| commit | author | age | ||
| 0b4b05 | 1 | import unittest |
| TS | 2 | |
| 9c1e6f | 3 | |
| 826ba0 | 4 | class AuthTicketTests(unittest.TestCase): |
| 0b4b05 | 5 | |
| TS | 6 | def _getTargetClass(self): |
| 7 | from .._auth_tkt import AuthTicket | |
| 8 | return AuthTicket | |
| 9 | ||
| 10 | def _makeOne(self, *args, **kw): | |
| 11 | return self._getTargetClass()(*args, **kw) | |
| 12 | ||
| 13 | def test_ctor_defaults(self): | |
| b70ba3 | 14 | import hashlib |
| 0b4b05 | 15 | from .. import _auth_tkt |
| TS | 16 | with _Monkey(_auth_tkt, time_mod=_Timemod): |
| 17 | tkt = self._makeOne('SEEKRIT', 'USERID', '1.2.3.4') | |
| 18 | self.assertEqual(tkt.secret, 'SEEKRIT') | |
| 19 | self.assertEqual(tkt.userid, 'USERID') | |
| 20 | self.assertEqual(tkt.ip, '1.2.3.4') | |
| 21 | self.assertEqual(tkt.tokens, '') | |
| 22 | self.assertEqual(tkt.user_data, '') | |
| 23 | self.assertEqual(tkt.time, _WHEN) | |
| 24 | self.assertEqual(tkt.cookie_name, 'auth_tkt') | |
| 25 | self.assertEqual(tkt.secure, False) | |
| b70ba3 | 26 | self.assertEqual(tkt.digest_algo, hashlib.md5) |
| 0b4b05 | 27 | |
| TS | 28 | def test_ctor_explicit(self): |
| b70ba3 | 29 | import hashlib |
| 0b4b05 | 30 | tkt = self._makeOne('SEEKRIT', 'USERID', '1.2.3.4', tokens=('a', 'b'), |
| TS | 31 | user_data='DATA', time=_WHEN, |
| b70ba3 | 32 | cookie_name='oatmeal', secure=True, |
| DT | 33 | digest_algo=hashlib.sha512) |
| 0b4b05 | 34 | self.assertEqual(tkt.secret, 'SEEKRIT') |
| TS | 35 | self.assertEqual(tkt.userid, 'USERID') |
| 36 | self.assertEqual(tkt.ip, '1.2.3.4') | |
| 37 | self.assertEqual(tkt.tokens, 'a,b') | |
| 38 | self.assertEqual(tkt.user_data, 'DATA') | |
| 39 | self.assertEqual(tkt.time, _WHEN) | |
| 40 | self.assertEqual(tkt.cookie_name, 'oatmeal') | |
| 41 | self.assertEqual(tkt.secure, True) | |
| b70ba3 | 42 | self.assertEqual(tkt.digest_algo, hashlib.sha512) |
| DT | 43 | |
| 44 | def test_ctor_string_algorithm(self): | |
| 45 | import hashlib | |
| 46 | tkt = self._makeOne('SEEKRIT', 'USERID', '1.2.3.4', tokens=('a', 'b'), | |
| 47 | user_data='DATA', time=_WHEN, | |
| 48 | cookie_name='oatmeal', secure=True, | |
| 49 | digest_algo='sha1') | |
| 50 | self.assertEqual(tkt.secret, 'SEEKRIT') | |
| 51 | self.assertEqual(tkt.userid, 'USERID') | |
| 52 | self.assertEqual(tkt.ip, '1.2.3.4') | |
| 53 | self.assertEqual(tkt.tokens, 'a,b') | |
| 54 | self.assertEqual(tkt.user_data, 'DATA') | |
| 55 | self.assertEqual(tkt.time, _WHEN) | |
| 56 | self.assertEqual(tkt.cookie_name, 'oatmeal') | |
| 57 | self.assertEqual(tkt.secure, True) | |
| 58 | self.assertEqual(tkt.digest_algo, hashlib.sha1) | |
| 0b4b05 | 59 | |
| TS | 60 | def test_digest(self): |
| fcf53b | 61 | from .._auth_tkt import calculate_digest, hashlib |
| 0b4b05 | 62 | tkt = self._makeOne('SEEKRIT', 'USERID', '1.2.3.4', tokens=('a', 'b'), |
| TS | 63 | user_data='DATA', time=_WHEN, |
| 64 | cookie_name='oatmeal', secure=True) | |
| 65 | digest = calculate_digest('1.2.3.4', _WHEN, 'SEEKRIT', 'USERID', | |
| fcf53b | 66 | 'a,b', 'DATA', hashlib.md5) |
| 0b4b05 | 67 | self.assertEqual(tkt.digest(), digest) |
| TS | 68 | |
| 69 | def test_cookie_value_wo_tokens_or_userdata(self): | |
| fcf53b | 70 | from .._auth_tkt import calculate_digest, hashlib |
| 0b4b05 | 71 | tkt = self._makeOne('SEEKRIT', 'USERID', '1.2.3.4', time=_WHEN) |
| fcf53b | 72 | digest = calculate_digest('1.2.3.4', _WHEN, 'SEEKRIT', 'USERID', '', '', hashlib.md5) |
| 0b4b05 | 73 | self.assertEqual(tkt.cookie_value(), |
| TS | 74 | '%s%08xUSERID!' % (digest, _WHEN)) |
| 75 | ||
| 76 | def test_cookie_value_w_tokens_and_userdata(self): | |
| fcf53b | 77 | from .._auth_tkt import calculate_digest, hashlib |
| 0b4b05 | 78 | tkt = self._makeOne('SEEKRIT', 'USERID', '1.2.3.4', tokens=('a', 'b'), |
| TS | 79 | user_data='DATA', time=_WHEN) |
| 80 | digest = calculate_digest('1.2.3.4', _WHEN, 'SEEKRIT', 'USERID', | |
| fcf53b | 81 | 'a,b', 'DATA', hashlib.md5) |
| 0b4b05 | 82 | self.assertEqual(tkt.cookie_value(), |
| TS | 83 | '%s%08xUSERID!a,b!DATA' % (digest, _WHEN)) |
| 84 | ||
| 85 | def test_cookie_not_secure_wo_tokens_or_userdata(self): | |
| fcf53b | 86 | from .._auth_tkt import calculate_digest, hashlib |
| 0b4b05 | 87 | from .._compat import encodestring |
| TS | 88 | tkt = self._makeOne('SEEKRIT', 'USERID', '1.2.3.4', time=_WHEN, |
| 89 | cookie_name='oatmeal') | |
| fcf53b | 90 | digest = calculate_digest('1.2.3.4', _WHEN, 'SEEKRIT', 'USERID', '', '', hashlib.md5) |
| 0b4b05 | 91 | cookie = tkt.cookie() |
| TS | 92 | self.assertEqual(cookie['oatmeal'].value, |
| 93 | encodestring('%s%08xUSERID!' % (digest, _WHEN) | |
| 94 | ).strip()) | |
| 95 | self.assertEqual(cookie['oatmeal']['path'], '/') | |
| 96 | self.assertEqual(cookie['oatmeal']['secure'], '') | |
| 97 | ||
| 98 | def test_cookie_secure_w_tokens_and_userdata(self): | |
| fcf53b | 99 | from .._auth_tkt import calculate_digest, hashlib |
| 0b4b05 | 100 | from .._compat import encodestring |
| TS | 101 | tkt = self._makeOne('SEEKRIT', 'USERID', '1.2.3.4', tokens=('a', 'b'), |
| 102 | user_data='DATA', time=_WHEN, | |
| 103 | cookie_name='oatmeal', secure=True) | |
| 104 | digest = calculate_digest('1.2.3.4', _WHEN, 'SEEKRIT', 'USERID', | |
| fcf53b | 105 | 'a,b', 'DATA', hashlib.md5) |
| 0b4b05 | 106 | cookie = tkt.cookie() |
| TS | 107 | self.assertEqual(cookie['oatmeal'].value, |
| 108 | encodestring('%s%08xUSERID!a,b!DATA' % (digest, _WHEN) | |
| 109 | ).strip()) | |
| 110 | self.assertEqual(cookie['oatmeal']['path'], '/') | |
| 111 | self.assertEqual(cookie['oatmeal']['secure'], 'true') | |
| 112 | ||
| 113 | ||
| 826ba0 | 114 | class BadTicketTests(unittest.TestCase): |
| ff80e0 | 115 | |
| TS | 116 | def _getTargetClass(self): |
| 117 | from .._auth_tkt import BadTicket | |
| 118 | return BadTicket | |
| 119 | ||
| 120 | def _makeOne(self, *args, **kw): | |
| 121 | return self._getTargetClass()(*args, **kw) | |
| 122 | ||
| 123 | def test_wo_expected(self): | |
| 124 | exc = self._makeOne('message') | |
| 125 | self.assertEqual(exc.args, ('message',)) | |
| 126 | self.assertEqual(exc.expected, None) | |
| 127 | ||
| 128 | def test_w_expected(self): | |
| 129 | exc = self._makeOne('message', 'foo') | |
| 130 | self.assertEqual(exc.args, ('message',)) | |
| 131 | self.assertEqual(exc.expected, 'foo') | |
| 132 | ||
| 133 | ||
| 826ba0 | 134 | class Test_parse_ticket(unittest.TestCase): |
| ff80e0 | 135 | |
| b70ba3 | 136 | def _callFUT(self, secret='SEEKRIT', ticket=None, ip='1.2.3.4', digest="md5"): |
| ff80e0 | 137 | from .._auth_tkt import parse_ticket |
| b70ba3 | 138 | return parse_ticket(secret, ticket, ip, digest) |
| ff80e0 | 139 | |
| TS | 140 | def test_bad_timestamp(self): |
| 141 | from .._auth_tkt import BadTicket | |
| 142 | TICKET = '12345678901234567890123456789012XXXXXXXXuserid!' | |
| 143 | try: | |
| 144 | self._callFUT(ticket=TICKET) | |
| 145 | except BadTicket as e: | |
| 826ba0 | 146 | self.assertTrue(e.args[0].startswith( |
| ff80e0 | 147 | 'Timestamp is not a hex integer:')) |
| d13829 | 148 | else: # pragma: no cover |
| ff80e0 | 149 | self.fail('Did not raise') |
| TS | 150 | |
| 151 | def test_no_bang_after_userid(self): | |
| 152 | from .._auth_tkt import BadTicket | |
| 153 | TICKET = '1234567890123456789012345678901201020304userid' | |
| 154 | try: | |
| 155 | self._callFUT(ticket=TICKET) | |
| 156 | except BadTicket as e: | |
| 157 | self.assertEqual(e.args[0], 'userid is not followed by !') | |
| d13829 | 158 | else: # pragma: no cover |
| ff80e0 | 159 | self.fail('Did not raise') |
| TS | 160 | |
| 161 | def test_wo_tokens_or_data_bad_digest(self): | |
| 162 | from .._auth_tkt import BadTicket | |
| 163 | TICKET = '1234567890123456789012345678901201020304userid!' | |
| 164 | try: | |
| 165 | self._callFUT(ticket=TICKET) | |
| 166 | except BadTicket as e: | |
| 167 | self.assertEqual(e.args[0], 'Digest signature is not correct') | |
| d13829 | 168 | else: # pragma: no cover |
| ff80e0 | 169 | self.fail('Did not raise') |
| TS | 170 | |
| 171 | def test_wo_tokens_or_data_ok_digest(self): | |
| fcf53b | 172 | from .._auth_tkt import calculate_digest, hashlib |
| DT | 173 | digest = calculate_digest('1.2.3.4', _WHEN, 'SEEKRIT', 'USERID', '', '', hashlib.md5) |
| ff80e0 | 174 | TICKET = '%s%08xUSERID!' % (digest, _WHEN) |
| TS | 175 | timestamp, userid, tokens, user_data = self._callFUT(ticket=TICKET) |
| 176 | self.assertEqual(timestamp, _WHEN) | |
| 177 | self.assertEqual(userid, 'USERID') | |
| 178 | self.assertEqual(tokens, ['']) | |
| 179 | self.assertEqual(user_data, '') | |
| 180 | ||
| 181 | def test_w_tokens_and_data_ok_digest(self): | |
| fcf53b | 182 | from .._auth_tkt import calculate_digest, hashlib |
| ff80e0 | 183 | digest = calculate_digest('1.2.3.4', _WHEN, 'SEEKRIT', 'USERID', |
| fcf53b | 184 | 'a,b', 'DATA', hashlib.md5) |
| ff80e0 | 185 | TICKET = '%s%08xUSERID!a,b!DATA' % (digest, _WHEN) |
| TS | 186 | timestamp, userid, tokens, user_data = self._callFUT(ticket=TICKET) |
| 187 | self.assertEqual(timestamp, _WHEN) | |
| 188 | self.assertEqual(userid, 'USERID') | |
| 189 | self.assertEqual(tokens, ['a', 'b']) | |
| 190 | self.assertEqual(user_data, 'DATA') | |
| 191 | ||
| b70ba3 | 192 | def test_w_tokens_and_data_ok_alternate_digest(self): |
| DT | 193 | from .._auth_tkt import calculate_digest, hashlib |
| 194 | digest = calculate_digest('1.2.3.4', _WHEN, 'SEEKRIT', 'USERID', | |
| 195 | 'a,b', 'DATA', hashlib.sha256) | |
| 196 | TICKET = '%s%08xUSERID!a,b!DATA' % (digest, _WHEN) | |
| 197 | timestamp, userid, tokens, user_data = self._callFUT(ticket=TICKET, digest=hashlib.sha256) | |
| 198 | self.assertEqual(timestamp, _WHEN) | |
| 199 | self.assertEqual(userid, 'USERID') | |
| 200 | self.assertEqual(tokens, ['a', 'b']) | |
| 201 | self.assertEqual(user_data, 'DATA') | |
| 202 | ||
| ff80e0 | 203 | |
| 826ba0 | 204 | class Test_helpers(unittest.TestCase): |
| ff80e0 | 205 | |
| b70ba3 | 206 | # calculate_digest is not very testable, and fully exercised through callers. |
| ff80e0 | 207 | |
| TS | 208 | def test_ints_to_bytes(self): |
| 209 | from struct import pack | |
| 210 | from .._auth_tkt import ints2bytes | |
| 211 | self.assertEqual(ints2bytes([1, 2, 3, 4]), pack('>BBBB', 1, 2, 3, 4)) | |
| 212 | ||
| 213 | def test_encode_ip_timestamp(self): | |
| 214 | from struct import pack | |
| 215 | from .._auth_tkt import encode_ip_timestamp | |
| 216 | self.assertEqual(encode_ip_timestamp('1.2.3.4', _WHEN), | |
| 217 | pack('>BBBBL', 1, 2, 3, 4, _WHEN)) | |
| 218 | ||
| 219 | def test_maybe_encode_bytes(self): | |
| 220 | from .._auth_tkt import maybe_encode | |
| 221 | foo = b'foo' | |
| 826ba0 | 222 | self.assertTrue(maybe_encode(foo) is foo) |
| ff80e0 | 223 | |
| TS | 224 | def test_maybe_encode_native_string(self): |
| 225 | from .._auth_tkt import maybe_encode | |
| 226 | foo = 'foo' | |
| 227 | self.assertEqual(maybe_encode(foo), b'foo') | |
| 228 | ||
| 229 | def test_maybe_encode_unicode(self): | |
| 230 | from .._auth_tkt import maybe_encode | |
| 231 | from .._compat import u | |
| 232 | foo = u('foo') | |
| 233 | self.assertEqual(maybe_encode(foo), b'foo') | |
| 234 | ||
| 0b4b05 | 235 | |
| TS | 236 | _WHEN = 1234567 |
| 237 | class _Timemod(object): | |
| 238 | @staticmethod | |
| 239 | def time(): | |
| 240 | return _WHEN | |
| 241 | ||
| 242 | ||
| 243 | class _Monkey(object): | |
| 244 | ||
| 245 | def __init__(self, module, **replacements): | |
| 246 | self.module = module | |
| 247 | self.orig = {} | |
| 248 | self.replacements = replacements | |
| 249 | ||
| 250 | def __enter__(self): | |
| 251 | for k, v in self.replacements.items(): | |
| 252 | orig = getattr(self.module, k, self) | |
| 253 | if orig is not self: | |
| 254 | self.orig[k] = orig | |
| 255 | setattr(self.module, k, v) | |
| 256 | ||
| 257 | def __exit__(self, *exc_info): | |
| 258 | for k, v in self.replacements.items(): | |
| 259 | if k in self.orig: | |
| 260 | setattr(self.module, k, self.orig[k]) | |
| 261 | else: #pragma NO COVERSGE | |
| 262 | delattr(self.module, k) | |
