mirror of
https://github.com/servo/servo.git
synced 2025-08-03 20:50:07 +01:00
Prompt user for credentials when http request needs it (#34620)
* prompt user to get their credentials Signed-off-by: Lloyd Massiah artmis9@protonmail.com move credential prompt to a function Signed-off-by: Lloyd Massiah <artmis9@protonmail.com> * add prompt for step 15.4 Signed-off-by: Lloyd Massiah <artmis9@protonmail.com> * add new prompt definition for user credentials Signed-off-by: Lloyd Massiah <artmis9@protonmail.com> * remove default implementation for HttpState which allowed making the embedder_proxy non-optional - default implementation was only used in tests so created an alternative create_http_state function Signed-off-by: Lloyd Massiah <artmis9@protonmail.com> add credentials to authentication cache Signed-off-by: Lloyd Massiah <artmis9@protonmail.com> * add tests that are successful for the happy path Signed-off-by: Lloyd Massiah <artmis9@protonmail.com> * add test for user cancels prompt and user inputs incorrect credentials, and refactor shared code between tests Signed-off-by: Lloyd Massiah <artmis9@protonmail.com> * handle error when setting username and password in Url and ran formatting Signed-off-by: Lloyd Massiah <artmis9@protonmail.com> renaming test functions Signed-off-by: Lloyd Massiah <artmis9@protonmail.com> * change authentication flag to false for proxy authentication. The spec doesn't specify that the flag should be true, and the flag is by default false Signed-off-by: Lloyd Massiah <artmis9@protonmail.com> * clean up test code a bit Signed-off-by: Lloyd Massiah <artmis9@protonmail.com> * add skeleton implementation to support open harmony and android Signed-off-by: Lloyd Massiah <artmis9@protonmail.com> * update warning message to include Android Signed-off-by: Lloyd Massiah <artmis9@protonmail.com> * fix build error for OH os and Android Signed-off-by: Lloyd Massiah <artmis9@protonmail.com> * remove unused import to fix warning Signed-off-by: Lloyd Massiah <artmis9@protonmail.com> --------- Signed-off-by: Lloyd Massiah <artmis9@protonmail.com> Co-authored-by: lazypassion <25536767+lazypassion@users.noreply.github.com>
This commit is contained in:
parent
a9539d8b03
commit
aa40b8f820
8 changed files with 379 additions and 51 deletions
|
@ -29,7 +29,6 @@ use net::filemanager_thread::FileManager;
|
|||
use net::hsts::HstsEntry;
|
||||
use net::protocols::ProtocolRegistry;
|
||||
use net::resource_thread::CoreResourceThreadPool;
|
||||
use net::test::HttpState;
|
||||
use net_traits::filemanager_thread::FileTokenCheck;
|
||||
use net_traits::http_status::HttpStatus;
|
||||
use net_traits::request::{
|
||||
|
@ -47,8 +46,8 @@ use uuid::Uuid;
|
|||
|
||||
use crate::http_loader::{expect_devtools_http_request, expect_devtools_http_response};
|
||||
use crate::{
|
||||
create_embedder_proxy, fetch, fetch_with_context, fetch_with_cors_cache, make_server,
|
||||
make_ssl_server, new_fetch_context, DEFAULT_USER_AGENT,
|
||||
create_embedder_proxy, create_http_state, fetch, fetch_with_context, fetch_with_cors_cache,
|
||||
make_server, make_ssl_server, new_fetch_context, DEFAULT_USER_AGENT,
|
||||
};
|
||||
|
||||
// TODO write a struct that impls Handler for storing test values
|
||||
|
@ -669,7 +668,7 @@ fn test_fetch_with_hsts() {
|
|||
let (server, url) = make_ssl_server(handler);
|
||||
|
||||
let mut context = FetchContext {
|
||||
state: Arc::new(HttpState::default()),
|
||||
state: Arc::new(create_http_state(None)),
|
||||
user_agent: DEFAULT_USER_AGENT.into(),
|
||||
devtools_chan: None,
|
||||
filemanager: Arc::new(Mutex::new(FileManager::new(
|
||||
|
@ -724,7 +723,7 @@ fn test_load_adds_host_to_hsts_list_when_url_is_https() {
|
|||
url.as_mut_url().set_scheme("https").unwrap();
|
||||
|
||||
let mut context = FetchContext {
|
||||
state: Arc::new(HttpState::default()),
|
||||
state: Arc::new(create_http_state(None)),
|
||||
user_agent: DEFAULT_USER_AGENT.into(),
|
||||
devtools_chan: None,
|
||||
filemanager: Arc::new(Mutex::new(FileManager::new(
|
||||
|
@ -781,7 +780,7 @@ fn test_fetch_self_signed() {
|
|||
url.as_mut_url().set_scheme("https").unwrap();
|
||||
|
||||
let mut context = FetchContext {
|
||||
state: Arc::new(HttpState::default()),
|
||||
state: Arc::new(create_http_state(None)),
|
||||
user_agent: DEFAULT_USER_AGENT.into(),
|
||||
devtools_chan: None,
|
||||
filemanager: Arc::new(Mutex::new(FileManager::new(
|
||||
|
|
|
@ -6,7 +6,6 @@
|
|||
|
||||
use std::collections::HashMap;
|
||||
use std::io::Write;
|
||||
use std::str;
|
||||
use std::sync::atomic::{AtomicBool, Ordering};
|
||||
use std::sync::{Arc, Mutex, RwLock};
|
||||
use std::time::Duration;
|
||||
|
@ -47,7 +46,10 @@ use servo_url::{ImmutableOrigin, ServoUrl};
|
|||
use tokio_test::block_on;
|
||||
use url::Url;
|
||||
|
||||
use crate::{fetch, fetch_with_context, make_server, new_fetch_context};
|
||||
use crate::{
|
||||
create_embedder_proxy_and_receiver, fetch, fetch_with_context, make_server, new_fetch_context,
|
||||
receive_credential_prompt_msgs,
|
||||
};
|
||||
|
||||
fn mock_origin() -> ImmutableOrigin {
|
||||
ServoUrl::parse("http://servo.org").unwrap().origin()
|
||||
|
@ -1479,3 +1481,180 @@ fn test_origin_serialization_compatability() {
|
|||
|
||||
ensure_serialiations_match("data:,dataurltexta");
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_user_credentials_prompt_when_proxy_authentication_is_required() {
|
||||
let handler = move |request: HyperRequest<Body>, response: &mut HyperResponse<Body>| {
|
||||
let expected = Authorization::basic("username", "test");
|
||||
if let Some(credentials) = request.headers().typed_get::<Authorization<Basic>>() {
|
||||
if credentials == expected {
|
||||
*response.status_mut() = StatusCode::OK;
|
||||
} else {
|
||||
*response.status_mut() = StatusCode::UNAUTHORIZED;
|
||||
}
|
||||
} else {
|
||||
*response.status_mut() = StatusCode::PROXY_AUTHENTICATION_REQUIRED;
|
||||
}
|
||||
};
|
||||
let (server, url) = make_server(handler);
|
||||
|
||||
let mut request = RequestBuilder::new(url.clone(), Referrer::NoReferrer)
|
||||
.method(Method::GET)
|
||||
.body(None)
|
||||
.destination(Destination::Document)
|
||||
.origin(mock_origin())
|
||||
.pipeline_id(Some(TEST_PIPELINE_ID))
|
||||
.credentials_mode(CredentialsMode::Include)
|
||||
.build();
|
||||
|
||||
let (embedder_proxy, embedder_receiver) = create_embedder_proxy_and_receiver();
|
||||
let _ = receive_credential_prompt_msgs(
|
||||
embedder_receiver,
|
||||
Some("username".to_string()),
|
||||
Some("test".to_string()),
|
||||
);
|
||||
|
||||
let mut context = new_fetch_context(None, Some(embedder_proxy), None);
|
||||
|
||||
let response = fetch_with_context(&mut request, &mut context);
|
||||
|
||||
let _ = server.close();
|
||||
|
||||
assert!(response
|
||||
.internal_response
|
||||
.unwrap()
|
||||
.status
|
||||
.code()
|
||||
.is_success());
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_prompt_credentials_when_client_receives_unauthorized_response() {
|
||||
let handler = move |request: HyperRequest<Body>, response: &mut HyperResponse<Body>| {
|
||||
let expected = Authorization::basic("username", "test");
|
||||
if let Some(credentials) = request.headers().typed_get::<Authorization<Basic>>() {
|
||||
if credentials == expected {
|
||||
*response.status_mut() = StatusCode::OK;
|
||||
} else {
|
||||
*response.status_mut() = StatusCode::UNAUTHORIZED;
|
||||
}
|
||||
} else {
|
||||
*response.status_mut() = StatusCode::UNAUTHORIZED;
|
||||
}
|
||||
};
|
||||
let (server, url) = make_server(handler);
|
||||
|
||||
let mut request = RequestBuilder::new(url.clone(), Referrer::NoReferrer)
|
||||
.method(Method::GET)
|
||||
.body(None)
|
||||
.destination(Destination::Document)
|
||||
.origin(mock_origin())
|
||||
.pipeline_id(Some(TEST_PIPELINE_ID))
|
||||
.credentials_mode(CredentialsMode::Include)
|
||||
.build();
|
||||
|
||||
let (embedder_proxy, embedder_receiver) = create_embedder_proxy_and_receiver();
|
||||
let _ = receive_credential_prompt_msgs(
|
||||
embedder_receiver,
|
||||
Some("username".to_string()),
|
||||
Some("test".to_string()),
|
||||
);
|
||||
let mut context = new_fetch_context(None, Some(embedder_proxy), None);
|
||||
|
||||
let response = fetch_with_context(&mut request, &mut context);
|
||||
|
||||
server.close();
|
||||
|
||||
assert!(response
|
||||
.internal_response
|
||||
.unwrap()
|
||||
.status
|
||||
.code()
|
||||
.is_success());
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_prompt_credentials_user_cancels_dialog_input() {
|
||||
let handler = move |request: HyperRequest<Body>, response: &mut HyperResponse<Body>| {
|
||||
let expected = Authorization::basic("username", "test");
|
||||
if let Some(credentials) = request.headers().typed_get::<Authorization<Basic>>() {
|
||||
if credentials == expected {
|
||||
*response.status_mut() = StatusCode::OK;
|
||||
} else {
|
||||
*response.status_mut() = StatusCode::UNAUTHORIZED;
|
||||
}
|
||||
} else {
|
||||
*response.status_mut() = StatusCode::UNAUTHORIZED;
|
||||
}
|
||||
};
|
||||
let (server, url) = make_server(handler);
|
||||
|
||||
let mut request = RequestBuilder::new(url.clone(), Referrer::NoReferrer)
|
||||
.method(Method::GET)
|
||||
.body(None)
|
||||
.destination(Destination::Document)
|
||||
.origin(mock_origin())
|
||||
.pipeline_id(Some(TEST_PIPELINE_ID))
|
||||
.credentials_mode(CredentialsMode::Include)
|
||||
.build();
|
||||
|
||||
let (embedder_proxy, embedder_receiver) = create_embedder_proxy_and_receiver();
|
||||
