michael@0: /* Any copyright is dedicated to the Public Domain. michael@0: * http://creativecommons.org/publicdomain/zero/1.0/ */ michael@0: michael@0: Cu.import("resource://services-sync/resource.js"); michael@0: Cu.import("resource://services-sync/util.js"); michael@0: Cu.import("resource://services-sync/service.js"); michael@0: Cu.import("resource://testing-common/services/sync/utils.js"); michael@0: michael@0: const JAPANESE = "\u34ff\u35ff\u36ff\u37ff"; michael@0: const APPLES = "\uf8ff\uf8ff\uf8ff\uf8ff"; michael@0: const LOWBYTES = "\xff\xff\xff\xff"; michael@0: michael@0: // Poor man's /etc/passwd. Static since there's no btoa()/atob() in xpcshell. michael@0: let basicauth = {}; michael@0: basicauth[LOWBYTES] = "Basic am9obmRvZTr/////"; michael@0: basicauth[Utils.encodeUTF8(JAPANESE)] = "Basic am9obmRvZTrjk7/jl7/jm7/jn78="; michael@0: michael@0: // Global var for the server password, read by info_collections(), michael@0: // modified by change_password(). michael@0: let server_password; michael@0: michael@0: function login_handling(handler) { michael@0: return function (request, response) { michael@0: let basic = basicauth[server_password]; michael@0: michael@0: if (basic && (request.getHeader("Authorization") == basic)) { michael@0: handler(request, response); michael@0: } else { michael@0: let body = "Unauthorized"; michael@0: response.setStatusLine(request.httpVersion, 401, "Unauthorized"); michael@0: response.setHeader("WWW-Authenticate", 'Basic realm="secret"', false); michael@0: response.bodyOutputStream.write(body, body.length); michael@0: } michael@0: }; michael@0: } michael@0: michael@0: function change_password(request, response) { michael@0: let body, statusCode, status; michael@0: let basic = basicauth[server_password]; michael@0: michael@0: if (basic && (request.getHeader("Authorization") == basic)) { michael@0: server_password = readBytesFromInputStream(request.bodyInputStream); michael@0: body = ""; michael@0: statusCode = 200; michael@0: status = "OK"; michael@0: } else { michael@0: statusCode = 401; michael@0: body = status = "Unauthorized"; michael@0: } michael@0: response.setStatusLine(request.httpVersion, statusCode, status); michael@0: response.setHeader("WWW-Authenticate", 'Basic realm="secret"', false); michael@0: response.bodyOutputStream.write(body, body.length); michael@0: } michael@0: michael@0: function run_test() { michael@0: initTestLogging("Trace"); michael@0: let collectionsHelper = track_collections_helper(); michael@0: let upd = collectionsHelper.with_updated_collection; michael@0: let collections = collectionsHelper.collections; michael@0: michael@0: ensureLegacyIdentityManager(); michael@0: michael@0: do_test_pending(); michael@0: let server = httpd_setup({ michael@0: "/1.1/johndoe/info/collections": login_handling(collectionsHelper.handler), michael@0: "/1.1/johndoe/storage/meta/global": upd("meta", new ServerWBO("global").handler()), michael@0: "/1.1/johndoe/storage/crypto/keys": upd("crypto", new ServerWBO("keys").handler()), michael@0: "/user/1.0/johndoe/password": change_password michael@0: }); michael@0: michael@0: setBasicCredentials("johndoe", JAPANESE, "irrelevant"); michael@0: Service.serverURL = server.baseURI; michael@0: michael@0: try { michael@0: _("Try to log in with the password."); michael@0: server_password = "foobar"; michael@0: do_check_false(Service.verifyLogin()); michael@0: do_check_eq(server_password, "foobar"); michael@0: michael@0: _("Make the server password the low byte version of our password."); michael@0: server_password = LOWBYTES; michael@0: do_check_false(Service.verifyLogin()); michael@0: do_check_eq(server_password, LOWBYTES); michael@0: michael@0: _("Can't use a password that has the same low bytes as ours."); michael@0: server_password = Utils.encodeUTF8(JAPANESE); michael@0: Service.identity.basicPassword = APPLES; michael@0: do_check_false(Service.verifyLogin()); michael@0: do_check_eq(server_password, Utils.encodeUTF8(JAPANESE)); michael@0: michael@0: } finally { michael@0: server.stop(do_test_finished); michael@0: Svc.Prefs.resetBranch(""); michael@0: } michael@0: }