The Tor Browser / file diff

diff: services/sync/tests/unit/test_service_passwordUTF8.js

services/sync/tests/unit/test_service_passwordUTF8.js

changeset 0
6474c204b198
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/services/sync/tests/unit/test_service_passwordUTF8.js	Wed Dec 31 06:09:35 2014 +0100
     1.3 @@ -0,0 +1,95 @@
     1.4 +/* Any copyright is dedicated to the Public Domain.
     1.5 + * http://creativecommons.org/publicdomain/zero/1.0/ */
     1.6 +
     1.7 +Cu.import("resource://services-sync/resource.js");
     1.8 +Cu.import("resource://services-sync/util.js");
     1.9 +Cu.import("resource://services-sync/service.js");
    1.10 +Cu.import("resource://testing-common/services/sync/utils.js");
    1.11 +
    1.12 +const JAPANESE = "\u34ff\u35ff\u36ff\u37ff";
    1.13 +const APPLES = "\uf8ff\uf8ff\uf8ff\uf8ff";
    1.14 +const LOWBYTES = "\xff\xff\xff\xff";
    1.15 +
    1.16 +// Poor man's /etc/passwd.  Static since there's no btoa()/atob() in xpcshell.
    1.17 +let basicauth = {};
    1.18 +basicauth[LOWBYTES] = "Basic am9obmRvZTr/////";
    1.19 +basicauth[Utils.encodeUTF8(JAPANESE)] = "Basic am9obmRvZTrjk7/jl7/jm7/jn78=";
    1.20 +
    1.21 +// Global var for the server password, read by info_collections(),
    1.22 +// modified by change_password().
    1.23 +let server_password;
    1.24 +
    1.25 +function login_handling(handler) {
    1.26 +  return function (request, response) {
    1.27 +    let basic = basicauth[server_password];
    1.28 +
    1.29 +    if (basic && (request.getHeader("Authorization") == basic)) {
    1.30 +      handler(request, response);
    1.31 +    } else {
    1.32 +      let body = "Unauthorized";
    1.33 +      response.setStatusLine(request.httpVersion, 401, "Unauthorized");
    1.34 +      response.setHeader("WWW-Authenticate", 'Basic realm="secret"', false);
    1.35 +      response.bodyOutputStream.write(body, body.length);
    1.36 +    }
    1.37 +  };
    1.38 +}
    1.39 +
    1.40 +function change_password(request, response) {
    1.41 +  let body, statusCode, status;
    1.42 +  let basic = basicauth[server_password];
    1.43 +
    1.44 +  if (basic && (request.getHeader("Authorization") == basic)) {
    1.45 +    server_password = readBytesFromInputStream(request.bodyInputStream);
    1.46 +    body = "";
    1.47 +    statusCode = 200;
    1.48 +    status = "OK";
    1.49 +  } else {
    1.50 +    statusCode = 401;
    1.51 +    body = status = "Unauthorized";
    1.52 +  }
    1.53 +  response.setStatusLine(request.httpVersion, statusCode, status);
    1.54 +  response.setHeader("WWW-Authenticate", 'Basic realm="secret"', false);
    1.55 +  response.bodyOutputStream.write(body, body.length);
    1.56 +}
    1.57 +
    1.58 +function run_test() {
    1.59 +  initTestLogging("Trace");
    1.60 +  let collectionsHelper = track_collections_helper();
    1.61 +  let upd = collectionsHelper.with_updated_collection;
    1.62 +  let collections = collectionsHelper.collections;
    1.63 +
    1.64 +  ensureLegacyIdentityManager();
    1.65 +
    1.66 +  do_test_pending();
    1.67 +  let server = httpd_setup({
    1.68 +    "/1.1/johndoe/info/collections":    login_handling(collectionsHelper.handler),
    1.69 +    "/1.1/johndoe/storage/meta/global": upd("meta",   new ServerWBO("global").handler()),
    1.70 +    "/1.1/johndoe/storage/crypto/keys": upd("crypto", new ServerWBO("keys").handler()),
    1.71 +    "/user/1.0/johndoe/password":       change_password
    1.72 +  });
    1.73 +
    1.74 +  setBasicCredentials("johndoe", JAPANESE, "irrelevant");
    1.75 +  Service.serverURL = server.baseURI;
    1.76 +
    1.77 +  try {
    1.78 +    _("Try to log in with the password.");
    1.79 +    server_password = "foobar";
    1.80 +    do_check_false(Service.verifyLogin());
    1.81 +    do_check_eq(server_password, "foobar");
    1.82 +
    1.83 +    _("Make the server password the low byte version of our password.");
    1.84 +    server_password = LOWBYTES;
    1.85 +    do_check_false(Service.verifyLogin());
    1.86 +    do_check_eq(server_password, LOWBYTES);
    1.87 +
    1.88 +    _("Can't use a password that has the same low bytes as ours.");
    1.89 +    server_password = Utils.encodeUTF8(JAPANESE);
    1.90 +    Service.identity.basicPassword = APPLES;
    1.91 +    do_check_false(Service.verifyLogin());
    1.92 +    do_check_eq(server_password, Utils.encodeUTF8(JAPANESE));
    1.93 +
    1.94 +  } finally {
    1.95 +    server.stop(do_test_finished);
    1.96 +    Svc.Prefs.resetBranch("");
    1.97 +  }
    1.98 +}

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial