Fixed that HTTP authentication should work if the header is called REDIRECT_X_HTTP_AUTHORIZATION as well (closes #6754) [mislaw]
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7091 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
This commit is contained in:
parent
a347d461a8
commit
73fba4faf1
|
@ -1,5 +1,7 @@
|
||||||
*SVN*
|
*SVN*
|
||||||
|
|
||||||
|
* Fixed that HTTP authentication should work if the header is called REDIRECT_X_HTTP_AUTHORIZATION as well #6754 [mislaw]
|
||||||
|
|
||||||
* Don't mistakenly interpret the request uri as the query string. #8731 [lifofifo, Jeremy Kemper]
|
* Don't mistakenly interpret the request uri as the query string. #8731 [lifofifo, Jeremy Kemper]
|
||||||
|
|
||||||
* Make ActionView#view_paths an attr_accessor for real this time. Also, don't perform an unnecessary #compact on the @view_paths array in #initialize. Closes #8582 [dasil003, julik, rick]
|
* Make ActionView#view_paths an attr_accessor for real this time. Also, don't perform an unnecessary #compact on the @view_paths array in #initialize. Closes #8582 [dasil003, julik, rick]
|
||||||
|
|
|
@ -68,6 +68,13 @@ module ActionController
|
||||||
#
|
#
|
||||||
# assert_equal 200, status
|
# assert_equal 200, status
|
||||||
# end
|
# end
|
||||||
|
#
|
||||||
|
#
|
||||||
|
# On shared hosts, Apache sometimes doesn't pass authentication headers to
|
||||||
|
# FCGI instances. If your environment matches this description and you cannot
|
||||||
|
# authenticate, try this rule in public/.htaccess (replace the plain one):
|
||||||
|
#
|
||||||
|
# RewriteRule ^(.*)$ dispatch.fcgi [E=X-HTTP_AUTHORIZATION:%{HTTP:Authorization},QSA,L]
|
||||||
module Basic
|
module Basic
|
||||||
extend self
|
extend self
|
||||||
|
|
||||||
|
@ -100,11 +107,12 @@ module ActionController
|
||||||
def authorization(request)
|
def authorization(request)
|
||||||
request.env['HTTP_AUTHORIZATION'] ||
|
request.env['HTTP_AUTHORIZATION'] ||
|
||||||
request.env['X-HTTP_AUTHORIZATION'] ||
|
request.env['X-HTTP_AUTHORIZATION'] ||
|
||||||
request.env['X_HTTP_AUTHORIZATION']
|
request.env['X_HTTP_AUTHORIZATION'] ||
|
||||||
|
request.env['REDIRECT_X_HTTP_AUTHORIZATION']
|
||||||
end
|
end
|
||||||
|
|
||||||
def decode_credentials(request)
|
def decode_credentials(request)
|
||||||
Base64.decode64(authorization(request).split.last)
|
Base64.decode64(authorization(request).split.last || '')
|
||||||
end
|
end
|
||||||
|
|
||||||
def encode_credentials(user_name, password)
|
def encode_credentials(user_name, password)
|
||||||
|
|
|
@ -3,35 +3,42 @@ require File.dirname(__FILE__) + '/../abstract_unit'
|
||||||
class HttpBasicAuthenticationTest < Test::Unit::TestCase
|
class HttpBasicAuthenticationTest < Test::Unit::TestCase
|
||||||
include ActionController::HttpAuthentication::Basic
|
include ActionController::HttpAuthentication::Basic
|
||||||
|
|
||||||
def setup
|
class DummyController
|
||||||
@controller = Class.new do
|
attr_accessor :headers, :renders, :request
|
||||||
attr_accessor :headers, :renders
|
|
||||||
|
|
||||||
def initialize
|
def initialize
|
||||||
@headers, @renders = {}, []
|
@headers, @renders = {}, []
|
||||||
end
|
@request = ActionController::TestRequest.new
|
||||||
|
|
||||||
def request
|
|
||||||
Class.new do
|
|
||||||
def env
|
|
||||||
{ 'HTTP_AUTHORIZATION' => ActionController::HttpAuthentication::Basic.encode_credentials("dhh", "secret") }
|
|
||||||
end
|
|
||||||
end.new
|
|
||||||
end
|
end
|
||||||
|
|
||||||
def render(options)
|
def render(options)
|
||||||
self.renders << options
|
self.renders << options
|
||||||
end
|
end
|
||||||
end.new
|
end
|
||||||
|
|
||||||
|
def setup
|
||||||
|
@controller = DummyController.new
|
||||||
|
@credentials = ActionController::HttpAuthentication::Basic.encode_credentials("dhh", "secret")
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_successful_authentication
|
def test_successful_authentication
|
||||||
assert authenticate(@controller) { |user_name, password| user_name == "dhh" && password == "secret" }
|
login = Proc.new { |user_name, password| user_name == "dhh" && password == "secret" }
|
||||||
|
set_headers
|
||||||
|
assert authenticate(@controller, &login)
|
||||||
|
|
||||||
|
set_headers ''
|
||||||
|
assert_nothing_raised do
|
||||||
|
assert !authenticate(@controller, &login)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
set_headers nil
|
||||||
|
set_headers @credentials, 'REDIRECT_X_HTTP_AUTHORIZATION'
|
||||||
|
assert authenticate(@controller, &login)
|
||||||
|
end
|
||||||
|
|
||||||
def test_failing_authentication
|
def test_failing_authentication
|
||||||
assert !authenticate(@controller) { |user_name, password| user_name == "dhh" && password == "secret!!" }
|
set_headers
|
||||||
|
assert !authenticate(@controller) { |user_name, password| user_name == "dhh" && password == "incorrect" }
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_authentication_request
|
def test_authentication_request
|
||||||
|
@ -39,4 +46,9 @@ class HttpBasicAuthenticationTest < Test::Unit::TestCase
|
||||||
assert_equal 'Basic realm="Megaglobalapp"', @controller.headers["WWW-Authenticate"]
|
assert_equal 'Basic realm="Megaglobalapp"', @controller.headers["WWW-Authenticate"]
|
||||||
assert_equal :unauthorized, @controller.renders.first[:status]
|
assert_equal :unauthorized, @controller.renders.first[:status]
|
||||||
end
|
end
|
||||||
|
|
||||||
|
private
|
||||||
|
def set_headers(value = @credentials, name = 'HTTP_AUTHORIZATION')
|
||||||
|
@controller.request.env[name] = value
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue