]>
Commit | Line | Data |
---|---|---|
988aad99 MJC |
1 | #!/bin/sh |
2 | ||
3 | test_description='test http auth header and credential helper interop' | |
4 | ||
5 | . ./test-lib.sh | |
6 | . "$TEST_DIRECTORY"/lib-httpd.sh | |
7 | ||
eb1c42da JK |
8 | enable_cgipassauth |
9 | if ! test_have_prereq CGIPASSAUTH | |
10 | then | |
11 | skip_all="no CGIPassAuth support" | |
12 | test_done | |
13 | fi | |
988aad99 MJC |
14 | start_httpd |
15 | ||
16 | test_expect_success 'setup_credential_helper' ' | |
17 | mkdir "$TRASH_DIRECTORY/bin" && | |
18 | PATH=$PATH:"$TRASH_DIRECTORY/bin" && | |
19 | export PATH && | |
20 | ||
21 | CREDENTIAL_HELPER="$TRASH_DIRECTORY/bin/git-credential-test-helper" && | |
22 | write_script "$CREDENTIAL_HELPER" <<-\EOF | |
23 | cmd=$1 | |
ac4c7cbf | 24 | teefile=$cmd-query-temp.cred |
988aad99 MJC |
25 | catfile=$cmd-reply.cred |
26 | sed -n -e "/^$/q" -e "p" >>$teefile | |
ac4c7cbf | 27 | state=$(sed -ne "s/^state\[\]=helper://p" "$teefile") |
28 | if test -z "$state" | |
29 | then | |
30 | mv "$teefile" "$cmd-query.cred" | |
31 | else | |
32 | mv "$teefile" "$cmd-query-$state.cred" | |
33 | catfile="$cmd-reply-$state.cred" | |
34 | fi | |
988aad99 MJC |
35 | if test "$cmd" = "get" |
36 | then | |
37 | cat $catfile | |
38 | fi | |
39 | EOF | |
40 | ' | |
41 | ||
42 | set_credential_reply () { | |
ac4c7cbf | 43 | local suffix="$(test -n "$2" && echo "-$2")" |
44 | cat >"$TRASH_DIRECTORY/$1-reply$suffix.cred" | |
988aad99 MJC |
45 | } |
46 | ||
47 | expect_credential_query () { | |
ac4c7cbf | 48 | local suffix="$(test -n "$2" && echo "-$2")" |
49 | cat >"$TRASH_DIRECTORY/$1-expect$suffix.cred" && | |
50 | test_cmp "$TRASH_DIRECTORY/$1-expect$suffix.cred" \ | |
51 | "$TRASH_DIRECTORY/$1-query$suffix.cred" | |
988aad99 MJC |
52 | } |
53 | ||
54 | per_test_cleanup () { | |
55 | rm -f *.cred && | |
56 | rm -f "$HTTPD_ROOT_PATH"/custom-auth.valid \ | |
57 | "$HTTPD_ROOT_PATH"/custom-auth.challenge | |
58 | } | |
59 | ||
60 | test_expect_success 'setup repository' ' | |
61 | test_commit foo && | |
62 | git init --bare "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" && | |
63 | git push --mirror "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" | |
64 | ' | |
65 | ||
66 | test_expect_success 'access using basic auth' ' | |
67 | test_when_finished "per_test_cleanup" && | |
68 | ||
69 | set_credential_reply get <<-EOF && | |
70 | username=alice | |
71 | password=secret-passwd | |
72 | EOF | |
73 | ||
74 | # Basic base64(alice:secret-passwd) | |
75 | cat >"$HTTPD_ROOT_PATH/custom-auth.valid" <<-EOF && | |
37417b77 | 76 | id=1 creds=Basic YWxpY2U6c2VjcmV0LXBhc3N3ZA== |
988aad99 MJC |
77 | EOF |
78 | ||
79 | cat >"$HTTPD_ROOT_PATH/custom-auth.challenge" <<-EOF && | |
37417b77 | 80 | id=1 status=200 |
81 | id=default response=WWW-Authenticate: Basic realm="example.com" | |
988aad99 MJC |
82 | EOF |
83 | ||
84 | test_config_global credential.helper test-helper && | |
85 | git ls-remote "$HTTPD_URL/custom_auth/repo.git" && | |
86 | ||
87 | expect_credential_query get <<-EOF && | |
ad9bb6df | 88 | capability[]=authtype |
36f7d865 | 89 | capability[]=state |
988aad99 MJC |
90 | protocol=http |
91 | host=$HTTPD_DEST | |
5f2117b2 MJC |
92 | wwwauth[]=Basic realm="example.com" |
93 | EOF | |
94 | ||
95 | expect_credential_query store <<-EOF | |
96 | protocol=http | |
97 | host=$HTTPD_DEST | |
98 | username=alice | |
99 | password=secret-passwd | |
100 | EOF | |
101 | ' | |
102 | ||
ad9bb6df | 103 | test_expect_success 'access using basic auth via authtype' ' |
104 | test_when_finished "per_test_cleanup" && | |
105 | ||
106 | set_credential_reply get <<-EOF && | |
107 | capability[]=authtype | |
108 | authtype=Basic | |
109 | credential=YWxpY2U6c2VjcmV0LXBhc3N3ZA== | |
110 | EOF | |
111 | ||
112 | # Basic base64(alice:secret-passwd) | |
113 | cat >"$HTTPD_ROOT_PATH/custom-auth.valid" <<-EOF && | |
37417b77 | 114 | id=1 creds=Basic YWxpY2U6c2VjcmV0LXBhc3N3ZA== |
ad9bb6df | 115 | EOF |
116 | ||
117 | cat >"$HTTPD_ROOT_PATH/custom-auth.challenge" <<-EOF && | |
37417b77 | 118 | id=1 status=200 |
119 | id=default response=WWW-Authenticate: Basic realm="example.com" | |
ad9bb6df | 120 | EOF |
121 | ||
122 | test_config_global credential.helper test-helper && | |
123 | GIT_CURL_VERBOSE=1 git ls-remote "$HTTPD_URL/custom_auth/repo.git" && | |
124 | ||
125 | expect_credential_query get <<-EOF && | |
126 | capability[]=authtype | |
36f7d865 | 127 | capability[]=state |
ad9bb6df | 128 | protocol=http |
129 | host=$HTTPD_DEST | |
130 | wwwauth[]=Basic realm="example.com" | |
131 | EOF | |
132 | ||
133 | expect_credential_query store <<-EOF | |
134 | capability[]=authtype | |
135 | authtype=Basic | |
136 | credential=YWxpY2U6c2VjcmV0LXBhc3N3ZA== | |
137 | protocol=http | |
138 | host=$HTTPD_DEST | |
139 | EOF | |
140 | ' | |
141 | ||
5f2117b2 MJC |
142 | test_expect_success 'access using basic auth invalid credentials' ' |
143 | test_when_finished "per_test_cleanup" && | |
144 | ||
145 | set_credential_reply get <<-EOF && | |
146 | username=baduser | |
147 | password=wrong-passwd | |
148 | EOF | |
149 | ||
150 | # Basic base64(alice:secret-passwd) | |
151 | cat >"$HTTPD_ROOT_PATH/custom-auth.valid" <<-EOF && | |
37417b77 | 152 | id=1 creds=Basic YWxpY2U6c2VjcmV0LXBhc3N3ZA== |
5f2117b2 MJC |
153 | EOF |
154 | ||
155 | cat >"$HTTPD_ROOT_PATH/custom-auth.challenge" <<-EOF && | |
37417b77 | 156 | id=1 status=200 |
157 | id=default response=WWW-Authenticate: Basic realm="example.com" | |
5f2117b2 MJC |
158 | EOF |
159 | ||
160 | test_config_global credential.helper test-helper && | |
161 | test_must_fail git ls-remote "$HTTPD_URL/custom_auth/repo.git" && | |
162 | ||
163 | expect_credential_query get <<-EOF && | |
ad9bb6df | 164 | capability[]=authtype |
36f7d865 | 165 | capability[]=state |
5f2117b2 MJC |
166 | protocol=http |
167 | host=$HTTPD_DEST | |
168 | wwwauth[]=Basic realm="example.com" | |
169 | EOF | |
170 | ||
171 | expect_credential_query erase <<-EOF | |
172 | protocol=http | |
173 | host=$HTTPD_DEST | |
