RedHatTraining/repoze.who.git

Tres Seaver

2012-03-19 d6fa0a9d59421defd6e6c612b988d3892b3fbf29

commit \| author \| age
496fcf	1	import unittest
TS	2
	3	class TestAuthTktCookiePlugin(unittest.TestCase):
1810b2	4	tempdir = None
798feb	5	_now_testing = None
1810b2	6
TS	7	def setUp(self):
	8	pass
	9
	10	def tearDown(self):
	11	if self.tempdir is not None:
	12	import shutil
	13	shutil.rmtree(self.tempdir)
798feb	14	if self._now_testing is not None:
TS	15	self._setNowTesting(self._now_testing)
496fcf	16
TS	17	def _getTargetClass(self):
	18	from repoze.who.plugins.auth_tkt import AuthTktCookiePlugin
	19	return AuthTktCookiePlugin
	20
	21	def _makeEnviron(self, kw=None):
02a504	22	from wsgiref.util import setup_testing_defaults
AO	23	environ = {}
	24	setup_testing_defaults(environ)
496fcf	25	if kw is not None:
TS	26	environ.update(kw)
	27	environ['REMOTE_ADDR'] = '1.1.1.1'
02a504	28	environ['HTTP_HOST'] = 'localhost'
496fcf	29	return environ
TS	30
b0f81f	31	def _makeOne(self, secret='s33kr3t', arg, *kw):
TS	32	plugin = self._getTargetClass()(secret, arg, *kw)
496fcf	33	return plugin
TS	34
	35	def _makeTicket(self, userid='userid', remote_addr='0.0.0.0',
	36	tokens = [], userdata='userdata',
cd1198	37	cookie_name='auth_tkt', secure=False,
CM	38	time=None):
02a504	39	#from paste.auth import auth_tkt
AO	40	import repoze.who._auth_tkt as auth_tkt
496fcf	41	ticket = auth_tkt.AuthTicket(
TS	42	'secret',
	43	userid,
	44	remote_addr,
	45	tokens=tokens,
	46	user_data=userdata,
cd1198	47	time=time,
496fcf	48	cookie_name=cookie_name,
TS	49	secure=secure)
	50	return ticket.cookie_value()
798feb	51
TS	52	def _setNowTesting(self, value):
	53	from repoze.who.plugins import auth_tkt
	54	auth_tkt._NOW_TESTING, self._now_testing = value, auth_tkt._NOW_TESTING
496fcf	55
b0f81f	56	def test_class_conforms_to_IIdentifier(self):
496fcf	57	from zope.interface.verify import verifyClass
TS	58	from repoze.who.interfaces import IIdentifier
	59	klass = self._getTargetClass()
	60	verifyClass(IIdentifier, klass)
b0f81f	61
TS	62	def test_instance_conforms_to_IIdentifier(self):
	63	from zope.interface.verify import verifyObject
	64	from repoze.who.interfaces import IIdentifier
	65	klass = self._getTargetClass()
	66	verifyObject(IIdentifier, self._makeOne())
	67
	68	def test_class_conforms_to_IAuthenticator(self):
	69	from zope.interface.verify import verifyClass
	70	from repoze.who.interfaces import IAuthenticator
	71	klass = self._getTargetClass()
	72	verifyClass(IAuthenticator, klass)
	73
	74	def test_instance_conforms_to_IAuthenticator(self):
	75	from zope.interface.verify import verifyObject
	76	from repoze.who.interfaces import IAuthenticator
	77	klass = self._getTargetClass()
	78	verifyObject(IAuthenticator, self._makeOne())
	79
	80	def test_timeout_no_reissue(self):
	81	self.assertRaises(ValueError, self._makeOne, 'userid', timeout=1)
	82
	83	def test_timeout_lower_than_reissue(self):
	84	self.assertRaises(ValueError, self._makeOne, 'userid', timeout=1,
	85	reissue_time=2)
496fcf	86
TS	87	def test_identify_nocookie(self):
	88	plugin = self._makeOne('secret')
	89	environ = self._makeEnviron()
	90	result = plugin.identify(environ)
	91	self.assertEqual(result, None)
	92
	93	def test_identify_good_cookie_include_ip(self):
	94	plugin = self._makeOne('secret', include_ip=True)
	95	val = self._makeTicket(remote_addr='1.1.1.1')
	96	environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % val})
	97	result = plugin.identify(environ)
	98	self.assertEqual(len(result), 4)
	99	self.assertEqual(result['tokens'], [''])
b0f81f	100	self.assertEqual(result['repoze.who.plugins.auth_tkt.userid'], 'userid')
496fcf	101	self.assertEqual(result['userdata'], 'userdata')
TS	102	self.failUnless('timestamp' in result)
	103	self.assertEqual(environ['REMOTE_USER_TOKENS'], [''])
	104	self.assertEqual(environ['REMOTE_USER_DATA'],'userdata')
	105	self.assertEqual(environ['AUTH_TYPE'],'cookie')
	106
	107	def test_identify_good_cookie_dont_include_ip(self):
	108	plugin = self._makeOne('secret', include_ip=False)
	109	val = self._makeTicket()
	110	environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % val})
	111	result = plugin.identify(environ)
	112	self.assertEqual(len(result), 4)
	113	self.assertEqual(result['tokens'], [''])
b0f81f	114	self.assertEqual(result['repoze.who.plugins.auth_tkt.userid'], 'userid')
496fcf	115	self.assertEqual(result['userdata'], 'userdata')
TS	116	self.failUnless('timestamp' in result)
	117	self.assertEqual(environ['REMOTE_USER_TOKENS'], [''])
	118	self.assertEqual(environ['REMOTE_USER_DATA'],'userdata')
	119	self.assertEqual(environ['AUTH_TYPE'],'cookie')
	120
	121	def test_identify_good_cookie_int_useridtype(self):
	122	plugin = self._makeOne('secret', include_ip=False)
	123	val = self._makeTicket(userid='1', userdata='userid_type:int')
	124	environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % val})
	125	result = plugin.identify(environ)
	126	self.assertEqual(len(result), 4)
	127	self.assertEqual(result['tokens'], [''])
b0f81f	128	self.assertEqual(result['repoze.who.plugins.auth_tkt.userid'], 1)
496fcf	129	self.assertEqual(result['userdata'], 'userid_type:int')
TS	130	self.failUnless('timestamp' in result)
	131	self.assertEqual(environ['REMOTE_USER_TOKENS'], [''])
	132	self.assertEqual(environ['REMOTE_USER_DATA'],'userid_type:int')
	133	self.assertEqual(environ['AUTH_TYPE'],'cookie')
	134
	135	def test_identify_good_cookie_unknown_useridtype(self):
	136	plugin = self._makeOne('secret', include_ip=False)
	137	val = self._makeTicket(userid='userid', userdata='userid_type:unknown')
	138	environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % val})
	139	result = plugin.identify(environ)
	140	self.assertEqual(len(result), 4)
	141	self.assertEqual(result['tokens'], [''])
b0f81f	142	self.assertEqual(result['repoze.who.plugins.auth_tkt.userid'], 'userid')
496fcf	143	self.assertEqual(result['userdata'], 'userid_type:unknown')
TS	144	self.failUnless('timestamp' in result)
	145	self.assertEqual(environ['REMOTE_USER_TOKENS'], [''])
	146	self.assertEqual(environ['REMOTE_USER_DATA'],'userid_type:unknown')
	147	self.assertEqual(environ['AUTH_TYPE'],'cookie')
	148
	149	def test_identify_bad_cookie(self):
	150	plugin = self._makeOne('secret', include_ip=True)
	151	environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=bogus'})
	152	result = plugin.identify(environ)
	153	self.assertEqual(result, None)
	154
cd1198	155	def test_identify_bad_cookie_expired(self):
CM	156	import time
	157	plugin = self._makeOne('secret', timeout=2, reissue_time=1)
	158	val = self._makeTicket(userid='userid', time=time.time()-3)
	159	environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % val})
	160	result = plugin.identify(environ)
	161	self.assertEqual(result, None)
b0f81f	162
TS	163	def test_identify_with_checker_and_existing_account(self):
	164	plugin = self._makeOne('secret', userid_checker=dummy_userid_checker)
	165	val = self._makeTicket(userid='existing')
	166	environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % val})
	167	result = plugin.identify(environ)
	168	self.assertEqual(len(result), 4)
	169	self.assertEqual(result['tokens'], [''])
	170	self.assertEqual(result['repoze.who.plugins.auth_tkt.userid'], 'existing')
	171	self.assertEqual(result['userdata'], 'userdata')
	172	self.failUnless('timestamp' in result)
	173	self.assertEqual(environ['REMOTE_USER_TOKENS'], [''])
	174	self.assertEqual(environ['REMOTE_USER_DATA'],'userdata')
	175	self.assertEqual(environ['AUTH_TYPE'],'cookie')
cd1198	176
496fcf	177	def test_remember_creds_same(self):
TS	178	plugin = self._makeOne('secret')
	179	val = self._makeTicket(userid='userid')
	180	environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % val})
	181	result = plugin.remember(environ, {'repoze.who.userid':'userid',
	182	'userdata':'userdata'})
	183	self.assertEqual(result, None)
	184
d7e647	185	def test_remember_creds_secure(self):
BS	186	plugin = self._makeOne('secret', secure=True)
