Use HttpAuthController in SocketStream

net/tools/testserver/testserver.py

 #!/usr/bin/env python
 # Copyright (c) 2012 The Chromium Authors. All rights reserved.
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.
 
 """This is a simple HTTP/FTP/SYNC/TCP/UDP/ server used for testing Chrome.
 
 It supports several test URLs, as specified by the handlers in TestPageHandler.
 By default, it listens on an ephemeral port and sends the port number back to
 the originating process over a pipe. The originating process can specify an
@@ skipping 46 matching lines @@
   import simplejson as json
 
 if sys.platform == 'win32':
   import msvcrt
 
 SERVER_HTTP = 0
 SERVER_FTP = 1
 SERVER_SYNC = 2
 SERVER_TCP_ECHO = 3
 SERVER_UDP_ECHO = 4
+SERVER_BASIC_AUTH_PROXY = 5

[wtc, 2012/08/22 19:42:27]

Hmm... here if we add SERVER_BASIC_AUTH_PROXY to the beginning,
we will need to change all the values. I'm not sure what's
the right thing to do.

[bashi, 2012/08/23 09:54:15]

I realized that the values aren't the same of TYPE_XXX. So I think we don't need
to change values.

 
 # Using debug() seems to cause hangs on XP: see http://crbug.com/64515 .
 debug_output = sys.stderr
 def debug(str):
   debug_output.write(str + "\n")
   debug_output.flush()
 
 class RecordingSSLSessionCache(object):
   """RecordingSSLSessionCache acts as a TLS session cache and maintains a log of
   lookups and inserts in order to test session cache behaviours."""
@@ skipping 28 matching lines @@
       self.handle_request()
     self.socket.close()
 
 
 class HTTPServer(ClientRestrictingServerMixIn, StoppableHTTPServer):
   """This is a specialization of StoppableHTTPServer that adds client
   verification."""
 
   pass
 
+class ThreadingHTTPServer(ClientRestrictingServerMixIn,
+                          SocketServer.ThreadingMixIn,
+                          StoppableHTTPServer):
+  """This is a specialization of StoppableHTTPServer that creates
+  a dedicated thread for each request."""

[wtc, 2012/08/22 19:42:27]

Should we also mention "adds client verification", as we do
on lines 111-112 above?

[bashi, 2012/08/23 09:54:15]

Removed ThreadingHTTPServer.

+
+  pass
+
+
 class OCSPServer(ClientRestrictingServerMixIn, BaseHTTPServer.HTTPServer):
   """This is a specialization of HTTPServer that serves an
   OCSP response"""
 
   def serve_forever_on_thread(self):
     self.thread = threading.Thread(target = self.serve_forever,
                                    name = "OCSPServerThread")
     self.thread.start()
 
   def stop_serving(self):
@@ skipping 1887 matching lines @@
     # "echo response" message if "echo request" message is valid.
     try:
       return_data = echo_message.GetEchoResponseData(data)
       if not return_data:
         return
     except ValueError:
       return
     socket.sendto(return_data, self.client_address)
 
 
+class BasicAuthProxyRequestHandler(BaseHTTPServer.BaseHTTPRequestHandler):
+  """A request handler that behaves as a proxy server which requires
+  basic authentication. Only CONNECT, GET and HEAD is supported for now.
+  """
+
+  _AUTH_CREDENTIAL = 'Basic Zm9vOmJhcg==' # foo:bar
+
+  def parse_request(self):
+    """Overrides parse_request to check credential."""
+
+    if not BaseHTTPServer.BaseHTTPRequestHandler.parse_request(self):
+      return False
+
+    auth = self.headers.getheader('Proxy-Authorization')
+    if auth != self._AUTH_CREDENTIAL:
+      self.send_response(407)
+      self.send_header('Proxy-Authenticate', 'Basic realm="MyRealm1"')
+      self.end_headers()
+      return False
+
+    return True
+
+  def _start_read_write(self, sock):
+    sock.setblocking(0)
+    self.request.setblocking(0)
+    rlist = [self.request, sock]
+    while True:
+      ready_sockets, unused, errors = select.select(rlist, [], [])
+      if errors:
+        self.send_response(500)
+        self.end_headers()
+        return
+      for s in ready_sockets:
+        received = s.recv(1024)
+        if len(received) == 0:
+          return
+        if s == self.request:
+          other = sock
+        else:
+          other = self.request
+        other.send(received)
+
+  def _do_common_method(self):
+    url = urlparse.urlparse(self.path)
+    port = url.port
+    if not port:
+      if url.scheme == 'http':
+        port = 80
+      elif url.scheme == 'https':
+        port = 443
+    if not url.hostname or not port:
+      self.send_response(400)
+      self.end_headers()
+      return
+
+    if len(url.path) == 0:
+      path = '/'
+    else:
+      path = url.path
+    if len(url.query) > 0:
+      path = '%s?%s' % (url.path, url.query)
+
+    try:
+      sock = socket.create_connection((url.hostname, port))
+      sock.send('%s %s %s\r\n' % (
+          self.command, path, self.protocol_version))
+      for header in self.headers.headers:
+        header = header.strip()
+        if (header.lower().startswith('connection') or
+            header.lower().startswith('proxy')):
+          continue
+        sock.send('%s\r\n' % header)
+      sock.send('\r\n')
+      self._start_read_write(sock)
+    except:
+      self.send_response(500)
+      self.end_headers()
+    finally:
+      sock.close()
+
+  def do_CONNECT(self):
+    try:
+      pos = self.path.rfind(':')
+      host = self.path[:pos]
+      port = int(self.path[pos+1:])
+    except:
+      self.send_response(400)
+      self.end_headers()
+
+    try:
+      sock = socket.create_connection((host, port))
+      self.send_response(200, 'Connection established')
+      self.end_headers()
+      self._start_read_write(sock)
+    except:
+      self.send_response(500)
+      self.end_headers()
+    finally:
+      sock.close()
+
+  def do_GET(self):
+    self._do_common_method()
+
+  def do_HEAD(self):
+    self._do_common_method()
+
+
 class FileMultiplexer:
   def __init__(self, fd1, fd2) :
     self.__fd1 = fd1
     self.__fd2 = fd2
 
   def __del__(self) :
     if self.__fd1 != sys.stdout and self.__fd1 != sys.stderr:
       self.__fd1.close()
     if self.__fd2 != sys.stdout and self.__fd2 != sys.stderr:
       self.__fd2.close()
@@ skipping 98 matching lines @@
     server = TCPEchoServer((host, port), TCPEchoHandler)
     print 'Echo TCP server started on port %d...' % server.server_port
     server_data['port'] = server.server_port
   elif options.server_type == SERVER_UDP_ECHO:
     # Used for generating the key (randomly) that encodes the "echo request"
     # message.
     random.seed()
     server = UDPEchoServer((host, port), UDPEchoHandler)
     print 'Echo UDP server started on port %d...' % server.server_port
     server_data['port'] = server.server_port
+  elif options.server_type == SERVER_BASIC_AUTH_PROXY:
+    server = ThreadingHTTPServer((host, port), BasicAuthProxyRequestHandler)
+    print 'BasicAuthProxy server started on port %d...' % server.server_port
+    server_data['port'] = server.server_port
   # means FTP Server
   else:
     my_data_dir = MakeDataDir()
 
     # Instantiate a dummy authorizer for managing 'virtual' users
     authorizer = pyftpdlib.ftpserver.DummyAuthorizer()
 
     # Define a new user having full r/w permissions and a read-only
     # anonymous user
     authorizer.add_user('chrome', 'chrome', my_data_dir, perm='elradfmw')
@@ skipping 54 matching lines @@
                            dest='server_type',
                            help='start up a sync server.')
   option_parser.add_option('', '--tcp-echo', action='store_const',
                            const=SERVER_TCP_ECHO, default=SERVER_HTTP,
                            dest='server_type',
                            help='start up a tcp echo server.')
   option_parser.add_option('', '--udp-echo', action='store_const',
                            const=SERVER_UDP_ECHO, default=SERVER_HTTP,
                            dest='server_type',
                            help='start up a udp echo server.')
+  option_parser.add_option('', '--basic-auth-proxy', action='store_const',
+                           const=SERVER_BASIC_AUTH_PROXY, default=SERVER_HTTP,
+                           dest='server_type',
+                           help='start up a proxy server which requires basic '
+                           'authentication.')
   option_parser.add_option('', '--log-to-console', action='store_const',
                            const=True, default=False,
                            dest='log_to_console',
                            help='Enables or disables sys.stdout logging to '
                            'the console.')
   option_parser.add_option('', '--port', default='0', type='int',
                            help='Port used by the server. If unspecified, the '
                            'server will listen on an ephemeral port.')
   option_parser.add_option('', '--xmpp-port', default='0', type='int',
                            help='Port used by the XMPP server. If unspecified, '
@@ skipping 62 matching lines @@
                            dest='host',
                            help='Hostname or IP upon which the server will '
                            'listen. Client connections will also only be '
                            'allowed from this address.')
   option_parser.add_option('', '--auth-token', dest='auth_token',
                            help='Specify the auth token which should be used'
                            'in the authorization header for GData.')
   options, args = option_parser.parse_args()
 
   sys.exit(main(options, args))