174 | username=baduser | |
175 | password=wrong-passwd | |
176 | wwwauth[]=Basic realm="example.com" | |
177 | EOF | |
178 | ' | |
179 | ||
180 | test_expect_success 'access using basic auth with extra challenges' ' | |
181 | test_when_finished "per_test_cleanup" && | |
182 | ||
183 | set_credential_reply get <<-EOF && | |
184 | username=alice | |
185 | password=secret-passwd | |
186 | EOF | |
187 | ||
188 | # Basic base64(alice:secret-passwd) | |
189 | cat >"$HTTPD_ROOT_PATH/custom-auth.valid" <<-EOF && | |
37417b77 | 190 | id=1 creds=Basic YWxpY2U6c2VjcmV0LXBhc3N3ZA== |
5f2117b2 MJC |
191 | EOF |
192 | ||
193 | cat >"$HTTPD_ROOT_PATH/custom-auth.challenge" <<-EOF && | |
37417b77 | 194 | id=1 status=200 |
195 | id=default response=WWW-Authenticate: FooBar param1="value1" param2="value2" | |
196 | id=default response=WWW-Authenticate: Bearer authorize_uri="id.example.com" p=1 q=0 | |
197 | id=default response=WWW-Authenticate: Basic realm="example.com" | |
5f2117b2 MJC |
198 | EOF |
199 | ||
200 | test_config_global credential.helper test-helper && | |
201 | git ls-remote "$HTTPD_URL/custom_auth/repo.git" && | |
202 | ||
203 | expect_credential_query get <<-EOF && | |
ad9bb6df | 204 | capability[]=authtype |
36f7d865 | 205 | capability[]=state |
5f2117b2 MJC |
206 | protocol=http |
207 | host=$HTTPD_DEST | |
208 | wwwauth[]=FooBar param1="value1" param2="value2" | |
209 | wwwauth[]=Bearer authorize_uri="id.example.com" p=1 q=0 | |
210 | wwwauth[]=Basic realm="example.com" | |
211 | EOF | |
212 | ||
213 | expect_credential_query store <<-EOF | |
214 | protocol=http | |
215 | host=$HTTPD_DEST | |
216 | username=alice | |
217 | password=secret-passwd | |
218 | EOF | |
219 | ' | |
220 | ||
221 | test_expect_success 'access using basic auth mixed-case wwwauth header name' ' | |
222 | test_when_finished "per_test_cleanup" && | |
223 | ||
224 | set_credential_reply get <<-EOF && | |
225 | username=alice | |
226 | password=secret-passwd | |
227 | EOF | |
228 | ||
229 | # Basic base64(alice:secret-passwd) | |
230 | cat >"$HTTPD_ROOT_PATH/custom-auth.valid" <<-EOF && | |
37417b77 | 231 | id=1 creds=Basic YWxpY2U6c2VjcmV0LXBhc3N3ZA== |
5f2117b2 MJC |
232 | EOF |
233 | ||
234 | cat >"$HTTPD_ROOT_PATH/custom-auth.challenge" <<-EOF && | |
37417b77 | 235 | id=1 status=200 |
236 | id=default response=www-authenticate: foobar param1="value1" param2="value2" | |
237 | id=default response=WWW-AUTHENTICATE: BEARER authorize_uri="id.example.com" p=1 q=0 | |
238 | id=default response=WwW-aUtHeNtIcAtE: baSiC realm="example.com" | |
5f2117b2 MJC |
239 | EOF |
240 | ||
241 | test_config_global credential.helper test-helper && | |
242 | git ls-remote "$HTTPD_URL/custom_auth/repo.git" && | |
243 | ||
244 | expect_credential_query get <<-EOF && | |
ad9bb6df | 245 | capability[]=authtype |
36f7d865 | 246 | capability[]=state |
5f2117b2 MJC |
247 | protocol=http |
248 | host=$HTTPD_DEST | |
249 | wwwauth[]=foobar param1="value1" param2="value2" | |
250 | wwwauth[]=BEARER authorize_uri="id.example.com" p=1 q=0 | |
251 | wwwauth[]=baSiC realm="example.com" | |
252 | EOF | |
253 | ||
254 | expect_credential_query store <<-EOF | |
255 | protocol=http | |
256 | host=$HTTPD_DEST | |
257 | username=alice | |
258 | password=secret-passwd | |
259 | EOF | |
260 | ' | |
261 | ||
262 | test_expect_success 'access using basic auth with wwwauth header continuations' ' | |
263 | test_when_finished "per_test_cleanup" && | |
264 | ||
265 | set_credential_reply get <<-EOF && | |
266 | username=alice | |
267 | password=secret-passwd | |
268 | EOF | |
269 | ||
270 | # Basic base64(alice:secret-passwd) | |
271 | cat >"$HTTPD_ROOT_PATH/custom-auth.valid" <<-EOF && | |
37417b77 | 272 | id=1 creds=Basic YWxpY2U6c2VjcmV0LXBhc3N3ZA== |
5f2117b2 MJC |
273 | EOF |
274 | ||
275 | # Note that leading and trailing whitespace is important to correctly | |
276 | # simulate a continuation/folded header. | |
277 | cat >"$HTTPD_ROOT_PATH/custom-auth.challenge" <<-EOF && | |
37417b77 | 278 | id=1 status=200 |
279 | id=default response=WWW-Authenticate: FooBar param1="value1" | |
280 | id=default response= param2="value2" | |
281 | id=default response=WWW-Authenticate: Bearer authorize_uri="id.example.com" | |
282 | id=default response= p=1 | |
283 | id=default response= q=0 | |
284 | id=default response=WWW-Authenticate: Basic realm="example.com" | |
5f2117b2 MJC |
285 | EOF |
286 | ||
287 | test_config_global credential.helper test-helper && | |
288 | git ls-remote "$HTTPD_URL/custom_auth/repo.git" && | |
289 | ||
290 | expect_credential_query get <<-EOF && | |
ad9bb6df | 291 | capability[]=authtype |
36f7d865 | 292 | capability[]=state |
5f2117b2 MJC |
293 | protocol=http |
294 | host=$HTTPD_DEST | |
295 | wwwauth[]=FooBar param1="value1" param2="value2" | |
296 | wwwauth[]=Bearer authorize_uri="id.example.com" p=1 q=0 | |
297 | wwwauth[]=Basic realm="example.com" | |
298 | EOF | |
299 | ||
300 | expect_credential_query store <<-EOF | |
301 | protocol=http | |
302 | host=$HTTPD_DEST | |
303 | username=alice | |
304 | password=secret-passwd | |
305 | EOF | |
306 | ' | |
307 | ||
308 | test_expect_success 'access using basic auth with wwwauth header empty continuations' ' | |
309 | test_when_finished "per_test_cleanup" && | |
310 | ||
311 | set_credential_reply get <<-EOF && | |
312 | username=alice | |
313 | password=secret-passwd | |
314 | EOF | |
315 | ||
316 | # Basic base64(alice:secret-passwd) | |
317 | cat >"$HTTPD_ROOT_PATH/custom-auth.valid" <<-EOF && | |
37417b77 | 318 | id=1 creds=Basic YWxpY2U6c2VjcmV0LXBhc3N3ZA== |
5f2117b2 MJC |
319 | EOF |
320 | ||
321 | CHALLENGE="$HTTPD_ROOT_PATH/custom-auth.challenge" && | |
322 | ||
323 | # Note that leading and trailing whitespace is important to correctly | |
324 | # simulate a continuation/folded header. | |
37417b77 | 325 | printf "id=1 status=200\n" >"$CHALLENGE" && |
326 | printf "id=default response=WWW-Authenticate: FooBar param1=\"value1\"\r\n" >>"$CHALLENGE" && | |
327 | printf "id=default response= \r\n" >>"$CHALLENGE" && | |
328 | printf "id=default response= param2=\"value2\"\r\n" >>"$CHALLENGE" && | |
329 | printf "id=default response=WWW-Authenticate: Bearer authorize_uri=\"id.example.com\"\r\n" >>"$CHALLENGE" && | |
330 | printf "id=default response= p=1\r\n" >>"$CHALLENGE" && | |
331 | printf "id=default response= \r\n" >>"$CHALLENGE" && | |
332 | printf "id=default response= q=0\r\n" >>"$CHALLENGE" && | |
333 | printf "id=default response=WWW-Authenticate: Basic realm=\"example.com\"\r\n" >>"$CHALLENGE" && | |
5f2117b2 MJC |
334 | |
335 | test_config_global credential.helper test-helper && | |
336 | git ls-remote "$HTTPD_URL/custom_auth/repo.git" && | |
337 | ||
338 | expect_credential_query get <<-EOF && | |
ad9bb6df | 339 | capability[]=authtype |
36f7d865 | 340 | capability[]=state |
5f2117b2 MJC |
341 | protocol=http |
342 | host=$HTTPD_DEST | |
343 | wwwauth[]=FooBar param1="value1" param2="value2" | |
344 | wwwauth[]=Bearer authorize_uri="id.example.com" p=1 q=0 | |
345 | wwwauth[]=Basic realm="example.com" | |
346 | EOF | |
347 | ||
348 | expect_credential_query store <<-EOF | |
349 | protocol=http | |
350 | host=$HTTPD_DEST | |
351 | username=alice | |
352 | password=secret-passwd | |
353 | EOF | |
354 | ' | |
355 | ||
356 | test_expect_success 'access using basic auth with wwwauth header mixed line-endings' ' | |
357 | test_when_finished "per_test_cleanup" && | |
358 | ||
359 | set_credential_reply get <<-EOF && | |
360 | username=alice | |
361 | password=secret-passwd | |
362 | EOF | |
363 | ||
364 | # Basic base64(alice:secret-passwd) | |
365 | cat >"$HTTPD_ROOT_PATH/custom-auth.valid" <<-EOF && | |
37417b77 | 366 | id=1 creds=Basic YWxpY2U6c2VjcmV0LXBhc3N3ZA== |
5f2117b2 MJC |
367 | EOF |
368 | ||
369 | CHALLENGE="$HTTPD_ROOT_PATH/custom-auth.challenge" && | |
370 | ||
371 | # Note that leading and trailing whitespace is important to correctly | |
372 | # simulate a continuation/folded header. | |
37417b77 | 373 | printf "id=1 status=200\n" >"$CHALLENGE" && |
374 | printf "id=default response=WWW-Authenticate: FooBar param1=\"value1\"\r\n" >>"$CHALLENGE" && | |
375 | printf "id=default response= \r\n" >>"$CHALLENGE" && | |
376 | printf "id=default response=\tparam2=\"value2\"\r\n" >>"$CHALLENGE" && | |
377 | printf "id=default response=WWW-Authenticate: Basic realm=\"example.com\"" >>"$CHALLENGE" && | |
5f2117b2 MJC |
378 | |
379 | test_config_global credential.helper test-helper && | |
380 | git ls-remote "$HTTPD_URL/custom_auth/repo.git" && | |
381 | ||
382 | expect_credential_query get <<-EOF && | |
ad9bb6df | 383 | capability[]=authtype |
36f7d865 | 384 | capability[]=state |
5f2117b2 MJC |
385 | protocol=http |
386 | host=$HTTPD_DEST | |
387 | wwwauth[]=FooBar param1="value1" param2="value2" | |
388 | wwwauth[]=Basic realm="example.com" | |
988aad99 MJC |
389 | EOF |
390 | ||
391 | expect_credential_query store <<-EOF | |
392 | protocol=http | |
393 | host=$HTTPD_DEST | |
394 | username=alice | |
395 | password=secret-passwd | |
396 | EOF | |
397 | ' | |
398 | ||
ad9bb6df | 399 | test_expect_success 'access using bearer auth' ' |
400 | test_when_finished "per_test_cleanup" && | |
401 | ||
402 | set_credential_reply get <<-EOF && | |
403 | capability[]=authtype | |
404 | authtype=Bearer | |
405 | credential=YS1naXQtdG9rZW4= | |
406 | EOF | |
407 | ||
408 | # Basic base64(a-git-token) | |
409 | cat >"$HTTPD_ROOT_PATH/custom-auth.valid" <<-EOF && | |
37417b77 | 410 | id=1 creds=Bearer YS1naXQtdG9rZW4= |
ad9bb6df | 411 | EOF |
412 | ||
413 | CHALLENGE="$HTTPD_ROOT_PATH/custom-auth.challenge" && | |
414 | ||
415 | cat >"$HTTPD_ROOT_PATH/custom-auth.challenge" <<-EOF && | |
37417b77 | 416 | id=1 status=200 |
417 | id=default response=WWW-Authenticate: FooBar param1="value1" param2="value2" | |
418 | id=default response=WWW-Authenticate: Bearer authorize_uri="id.example.com" p=1 q=0 | |
419 | id=default response=WWW-Authenticate: Basic realm="example.com" | |
ad9bb6df | 420 | EOF |
421 | ||
422 | test_config_global credential.helper test-helper && | |
423 | git ls-remote "$HTTPD_URL/custom_auth/repo.git" && | |
424 | ||
425 | expect_credential_query get <<-EOF && | |
426 | capability[]=authtype | |
36f7d865 | 427 | capability[]=state |
ad9bb6df | 428 | protocol=http |
429 | host=$HTTPD_DEST | |
430 | wwwauth[]=FooBar param1="value1" param2="value2" | |
431 | wwwauth[]=Bearer authorize_uri="id.example.com" p=1 q=0 | |
432 | wwwauth[]=Basic realm="example.com" | |
433 | EOF | |
434 | ||
435 | expect_credential_query store <<-EOF | |
436 | capability[]=authtype | |
437 | authtype=Bearer | |
438 | credential=YS1naXQtdG9rZW4= | |
439 | protocol=http | |
440 | host=$HTTPD_DEST | |
441 | EOF | |
442 | ' | |
443 | ||
444 | test_expect_success 'access using bearer auth with invalid credentials' ' | |
445 | test_when_finished "per_test_cleanup" && | |
446 | ||
447 | set_credential_reply get <<-EOF && | |
448 | capability[]=authtype | |
449 | authtype=Bearer | |
450 | credential=incorrect-token | |
451 | EOF | |
452 | ||
453 | # Basic base64(a-git-token) | |
454 | cat >"$HTTPD_ROOT_PATH/custom-auth.valid" <<-EOF && | |
37417b77 | 455 | id=1 creds=Bearer YS1naXQtdG9rZW4= |
ad9bb6df | 456 | EOF |
457 | ||
458 | CHALLENGE="$HTTPD_ROOT_PATH/custom-auth.challenge" && | |
459 | ||
460 | cat >"$HTTPD_ROOT_PATH/custom-auth.challenge" <<-EOF && | |
37417b77 | 461 | id=1 status=200 |
462 | id=default response=WWW-Authenticate: FooBar param1="value1" param2="value2" | |
463 | id=default response=WWW-Authenticate: Bearer authorize_uri="id.example.com" p=1 q=0 | |
464 | id=default response=WWW-Authenticate: Basic realm="example.com" | |
ad9bb6df | 465 | EOF |
466 | ||
467 | test_config_global credential.helper test-helper && | |
468 | test_must_fail git ls-remote "$HTTPD_URL/custom_auth/repo.git" && | |
469 | ||
470 | expect_credential_query get <<-EOF && | |
471 | capability[]=authtype | |
36f7d865 | 472 | capability[]=state |
ad9bb6df | 473 | protocol=http |
474 | host=$HTTPD_DEST | |
475 | wwwauth[]=FooBar param1="value1" param2="value2" | |
