[js] Do not drop user auth info from the WebDriver server URL

Fixes #1167

Author: jleyba

javascript/node/selenium-webdriver/CHANGES.md

@@ -5,6 +5,7 @@
 * FIXED: the `webdriver.promise.ControlFlow` now has a consistent execution
     order for tasks/callbacks scheduled in different turns of the JS event loop.
     Refer to the `webdriver.promise` documentation for more details.
+* FIXED: do not drop user auth from the WebDriver server URL.
 * FIXED: a single `firefox.Binary` instance may be used to configure and
     launch multiple FirefoxDriver sessions.
 

javascript/node/selenium-webdriver/http/index.js

@@ -55,6 +55,7 @@ var HttpClient = function(serverUrl, opt_agent, opt_proxy) {
    * @private {!Object}
    */
   this.options_ = {
+    auth: parsedUrl.auth,
     host: parsedUrl.hostname,
     path: parsedUrl.pathname,
     port: parsedUrl.port
@@ -81,6 +82,7 @@ HttpClient.prototype.send = function(httpRequest, callback) {
 
   var options = {
     method: httpRequest.method,
+    auth: this.options_.auth,
     host: this.options_.host,
     port: this.options_.port,
     path: path,

javascript/node/selenium-webdriver/test/http/http_test.js

@@ -17,6 +17,7 @@
 
 var assert = require('assert');
 var http = require('http');
+var url = require('url');
 
 var HttpClient = require('../../http').HttpClient;
 var HttpRequest = require('../../_base').require('webdriver.http.Request');
@@ -25,7 +26,7 @@ var promise = require('../..').promise;
 var test = require('../../lib/test');
 
 describe('HttpClient', function() {
-  this.timeout(4*1000);
+  this.timeout(4 * 1000);
 
   var server = new Server(function(req, res) {
     if (req.method == 'GET' && req.url == '/echo') {
@@ -44,6 +45,30 @@ describe('HttpClient', function() {
       res.writeHead(303, {});
       res.end();
 
+    } else if (req.method == 'GET' && req.url == '/protected') {
+      var denyAccess = function() {
+        res.writeHead(401, {'WWW-Authenticate': 'Basic realm="test"'});
+        res.end('Access denied');
+      };
+
+      var basicAuthRegExp = /^\s*basic\s+([a-z0-9\-\._~\+\/]+)=*\s*$/i
+      var auth = req.headers.authorization;
+      var match = basicAuthRegExp.exec(auth || '');
+      if (!match) {
+        denyAccess();
+        return;
+      }
+
+      var userNameAndPass = new Buffer(match[1], 'base64').toString();
+      var parts = userNameAndPass.split(':', 2);
+      if (parts[0] !== 'genie' && parts[1] !== 'bottle') {
+        denyAccess();
+        return;
+      }
+
+      res.writeHead(200, {'content-type': 'text/plain'});
+      res.end('Access granted!');
+
     } else if (req.method == 'GET' && req.url == '/proxy') {
       res.writeHead(200, req.headers);
       res.end();
@@ -86,6 +111,30 @@ describe('HttpClient', function() {
         });
   });
 
+  test.it('can use basic auth', function() {
+    var parsed = url.parse(server.url());
+    parsed.auth = 'genie:bottle';
+
+    var client = new HttpClient(url.format(parsed));
+    var request = new HttpRequest('GET', '/protected');
+    return promise.checkedNodeCall(client.send.bind(client, request))
+      .then(function(response) {
+        assert.equal(200, response.status);
+        assert.equal('text/plain', response.headers['content-type']);
+        assert.equal('Access granted!', response.body);
+      });
+  });
+
+  test.it('fails requests missing required basic auth', function() {
+    var client = new HttpClient(server.url());
+    var request = new HttpRequest('GET', '/protected');
+    return promise.checkedNodeCall(client.send.bind(client, request))
+      .then(function(response) {
+              assert.equal(401, response.status);
+              assert.equal('Access denied', response.body);
+            });
+  });
+
   test.it('automatically follows redirects', function() {
     var request = new HttpRequest('GET', '/redirect');
     var client = new HttpClient(server.url());