U


W[@^�@s�
dZd
dl
mZmZ
d
dlZd
dlmZ
d
dlmZ
d
dl	m
Z

d
dlmZ
d
dl
mZ
d
d	lmZ
d
d
lmZmZ
d
dlmZ
d
dlmZmZ
d
d
lmZ
d
dlmZ
d
dlmZmZmZ
d
dl m!Z!m"Z"
d
dl#m$Z$m%Z%
d
dl&m'Z'
d
dl(m)Z)
d
dl*m+Z+
d
dl,m-Z-
d
dl.m/Z/
d
dl0m1Z1
dd�Z2Gdd�d�Z3Gdd�d�Z4Gdd�de4e3e
j5�Z6Gd d!�d!e4e
j5�Z7Gd"d#�d#e4e
j5�Z8eej9�

Gd$d%�d%e:�Z;Gd&d'�d'e
j5�Z<dS)(z!
Tests for L{twisted.web._auth}.
�)�division�absolute_importN)
�implementer)
�verifyObject)
�unittest)
�Failure)
�ConnectionDone)
�IPv4Address)�error�portal)
�'InMemoryUsernamePasswordDatabaseDontUse)�	ANONYMOUS�AllowAnonymousAccess)
�IUsernamePassword)
�ICredentialFactory)�	IResource�Resource�getChildForRequest)�basic�digest)�HTTPAuthSessionWrapper�UnauthorizedResource)
�BasicCredentialFactory�
�NOT_DONE_YET)
�Data)
�DummyRequest)
�EventLoggingObserver)
�globalLogPublisherc

Cst�
|�
��S�
N)�base64�	b64encode�strip)
�
s�r$�@/usr/lib/python3/dist-packages/twisted/web/test/test_httpauth.pyr!(s
r!c@sJeZ
dZd
Zdd�Zddd�
Zdd	�Zd
d�Zdd
�Zdd�Z	dd�Z
dS)�BasicAuthTestsMixinz�
    L{TestCase} mixin class which defines a number of tests for
    L{basic.BasicCredentialFactory}.  Because this mixin defines C{setUp}, it
    must be inherited before L{TestCase}.
    c

Cs.|��|_
d
|_d|_d|_t�|j�
|_dS)NsfoosdreidsS3CuR1Ty)�makeRequest�request�realm�username�passwordrr�credentialFactory�
�selfr$r$r%�setUp2s






zBasicAuthTestsMixin.setUp�GETNcCstd
|j
f
�
�
dS)z�
        Create a request object to be passed to
        L{basic.BasicCredentialFactory.decode} along with a response value.
        Override this in a subclass.
        z %r did not implement makeRequestN)�NotImplementedError�	__class__)r.�method�
clientAddressr$r$r%r':s
�zBasicAuthTestsMixin.makeRequestc

Cs|�t
t|j��

d
S)zM
        L{BasicCredentialFactory} implements L{ICredentialFactory}.
        N��
assertTruerrr,r-r$r$r%�test_interfaceDs

�z"BasicAuthTestsMixin.test_interfacec
Csdtd
�
|jd|jg�
�
}
|j�|
|j�}|�t�	|�
�

|�|�
|j�
�

|�|�
|jd�
�

dS)z�
        L{basic.BasicCredentialFactory.decode} turns a base64-encoded response
        into a L{UsernamePassword} object with a password which reflects the
        one which was encoded in the response.
        ��
:swrongN)r!�joinr*r+r,�decoder(r6rZ
providedBy�
checkPasswordZassertFalse�r.�responseZcredsr$r$r%�test_usernamePasswordLs



z)BasicAuthTestsMixin.test_usernamePasswordc
CsXtd
�
|jd|jg�
�
}
|
�d�
}
|j�|
|j�}|�t	t
|��

|�|�|j�
�

dS)zz
        L{basic.BasicCredentialFactory.decode} decodes a base64-encoded
        response with incorrect padding.
        r8r9�
=N)r!r:r*r+r"r,r;r(r6rrr<r=r$r$r%�test_incorrectPaddingZs




z)BasicAuthTestsMixin.test_incorrectPaddingc
Cs"d
}
|�t
j|jj|
|���
dS)z�
        L{basic.BasicCredentialFactory.decode} raises L{LoginFailed} if passed
        a response which is not base64-encoded.
        �
xN)�assertRaisesr
�LoginFailedr,r;r'�r.r>r$r$r%�test_invalidEncodinggs


