Remove HTTPKerberosAuth shim

Author: aiudirog

HISTORY.rst

@@ -6,6 +6,7 @@ History
 
 - Fork project to httpx-gssapi
 - Replace all requests handling to support HTTPX
+- Remove HTTPKerberosAuth shim
 
 
 1.2.0: 2020-02-18

httpx_gssapi/__init__.py

@@ -15,7 +15,6 @@
 """
 __all__ = (
     'HTTPSPNEGOAuth',
-    'HTTPKerberosAuth',
     'MutualAuthenticationError',
     'REQUIRED',
     'OPTIONAL',
@@ -27,7 +26,6 @@
 
 from .gssapi_ import HTTPSPNEGOAuth, REQUIRED, OPTIONAL, DISABLED
 from .exceptions import MutualAuthenticationError
-from .compat import HTTPKerberosAuth
 
 from ._version import get_versions
 __version__ = get_versions()['version']

httpx_gssapi/compat.py

@@ -99,7 +99,7 @@ def test_negotate_value_extraction_none():
 
 
 def test_force_preemptive(patched_ctx):
-    auth = httpx_gssapi.HTTPKerberosAuth(force_preemptive=True)
+    auth = httpx_gssapi.HTTPSPNEGOAuth(opportunistic_auth=True)
 
     request = null_request()
 
@@ -111,7 +111,7 @@ def test_force_preemptive(patched_ctx):
 
 
 def test_no_force_preemptive(patched_ctx):
-    auth = httpx_gssapi.HTTPKerberosAuth()
+    auth = httpx_gssapi.HTTPSPNEGOAuth()
 
     request = null_request()
 
@@ -124,7 +124,7 @@ def test_no_force_preemptive(patched_ctx):
 def test_generate_request_header(patched_ctx):
     resp = null_response(headers=neg_token)
     host = resp.url.host
-    auth = httpx_gssapi.HTTPKerberosAuth()
+    auth = httpx_gssapi.HTTPSPNEGOAuth()
     assert auth.generate_request_header(host, resp) == b64_negotiate_response
     check_init()
     fake_resp.assert_called_with(b"token")
@@ -133,7 +133,7 @@ def test_generate_request_header(patched_ctx):
 def test_generate_request_header_init_error(patched_ctx_fail):
     response = null_response(headers=neg_token)
     host = response.url.host
-    auth = httpx_gssapi.HTTPKerberosAuth()
+    auth = httpx_gssapi.HTTPSPNEGOAuth()
     with pytest.raises(httpx_gssapi.exceptions.SPNEGOExchangeError):
         auth.generate_request_header(host, response)
     check_init()
@@ -142,7 +142,7 @@ def test_generate_request_header_init_error(patched_ctx_fail):
 def test_generate_request_header_step_error(patched_ctx_fail):
     response = null_response(headers=neg_token)
     host = response.url.host
-    auth = httpx_gssapi.HTTPKerberosAuth()
+    auth = httpx_gssapi.HTTPSPNEGOAuth()
     with pytest.raises(httpx_gssapi.exceptions.SPNEGOExchangeError):
         auth.generate_request_header(host, response)
     check_init()
@@ -155,7 +155,7 @@ def test_authenticate_user(patched_ctx):
         request=null_request(),
         headers=neg_token,
     )
-    auth = httpx_gssapi.HTTPKerberosAuth()
+    auth = httpx_gssapi.HTTPSPNEGOAuth()
     request = auth.authenticate_user(response)
     assert 'Authorization' in request.headers
     assert request.headers['Authorization'] == b64_negotiate_response
@@ -170,7 +170,7 @@ def test_handle_401(patched_ctx):
         headers=neg_token,
     )
 
-    auth = httpx_gssapi.HTTPKerberosAuth()
+    auth = httpx_gssapi.HTTPSPNEGOAuth()
     request = auth.handle_401(response)
     assert 'Authorization' in request.headers
     assert request.headers['Authorization'] == b64_negotiate_response
@@ -184,7 +184,7 @@ def test_authenticate_server(patched_ctx):
         'authorization': b64_negotiate_response,
     })
 
-    auth = httpx_gssapi.HTTPKerberosAuth()
+    auth = httpx_gssapi.HTTPSPNEGOAuth()
     auth.context = {"www.example.org": gssapi.SecurityContext}
     assert auth.authenticate_server(response_ok)
     fake_resp.assert_called_with(b"servertoken")
@@ -196,7 +196,7 @@ def test_handle_other(patched_ctx):
         'authorization': b64_negotiate_response,
     })
 
-    auth = httpx_gssapi.HTTPKerberosAuth(mutual_authentication=REQUIRED)
+    auth = httpx_gssapi.HTTPSPNEGOAuth(mutual_authentication=REQUIRED)
     auth.context = {"www.example.org": gssapi.SecurityContext}
 
     auth.handle_mutual_auth(response_ok)  # No error raised
@@ -209,7 +209,7 @@ def test_handle_response_200(patched_ctx):
         'authorization': b64_negotiate_response,
     })
 
-    auth = httpx_gssapi.HTTPKerberosAuth(mutual_authentication=REQUIRED)
+    auth = httpx_gssapi.HTTPSPNEGOAuth(mutual_authentication=REQUIRED)
     auth.context = {"www.example.org": gssapi.SecurityContext}
 
     flow = auth.handle_response(response_ok)
@@ -221,7 +221,7 @@ def test_handle_response_200(patched_ctx):
 def test_handle_response_200_mutual_auth_required_failure(patched_ctx_fail):
     response_ok = null_response()
 
-    auth = httpx_gssapi.HTTPKerberosAuth(mutual_authentication=REQUIRED)
+    auth = httpx_gssapi.HTTPSPNEGOAuth(mutual_authentication=REQUIRED)
     auth.context = {"www.example.org": "CTX"}
 
     flow = auth.handle_response(response_ok)
@@ -237,7 +237,7 @@ def test_handle_response_200_mutual_auth_required_failure_2(patched_ctx_fail):
         'authorization': b64_negotiate_response,
     })
 
-    auth = httpx_gssapi.HTTPKerberosAuth(mutual_authentication=REQUIRED)
+    auth = httpx_gssapi.HTTPSPNEGOAuth(mutual_authentication=REQUIRED)
     auth.context = {"www.example.org": gssapi.SecurityContext}
 
     flow = auth.handle_response(response_ok)
@@ -253,7 +253,7 @@ def test_handle_response_200_mutual_auth_optional_hard_fail(patched_ctx_fail):
         'authorization': b64_negotiate_response,
     })
 
-    auth = httpx_gssapi.HTTPKerberosAuth(mutual_authentication=OPTIONAL)
+    auth = httpx_gssapi.HTTPSPNEGOAuth(mutual_authentication=OPTIONAL)
     auth.context = {"www.example.org": gssapi.SecurityContext}
 
     flow = auth.handle_response(response_ok)
@@ -266,7 +266,7 @@ def test_handle_response_200_mutual_auth_optional_hard_fail(patched_ctx_fail):
 def test_handle_response_200_mutual_auth_optional_soft_failure(patched_ctx):
     response_ok = null_response()
 
-    auth = httpx_gssapi.HTTPKerberosAuth(mutual_authentication=OPTIONAL)
+    auth = httpx_gssapi.HTTPSPNEGOAuth(mutual_authentication=OPTIONAL)
     auth.context = {"www.example.org": gssapi.SecurityContext}
 
     flow = auth.handle_response(response_ok)
@@ -283,7 +283,7 @@ def test_handle_response_500_mutual_auth_required_failure(patched_ctx_fail):
     )
     response_500._content = b"CONTENT"
 