let _ = receive_credential_prompt_msgs(embedder_receiver, None, None);
|
||||
let mut context = new_fetch_context(None, Some(embedder_proxy), None);
|
||||
|
||||
let response = fetch_with_context(&mut request, &mut context);
|
||||
|
||||
server.close();
|
||||
|
||||
assert!(response
|
||||
.internal_response
|
||||
.unwrap()
|
||||
.status
|
||||
.code()
|
||||
.is_client_error());
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_prompt_credentials_user_input_incorrect_credentials() {
|
||||
let handler = move |request: HyperRequest<Body>, response: &mut HyperResponse<Body>| {
|
||||
let expected = Authorization::basic("username", "test");
|
||||
if let Some(credentials) = request.headers().typed_get::<Authorization<Basic>>() {
|
||||
if credentials == expected {
|
||||
*response.status_mut() = StatusCode::OK;
|
||||
} else {
|
||||
*response.status_mut() = StatusCode::UNAUTHORIZED;
|
||||
}
|
||||
} else {
|
||||
*response.status_mut() = StatusCode::UNAUTHORIZED;
|
||||
}
|
||||
};
|
||||
let (server, url) = make_server(handler);
|
||||
|
||||
let mut request = RequestBuilder::new(url.clone(), Referrer::NoReferrer)
|
||||
.method(Method::GET)
|
||||
.body(None)
|
||||
.destination(Destination::Document)
|
||||
.origin(mock_origin())
|
||||
.pipeline_id(Some(TEST_PIPELINE_ID))
|
||||
.credentials_mode(CredentialsMode::Include)
|
||||
.build();
|
||||
|
||||
let (embedder_proxy, embedder_receiver) = create_embedder_proxy_and_receiver();
|
||||
let _ = receive_credential_prompt_msgs(
|
||||
embedder_receiver,
|
||||
Some("test".to_string()),
|
||||
Some("test".to_string()),
|
||||
);
|
||||
let mut context = new_fetch_context(None, Some(embedder_proxy), None);
|
||||
|
||||
let response = fetch_with_context(&mut request, &mut context);
|
||||
|
||||
server.close();
|
||||
|
||||
assert!(response
|
||||
.internal_response
|
||||
.unwrap()
|
||||
.status
|
||||
.code()
|
||||
.is_client_error());
|
||||
}
|
||||
|
|
|
@ -19,21 +19,23 @@ mod resource_thread;
|
|||
mod subresource_integrity;
|
||||
|
||||
use core::convert::Infallible;
|
||||
use std::collections::HashMap;
|
||||
use std::fs::File;
|
||||
use std::io::{self, BufReader};
|
||||
use std::net::TcpListener as StdTcpListener;
|
||||
use std::path::{Path, PathBuf};
|
||||
use std::sync::{Arc, LazyLock, Mutex, Weak};
|
||||
use std::sync::{Arc, LazyLock, Mutex, RwLock, Weak};
|
||||
|
||||
use crossbeam_channel::{unbounded, Sender};
|
||||
use devtools_traits::DevtoolsControlMsg;
|
||||
use embedder_traits::{EmbedderProxy, EventLoopWaker};
|
||||
use embedder_traits::{EmbedderProxy, EmbedderReceiver, EventLoopWaker};
|
||||
use futures::future::ready;
|
||||
use futures::StreamExt;
|
||||
use hyper::server::conn::Http;
|
||||
use hyper::server::Server as HyperServer;
|
||||
use hyper::service::{make_service_fn, service_fn};
|
||||
use hyper::{Body, Request as HyperRequest, Response as HyperResponse};
|
||||
use net::connector::{create_http_client, create_tls_config};
|
||||
use net::fetch::cors_cache::CorsCache;
|
||||
use net::fetch::methods::{self, CancellationListener, FetchContext};
|
||||
use net::filemanager_thread::FileManager;
|
||||
|
@ -95,6 +97,76 @@ fn create_embedder_proxy() -> EmbedderProxy {