�z(BasicAuthTestsMixin.test_invalidEncodingc
Cs&td
�
}
|�
tj|jj|
|���
dS)z�
        L{basic.BasicCredentialFactory.decode} raises L{LoginFailed} when
        passed a response which is not valid base64-encoded text.
        s123abc+/N)r!rCr
rDr,r;r'rEr$r$r%�test_invalidCredentialsrs



�z+BasicAuthTestsMixin.test_invalidCredentials)r0N)�__name__�
__module__�__qualname__�__doc__r/r'r7r?rArFrGr$r$r$r%r&,s



r&c@seZ
dZddd�
ZdS)�RequestMixinr0NcCs,|d
krtddd�}t
d�
}|
|_||_|S)zo
        Create a L{DummyRequest} (change me to create a
        L{twisted.web.http.Request} instead).
        N�TCPZ	localhosti��
/)r	rr3�client)r.r3r4r(r$r$r%r's




zRequestMixin.makeRequest)r0N)rHrIrJr'r$r$r$r%rL~s
rLc
@seZ
dZd
ZdS)�BasicAuthTestszK
    Basic authentication tests which use L{twisted.web.http.Request}.
    N)rHrIrJrKr$r$r$r%rP�s
rPc@s8eZ
dZd
Zdd�Zdd�Zdd�Zdd	�Zd
d�ZdS)
�DigestAuthTestszL
    Digest authentication tests which use L{twisted.web.http.Request}.
    c

Cs,d
|_d|_
t�|j
|j�|_|��|_dS)z>
        Create a DigestCredentialFactory for testing
        �
test realm�md5N)r)�	algorithmr�DigestCredentialFactoryr,r'r(r-r$r$r%r/�s


�zDigestAuthTests.setUpc
snd
�
d�dg
�t����
���fdd�}
��
�jjd|
�
���td�
d��}�j��|�
���d	�

d
S)z�
        L{digest.DigestCredentialFactory.decode} calls the C{decode} method on
        L{twisted.cred.digest.DigestCredentialFactory} with the HTTP method and
        host of the request.
        s169.254.0.1r0Fcs0���|�
���|
�
���
|�
d
�d<dS)NTr
)
�assertEqual)Z	_response�_methodZ_host�ZdoneZhostr3r>r.r$r%�check�s



z*DigestAuthTests.test_decode.<locals>.checkr;rM�Qr
N)�objectZpatchr,rr'r	r;r6)r.rYZreqr$rXr%�test_decode�s






zDigestAuthTests.test_decodec

Cs|�t
t|j��

d
S)zN
        L{DigestCredentialFactory} implements L{ICredentialFactory}.
        Nr5r-r$r$r%r7�s

�zDigestAuthTests.test_interfacec
Cst|j�
|j�
}
|�|
d
d�
|�|
dd�
|�|
dd�
|�d|
�
|�d|
�
|
��D]}|�d	|�
q^d
S)ah

        The challenge issued by L{DigestCredentialFactory.getChallenge} must
        include C{'qop'}, C{'realm'}, C{'algorithm'}, C{'nonce'}, and
        C{'opaque'} keys.  The values for the C{'realm'} and C{'algorithm'}
        keys must match the values supplied to the factory's initializer.
        None of the values may have newlines in them.
        �qop�authr)rRrTrS�nonce�opaque�

N)r,�getChallenger(rV�assertIn�valuesZassertNotIn)r.�	challenge�
vr$r$r%�test_getChallenge�s






z!DigestAuthTests.test_getChallengec
Csd|�d
d�}
|j
�|
�
}|�|dd�
|�|dd�
|�|dd�
|�d	|�
|�d
|�
dS)z�
        L{DigestCredentialFactory.getChallenge} can issue a challenge even if
        the L{Request} it is passed returns L{None} from C{getClientIP}.
        r0Nr]r^r)rRrTrSr_r`)r'r,rbrVrc)r.r(rer$r$r%� test_getChallengeWithoutClientIP�s





z0DigestAuthTests.test_getChallengeWithoutClientIPN)	rHrIrJrKr/r\r7rgrhr$r$r$r%rQ�s
rQc@s@eZ
dZd
Zdd�Zdd�Zdd�Zdd	�Zd
d�Zdd
�Z	dS)�UnauthorizedResourceTestsz,
    Tests for L{UnauthorizedResource}.
    c
Cs4tg�
}
|�
|
�d
d�|
�
|�
|
�dd�|
�
dS)zF
        An L{UnauthorizedResource} is every child of itself.
        ZfooNZbar)rZassertIdenticalZgetChildWithDefault)r.�resourcer$r$r%�test_getChildWithDefault�s


�

�z2UnauthorizedResourceTests.test_getChildWithDefaultcCs@tt
d
�
g
�
}|
�|�

|�|
jd�
|�|
j�d�
dg
�
dS)z�
        Render L{UnauthorizedResource} for the given request object and verify
        that the response code is I{Unauthorized} and that a I{WWW-Authenticate}
        header is set in the response containing a challenge.
        �example.com�
�www-authenticatesbasic realm="example.com"N)rr�renderrV�responseCode�responseHeaders�
getRawHeaders)r.r(rjr$r$r%�_unauthorizedRenderTest�s
�





�z1UnauthorizedResourceTests._unauthorizedRenderTestc
Cs*|��}
|�
|
�

|�d
d�|
j�
�
dS)z�
        L{UnauthorizedResource} renders with a 401 response code and a
        I{WWW-Authenticate} header and puts a simple unauthorized message
        into the response body.
        sUnauthorizedr8N�r'rsrVr:�written�r.r(r$r$r%�test_render

s


z%UnauthorizedResourceTests.test_renderc
Cs.|jd
d�
}
|�
|
�

|�dd�|
j�
�
dS)z�
        The rendering behavior of L{UnauthorizedResource} for a I{HEAD} request
        is like its handling of a I{GET} request, but no response body is
        written.
        sHEAD)
r3r8Nrtrvr$r$r%�test_renderHEAD
s


z)UnauthorizedResourceTests.test_renderHEADc
Cs:tt
d
�
g
�
}
|��}|�|
�

|�|j�d�
dg
�
dS)z�
        The realm value included in the I{WWW-Authenticate} header set in
        the response when L{UnauthorizedResounrce} is rendered has quotes
        and backslashes escaped.
        zexample\"foornsbasic realm="example\\\"foo"N)rrr'rorVrqrr)r.rjr(r$r$r%�test_renderQuotesRealm
s
�





�z0UnauthorizedResourceTests.test_renderQuotesRealmc
CsPtt
�d
d�g
�
}
|��}|�|
�

|j�d�
d}|�d|�
|�d|�
dS)z�
        The digest value included in the I{WWW-Authenticate} header
        set in the response when L{UnauthorizedResource} is rendered
        has quotes and backslashes escaped.
        rSsexample\"foornr
srealm="example\\\"foo"shm="md5N)rrrUr'rorqrrrc)r.rjr(Z
authHeaderr$r$r%�test_renderQuotesDigest&
s

�



��
z1UnauthorizedResourceTests.test_renderQuotesDigestN)
rHrIrJrKrkrsrwrxryrzr$r$r$r%ri�s
ric@s(eZ
dZd
Zdd�Zdd�Zdd�ZdS)	�RealmaJ

    A simple L{IRealm} implementation which gives out L{WebAvatar} for any
    avatarId.

    @type loggedIn: C{int}
    @ivar loggedIn: The number of times C{requestAvatar} has been invoked for
        L{IResource}.

    @type loggedOut: C{int}
    @ivar loggedOut: The number of times the logout callback has been invoked.
    cCsd
|_d
|_
|
|_dS)Nr
)�	loggedOut�loggedIn�
avatarFactory)r.r~r$r$r%�__init__F
s


zRealm.__init__cGs2t|kr(|j
d
7_
t|�|
�
|jfSt��
dS�N�
)rr}r~�logoutr1)r.ZavatarIdZmindZ
interfacesr$r$r%�
requestAvatarL
s



zRealm.requestAvatarc

Cs|jd
7_dSr�)
r|r-r$r$r%r�S
s
zRealm.logoutN)rHrIrJrKrr�r�r$r$r$r%r{9
s
r{c@s�eZ
dZd
ZeZdd�Zdd�Zdd�Zdd	�Z	d
d�Z
dd
�Zdd�Zdd�Z
dd�Zdd�Zdd�Zdd�Zdd�Zdd�Zdd�Zd d!�Zd"d#�Zd$d%�Zd&S)'�HTTPAuthHeaderTestsz.
    Tests for L{HTTPAuthSessionWrapper}.
    c

Cs�d
|_d|_
d|_d|_d|_t�|_|j�|j|j
�
t|jd�|_	|j	�
|jt|jd��
|j|j	i
|_t|jj
�
|_t�|j|jg
�|_g|_t|j|j�|_dS)z\
        Create a realm, portal, and L{HTTPAuthSessionWrapper} to use in the tests.
        sfoo barsbar bazs&contents of the avatar resource itselfs	foo-childs'contents of the foo child of the avatar�
text/plainN)r*r+�
avatarContent�	childName�childContentrZcheckerZaddUserr�avatar�putChild�avatarsr{�getr)rZPortal�credentialFactoriesr�wrapperr-r$r$r%r/^
s(









�




�zHTTPAuthHeaderTests.setUpcCs2t|j
d
|j�
}|
j�dd|�
t|j|
�S)z�
        Add an I{basic authorization} header to the given request and then
        dispatch it, starting from C{self.wrapper} and returning the resulting
        L{IResource}.
        r9�
authorization�Basic )r!r*r+�requestHeaders�addRawHeaderrr�)r.r(Z
authorizationr$r$r%�_authorizedBasicLogint
s


�z)HTTPAuthHeaderTests._authorizedBasicLoginc
sH�
��
j
g
�
�t�
j��}
���}��
fd
d�}|�|�

��|
�

|S)z�
        Resource traversal which encounters an L{HTTPAuthSessionWrapper}
        results in an L{UnauthorizedResource} instance when the request does
        not have the required I{Authorization} headers.
        c

s�
��j
d
�
dS�Nrm�rVrp�
�result�r(r.r$r%�
cbFinished�
s
z@HTTPAuthHeaderTests.test_getChildWithDefault.<locals>.cbFinished)r'r�rr��notifyFinish�addCallbackro�r.�child�
dr�r$r�r%rk�
s






z,HTTPAuthHeaderTests.test_getChildWithDefaultcsf�
j�
td
�
�

�
��
jg
�
��j�d|
�
t�
j��}��	�}��
fdd�}|�
|�

��|�

|S)a(

        Create a request with the given value as the value of an
        I{Authorization} header and perform resource traversal with it,
        starting at C{self.wrapper}.  Assert that the result is a 401 response
        code.  Return a L{Deferred} which fires when this is all done.
        rlr�c

s�
��j
d
�
dSr�r�r�r�r$r%r��
s
zAHTTPAuthHeaderTests._invalidAuthorizationTest.<locals>.cbFinished)r��appendrr'r�r�r�rr�r�r�ro)r.r>r�r�r�r$r�r%�_invalidAuthorizationTest�
s








z-HTTPAuthHeaderTests._invalidAuthorizationTestc

Cs|�d
t
d�
�
S)z�
        Resource traversal which enouncters an L{HTTPAuthSessionWrapper}
        results in an L{UnauthorizedResource} when the request has an
        I{Authorization} header with a user which does not exist.
        r�sfoo:bar)r�r!r-r$r$r%�(test_getChildWithDefaultUnauthorizedUser�
s

�z<HTTPAuthHeaderTests.test_getChildWithDefaultUnauthorizedUserc

Cs|�d
t
|jd�
�
S)z�
        Resource traversal which enouncters an L{HTTPAuthSessionWrapper}
        results in an L{UnauthorizedResource} when the request has an
        I{Authorization} header with a user which exists and the wrong
        password.
        r�s:bar)r�r!r*r-r$r$r%�,test_getChildWithDefaultUnauthorizedPassword�
s
�z@HTTPAuthHeaderTests.test_getChildWithDefaultUnauthorizedPasswordc

Cs
|�d
�
S)z�
        Resource traversal which enouncters an L{HTTPAuthSessionWrapper}
        results in an L{UnauthorizedResource} when the request has an
        I{Authorization} header with an unrecognized scheme.
        sQuux foo bar baz)
r�r-r$r$r%�*test_getChildWithDefaultUnrecognizedScheme�
sz>HTTPAuthHeaderTests.test_getChildWithDefaultUnrecognizedSchemec
sV�
j�
td
�
�

�
��
jg
�
��
���
}
���}��
fdd�}|�|�

��|
�

|S)z�
        Resource traversal which encounters an L{HTTPAuthSessionWrapper}
        results in an L{IResource} which renders the L{IResource} avatar
        retrieved from the portal when the request has a valid I{Authorization}
        header.
        rlc

s�
��j
�
jg
�
dSr)rVrur��
Zignoredr�r$r%r��
s
zJHTTPAuthHeaderTests.test_getChildWithDefaultAuthorized.<locals>.cbFinished)	r�r�rr'r�r�r�r�ror�r$r�r%�"test_getChildWithDefaultAuthorized�
s








z6HTTPAuthHeaderTests.test_getChildWithDefaultAuthorizedc
sR�
j�
td
�
�

�
�g�
��
���
}
���}��
fdd�}|�|�

��|
�

|S)a

        Resource traversal which terminates at an L{HTTPAuthSessionWrapper}
        and includes correct authentication headers results in the
        L{IResource} avatar (not one of its children) retrieved from the
        portal being rendered.
        rlc

s�
��j
�
jg
�
dSr)rVrur�r�r�r$r%r��
s
z=HTTPAuthHeaderTests.test_renderAuthorized.<locals>.cbFinished)r�r�rr'r�r�r�ror�r$r�r%�test_renderAuthorized�
s








z)HTTPAuthHeaderTests.test_renderAuthorizedc
sttt
�
Gd
d�dt��
}
|
���j���

���jg
�
�
t�j�
�}�
�	�}��
�fdd�}|�
|�

�
�|�

|S)z�
        When L{HTTPAuthSessionWrapper} finds an L{ICredentialFactory} to issue
        a challenge, it calls the C{getChallenge} method with the request as an
        argument.
        c@s eZ
dZd
Zdd�Zdd�ZdS)zUHTTPAuthHeaderTests.test_getChallengeCalledWithRequest.<locals>.DumbCredentialFactorysdumbc

Ss
g|_dSr)
�requestsr-r$r$r%r�
s
z^HTTPAuthHeaderTests.test_getChallengeCalledWithRequest.<locals>.DumbCredentialFactory.__init__cSs|j�
|
�

iSr)r�r�rvr$r$r%rb�
s

zbHTTPAuthHeaderTests.test_getChallengeCalledWithRequest.<locals>.DumbCredentialFactory.getChallengeN)rHrIrJ�schemerrbr$r$r$r%�DumbCredentialFactory�
sr�c

s���j
�
g
�
dSr)rVr�r���factoryr(r.r$r%r��
s
zJHTTPAuthHeaderTests.test_getChallengeCalledWithRequest.<locals>.cbFinished)rrr[r�r�r'r�rr�r�r�ro)r.r�r�r�r�r$r�r%�"test_getChallengeCalledWithRequest�
s










z6HTTPAuthHeaderTests.test_getChallengeCalledWithRequestc
Csh|j�
td
�
�

Gdd�dt�}
|j�|j|
��
|�|jg
�
}|�|�
}|�	|�

|�
|jjd�
|S)a

        Issue a request for an authentication-protected resource using valid
        credentials and then return the C{DummyRequest} instance which was
        used.

        This is a helper for tests about the behavior of the logout
        callback.
        rlc@seZ
dZd
d�ZdS)z7HTTPAuthHeaderTests._logoutTest.<locals>.SlowerResourcec
SstSrrrvr$r$r%ros
z>HTTPAuthHeaderTests._logoutTest.<locals>.SlowerResource.renderN)rHrIrJror$r$r$r%�SlowerResources
r�r
)
r�r�rrr�r�r�r'r�rorVr)r|)r.r�r(r�r$r$r%�_logoutTests	






zHTTPAuthHeaderTests._logoutTestc
Cs$|��}
|
�
�
|�|jjd
�
dS)zX
        The realm's logout callback is invoked after the resource is rendered.
        r�N)r�ZfinishrVr)r|rvr$r$r%�test_logouts

zHTTPAuthHeaderTests.test_logoutc
Cs.|��}
|
�
ttd
�
�
�

|�|jjd�
dS)z�
        The realm's logout callback is also invoked if there is an error
        generating the response (for example, if the client disconnects
        early).
        zSimulated disconnectr�N)r�ZprocessingFailedrrrVr)r|rvr$r$r%�test_logoutOnError#s



�z&HTTPAuthHeaderTests.test_logoutOnErrorc
CsH|j�
td
�
�

|�|jg
�
}
|
j�dd�
t|j|
�}|�	|t
�
dS)z�
        Resource traversal which enouncters an L{HTTPAuthSessionWrapper}
        results in an L{UnauthorizedResource} when the request has a I{Basic
        Authorization} header which cannot be decoded using base64.
        rlr�sBasic decode should failN)r�r�rr'r�r�r�rr��assertIsInstancer)r.r(r�r$r$r%�test_decodeRaises/s




z%HTTPAuthHeaderTests.test_decodeRaisesc
CsHd
}
|�|j
�|
�
d�
td�
}|j�|�

|�|j
�|
�
|df�
dS)z�
        L{HTTPAuthSessionWrapper._selectParseHeader} returns a two-tuple giving
        the L{ICredentialFactory} to use to parse the header and a string
        containing the portion of the header which remains to be parsed.
        sBasic abcdef123456)NNrlsabcdef123456N)rVr�Z_selectParseHeaderrr�r�)r.ZbasicAuthorizationr�r$r$r%�test_selectParseResponse<s



�




�z,HTTPAuthHeaderTests.test_selectParseResponsec
s�t�
|t�}
Gd
d�dt��G�f
dd�dt�}|j�|��

|�|jg
�
}|j	�
dd�
t|j|�}|�
|�

|�|jd�
|�dt|
�
�
|�|
d	d
j��
|�t|���
�
d�
dS)z�
        Any unexpected exception raised by the credential factory's C{decode}
        method results in a 500 response code and causes the exception to be
        logged.
        c
@seZ
dZd
S)zKHTTPAuthHeaderTests.test_unexpectedDecodeError.<locals>.UnexpectedExceptionN�rHrIrJr$r$r$r%�UnexpectedExceptionWs
r�cs$eZ
dZd
Zdd�Z�f
dd�ZdS)zBHTTPAuthHeaderTests.test_unexpectedDecodeError.<locals>.BadFactorysbadc
SsiSrr$)r.rOr$r$r%rb]s
zOHTTPAuthHeaderTests.test_unexpectedDecodeError.<locals>.BadFactory.getChallengec
s
���
dSrr$)r.r>r(�
r�r$r%r;`s
zIHTTPAuthHeaderTests.test_unexpectedDecodeError.<locals>.BadFactory.decodeN)rHrIrJr�rbr;r$r�r$r%�
BadFactoryZs
r�r�sBad abc��
r�r
�log_failureN)r�createWithCleanupr�	Exceptionr[r�r�r'r�r�r�rr�rorVrp�assertEquals�lenr��value�flushLoggedErrors)r.�logObserverr�r(r�r$r�r%�test_unexpectedDecodeErrorMs$

�	









�z.HTTPAuthHeaderTests.test_unexpectedDecodeErrorc
s�t�
|t�}
Gd
d�dt��G�f
dd�dt�}|j�|��

|j�t	d�
�

|�
|jg
�
}|�|�
}|�
|�

|�|jd�
|�dt|
�
�
|�|
dd	j��
|�t|���
�
d�
d
S)z�
        Any unexpected failure from L{Portal.login} results in a 500 response
        code and causes the failure to be logged.
        c
@seZ
dZd
S)zJHTTPAuthHeaderTests.test_unexpectedLoginError.<locals>.UnexpectedExceptionNr�r$r$r$r%r�zs
r�cseZ
dZef
Z�f
d
d�ZdS)zDHTTPAuthHeaderTests.test_unexpectedLoginError.<locals>.BrokenCheckerc
s
���
dSrr$)r.Zcredentialsr�r$r%�requestAvatarId�s
zTHTTPAuthHeaderTests.test_unexpectedLoginError.<locals>.BrokenChecker.requestAvatarIdN)rHrIrJrZcredentialInterfacesr�r$r�r$r%�
BrokenChecker}s
r�rlr�r�r
r�N)rr�rr�r[r�registerCheckerr�r�rr'r�r�rorVrpr�r�r�r�r�)r.r�r�r(r�r$r�r%�test_unexpectedLoginErrorqs$

�










�z-HTTPAuthHeaderTests.test_unexpectedLoginErrorc
s�d
�t��
j
t<�
j
t��
jt�d��
�
j�t��

�
j	�
td�
�

�
��
jg
�
�t
�
j��}
���}��
�fdd�}|�|�

��|
�

|S)zl
        Anonymous requests are allowed if a L{Portal} has an anonymous checker
        registered.
        s*contents of the unprotected child resourcer�rlc

s�
��j
�g
�
dSr)rVrur��r(r.ZunprotectedContentsr$r%r��s
z<HTTPAuthHeaderTests.test_anonymousAccess.<locals>.cbFinished)rr�r
r�r�rrr�rr�r�rr'rr�r�r�ror�r$r�r%�test_anonymousAccess�s


�







z(HTTPAuthHeaderTests.test_anonymousAccessN)rHrIrJrKrr'r/r�rkr�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r$r$r$r%r�X
s(

		
$ r�)=rKZ
__future__rrr Zzope.interfacerZzope.interface.verifyrZ
twisted.trialrZtwisted.python.failurerZtwisted.internet.errorrZtwisted.internet.addressr	Ztwisted.credr
rZtwisted.cred.checkersrr
rZtwisted.cred.credentialsrZtwisted.web.iwebrZtwisted.web.resourcerrrZtwisted.web._authrrZtwisted.web._auth.wrapperrrZtwisted.web._auth.basicrZtwisted.web.serverrZtwisted.web.staticrZtwisted.web.test.test_webrZtwisted.test.proto_helpersrZtwisted.loggerrr!r&rLZTestCaserPrQriZIRealmr[r{r�r$r$r$r%�<module>s>












ROU