mirror of
https://github.com/warp-tech/warpgate.git
synced 2024-09-20 06:46:17 +08:00
57 lines
1.6 KiB
Python
57 lines
1.6 KiB
Python
|
import requests
|
||
|
|
||
|
from .util import create_ticket, wait_port
|
||
|
|
||
|
|
||
|
class TestHTTPUserAuthTicket:
|
||
|
def test_auth_password_success(
|
||
|
self,
|
||
|
http_common_wg_port,
|
||
|
):
|
||
|
wait_port(http_common_wg_port, recv=False)
|
||
|
url = f'https://localhost:{http_common_wg_port}'
|
||
|
|
||
|
secret = create_ticket(url, 'user', 'echo')
|
||
|
|
||
|
# ---
|
||
|
|
||
|
session = requests.Session()
|
||
|
session.verify = False
|
||
|
|
||
|
response = session.get(
|
||
|
f'{url}/some/path?warpgate-target=echo',
|
||
|
allow_redirects=False,
|
||
|
)
|
||
|
assert response.status_code // 100 != 2
|
||
|
|
||
|
# Ticket as a header
|
||
|
response = session.get(
|
||
|
f'{url}/some/path?warpgate-target=echo',
|
||
|
allow_redirects=False,
|
||
|
headers={
|
||
|
'Authorization': f'Warpgate {secret}',
|
||
|
},
|
||
|
)
|
||
|
assert response.status_code // 100 == 2
|
||
|
assert response.json()['path'] == '/some/path'
|
||
|
|
||
|
# Ticket as a GET param
|
||
|
session = requests.Session()
|
||
|
session.verify = False
|
||
|
response = session.get(
|
||
|
f'{url}/some/path?warpgate-ticket={secret}',
|
||
|
allow_redirects=False,
|
||
|
)
|
||
|
assert response.status_code // 100 == 2
|
||
|
assert response.json()['path'] == '/some/path'
|
||
|
|
||
|
# Ensure no access to other targets
|
||
|
session = requests.Session()
|
||
|
session.verify = False
|
||
|
response = session.get(
|
||
|
f'{url}/some/path?warpgate-ticket={secret}&warpgate-target=admin',
|
||
|
allow_redirects=False,
|
||
|
)
|
||
|
assert response.status_code // 100 == 2
|
||
|
assert response.json()['path'] == '/some/path'
|