[Zope3-checkins] SVN: Zope3/branches/3.3/src/zope/app/ - Fix for issue 682: Quoting realm in WWW-Authenticate header properly

Christian Theune ct at gocept.com
Mon Aug 14 08:49:46 EDT 2006


Log message for revision 69465:
   - Fix for issue 682: Quoting realm in WWW-Authenticate header properly
  

Changed:
  U   Zope3/branches/3.3/src/zope/app/authentication/httpplugins.py
  U   Zope3/branches/3.3/src/zope/app/ftests/doctest.txt
  U   Zope3/branches/3.3/src/zope/app/http/exception/unauthorized.py
  U   Zope3/branches/3.3/src/zope/app/publisher/xmlrpc/README.txt
  U   Zope3/branches/3.3/src/zope/app/security/basicauthadapter.py
  U   Zope3/branches/3.3/src/zope/app/security/browser/auth.py
  U   Zope3/branches/3.3/src/zope/app/security/principalregistry.py
  U   Zope3/branches/3.3/src/zope/app/security/tests/test_basicauthadapter.py
  U   Zope3/branches/3.3/src/zope/app/security/tests/test_principalregistry.py
  U   Zope3/branches/3.3/src/zope/app/testing/recorded/test0001.response
  U   Zope3/branches/3.3/src/zope/app/testing/tests.py

-=-
Modified: Zope3/branches/3.3/src/zope/app/authentication/httpplugins.py
===================================================================
--- Zope3/branches/3.3/src/zope/app/authentication/httpplugins.py	2006-08-14 12:33:43 UTC (rev 69464)
+++ Zope3/branches/3.3/src/zope/app/authentication/httpplugins.py	2006-08-14 12:49:46 UTC (rev 69465)
@@ -47,7 +47,7 @@
     protocol = 'http auth'
 
     def extractCredentials(self, request):
-        """Extracts HTTP basic auth credentisla from a request.
+        """Extracts HTTP basic auth credentials from a request.
 
         First we need to create a request that contains some credentials.
 

Modified: Zope3/branches/3.3/src/zope/app/ftests/doctest.txt
===================================================================
--- Zope3/branches/3.3/src/zope/app/ftests/doctest.txt	2006-08-14 12:33:43 UTC (rev 69464)
+++ Zope3/branches/3.3/src/zope/app/ftests/doctest.txt	2006-08-14 12:49:46 UTC (rev 69465)
@@ -23,7 +23,7 @@
   HTTP/1.1 401 Unauthorized
   Content-Length: ...
   Content-Type: text/html;charset=utf-8
-  WWW-Authenticate: basic realm=zope
+  WWW-Authenticate: basic realm="Zope"
   <BLANKLINE>
   <!DOCTYPE html PUBLIC ...
 

Modified: Zope3/branches/3.3/src/zope/app/http/exception/unauthorized.py
===================================================================
--- Zope3/branches/3.3/src/zope/app/http/exception/unauthorized.py	2006-08-14 12:33:43 UTC (rev 69464)
+++ Zope3/branches/3.3/src/zope/app/http/exception/unauthorized.py	2006-08-14 12:49:46 UTC (rev 69465)
@@ -29,7 +29,7 @@
         self.request = request
 
     def __call__(self):
-        self.request.unauthorized("basic realm='Zope'")
+        self.request.unauthorized('basic realm="Zope"')
         return ''
 
     __str__ = __call__

Modified: Zope3/branches/3.3/src/zope/app/publisher/xmlrpc/README.txt
===================================================================
--- Zope3/branches/3.3/src/zope/app/publisher/xmlrpc/README.txt	2006-08-14 12:33:43 UTC (rev 69464)
+++ Zope3/branches/3.3/src/zope/app/publisher/xmlrpc/README.txt	2006-08-14 12:49:46 UTC (rev 69465)
@@ -109,7 +109,7 @@
   HTTP/1.0 401 Unauthorized
   Content-Length: 126
   Content-Type: text/xml;charset=utf-8
-  WWW-Authenticate: basic realm='Zope'
+  WWW-Authenticate: basic realm="Zope"
   <BLANKLINE>
   <?xml version='1.0'?>
   <methodResponse>
@@ -229,7 +229,7 @@
   HTTP/1.0 401 Unauthorized
   Content-Length: 126
   Content-Type: text/xml;charset=utf-8
-  WWW-Authenticate: basic realm='Zope'
+  WWW-Authenticate: basic realm="Zope"
   <BLANKLINE>
   <?xml version='1.0'?>
   <methodResponse>

Modified: Zope3/branches/3.3/src/zope/app/security/basicauthadapter.py
===================================================================
--- Zope3/branches/3.3/src/zope/app/security/basicauthadapter.py	2006-08-14 12:33:43 UTC (rev 69464)
+++ Zope3/branches/3.3/src/zope/app/security/basicauthadapter.py	2006-08-14 12:49:46 UTC (rev 69465)
@@ -37,4 +37,4 @@
         LoginPassword.__init__(self, login, password)
 
     def needLogin(self, realm):
-        self.__request.unauthorized("basic realm=%s" % realm)
+        self.__request.unauthorized('basic realm="%s"'% realm)

Modified: Zope3/branches/3.3/src/zope/app/security/browser/auth.py
===================================================================
--- Zope3/branches/3.3/src/zope/app/security/browser/auth.py	2006-08-14 12:33:43 UTC (rev 69464)
+++ Zope3/branches/3.3/src/zope/app/security/browser/auth.py	2006-08-14 12:49:46 UTC (rev 69465)
@@ -110,7 +110,7 @@
         # we don't want to keep challenging if we're authenticated
         if IUnauthenticatedPrincipal.providedBy(self.request.principal):
             # hard-code basic auth challenge
-            self.request.unauthorized("basic realm='Zope'")
+            self.request.unauthorized('basic realm="Zope"')
             return self.failed()
         else:
             if nextURL is None:

Modified: Zope3/branches/3.3/src/zope/app/security/principalregistry.py
===================================================================
--- Zope3/branches/3.3/src/zope/app/security/principalregistry.py	2006-08-14 12:33:43 UTC (rev 69464)
+++ Zope3/branches/3.3/src/zope/app/security/principalregistry.py	2006-08-14 12:49:46 UTC (rev 69465)
@@ -65,7 +65,7 @@
     def unauthorized(self, id, request):
         if id is None or id is self.__defaultid:
             a = interfaces.ILoginPassword(request)
-            a.needLogin(realm="zope")
+            a.needLogin(realm="Zope")
 
     def getPrincipal(self, id):
         r = self.__principalsById.get(id)

Modified: Zope3/branches/3.3/src/zope/app/security/tests/test_basicauthadapter.py
===================================================================
--- Zope3/branches/3.3/src/zope/app/security/tests/test_basicauthadapter.py	2006-08-14 12:33:43 UTC (rev 69464)
+++ Zope3/branches/3.3/src/zope/app/security/tests/test_basicauthadapter.py	2006-08-14 12:49:46 UTC (rev 69465)
@@ -48,7 +48,7 @@
         r = Request(None)
         a = BasicAuthAdapter(r)
         a.needLogin("tim")
-        self.assertEqual(r.challenge, "basic realm=tim")
+        self.assertEqual(r.challenge, 'basic realm="tim"')
 
 def test_suite():
     loader=unittest.TestLoader()

Modified: Zope3/branches/3.3/src/zope/app/security/tests/test_principalregistry.py
===================================================================
--- Zope3/branches/3.3/src/zope/app/security/tests/test_principalregistry.py	2006-08-14 12:33:43 UTC (rev 69464)
+++ Zope3/branches/3.3/src/zope/app/security/tests/test_principalregistry.py	2006-08-14 12:49:46 UTC (rev 69465)
@@ -122,10 +122,10 @@
     def testUnauthorized(self):
         request = Request(None)
         self.reg.unauthorized(self.reg.unauthenticatedPrincipal(), request)
-        self.assertEquals(request.challenge, "basic realm=zope")
+        self.assertEquals(request.challenge, 'basic realm="Zope"')
         request = Request(None)
         self.reg.unauthorized(None, request)
-        self.assertEquals(request.challenge, "basic realm=zope")
+        self.assertEquals(request.challenge, 'basic realm="Zope"')
         request = Request(None)
         self.reg.unauthorized("1", request)
         self.assertEquals(request.challenge, None)

Modified: Zope3/branches/3.3/src/zope/app/testing/recorded/test0001.response
===================================================================
--- Zope3/branches/3.3/src/zope/app/testing/recorded/test0001.response	2006-08-14 12:33:43 UTC (rev 69464)
+++ Zope3/branches/3.3/src/zope/app/testing/recorded/test0001.response	2006-08-14 12:49:46 UTC (rev 69465)
@@ -4,7 +4,7 @@
 X-Powered-By: Zope (www.zope.org), Python (www.python.org)
 Date: Fri, 20 Aug 2004 10:35:05 GMT
 Content-Type: text/html;charset=utf-8
-WWW-Authenticate: basic realm=zope
+WWW-Authenticate: basic realm="Zope"
 Server: zope.server.http (HTTP)
 
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"

Modified: Zope3/branches/3.3/src/zope/app/testing/tests.py
===================================================================
--- Zope3/branches/3.3/src/zope/app/testing/tests.py	2006-08-14 12:33:43 UTC (rev 69464)
+++ Zope3/branches/3.3/src/zope/app/testing/tests.py	2006-08-14 12:49:46 UTC (rev 69465)
@@ -47,7 +47,7 @@
   HTTP/1.1 401 Unauthorized
   Content-Length: 89
   Content-Type: text/html;charset=utf-8
-  Www-Authenticate: basic realm=zope
+  Www-Authenticate: basic realm="Zope"
   <BLANKLINE>
   <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"
         lang="en">
@@ -135,7 +135,7 @@
         dochttp(['-p', 'test', directory])
         got = sys.stdout.getvalue()
         sys.stdout = old
-        self.assert_(got == expected)
+        self.assertEquals(expected, got)
 
 
 class AuthHeaderTestCase(unittest.TestCase):



More information about the Zope3-Checkins mailing list