"Matthew John Cheetham via GitGitGadget" <gitgitgadget@xxxxxxxxx>
writes:
> +if test -n "$HTTP_AUTHORIZATION" && \
> + grep -qsi "^${HTTP_AUTHORIZATION}\$" "$VALID_CREDS_FILE"
Do we require a regexp match (and worry about metacharacters in
HTTP_AUTHORIZATION variable), or would we want to use "grep -F -x"
here to force match with the entire line?
> +then
> + # Note that although git-http-backend returns a status line, it
> + # does so using a CGI 'Status' header. Because this script is an
> + # No Parsed Headers (NPH) script, we must return a real HTTP
> + # status line.
> + # This is only a test script, so we don't bother to check for
> + # the actual status from git-http-backend and always return 200.
> + echo 'HTTP/1.1 200 OK'
> + exec "$GIT_EXEC_PATH"/git-http-backend
> +fi
OK. That's the successful auth case. Otherwise ...
> +echo 'HTTP/1.1 401 Authorization Required'
> +if test -f "$CHALLENGE_FILE"
> +then
> + cat "$CHALLENGE_FILE"
> +fi
> +echo
OK. We'll just give a challenge.
> diff --git a/t/t5563-simple-http-auth.sh b/t/t5563-simple-http-auth.sh
> new file mode 100755
> index 00000000000..e0682039de7
> --- /dev/null
> +++ b/t/t5563-simple-http-auth.sh
> @@ -0,0 +1,81 @@
> +#!/bin/sh
> +
> +test_description='test http auth header and credential helper interop'
> +
> +. ./test-lib.sh
> +. "$TEST_DIRECTORY"/lib-httpd.sh
> +
> +start_httpd
> +
> +test_expect_success 'setup_credential_helper' '
> + mkdir "$TRASH_DIRECTORY/bin" &&
> + PATH=$PATH:"$TRASH_DIRECTORY/bin" &&
> + export PATH &&
> +
> + CREDENTIAL_HELPER="$TRASH_DIRECTORY/bin/git-credential-test-helper" &&
> + write_script "$CREDENTIAL_HELPER" <<-\EOF
> + cmd=$1
> + teefile=$cmd-query.cred
> + catfile=$cmd-reply.cred
> + sed -n -e "/^$/q" -e "p" >>$teefile
> + if test "$cmd" = "get"
> + then
> + cat $catfile
> + fi
> + EOF
> +'
> +
> +set_credential_reply() {
Style. Have SP before "()" as well as after.
> + cat >"$TRASH_DIRECTORY/$1-reply.cred"
> +}
> +
> +expect_credential_query() {
Style. Have SP before "()" as well as after.
> + cat >"$TRASH_DIRECTORY/$1-expect.cred" &&
> + test_cmp "$TRASH_DIRECTORY/$1-expect.cred" \
> + "$TRASH_DIRECTORY/$1-query.cred"
> +}
> +
> +per_test_cleanup () {
> + rm -f *.cred &&
> + rm -f "$HTTPD_ROOT_PATH"/custom-auth.*
> +}
> +
> +test_expect_success 'setup repository' '
> + test_commit foo &&
> + git init --bare "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
> + git push --mirror "$HTTPD_DOCUMENT_ROOT_PATH/repo.git"
> +'
OK.
> +test_expect_success 'access using basic auth' '
> + test_when_finished "per_test_cleanup" &&
> +
> + set_credential_reply get <<-EOF &&
> + username=alice
> + password=secret-passwd
> + EOF
> +
> + cat >"$HTTPD_ROOT_PATH/custom-auth.valid" <<-EOF &&
> + Basic YWxpY2U6c2VjcmV0LXBhc3N3ZA==
> + EOF
Perhaps we want to note that this matches the "alice:secret-passwd"
we prepared earlier?
> + cat >"$HTTPD_ROOT_PATH/custom-auth.challenge" <<-EOF &&
> + WWW-Authenticate: Basic realm="example.com"
> + EOF
OK.
> + test_config_global credential.helper test-helper &&
> + git ls-remote "$HTTPD_URL/custom_auth/repo.git" &&
> +
> + expect_credential_query get <<-EOF &&
> + protocol=http
> + host=$HTTPD_DEST
> + EOF
> +
> + expect_credential_query store <<-EOF
> + protocol=http
> + host=$HTTPD_DEST
> + username=alice
> + password=secret-passwd
> + EOF
> +'
OK.
> +test_done
