mirror of
https://github.com/status-im/nim-chronos.git
synced 2025-01-23 09:48:54 +00:00
Basic authorization implementation for HTTP client. (#204)
* Basic authorization implementation for HTTP client. Add tests for basic authorization. * Bump chronos version to 3.0.5.
This commit is contained in:
parent
f7dd6b76c2
commit
15137f71c3
@ -1,5 +1,5 @@
|
|||||||
packageName = "chronos"
|
packageName = "chronos"
|
||||||
version = "3.0.4"
|
version = "3.0.5"
|
||||||
author = "Status Research & Development GmbH"
|
author = "Status Research & Development GmbH"
|
||||||
description = "Chronos"
|
description = "Chronos"
|
||||||
license = "Apache License 2.0 or MIT"
|
license = "Apache License 2.0 or MIT"
|
||||||
|
@ -7,7 +7,7 @@
|
|||||||
# Apache License, version 2.0, (LICENSE-APACHEv2)
|
# Apache License, version 2.0, (LICENSE-APACHEv2)
|
||||||
# MIT license (LICENSE-MIT)
|
# MIT license (LICENSE-MIT)
|
||||||
import std/[uri, tables, strutils, sequtils]
|
import std/[uri, tables, strutils, sequtils]
|
||||||
import stew/[results, base10], httputils
|
import stew/[results, base10, base64], httputils
|
||||||
import ../../asyncloop, ../../asyncsync
|
import ../../asyncloop, ../../asyncsync
|
||||||
import ../../streams/[asyncstream, tlsstream, chunkstream, boundstream]
|
import ../../streams/[asyncstream, tlsstream, chunkstream, boundstream]
|
||||||
import httptable, httpcommon, httpagent, httpbodyrw, multipart
|
import httptable, httpcommon, httpagent, httpbodyrw, multipart
|
||||||
@ -846,28 +846,34 @@ proc prepareRequest(request: HttpClientRequestRef): string {.
|
|||||||
toLowerAscii(request.headers.getString(TransferEncodingHeader)) == "chunked"
|
toLowerAscii(request.headers.getString(TransferEncodingHeader)) == "chunked"
|
||||||
|
|
||||||
# We use ChronosIdent as `User-Agent` string if its not set.
|
# We use ChronosIdent as `User-Agent` string if its not set.
|
||||||
if UserAgentHeader notin request.headers:
|
|
||||||
discard request.headers.hasKeyOrPut(UserAgentHeader, ChronosIdent)
|
discard request.headers.hasKeyOrPut(UserAgentHeader, ChronosIdent)
|
||||||
# We use request's hostname as `Host` string if its not set.
|
# We use request's hostname as `Host` string if its not set.
|
||||||
if HostHeader notin request.headers:
|
|
||||||
discard request.headers.hasKeyOrPut(HostHeader, request.address.hostname)
|
discard request.headers.hasKeyOrPut(HostHeader, request.address.hostname)
|
||||||
# We set `Connection` to value according to flags if its not set.
|
# We set `Connection` to value according to flags if its not set.
|
||||||
if ConnectionHeader notin request.headers:
|
if ConnectionHeader notin request.headers:
|
||||||
if HttpClientRequestFlag.CloseConnection in request.flags:
|
if HttpClientRequestFlag.CloseConnection in request.flags:
|
||||||
discard request.headers.hasKeyOrPut(ConnectionHeader, "close")
|
request.headers.add(ConnectionHeader, "close")
|
||||||
else:
|
else:
|
||||||
discard request.headers.hasKeyOrPut(ConnectionHeader, "keep-alive")
|
request.headers.add(ConnectionHeader, "keep-alive")
|
||||||
# We set `Accept` to accept any content if its not set.
|
# We set `Accept` to accept any content if its not set.
|
||||||
if AcceptHeader notin request.headers:
|
|
||||||
discard request.headers.hasKeyOrPut(AcceptHeader, "*/*")
|
discard request.headers.hasKeyOrPut(AcceptHeader, "*/*")
