diff options
Diffstat (limited to 'toolkit/components/passwordmgr/test/authenticate.sjs')
-rw-r--r-- | toolkit/components/passwordmgr/test/authenticate.sjs | 228 |
1 files changed, 0 insertions, 228 deletions
diff --git a/toolkit/components/passwordmgr/test/authenticate.sjs b/toolkit/components/passwordmgr/test/authenticate.sjs deleted file mode 100644 index 42edc3220..000000000 --- a/toolkit/components/passwordmgr/test/authenticate.sjs +++ /dev/null @@ -1,228 +0,0 @@ -function handleRequest(request, response) -{ - try { - reallyHandleRequest(request, response); - } catch (e) { - response.setStatusLine("1.0", 200, "AlmostOK"); - response.write("Error handling request: " + e); - } -} - - -function reallyHandleRequest(request, response) { - var match; - var requestAuth = true, requestProxyAuth = true; - - // Allow the caller to drive how authentication is processed via the query. - // Eg, http://localhost:8888/authenticate.sjs?user=foo&realm=bar - // The extra ? allows the user/pass/realm checks to succeed if the name is - // at the beginning of the query string. - var query = "?" + request.queryString; - - var expected_user = "", expected_pass = "", realm = "mochitest"; - var proxy_expected_user = "", proxy_expected_pass = "", proxy_realm = "mochi-proxy"; - var huge = false, plugin = false, anonymous = false, formauth = false; - var authHeaderCount = 1; - // user=xxx - match = /[^_]user=([^&]*)/.exec(query); - if (match) - expected_user = match[1]; - - // pass=xxx - match = /[^_]pass=([^&]*)/.exec(query); - if (match) - expected_pass = match[1]; - - // realm=xxx - match = /[^_]realm=([^&]*)/.exec(query); - if (match) - realm = match[1]; - - // proxy_user=xxx - match = /proxy_user=([^&]*)/.exec(query); - if (match) - proxy_expected_user = match[1]; - - // proxy_pass=xxx - match = /proxy_pass=([^&]*)/.exec(query); - if (match) - proxy_expected_pass = match[1]; - - // proxy_realm=xxx - match = /proxy_realm=([^&]*)/.exec(query); - if (match) - proxy_realm = match[1]; - - // huge=1 - match = /huge=1/.exec(query); - if (match) - huge = true; - - // plugin=1 - match = /plugin=1/.exec(query); - if (match) - plugin = true; - - // multiple=1 - match = /multiple=([^&]*)/.exec(query); - if (match) - authHeaderCount = match[1]+0; - - // anonymous=1 - match = /anonymous=1/.exec(query); - if (match) - anonymous = true; - - // formauth=1 - match = /formauth=1/.exec(query); - if (match) - formauth = true; - - // Look for an authentication header, if any, in the request. - // - // EG: Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ== - // - // This test only supports Basic auth. The value sent by the client is - // "username:password", obscured with base64 encoding. - - var actual_user = "", actual_pass = "", authHeader, authPresent = false; - if (request.hasHeader("Authorization")) { - authPresent = true; - authHeader = request.getHeader("Authorization"); - match = /Basic (.+)/.exec(authHeader); - if (match.length != 2) - throw new Error("Couldn't parse auth header: " + authHeader); - - var userpass = base64ToString(match[1]); // no atob() :-( - match = /(.*):(.*)/.exec(userpass); - if (match.length != 3) - throw new Error("Couldn't decode auth header: " + userpass); - actual_user = match[1]; - actual_pass = match[2]; - } - - var proxy_actual_user = "", proxy_actual_pass = ""; - if (request.hasHeader("Proxy-Authorization")) { - authHeader = request.getHeader("Proxy-Authorization"); - match = /Basic (.+)/.exec(authHeader); - if (match.length != 2) - throw new Error("Couldn't parse auth header: " + authHeader); - - var userpass = base64ToString(match[1]); // no atob() :-( - match = /(.*):(.