Add basic auth test

Signed-off-by: Simo Sorce <simo@redhat.com>

diff --git a/tests/httpd.conf b/tests/httpd.conf
index 517203f..77701f9 100644 (file)
--- a/tests/httpd.conf
+++ b/tests/httpd.conf
@@ -132,3 +132,15 @@ CoreDumpDirectory /tmp
   Require valid-user
 </Location>
 
   Require valid-user
 </Location>
 

+<Location /basic_auth_krb5>
+  AuthType GSSAPI
+  AuthName "Password Login"
+  GssapiSSLonly Off
+  GssapiCredStore ccache:${HTTPROOT}/tmp/httpd_krb5_ccache
+  GssapiCredStore client_keytab:${HTTPROOT}/http.keytab
+  GssapiCredStore keytab:${HTTPROOT}/http.keytab
+  GssapiBasicAuth On
+  GssapiBasicAuthMech krb5
+  Require valid-user
+</Location>
+

diff --git a/tests/magtests.py b/tests/magtests.py
index 4d4cb49..27f55f2 100755 (executable)
--- a/tests/magtests.py
+++ b/tests/magtests.py
@@ -135,7 +135,8 @@ def setup_kdc(testdir, wrapenv):
 
     kdcenv = {'PATH': '/sbin:/bin:/usr/sbin:/usr/bin',
               'KRB5_CONFIG': krb5conf,
 
     kdcenv = {'PATH': '/sbin:/bin:/usr/sbin:/usr/bin',
               'KRB5_CONFIG': krb5conf,

-              'KRB5_KDC_PROFILE': kdcconf}
+              'KRB5_KDC_PROFILE': kdcconf,
+              'KRB5_TRACE': os.path.join(testdir, 'krbtrace.log')}

     kdcenv.update(wrapenv)
 
     with (open(testlog, 'a')) as logfile:
     kdcenv.update(wrapenv)
 
     with (open(testlog, 'a')) as logfile:


@@ -263,6 +264,23 @@ def test_spnego_auth(testdir, testenv, testlog):
             sys.stderr.write('SPNEGO: SUCCESS\n')
 
 
             sys.stderr.write('SPNEGO: SUCCESS\n')
 
 

+def test_basic_auth_krb5(testdir, testenv, testlog):
+
+    basicdir = os.path.join(testdir, 'httpd', 'html', 'basic_auth_krb5')
+    os.mkdir(basicdir)
+    shutil.copy('tests/index.html', basicdir)
+
+    with (open(testlog, 'a')) as logfile:
+        basick5 = subprocess.Popen(["tests/t_basic_k5.py"],
+                                   stdout=logfile, stderr=logfile,
+                                   env=testenv, preexec_fn=os.setsid)
+        basick5.wait()
+        if basick5.returncode != 0:
+            sys.stderr.write('BASIC-AUTH: FAILED\n')
+        else:
+            sys.stderr.write('BASIC-AUTH: SUCCESS\n')
+
+

 if __name__ == '__main__':
 
     args = parse_args()
 if __name__ == '__main__':
 
     args = parse_args()


@@ -282,7 +300,7 @@ if __name__ == '__main__':
         kdcproc, kdcenv = setup_kdc(testdir, wrapenv)
         processes['KDC(%d)' % kdcproc.pid] = kdcproc
 
         kdcproc, kdcenv = setup_kdc(testdir, wrapenv)
         processes['KDC(%d)' % kdcproc.pid] = kdcproc
 

-        httpproc = setup_http(testdir, wrapenv)
+        httpproc = setup_http(testdir, kdcenv)

         processes['HTTPD(%d)' % httpproc.pid] = httpproc
 
         keysenv = setup_keys(testdir, kdcenv)
         processes['HTTPD(%d)' % httpproc.pid] = httpproc
 
         keysenv = setup_keys(testdir, kdcenv)


@@ -290,6 +308,12 @@ if __name__ == '__main__':
 
         test_spnego_auth(testdir, testenv, testlog)
 
 
         test_spnego_auth(testdir, testenv, testlog)
 

+
+        testenv = {'MAG_USER_NAME': USR_NAME,
+                   'MAG_USER_PASSWORD': USR_PWD}
+        testenv.update(kdcenv)
+        test_basic_auth_krb5(testdir, testenv, testlog)
+

     finally:
         with (open(testlog, 'a')) as logfile:
             for name in processes:
     finally:
         with (open(testlog, 'a')) as logfile:
             for name in processes:

diff --git a/tests/t_basic_k5.py b/tests/t_basic_k5.py
new file mode 100755 (executable)
index 0000000..8e4646d
--- /dev/null
+++ b/tests/t_basic_k5.py
@@ -0,0 +1,14 @@
+#!/usr/bin/python
+# Copyright (C) 2015 - mod_auth_gssapi contributors, see COPYING for license.
+
+import os
+import requests
+from requests.auth import HTTPBasicAuth
+
+
+if __name__ == '__main__':
+    url = 'http://%s/basic_auth_krb5/' % os.environ['NSS_WRAPPER_HOSTNAME']
+    r = requests.get(url, auth=HTTPBasicAuth(os.environ['MAG_USER_NAME'],
+                                             os.environ['MAG_USER_PASSWORD']))
+    if r.status_code != 200:
+        raise ValueError('Basic Auth Failed')