1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
#!/usr/bin/env python3
# Copyright (C) 2015 - mod_auth_gssapi contributors, see COPYING for license.
import os
import requests
if __name__ == '__main__':
url = 'http://%s/nonego/' % (os.environ['NSS_WRAPPER_HOSTNAME'])
# ensure a 401 with the appropriate WWW-Authenticate header is returned
# when no auth is provided
r = requests.get(url)
if r.status_code != 401:
raise ValueError('NO Negotiate failed - 401 expected')
if not (r.headers.get("WWW-Authenticate") and
r.headers.get("WWW-Authenticate").startswith("Negotiate")):
raise ValueError('NO Negotiate failed - WWW-Authenticate '
'Negotiate header is absent')
# ensure a 401 with the WWW-Authenticate Negotiate header is absent
# when the special User-Agent is sent
r = requests.get(url, headers={'User-Agent': 'NONEGO'})
if r.status_code != 401:
raise ValueError('NO Negotiate failed - 401 expected')
if r.headers.get("WWW-Authenticate") and \
r.headers.get("WWW-Authenticate").startswith("Negotiate"):
raise ValueError('NO Negotiate failed - WWW-Authenticate '
'Negotiate header is present, should be absent')
|