476 | wwwauth[]=Bearer authorize_uri="id.example.com" p=1 q=0 | |
477 | wwwauth[]=Basic realm="example.com" | |
478 | EOF | |
479 | ||
480 | expect_credential_query erase <<-EOF | |
481 | capability[]=authtype | |
482 | authtype=Bearer | |
483 | credential=incorrect-token | |
484 | protocol=http | |
485 | host=$HTTPD_DEST | |
486 | wwwauth[]=FooBar param1="value1" param2="value2" | |
487 | wwwauth[]=Bearer authorize_uri="id.example.com" p=1 q=0 | |
488 | wwwauth[]=Basic realm="example.com" | |
489 | EOF | |
490 | ' | |
491 | ||
ac4c7cbf | 492 | test_expect_success 'access using three-legged auth' ' |
493 | test_when_finished "per_test_cleanup" && | |
494 | ||
495 | set_credential_reply get <<-EOF && | |
496 | capability[]=authtype | |
497 | capability[]=state | |
498 | authtype=Multistage | |
499 | credential=YS1naXQtdG9rZW4= | |
500 | state[]=helper:foobar | |
501 | continue=1 | |
502 | EOF | |
503 | ||
504 | set_credential_reply get foobar <<-EOF && | |
505 | capability[]=authtype | |
506 | capability[]=state | |
507 | authtype=Multistage | |
508 | credential=YW5vdGhlci10b2tlbg== | |
509 | state[]=helper:bazquux | |
510 | EOF | |
511 | ||
512 | cat >"$HTTPD_ROOT_PATH/custom-auth.valid" <<-EOF && | |
513 | id=1 creds=Multistage YS1naXQtdG9rZW4= | |
514 | id=2 creds=Multistage YW5vdGhlci10b2tlbg== | |
515 | EOF | |
516 | ||
517 | CHALLENGE="$HTTPD_ROOT_PATH/custom-auth.challenge" && | |
518 | ||
519 | cat >"$HTTPD_ROOT_PATH/custom-auth.challenge" <<-EOF && | |
520 | id=1 status=401 response=WWW-Authenticate: Multistage challenge="456" | |
521 | id=1 status=401 response=WWW-Authenticate: Bearer authorize_uri="id.example.com" p=1 q=0 | |
522 | id=2 status=200 | |
523 | id=default response=WWW-Authenticate: Multistage challenge="123" | |
524 | id=default response=WWW-Authenticate: Bearer authorize_uri="id.example.com" p=1 q=0 | |
525 | EOF | |
526 | ||
527 | test_config_global credential.helper test-helper && | |
528 | git ls-remote "$HTTPD_URL/custom_auth/repo.git" && | |
529 | ||
530 | expect_credential_query get <<-EOF && | |
531 | capability[]=authtype | |
532 | capability[]=state | |
533 | protocol=http | |
534 | host=$HTTPD_DEST | |
535 | wwwauth[]=Multistage challenge="123" | |
536 | wwwauth[]=Bearer authorize_uri="id.example.com" p=1 q=0 | |
537 | EOF | |
538 | ||
539 | expect_credential_query get foobar <<-EOF && | |
540 | capability[]=authtype | |
541 | capability[]=state | |
542 | authtype=Multistage | |
543 | protocol=http | |
544 | host=$HTTPD_DEST | |
545 | wwwauth[]=Multistage challenge="456" | |
546 | wwwauth[]=Bearer authorize_uri="id.example.com" p=1 q=0 | |
547 | state[]=helper:foobar | |
548 | EOF | |
549 | ||
550 | expect_credential_query store bazquux <<-EOF | |
551 | capability[]=authtype | |
552 | capability[]=state | |
553 | authtype=Multistage | |
554 | credential=YW5vdGhlci10b2tlbg== | |
555 | protocol=http | |
556 | host=$HTTPD_DEST | |
557 | state[]=helper:bazquux | |
558 | EOF | |
559 | ' | |
560 | ||
988aad99 | 561 | test_done |