[CalendarServer-changes] [1247] CalendarServer/trunk/twistedcaldav

source_changes at macosforge.org source_changes at macosforge.org
Thu Feb 22 20:18:05 PST 2007 

Revision: 1247
          http://trac.macosforge.org/projects/calendarserver/changeset/1247
Author:   cdaboo at apple.com
Date:     2007-02-22 20:18:05 -0800 (Thu, 22 Feb 2007)

Log Message:
-----------
Fix error with failure to properly generate error strings. Also add some tests.

Modified Paths:
--------------
    CalendarServer/trunk/twistedcaldav/authkerb.py

Added Paths:
-----------
    CalendarServer/trunk/twistedcaldav/test/test_kerberos.py

Modified: CalendarServer/trunk/twistedcaldav/authkerb.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/authkerb.py	2007-02-23 04:12:49 UTC (rev 1246)
+++ CalendarServer/trunk/twistedcaldav/authkerb.py	2007-02-23 04:18:05 UTC (rev 1247)
@@ -113,7 +113,7 @@
                 kerberos.checkPassword(creds.username, creds.password, creds.service, creds.default_realm)
             except kerberos.BasicAuthError, ex:
                 logging.err("%s" % (ex[0],), system="BasicKerberosCredentialsChecker")
-                raise error.UnauthorizedLogin("Bad credentials for: %s (%s)" % (pcreds.authnURI, ex[0],))
+                raise error.UnauthorizedLogin("Bad credentials for: %s (%s: %s)" % (pcreds.authnURI, ex[0], ex[1],))
             else:
                 return succeed((pcreds.authnURI, pcreds.authzURI,))
         
@@ -156,14 +156,14 @@
         try:
             result, context = kerberos.authGSSServerInit(self.service);
         except kerberos.GSSError, ex:
-            logging.err("authGSSServerInit: %s" % (ex[0][0], ex[1][0],), system="NegotiateCredentialFactory")
+            logging.err("authGSSServerInit: %s(%s)" % (ex[0][0], ex[1][0],), system="NegotiateCredentialFactory")
             raise error.LoginFailed('Authentication System Failure: %s(%s)' % (ex[0][0], ex[1][0],))
 
         # Do the GSSAPI step and get response and username
         try:
             kerberos.authGSSServerStep(context, base64data);
         except kerberos.GSSError, ex:
-            logging.err("authGSSServerStep: %s" % (ex[0][0], ex[1][0],), system="NegotiateCredentialFactory")
+            logging.err("authGSSServerStep: %s(%s)" % (ex[0][0], ex[1][0],), system="NegotiateCredentialFactory")
             kerberos.authGSSServerClean(context)
             raise error.UnauthorizedLogin('Bad credentials: %s(%s)' % (ex[0][0], ex[1][0],))
         except kerberos.KrbError, ex:

Added: CalendarServer/trunk/twistedcaldav/test/test_kerberos.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/test/test_kerberos.py	                        (rev 0)
+++ CalendarServer/trunk/twistedcaldav/test/test_kerberos.py	2007-02-23 04:18:05 UTC (rev 1247)
@@ -0,0 +1,63 @@
+##
+# Copyright (c) 2005-2007 Apple Inc. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# DRI: Cyrus Daboo, cdaboo at apple.com
+##
+from twisted.cred.error import LoginFailed
+
+from twisted.cred.error import UnauthorizedLogin
+from twisted.web2.test.test_server import SimpleRequest
+
+from twistedcaldav import authkerb
+import twistedcaldav.test.util
+
+"""
+We can't test kerberos for real without actually having a working Kerberos infrastructure
+which we are not guaranteed to have for the test.
+"""
+
+class KerberosTests(twistedcaldav.test.util.TestCase):
+
+    def test_BasicKerberosCredentials(self):
+        authkerb.BasicKerberosCredentials("test", "test", "http/example.com at EXAMPLE.COM", "EXAMPLE.COM")
+
+    def test_BasicKerberosCredentialFactory(self):
+        factory = authkerb.BasicKerberosCredentialFactory("http/example.com at EXAMPLE.COM", "EXAMPLE.COM")
+
+        challenge = factory.getChallenge("peer")
+        expected_challenge = {'realm': "EXAMPLE.COM"}
+        self.assertTrue(challenge == expected_challenge,
+                        msg="BasicKerberosCredentialFactory challenge %s != %s" % (challenge, expected_challenge))
+
+    def test_NegotiateCredentials(self):
+        authkerb.NegotiateCredentials("test")
+
+    def test_NegotiateCredentialFactory(self):
+        factory = authkerb.NegotiateCredentialFactory("http/example.com at EXAMPLE.COM", "EXAMPLE.COM")
+
+        challenge = factory.getChallenge("peer")
+        expected_challenge = {}
+        self.assertTrue(challenge == expected_challenge,
+                        msg="NegotiateCredentialFactory challenge %s != %s" % (challenge, expected_challenge))
+
+        request = SimpleRequest(self.site, "GET", "/")
+        try:
+            factory.decode("Bogus Data".encode("base64"), request)
+        except (UnauthorizedLogin, LoginFailed):
+            pass
+        except Exception, ex:
+            self.fail(msg="NegotiateCredentialFactory decode failed with exception: %s" % (ex,))
+        else:
+            self.fail(msg="NegotiateCredentialFactory decode did not fail")

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20070222/f0bb6ea2/attachment.html

More information about the calendarserver-changes mailing list