*)/.exec(userpass); - if (match.length != 3) - throw new Error("Couldn't decode auth header: " + userpass); - proxy_actual_user = match[1]; - proxy_actual_pass = match[2]; - } - - // Don't request authentication if the credentials we got were what we - // expected. - if (expected_user == actual_user && - expected_pass == actual_pass) { - requestAuth = false; - } - if (proxy_expected_user == proxy_actual_user && - proxy_expected_pass == proxy_actual_pass) { - requestProxyAuth = false; - } - - if (anonymous) { - if (authPresent) { - response.setStatusLine("1.0", 400, "Unexpected authorization header found"); - } else { - response.setStatusLine("1.0", 200, "Authorization header not found"); - } - } else { - if (requestProxyAuth) { - response.setStatusLine("1.0", 407, "Proxy authentication required"); - for (i = 0; i < authHeaderCount; ++i) - response.setHeader("Proxy-Authenticate", "basic realm=\"" + proxy_realm + "\"", true); - } else if (requestAuth) { - if (formauth && authPresent) - response.setStatusLine("1.0", 403, "Form authentication required"); - else - response.setStatusLine("1.0", 401, "Authentication required"); - for (i = 0; i < authHeaderCount; ++i) - response.setHeader("WWW-Authenticate", "basic realm=\"" + realm + "\"", true); - } else { - response.setStatusLine("1.0", 200, "OK"); - } - } - - response.setHeader("Content-Type", "application/xhtml+xml", false); - response.write("<html xmlns='http://www.w3.org/1999/xhtml'>"); - response.write("<p>Login: <span id='ok'>" + (requestAuth ? "FAIL" : "PASS") + "</span></p>\n"); - response.write("<p>Proxy: <span id='proxy'>" + (requestProxyAuth ? "FAIL" : "PASS") + "</span></p>\n"); - response.write("<p>Auth: <span id='auth'>" + authHeader + "</span></p>\n"); - response.write("<p>User: <span id='user'>" + actual_user + "</span></p>\n"); - response.write("<p>Pass: <span id='pass'>" + actual_pass + "</span></p>\n"); - - if (huge) { - response.write("<div style='display: none'>"); - for (i = 0; i < 100000; i++) { - response.write("123456789\n"); - } - response.write("</div>"); - response.write("<span id='footnote'>This is a footnote after the huge content fill</span>"); - } - - if (plugin) { - response.write("<embed id='embedtest' style='width: 400px; height: 100px;' " + - "type='application/x-test'></embed>\n"); - } - - response.write("</html>"); -} - - -// base64 decoder -// -// Yoinked from extensions/xml-rpc/src/nsXmlRpcClient.js because btoa() -// doesn't seem to exist. :-( -/* Convert Base64 data to a string */ -const toBinaryTable = [ - -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, - -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, - -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,62, -1,-1,-1,63, - 52,53,54,55, 56,57,58,59, 60,61,-1,-1, -1, 0,-1,-1, - -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,10, 11,12,13,14, - 15,16,17,18, 19,20,21,22, 23,24,25,-1, -1,-1,-1,-1, - -1,26,27,28, 29,30,31,32, 33,34,35,36, 37,38,39,40, - 41,42,43,44, 45,46,47,48, 49,50,51,-1, -1,-1,-1,-1 -]; -const base64Pad = '='; - -function base64ToString(data) { - - var result = ''; - var leftbits = 0; // number of bits decoded, but yet to be appended - var leftdata = 0; // bits decoded, but yet to be appended - - // Convert one by one. - for (var i = 0; i < data.length; i++) { - var c = toBinaryTable[data.charCodeAt(i) & 0x7f]; - var padding = (data[i] == base64Pad); - // Skip illegal characters and whitespace - if (c == -1) continue; - - // Collect data into leftdata, update bitcount - leftdata = (leftdata << 6) | c; - leftbits += 6; - - // If we have 8 or more bits, append 8 bits to the result - if (leftbits >= 8) { - leftbits -= 8; - // Append if not padding. - if (!padding) - result += String.fromCharCode((leftdata >> leftbits) & 0xff); - leftdata &= (1 << leftbits) - 1; - } - } - - // If there are any bits left, the base64 string was corrupted - if (leftbits) - throw Components.Exception('Corrupted base64 string'); - - return result; -} |