User info from URL now applied to basic auth (#37)

Also moved wrap-oauth to match clj-http wrapper ordering for easier ongoing comparison.

Fixes #34

Author: lread

CHANGELOG.md

@@ -1,6 +1,7 @@
 ### Unreleased
 
 - If specified, request's body encoding is now applied, else defaults to UTF-8 ([#18](https://github.com/clj-commons/clj-http-lite/issues/18)) ([@lread](https://github.com/lread))
+- User info from request URL now applied to basic auth ([#34](https://github.com/clj-commons/clj-http-lite/issues/34)) ([@lread](https://github.com/lread))
 - Quality
   - Automated CI testing added for Windows ([#21](https://github.com/clj-commons/clj-http-lite/issues/21)) ([@lread](https://github.com/lread))
 

src/clj_http/lite/client.clj

@@ -236,24 +236,26 @@
   "Returns a battaries-included HTTP request function coresponding to the given
    core client. See client/client."
   [request]
+  ;; note to the uninitiated: wrapper behaviour is applied to requests in order listed here but
+  ;; from last to first
   (-> request
       wrap-query-params
+      wrap-basic-auth
+      wrap-oauth
       wrap-user-info
       wrap-url
       wrap-redirects
       wrap-decompression
       wrap-input-coercion
       wrap-output-coercion
       wrap-exceptions
-      wrap-basic-auth
       wrap-accept
       wrap-accept-encoding
       wrap-content-type
       wrap-form-params
       wrap-method
       wrap-links
-      wrap-unknown-host
-      wrap-oauth))
+      wrap-unknown-host))
 
 (def #^{:doc
         "Executes the HTTP request corresponding to the given map and returns

test/clj_http/test/client.clj

@@ -1,6 +1,6 @@
 (ns clj-http.test.client
   (:require [clj-http.lite.client :as client]
-            [clj-http.test.core :refer [base-req with-server]]
+            [clj-http.test.core :refer [base-req with-server current-port]]
             [clj-http.lite.util :as util]
             [clojure.test :refer [deftest is testing use-fixtures]])
   (:import (java.net UnknownHostException)))
@@ -19,6 +19,41 @@
     (is (= 200 (:status resp)))
     (is (= "get" (:body resp)))))
 
+(deftest ^{:integration true} basic-auth-no-creds
+  (let [resp (client/request (merge (base-req) {:method :get
+                                                :uri "/basic-auth"
+                                                :throw-exceptions false}))]
+    (is (= 401 (:status resp)))
+    (is (= "denied" (:body resp)))))
+
+(deftest ^{:integration true} basic-auth-bad-creds
+  (let [resp (client/request (merge (base-req) {:method :get
+                                                :uri "/basic-auth"
+                                                :throw-exceptions false
+                                                :basic-auth "username:nope"}))]
+    (is (= 401 (:status resp)))
+    (is (= "denied" (:body resp)))))
+
+(deftest ^{:integration true} basic-auth-creds-as-basic-auth
+  (let [resp (client/request (merge (base-req) {:method :get
+                                                :uri "/basic-auth"
+                                                :basic-auth "username:password"}))]
+    (is (= 200 (:status resp)))
+    (is (= "welcome" (:body resp)))))
+
+(deftest ^{:integration true} basic-auth-creds-as-user-info
+  (let [resp (client/request (merge (base-req) {:method :get
+                                                :uri "/basic-auth"
+                                                :user-info "username:password"}))]
+    (is (= 200 (:status resp)))
+    (is (= "welcome" (:body resp)))))
+
+(deftest ^{:integration true} basic-auth-creds-from-url
+  (let [resp (client/request {:method :get
+                              :url (format "http://username:password@localhost:%d/basic-auth" (current-port))})]
+    (is (= 200 (:status resp)))
+    (is (= "welcome" (:body resp)))))
+
 (defn is-passed [middleware req]
   (let [client (middleware identity)]
     (is (= req (client req)))))

test/clj_http/test/core.clj

@@ -4,10 +4,17 @@
             [clojure.test :refer [deftest is use-fixtures]]
             [clojure.string :as str]
             [ring.adapter.jetty :as ring])
-  (:import (org.eclipse.jetty.server Server ServerConnector)))
+  (:import (org.eclipse.jetty.server Server ServerConnector)
+           (java.util Base64)))
 
 (set! *warn-on-reflection* true)
 
+(defn b64-decode [^String s]
+  (when s
+    (-> (Base64/getDecoder)
+        (.decode s)
+        util/utf8-string)))
+
 (defn handler [req]
   (condp = [(:request-method req) (:uri req)]
     [:get "/get"]
@@ -20,15 +27,25 @@
     {:status 200 :body (get-in req [:headers "x-my-header"])}
     [:post "/post"]
     {:status 200 :body (slurp (:body req))}
-    [:get "/redirect"] {:status 302 :headers {"Location" "/get"} }
+    [:get "/redirect"] {:status 302 :headers {"Location" "/get"}}
     [:get "/error"]
     {:status 500 :body "o noes"}
     [:get "/timeout"]
     (do
       (Thread/sleep 10)
       {:status 200 :body "timeout"})
     [:delete "/delete-with-body"]
-    {:status 200 :body "delete-with-body"}))
+    {:status 200 :body "delete-with-body"}
+    ;; minimal to support testing
+    [:get "/basic-auth"]
+    (let [cred (some->> (get (:headers req) "authorization")
+                        (re-find #"^Basic (.*)$")
+                        last
+                        b64-decode)
+      [user pass] (and cred (str/split cred #":"))]
+      (if (and (= "username" user) (= "password" pass))
+        {:status 200 :body "welcome"}
+        {:status 401 :body "denied"}))))
 
 (defn make-server ^Server []
   (ring/run-jetty handler {:port         0 ;; Use a free port
@@ -204,3 +221,4 @@
   (let [stream (:body (request {:request-method :get :uri "/get" :as :stream}))
         body (slurp stream)]
     (is (= "get" body))))
+