t�{�{�3����4�<�<�+�+�,��
��m�m�D�J�J�����?���#%�� �-�d�k�k�4�;S�;S�T��r%c��t|jdz|jz�}|jj	dd|z�t|j|�S)z�
        Add an I{basic authorization} header to the given request and then
        dispatch it, starting from C{self.wrapper} and returning the resulting
        L{IResource}.
        r=�
authorization�Basic )r!r,r-�requestHeaders�addRawHeaderrr�)r0r*�
authorizations   r$�_authorizedBasicLoginz)HTTPAuthHeaderTests._authorizedBasicLogin^sM��"�$�-�-�$�"6����"F�G�
����+�+�,<�i�-�>W�X�!�$�,�,��8�8r%c������j�jg��t�j��}�j	�}��fd�}|j|��j
|�|S)z�
        Resource traversal which encounters an L{HTTPAuthSessionWrapper}
        results in an L{UnauthorizedResource} instance when the request does
        not have the required I{Authorization} headers.
        c�>���j�jd�y�Nr��rkr���resultr*r0s ��r$�
cbFinishedz@HTTPAuthHeaderTests.test_getChildWithDefault.<locals>.cbFinishedr�������W�1�1�3�7r%)r)r�rr��notifyFinish�addCallbackr��r0�child�dr�r*s`   @r$r�z,HTTPAuthHeaderTests.test_getChildWithDefaulths^����"�"�D�N�N�#3�4��"�4�<�<��9��� � �"��	8�	
�
�
�j�!����u���r%c�^����jjtd���j�jg���j
j
d|�t�j��}�j�}��fd�}|j|��j|�|S)a(
        Create a request with the given value as the value of an
        I{Authorization} header and perform resource traversal with it,
        starting at C{self.wrapper}.  Assert that the result is a 401 response
        code.  Return a L{Deferred} which fires when this is all done.
        r�r�c�>���j�jd�yr�r�r�s ��r$r�zAHTTPAuthHeaderTests._invalidAuthorizationTest.<locals>.cbFinished�r�r%)r��appendrr)r�r�r�rr�r�r�r�)r0rDr�r�r�r*s`    @r$�_invalidAuthorizationTestz-HTTPAuthHeaderTests._invalidAuthorizationTestys����	
� � �'�'�(>�}�(M�N��"�"�D�N�N�#3�4�����+�+�,<�h�G�"�4�<�<��9��� � �"��	8�	
�
�
�j�!����u���r%c�<�|jdtd�z�S)z�
        Resource traversal which enouncters an L{HTTPAuthSessionWrapper}
        results in an L{UnauthorizedResource} when the request has an
        I{Authorization} header with a user which does not exist.
        r�sfoo:bar)r�r!r/s r$�(test_getChildWithDefaultUnauthorizedUserz<HTTPAuthHeaderTests.test_getChildWithDefaultUnauthorizedUser�s���-�-�i�)�J�:O�.O�P�Pr%c�V�|jdt|jdz�z�S)z�
        Resource traversal which enouncters an L{HTTPAuthSessionWrapper}
        results in an L{UnauthorizedResource} when the request has an
        I{Authorization} header with a user which exists and the wrong
        password.
        r�s:bar)r�r!r,r/s r$�,test_getChildWithDefaultUnauthorizedPasswordz@HTTPAuthHeaderTests.test_getChildWithDefaultUnauthorizedPassword�s-���-�-��	�$�-�-�'�"9�:�:�
�	
r%c�$�|jd�S)z�
        Resource traversal which enouncters an L{HTTPAuthSessionWrapper}
        results in an L{UnauthorizedResource} when the request has an
        I{Authorization} header with an unrecognized scheme.
        sQuux foo bar baz)r�r/s r$�*test_getChildWithDefaultUnrecognizedSchemez>HTTPAuthHeaderTests.test_getChildWithDefaultUnrecognizedScheme�s���-�-�.A�B�Br%c�����jjtd���j�jg���j��}�j
�}��fd�}|j|��j|�|S)z�
        Resource traversal which encounters an L{HTTPAuthSessionWrapper}
        results in an L{IResource} which renders the L{IResource} avatar
        retrieved from the portal when the request has a valid I{Authorization}
        header.
        r�c�T���j�j�jg�yr)rkr�r���ignoredr*r0s ��r$r�zJHTTPAuthHeaderTests.test_getChildWithDefaultAuthorized.<locals>.cbFinished�s ������W�_�_�t�/@�/@�.A�Br%)	r�r�rr)r�r�r�r�r�r�s`   @r$�"test_getChildWithDefaultAuthorizedz6HTTPAuthHeaderTests.test_getChildWithDefaultAuthorized�sy���	
� � �'�'�(>�}�(M�N��"�"�D�N�N�#3�4���*�*�7�3��� � �"��	C�	
�
�
�j�!����u���r%c�����jjtd���jg���j	��}�j�}��fd�}|j
|��j|�|S)a
        Resource traversal which terminates at an L{HTTPAuthSessionWrapper}
        and includes correct authentication headers results in the
        L{IResource} avatar (not one of its children) retrieved from the
        portal being rendered.
        r�c�T���j�j�jg�yr)rkr�r�r�s ��r$r�z=HTTPAuthHeaderTests.test_renderAuthorized.<locals>.cbFinished�s ������W�_�_�t�/A�/A�.B�Cr%)r�r�rr)r�r�r�r�r�s`   @r$�test_renderAuthorizedz)HTTPAuthHeaderTests.test_renderAuthorized�sr���	
� � �'�'�(>�}�(M�N��"�"�2�&���*�*�7�3��� � �"��	D�	
�
�
�j�!����u���r%c�^����tt�Gd�d��}|���jj���j	�j
g��t
�j��}�j�}���fd�}|j|��j|�|S)z�
        When L{HTTPAuthSessionWrapper} finds an L{ICredentialFactory} to issue
        a challenge, it calls the C{getChallenge} method with the request as an
        argument.
        c��eZdZdZd�Zd�Zy)�UHTTPAuthHeaderTests.test_getChallengeCalledWithRequest.<locals>.DumbCredentialFactorysdumbc��g|_yr)�requestsr/s r$r�z^HTTPAuthHeaderTests.test_getChallengeCalledWithRequest.<locals>.DumbCredentialFactory.__init__�s	�� "��
r%c�<�|jj|�iSr)r�r�r�s  r$r~zbHTTPAuthHeaderTests.test_getChallengeCalledWithRequest.<locals>.DumbCredentialFactory.getChallenge�s���
�
�$�$�W�-��	r%N)rTrUrV�schemer�r~rXr%r$�DumbCredentialFactoryr��s���F�
#�
r%r�c�@���j�j�g�yr)rkr�)r��factoryr*r0s ���r$r�zJHTTPAuthHeaderTests.test_getChallengeCalledWithRequest.<locals>.cbFinished�s������W�-�-��y�9r%)rrr�r�r)r�rr�r�r�r�)r0r�r�r�r�r�r*s`    @@r$�"test_getChallengeCalledWithRequestz6HTTPAuthHeaderTests.test_getChallengeCalledWithRequest�s����
�'�	(�	�	�
)�	�(�)��� � �'�'��0��"�"�D�N�N�#3�4��"�4�<�<��9��� � �"��	:�	
�
�
�j�!����u���r%c��|jjtd��Gd�dt�}|jj|j|��|j|jg�}|j|�}|j|�|j|jjd�|S)a
        Issue a request for an authentication-protected resource using valid
        credentials and then return the C{DummyRequest} instance which was
        used.

        This is a helper for tests about the behavior of the logout
        callback.
        r�c��eZdZd�Zy)�7HTTPAuthHeaderTests._logoutTest.<locals>.SlowerResourcec��tSrrr�s  r$r�z>HTTPAuthHeaderTests._logoutTest.<locals>.SlowerResource.render�s��#�#r%N)rTrUrVr�rXr%r$�SlowerResourcer��s��
$r%r�r)
r�r�rrr�r�r�r)r�r�rkr+r�)r0r�r*r�s    r$�_logoutTestzHTTPAuthHeaderTests._logoutTest�s���	
� � �'�'�(>�}�(M�N�	$�X�	$�	
�����T�^�^�^�-=�>��"�"�D�N�N�#3�4���*�*�7�3�����u��������-�-�q�1��r%c��|j�}|j�|j|jjd�y)zX
        The realm's logout callback is invoked after the resource is rendered.
        r�N)r��finishrkr+r�r�s  r$�test_logoutzHTTPAuthHeaderTests.test_logouts6���"�"�$������������-�-�q�1r%c��|j�}|jttd���|j	|j
jd�y)z�
        The realm's logout callback is also invoked if there is an error
        generating the response (for example, if the client disconnects
        early).
        zSimulated disconnectr�N)r��processingFailedrrrkr+r�r�s  r$�test_logoutOnErrorz&HTTPAuthHeaderTests.test_logoutOnErrorsE���"�"�$��� � ���8N�)O�!P�Q�������-�-�q�1r%c��|jjtd��|j|jg�}|j
j
dd�t|j|�}|j|t�y)z�
        Resource traversal which enouncters an L{HTTPAuthSessionWrapper}
        results in an L{UnauthorizedResource} when the request has a I{Basic
        Authorization} header which cannot be decoded using base64.
        r�r�sBasic decode should failN)r�r�rr)r�r�r�rr��assertIsInstancer)r0r*r�s   r$�test_decodeRaisesz%HTTPAuthHeaderTests.test_decodeRaisessr��	
� � �'�'�(>�}�(M�N��"�"�D�N�N�#3�4�����+�+��9�	
�#�4�<�<��9�����e�%9�:r%c��d}|j|jj|�d�td�}|jj|�|j|jj|�|df�y)z�
        L{HTTPAuthSessionWrapper._selectParseHeader} returns a two-tuple giving
        the L{ICredentialFactory} to use to parse the header and a string
        containing the portion of the header which remains to be parsed.
        sBasic abcdef123456)NNr�sabcdef123456N)rkr��_selectParseHeaderrr�r�)r0�basicAuthorizationr�s   r$�test_selectParseResponsez,HTTPAuthHeaderTests.test_selectParseResponse$sv��3������L�L�+�+�,>�?��	
�)��7��� � �'�'��0�����L�L�+�+�,>�?�
�o�&�	
r%c�t��tj|t�}Gd�dt��G�fd�d�}|jj|��|j
|jg�}|jjdd�t|j|�}|j|�|j|jd�|jdt!|��|j#|d	d
j$��|jt!|j'���d�y)z�
        Any unexpected exception raised by the credential factory's C{decode}
        method results in a 500 response code and causes the exception to be
        logged.
        c��eZdZy)�KHTTPAuthHeaderTests.test_unexpectedDecodeError.<locals>.UnexpectedExceptionN�rTrUrVrXr%r$�UnexpectedExceptionr=���r%r
c�"��eZdZdZd�Z�fd�Zy)�BHTTPAuthHeaderTests.test_unexpectedDecodeError.<locals>.BadFactorysbadc��iSrrX)r0r_s  r$r~zOHTTPAuthHeaderTests.test_unexpectedDecodeError.<locals>.BadFactory.getChallengeCs���	r%c������rrX)r0rDr*r
s   �r$r?zIHTTPAuthHeaderTests.test_unexpectedDecodeError.<locals>.BadFactory.decodeF����)�+�+r%N)rTrUrVr�r~r?�r
s�r$�
BadFactoryr@s����F�
�
,r%rr�sBad abc��r�r�log_failureN)r
�createWithCleanupr�	Exceptionr�r�r)r�r�r�rr�r�rkr��assertEquals�lenr�value�flushLoggedErrors)r0�logObserverrr*r�r
s     @r$�test_unexpectedDecodeErrorz.HTTPAuthHeaderTests.test_unexpectedDecodeError5s����+�<�<�T�CU�V��	�)�	�	,�	,�	
� � �'�'�
��5��"�"�D�N�N�#3�4�����+�+�,<�j�I�"�4�<�<��9�����u������-�-�s�3����!�S��-�.����k�!�n�]�;�A�A�CV�W�����T�3�3�4G�H�I�1�Mr%c�z��tj|t�}Gd�dt��G�fd�d�}|jj|��|jjtd��|j|jg�}|j|�}|j|�|j|jd�|jdt!|��|j#|dd	j$��|jt!|j'���d�y
)z�
        Any unexpected failure from L{Portal.login} results in a 500 response
        code and causes the failure to be logged.