|
||||||
|
|
||||||
|
# We will send `Authorization` information only if username or password set,
|
||||||
|
# and `Authorization` header is not present in request's headers.
|
||||||
|
if len(request.address.username) > 0 or len(request.address.password) > 0:
|
||||||
|
if AuthorizationHeader notin request.headers:
|
||||||
|
let auth = request.address.username & ":" & request.address.password
|
||||||
|
let header = "Basic " &
|
||||||
|
Base64Pad.encode(auth.toOpenArrayByte(0, len(auth) - 1))
|
||||||
|
request.headers.add(AuthorizationHeader, header)
|
||||||
|
|
||||||
# Here we perform automatic detection: if request was created with non-zero
|
# Here we perform automatic detection: if request was created with non-zero
|
||||||
# body and `Content-Length` header is missing we will create one with size
|
# body and `Content-Length` header is missing we will create one with size
|
||||||
# of body stored in request.
|
# of body stored in request.
|
||||||
if ContentLengthHeader notin request.headers:
|
if ContentLengthHeader notin request.headers:
|
||||||
if len(request.buffer) > 0:
|
if len(request.buffer) > 0:
|
||||||
let slength = Base10.toString(uint64(len(request.buffer)))
|
let slength = Base10.toString(uint64(len(request.buffer)))
|
||||||
discard request.headers.hasKeyOrPut(ContentLengthHeader, slength)
|
request.headers.add(ContentLengthHeader, slength)
|
||||||
|
|
||||||
request.bodyFlag =
|
request.bodyFlag =
|
||||||
if ContentLengthHeader in request.headers:
|
if ContentLengthHeader in request.headers:
|
||||||
|
@ -30,6 +30,7 @@ const
|
|||||||
ExpectHeader* = "expect"
|
ExpectHeader* = "expect"
|
||||||
ServerHeader* = "server"
|
ServerHeader* = "server"
|
||||||
LocationHeader* = "location"
|
LocationHeader* = "location"
|
||||||
|
AuthorizationHeader* = "authorization"
|
||||||
|
|
||||||
UrlEncodedContentType* = "application/x-www-form-urlencoded"
|
UrlEncodedContentType* = "application/x-www-form-urlencoded"
|
||||||
MultipartContentType* = "multipart/form-data"
|
MultipartContentType* = "multipart/form-data"
|
||||||
|
@ -688,6 +688,17 @@ suite "HTTP client testing suite":
|
|||||||
await server.closeWait()
|
await server.closeWait()
|
||||||
return "redirect-" & $res
|
return "redirect-" & $res
|
||||||
|
|
||||||
|
proc testBasicAuthorization(): Future[bool] {.async.} =
|
||||||
|
var session = createSession(true, maxRedirections = 10)
|
||||||
|
let url = parseUri("https://guest:guest@jigsaw.w3.org/HTTP/Basic/")
|
||||||
|
let resp = await session.fetch(url)
|
||||||
|
await session.closeWait()
|
||||||
|
if (resp.status == 200) and
|
||||||
|
("Your browser made it!" in cast[string](resp.data)):
|
||||||
|
return true
|
||||||
|
else:
|
||||||
|
return false
|
||||||
|
|
||||||
test "HTTP all request methods test":
|
test "HTTP all request methods test":
|
||||||
let address = initTAddress("127.0.0.1:30080")
|
let address = initTAddress("127.0.0.1:30080")
|
||||||
check waitFor(testMethods(address, false)) == 18
|
check waitFor(testMethods(address, false)) == 18
|
||||||
@ -752,6 +763,9 @@ suite "HTTP client testing suite":
|
|||||||
let address = initTAddress("127.0.0.1:30080")
|
let address = initTAddress("127.0.0.1:30080")
|
||||||
check waitFor(testRequestRedirectTest(address, true, 4)) == "redirect-true"
|
check waitFor(testRequestRedirectTest(address, true, 4)) == "redirect-true"
|
||||||
|
|
||||||
|
test "HTTPS basic authorization test":
|
||||||
|
check waitFor(testBasicAuthorization()) == true
|
||||||
|
|
||||||
test "Leaks test":
|
test "Leaks test":
|
||||||
proc getTrackerLeaks(tracker: string): bool =
|
proc getTrackerLeaks(tracker: string): bool =
|
||||||
let tracker = getTracker(tracker)
|
let tracker = getTracker(tracker)
|
||||||
|
Loading…
x
Reference in New Issue
Block a user