From f558a1d1f2494ebc6e122547602c8c6fce0ef487 Mon Sep 17 00:00:00 2001
From: Lars Wirzenius <liw@liw.fi>
Date: Sun, 16 Apr 2017 10:34:07 +0300
Subject: Implement get_credentials

---
 distixapi/authn.py       | 16 +++++++++++++++-
 distixapi/authn_tests.py | 22 ++++++++++++++++++++++
 2 files changed, 37 insertions(+), 1 deletion(-)

diff --git a/distixapi/authn.py b/distixapi/authn.py
index 53816b6..a7fbbcf 100644
--- a/distixapi/authn.py
+++ b/distixapi/authn.py
@@ -1,6 +1,9 @@
 # Functions for checking authantication for API clients.
 
 
+import base64
+
+
 def get_credentials(request):
     '''Return username, password of API client.
 
@@ -9,8 +12,19 @@ def get_credentials(request):
 
     '''
 
-    raise AuthenticationError('No Authorization header')
+    header = request.get_header('Authorization')
+    if header is None:
+        raise AuthenticationError('No Authorization header')
+
+    words = header.split()
+    if len(words) == 0:
+        raise AuthenticationError('Authorization header has no value')
+
+    if len(words) != 2 or words[0].lower() != 'basic':
+        raise AuthenticationError('Authorization header is not for Basic Auth')
 
+    decoded = base64.b64decode(words[1])
+    return decoded.split(':', 1)
 
 
 class AuthenticationError(Exception):
diff --git a/distixapi/authn_tests.py b/distixapi/authn_tests.py
index a32ccce..063b400 100644
--- a/distixapi/authn_tests.py
+++ b/distixapi/authn_tests.py
@@ -1,3 +1,4 @@
+import base64
 import unittest
 
 import distixapi
@@ -10,12 +11,33 @@ class GetCredentialsTests(unittest.TestCase):
         with self.assertRaises(distixapi.AuthenticationError):
             distixapi.get_credentials(request)
 
+    def test_raises_error_if_empty_Authentication_header(self):
+        request = DummyRequest()
+        request.add_header('Authorization', '')
+        with self.assertRaises(distixapi.AuthenticationError):
+            distixapi.get_credentials(request)
+
     def test_raises_error_if_not_BasicAuth_header(self):
         request = DummyRequest()
         request.add_header('Authorization', 'Bearer token')
         with self.assertRaises(distixapi.AuthenticationError):
             distixapi.get_credentials(request)
 
+    def test_raises_error_if_no_BasicAuth_value(self):
+        request = DummyRequest()
+        request.add_header('Authorization', 'Basic')
+        with self.assertRaises(distixapi.AuthenticationError):
+            distixapi.get_credentials(request)
+
+    def test_returns_username_password(self):
+        request = DummyRequest()
+        username = 'fooser'
+        password = 'secret'
+        value = base64.b64encode('{}:{}'.format(username, password))
+        request.add_header('Authorization', 'Basic {}'.format(value))
+        u, p = distixapi.get_credentials(request)
+        self.assertEqual(username, u)
+        self.assertEqual(password, p)
 
 
 class DummyRequest(object):
-- 
cgit v1.2.1