|
|||
}
|
||||
}
|
||||
|
||||
fn create_embedder_proxy_and_receiver() -> (EmbedderProxy, EmbedderReceiver) {
|
||||
let (sender, receiver) = unbounded();
|
||||
let event_loop_waker = || {
|
||||
struct DummyEventLoopWaker {}
|
||||
impl DummyEventLoopWaker {
|
||||
fn new() -> DummyEventLoopWaker {
|
||||
DummyEventLoopWaker {}
|
||||
}
|
||||
}
|
||||
impl embedder_traits::EventLoopWaker for DummyEventLoopWaker {
|
||||
fn wake(&self) {}
|
||||
fn clone_box(&self) -> Box<dyn embedder_traits::EventLoopWaker> {
|
||||
Box::new(DummyEventLoopWaker {})
|
||||
}
|
||||
}
|
||||
|
||||
Box::new(DummyEventLoopWaker::new())
|
||||
};
|
||||
|
||||
let embedder_proxy = embedder_traits::EmbedderProxy {
|
||||
sender: sender.clone(),
|
||||
event_loop_waker: event_loop_waker(),
|
||||
};
|
||||
|
||||
let embedder_receiver = EmbedderReceiver { receiver };
|
||||
(embedder_proxy, embedder_receiver)
|
||||
}
|
||||
|
||||
fn receive_credential_prompt_msgs(
|
||||
mut embedder_receiver: EmbedderReceiver,
|
||||
username: Option<String>,
|
||||
password: Option<String>,
|
||||
) -> std::thread::JoinHandle<()> {
|
||||
std::thread::spawn(move || {
|
||||
let (_browser_context_id, embedder_msg) = embedder_receiver.recv_embedder_msg();
|
||||
match embedder_msg {
|
||||
embedder_traits::EmbedderMsg::Prompt(prompt_definition, _prompt_origin) => {
|
||||
match prompt_definition {
|
||||
embedder_traits::PromptDefinition::Credentials(ipc_sender) => {
|
||||
ipc_sender
|
||||
.send(embedder_traits::PromptCredentialsInput { username, password })
|
||||
.unwrap();
|
||||
},
|
||||
_ => unreachable!(),
|
||||
}
|
||||
},
|
||||
_ => unreachable!(),
|
||||
}
|
||||
})
|
||||
}
|
||||
|
||||
fn create_http_state(fc: Option<EmbedderProxy>) -> HttpState {
|
||||
let override_manager = net::connector::CertificateErrorOverrideManager::new();
|
||||
HttpState {
|
||||
hsts_list: RwLock::new(net::hsts::HstsList::default()),
|
||||
cookie_jar: RwLock::new(net::cookie_storage::CookieStorage::new(150)),
|
||||
auth_cache: RwLock::new(net::resource_thread::AuthCache::default()),
|
||||
history_states: RwLock::new(HashMap::new()),
|
||||
http_cache: RwLock::new(net::http_cache::HttpCache::default()),
|
||||
http_cache_state: Mutex::new(HashMap::new()),
|
||||
client: create_http_client(create_tls_config(
|
||||
net::connector::CACertificates::Default,
|
||||
false, /* ignore_certificate_errors */
|
||||
override_manager.clone(),
|
||||
)),
|
||||
override_manager,
|
||||
embedder_proxy: Mutex::new(fc.unwrap_or_else(|| create_embedder_proxy())),
|
||||
}
|
||||
}
|
||||
|
||||
fn new_fetch_context(
|
||||
dc: Option<Sender<DevtoolsControlMsg>>,
|
||||
fc: Option<EmbedderProxy>,
|
||||
|
@ -103,7 +175,7 @@ fn new_fetch_context(
|
|||
let sender = fc.unwrap_or_else(|| create_embedder_proxy());
|
||||
|
||||
FetchContext {
|
||||
state: Arc::new(HttpState::default()),
|
||||
state: Arc::new(create_http_state(Some(sender.clone()))),
|
||||
user_agent: DEFAULT_USER_AGENT.into(),
|
||||
devtools_chan: dc.map(|dc| Arc::new(Mutex::new(dc))),
|
||||
filemanager: Arc::new(Mutex::new(FileManager::new(
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue