haskell/yesod
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'master' of github.com:yesodweb/yesod

Browse Source
This commit is contained in:
Michael Snoyman 2019-10-10 06:44:12 +03:00
commit b5fb6caca0
No known key found for this signature in database
GPG Key ID: 907EAE2F42B52046
4 changed files with 48 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
yesod-test/ChangeLog.md
View File

@ -1,5 +1,9 @@
# ChangeLog for yesod-test # ChangeLog for yesod-test
## 1.6.7
Add `addBasicAuthHeader` function [#1632](https://github.com/yesodweb/yesod/pull/1632)
## 1.6.6.2 ## 1.6.6.2
addPostParam will now URL-encode keys and values to prevent corruption addPostParam will now URL-encode keys and values to prevent corruption

18
yesod-test/Yesod/Test.hs
View File

@ -66,6 +66,7 @@ module Yesod.Test
, getLocation , getLocation
, request , request
, addRequestHeader , addRequestHeader
, addBasicAuthHeader
, setMethod , setMethod
, addPostParam , addPostParam
, addGetParam , addGetParam
@ -156,6 +157,7 @@ import qualified Network.Socket.Internal as Sock
#endif #endif
import Data.CaseInsensitive (CI) import Data.CaseInsensitive (CI)
import qualified Data.CaseInsensitive as CI
import Network.Wai import Network.Wai
import Network.Wai.Test hiding (assertHeader, assertNoHeader, request) import Network.Wai.Test hiding (assertHeader, assertNoHeader, request)
import Control.Monad.Trans.Reader (ReaderT (..)) import Control.Monad.Trans.Reader (ReaderT (..))
@ -189,6 +191,7 @@ type HasCallStack = (?callStack :: CallStack)
import GHC.Exts (Constraint) import GHC.Exts (Constraint)
type HasCallStack = (() :: Constraint) type HasCallStack = (() :: Constraint)
#endif #endif
import Data.ByteArray.Encoding (convertToBase, Base(..))
{-# DEPRECATED byLabel "This function seems to have multiple bugs (ref: https://github.com/yesodweb/yesod/pull/1459). Use byLabelExact, byLabelContain, byLabelPrefix or byLabelSuffix instead" #-} {-# DEPRECATED byLabel "This function seems to have multiple bugs (ref: https://github.com/yesodweb/yesod/pull/1459). Use byLabelExact, byLabelContain, byLabelPrefix or byLabelSuffix instead" #-}
{-# DEPRECATED fileByLabel "This function seems to have multiple bugs (ref: https://github.com/yesodweb/yesod/pull/1459). Use fileByLabelExact, fileByLabelContain, fileByLabelPrefix or fileByLabelSuffix instead" #-} {-# DEPRECATED fileByLabel "This function seems to have multiple bugs (ref: https://github.com/yesodweb/yesod/pull/1459). Use fileByLabelExact, fileByLabelContain, fileByLabelPrefix or fileByLabelSuffix instead" #-}
@ -1144,6 +1147,21 @@ addRequestHeader header = modifySIO $ \rbd -> rbd
{ rbdHeaders = header : rbdHeaders rbd { rbdHeaders = header : rbdHeaders rbd
} }
-- | Adds a header for <https://en.wikipedia.org/wiki/Basic_access_authentication HTTP Basic Authentication> to the request
--
-- ==== __Examples__
--
-- > request $ do
-- > addBasicAuthHeader "Aladdin" "OpenSesame"
--
-- @since 1.6.7
addBasicAuthHeader :: CI ByteString -- ^ Username
-> CI ByteString -- ^ Password
-> RequestBuilder site ()
addBasicAuthHeader username password =
let credentials = convertToBase Base64 $ CI.original $ username <> ":" <> password
in addRequestHeader ("Authorization", "Basic " <> credentials)
-- | The general interface for performing requests. 'request' takes a 'RequestBuilder', -- | The general interface for performing requests. 'request' takes a 'RequestBuilder',
-- constructs a request, and executes it. -- constructs a request, and executes it.
-- --

25
yesod-test/test/main.hs
View File

@ -38,7 +38,7 @@ import Data.Either (isLeft, isRight)
import Data.ByteString.Lazy.Char8 () import Data.ByteString.Lazy.Char8 ()
import qualified Data.Map as Map import qualified Data.Map as Map
import qualified Text.HTML.DOM as HD import qualified Text.HTML.DOM as HD
import Network.HTTP.Types.Status (status301, status303, status422, unsupportedMediaType415) import Network.HTTP.Types.Status (status301, status303, status403, status422, unsupportedMediaType415)
import UnliftIO.Exception (tryAny, SomeException, try) import UnliftIO.Exception (tryAny, SomeException, try)
import qualified Web.Cookie as Cookie import qualified Web.Cookie as Cookie
import Data.Maybe (isNothing) import Data.Maybe (isNothing)
@ -444,6 +444,21 @@ main = hspec $ do
loc <- getLocation loc <- getLocation
liftIO $ assertBool "expected a Left when not a redirect" $ isLeft loc liftIO $ assertBool "expected a Left when not a redirect" $ isLeft loc
describe "Basic Authentication" $ yesodSpec app $ do
yit "rejects no header" $ do
get ("checkBasicAuth" :: Text)
statusIs 403
yit "rejects incorrect header" $ do
request $ do
setUrl ("checkBasicAuth" :: Text)
addBasicAuthHeader "Aladdin" "foo"
statusIs 403
yit "accepts correct header" $ do
request $ do
setUrl ("checkBasicAuth" :: Text)
addBasicAuthHeader "Aladdin" "OpenSesame"
statusIs 200
instance RenderMessage LiteApp FormMessage where instance RenderMessage LiteApp FormMessage where
renderMessage _ _ = defaultFormMessage renderMessage _ _ = defaultFormMessage
@ -530,6 +545,14 @@ app = liteApp $ do
if actual == expected if actual == expected
then return () then return ()
else sendResponseStatus unsupportedMediaType415 () else sendResponseStatus unsupportedMediaType415 ()
onStatic "checkBasicAuth" $ dispatchTo $ do
headers <- requestHeaders <$> waiRequest
let authHeader = lookup "Authorization" headers
-- Copied from the Wikipedia Aladdin:OpenSesame example
if authHeader == Just "Basic QWxhZGRpbjpPcGVuU2VzYW1l"
then return ()
else sendResponseStatus status403 ()
cookieApp :: LiteApp cookieApp :: LiteApp
cookieApp = liteApp $ do cookieApp = liteApp $ do

3
yesod-test/yesod-test.cabal
View File

@ -1,5 +1,5 @@
name: yesod-test name: yesod-test
version: 1.6.6.2 version: 1.6.7
license: MIT license: MIT
license-file: LICENSE license-file: LICENSE
author: Nubis <nubis@woobiz.com.ar> author: Nubis <nubis@woobiz.com.ar>
@ -28,6 +28,7 @@ library
, html-conduit >= 0.1 , html-conduit >= 0.1
, http-types >= 0.7 , http-types >= 0.7
, network >= 2.2 , network >= 2.2
, memory
, pretty-show >= 1.6 , pretty-show >= 1.6
, semigroups , semigroups
, text , text