        c��eZdZy)�JHTTPAuthHeaderTests.test_unexpectedLoginError.<locals>.UnexpectedExceptionNrrXr%r$r
r"Zrr%r
c���eZdZefZ�fd�Zy)�DHTTPAuthHeaderTests.test_unexpectedLoginError.<locals>.BrokenCheckerc������rrX)r0�credentialsr
s  �r$�requestAvatarIdzTHTTPAuthHeaderTests.test_unexpectedLoginError.<locals>.BrokenChecker.requestAvatarId`rr%N)rTrUrVr
�credentialInterfacesr'rs�r$�
BrokenCheckerr$]s���$5�#7� �
,r%r)r�rr�rrN)r
rrrr�registerCheckerr�r�rr)r�r�r�rkr�rrrrr)r0rr)r*r�r
s     @r$�test_unexpectedLoginErrorz-HTTPAuthHeaderTests.test_unexpectedLoginErrorSs����
+�<�<�T�CU�V��	�)�	�	,�	,�	
���#�#�M�O�4�� � �'�'�(>�}�(M�N��"�"�D�N�N�#3�4���*�*�7�3�����u������-�-�s�3����!�S��-�.����k�!�n�]�;�A�A�CV�W�����T�3�3�4G�H�I�1�Mr%c�����d�t��jt<�jtj�jt�d���jjt���jjtd���j�jg��t�j��}�j�}���fd�}|j!|��j#|�|S)zl
        Anonymous requests are allowed if a L{Portal} has an anonymous checker
        registered.
        s*contents of the unprotected child resourcer�r�c�@���j�j�g�yr)rkr�)r�r*r0�unprotectedContentss ���r$r�z<HTTPAuthHeaderTests.test_anonymousAccess.<locals>.cbFinisheds������W�_�_�/B�.C�Dr%)rr�rr�r�rrr*rr�r�rr)rr�r�r�r�)r0r�r�r�r*r.s`   @@r$�test_anonymousAccessz(HTTPAuthHeaderTests.test_anonymousAccessms����
L��"*�*����Y�����Y��(�(��N�N�D�!4�l�C�	
�	
���#�#�$8�$:�;�� � �'�'�(>�}�(M�N��"�"�D�N�N�#3�4��"�4�<�<��9��� � �"��	E�	
�
�
�j�!����u���r%N)rTrUrVrWrr)r1r�r�r�r�r�r�r�r�r�r�r�rrrrr+r/rXr%r$r�r�Dsm����K�U�&9��"�(Q�	
�C��&�(�>�,2�2�;�
�"N�<N�4r%r�)9rWr �zope.interfacer�zope.interface.verifyr�twisted.credrr�twisted.cred.checkersrrr	�twisted.cred.credentialsr
�twisted.internet.addressr�twisted.internet.errorr�twisted.internet.testingr
�twisted.loggerr�twisted.python.failurer�
twisted.trialr�twisted.web._authrr�twisted.web._auth.basicr�twisted.web._auth.wrapperrr�twisted.web.iwebr�twisted.web.resourcerrr�twisted.web.serverr�twisted.web.staticr�twisted.web.test.test_webrr!r'rZ�TestCaserarcr��IRealmr�r�rXr%r$�<module>rEs����
�&�.�&���
7�0�1�9�-�*�"�+�:�R�/�H�H�+�#�2�'�M
�M
�`���\�#6��8I�8I��H+�l�H�$5�$5�H+�VJ.��h�.?�.?�J.�Z�F�M�M����8@�(�+�+�@r%

Zerion Mini Shell 1.0