diff options
Diffstat (limited to 'testing/web-platform/tests/xhr/resources/authentication.py')
-rw-r--r-- | testing/web-platform/tests/xhr/resources/authentication.py | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/testing/web-platform/tests/xhr/resources/authentication.py b/testing/web-platform/tests/xhr/resources/authentication.py new file mode 100644 index 0000000000..50b5c801d6 --- /dev/null +++ b/testing/web-platform/tests/xhr/resources/authentication.py @@ -0,0 +1,24 @@ +def main(request, response): + session_user = request.auth.username + session_pass = request.auth.password + expected_user_name = request.headers.get(b"X-User", None) + + token = expected_user_name + if session_user is None and session_pass is None: + if token is not None and request.server.stash.take(token) is not None: + return b'FAIL (did not authorize)' + else: + if token is not None: + request.server.stash.put(token, b"1") + status = (401, b'Unauthorized') + headers = [(b'WWW-Authenticate', b'Basic realm="test"')] + return status, headers, b'FAIL (should be transparent)' + else: + if request.server.stash.take(token) == b"1": + challenge = b"DID" + else: + challenge = b"DID-NOT" + headers = [(b'XHR-USER', expected_user_name), + (b'SES-USER', session_user), + (b"X-challenge", challenge)] + return headers, session_user + b"\n" + session_pass |