-    auth = httpx_gssapi.HTTPKerberosAuth(mutual_authentication=REQUIRED)
+    auth = httpx_gssapi.HTTPSPNEGOAuth(mutual_authentication=REQUIRED)
     auth.context = {"www.example.org": "CTX"}
 
     flow = auth.handle_response(response_500)
@@ -305,7 +305,7 @@ def test_handle_response_500_mutual_auth_required_fail_no_san(patched_ctx_fail):
     )
     response_500._content = b'CONTENT'
 
-    auth = httpx_gssapi.HTTPKerberosAuth(
+    auth = httpx_gssapi.HTTPSPNEGOAuth(
         mutual_authentication=REQUIRED,
         sanitize_mutual_error_response=False
     )
@@ -330,7 +330,7 @@ def test_handle_response_500_mutual_auth_optional_failure(patched_ctx_fail):
     )
     response_500._content = b'CONTENT'
 
-    auth = httpx_gssapi.HTTPKerberosAuth(mutual_authentication=OPTIONAL)
+    auth = httpx_gssapi.HTTPSPNEGOAuth(mutual_authentication=OPTIONAL)
     auth.context = {"www.example.org": "CTX"}
 
     flow = auth.handle_response(response_500)
@@ -346,7 +346,7 @@ def test_handle_response_500_mutual_auth_optional_failure(patched_ctx_fail):
 
 
 def test_handle_response_401(patched_ctx):
-    auth = httpx_gssapi.HTTPKerberosAuth()
+    auth = httpx_gssapi.HTTPSPNEGOAuth()
     response_401 = null_response(status=401, headers=neg_token)
     flow = auth.handle_response(response_401)
     request = next(flow)
@@ -362,7 +362,7 @@ def test_handle_response_401(patched_ctx):
 def test_handle_response_401_rejected(patched_ctx):
     # Get a 401 from server, authenticate, and get another 401 back.
     # Ensure there is no infinite auth loop.
-    auth = httpx_gssapi.HTTPKerberosAuth()
+    auth = httpx_gssapi.HTTPSPNEGOAuth()
     response_401 = null_response(status=401, headers=neg_token)
     flow = auth.handle_response(response_401)
 
@@ -381,16 +381,8 @@ def test_handle_response_401_rejected(patched_ctx):
     fake_resp.assert_called_with(b"token")
 
 
-def test_generate_request_header_custom_service(patched_ctx):
-    response = null_response(headers=neg_token)
-    auth = httpx_gssapi.HTTPKerberosAuth(service="barfoo")
-    auth.generate_request_header(response.url.host, response),
-    check_init(name=gssapi_name("[email protected]"))
-    fake_resp.assert_called_with(b"token")
-
-
 def test_delegation(patched_ctx):
-    auth = httpx_gssapi.HTTPKerberosAuth(delegate=True)
+    auth = httpx_gssapi.HTTPSPNEGOAuth(delegate=True)
     response_401 = null_response(status=401, headers=neg_token)
     flow = auth.handle_response(response_401)
     request = next(flow)
@@ -403,27 +395,6 @@ def test_delegation(patched_ctx):
     fake_resp.assert_called_with(b"token")
 
 
-def test_principal_override(patched_ctx, patched_creds):
-    response = null_response(headers=neg_token)
-    auth = httpx_gssapi.HTTPKerberosAuth(principal="user@REALM")
-    auth.generate_request_header(response.url.host, response)
-    fake_creds.assert_called_with(
-        gssapi.creds.Credentials,
-        usage="initiate",
-        name=gssapi_name("user@REALM"),
-    )
-    check_init(creds=b"fake creds")
-
-
-def test_realm_override(patched_ctx):
-    response = null_response(headers=neg_token)
-    otherhost = "otherhost.otherdomain.org"
-    auth = httpx_gssapi.HTTPKerberosAuth(hostname_override=otherhost)
-    auth.generate_request_header(response.url.host, response)
-    check_init(name=gssapi_name(f"HTTP@{otherhost}"))
-    fake_resp.assert_called_with(b"token")
-
-
 def test_opportunistic_auth(patched_ctx):
     auth = httpx_gssapi.HTTPSPNEGOAuth(opportunistic_auth=True)