	187	val = self._makeTicket(userid='userid', secure=True)
	188	environ = self._makeEnviron()
	189	result = plugin.remember(environ, {'repoze.who.userid':'userid',
	190	'userdata':'userdata'})
	191	self.assertEqual(len(result), 3)
	192	self.assertEqual(result[0],
	193	('Set-Cookie',
7f9907	194	'auth_tkt="%s"; '
TS	195	'Path=/; '
	196	'secure; '
	197	'HttpOnly' % val))
d7e647	198	self.assertEqual(result[1],
BS	199	('Set-Cookie',
7f9907	200	'auth_tkt="%s"; '
TS	201	'Path=/; '
	202	'Domain=localhost; '
	203	'secure; HttpOnly'
d7e647	204	% val))
BS	205	self.assertEqual(result[2],
	206	('Set-Cookie',
7f9907	207	'auth_tkt="%s"; '
TS	208	'Path=/; '
	209	'Domain=.localhost; '
	210	'secure; HttpOnly'
d7e647	211	% val))
BS	212
496fcf	213	def test_remember_creds_different(self):
TS	214	plugin = self._makeOne('secret')
	215	old_val = self._makeTicket(userid='userid')
	216	environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % old_val})
	217	new_val = self._makeTicket(userid='other', userdata='userdata')
	218	result = plugin.remember(environ, {'repoze.who.userid':'other',
	219	'userdata':'userdata'})
	220	self.assertEqual(len(result), 3)
	221	self.assertEqual(result[0],
	222	('Set-Cookie',
7f9907	223	'auth_tkt="%s"; '
TS	224	'Path=/' % new_val))
496fcf	225	self.assertEqual(result[1],
TS	226	('Set-Cookie',
7f9907	227	'auth_tkt="%s"; '
TS	228	'Path=/; '
	229	'Domain=localhost'
2afbb8	230	% new_val))
496fcf	231	self.assertEqual(result[2],
TS	232	('Set-Cookie',
7f9907	233	'auth_tkt="%s"; '
TS	234	'Path=/; '
	235	'Domain=.localhost'
	236	% new_val))
	237
	238	def test_remember_creds_different_strips_port(self):
	239	plugin = self._makeOne('secret')
	240	old_val = self._makeTicket(userid='userid')
	241	environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % old_val,
	242	'HTTP_HOST': 'localhost:8080',
	243	})
	244	new_val = self._makeTicket(userid='other', userdata='userdata')
	245	result = plugin.remember(environ, {'repoze.who.userid':'other',
	246	'userdata':'userdata'})
	247	self.assertEqual(len(result), 3)
	248	self.assertEqual(result[0],
	249	('Set-Cookie',
	250	'auth_tkt="%s"; '
	251	'Path=/' % new_val))
	252	self.assertEqual(result[1],
	253	('Set-Cookie',
	254	'auth_tkt="%s"; '
	255	'Path=/; '
	256	'Domain=localhost'
	257	% new_val))
	258	self.assertEqual(result[2],
	259	('Set-Cookie',
	260	'auth_tkt="%s"; '
	261	'Path=/; '
	262	'Domain=.localhost'
2afbb8	263	% new_val))
496fcf	264
394ea6	265	def test_remember_creds_different_include_ip(self):
TS	266	plugin = self._makeOne('secret', include_ip=True)
	267	old_val = self._makeTicket(userid='userid', remote_addr='1.1.1.1')
	268	environ = self._makeEnviron({'HTTP_COOKIE': 'auth_tkt=%s' % old_val})
	269	new_val = self._makeTicket(userid='other',
	270	userdata='userdata',
	271	remote_addr='1.1.1.1')
	272	result = plugin.remember(environ, {'repoze.who.userid':'other',
	273	'userdata':'userdata'})
	274	self.assertEqual(len(result), 3)
	275	self.assertEqual(result[0],
	276	('Set-Cookie',
7f9907	277	'auth_tkt="%s"; '
TS	278	'Path=/' % new_val))
394ea6	279	self.assertEqual(result[1],
TS	280	('Set-Cookie',
7f9907	281	'auth_tkt="%s"; '
TS	282	'Path=/; '
	283	'Domain=localhost'
394ea6	284	% new_val))
TS	285	self.assertEqual(result[2],
	286	('Set-Cookie',
7f9907	287	'auth_tkt="%s"; '
TS	288	'Path=/; '
	289	'Domain=.localhost'
394ea6	290	% new_val))
TS	291
	292	def test_remember_creds_different_bad_old_cookie(self):
	293	plugin = self._makeOne('secret')
	294	old_val = 'BOGUS'
	295	environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % old_val})
	296	new_val = self._makeTicket(userid='other', userdata='userdata')
	297	result = plugin.remember(environ, {'repoze.who.userid':'other',
	298	'userdata':'userdata'})
	299	self.assertEqual(len(result), 3)
	300	self.assertEqual(result[0],
	301	('Set-Cookie',
7f9907	302	'auth_tkt="%s"; '
TS	303	'Path=/' % new_val))
394ea6	304	self.assertEqual(result[1],
TS	305	('Set-Cookie',
7f9907	306	'auth_tkt="%s"; '
TS	307	'Path=/; '
	308	'Domain=localhost'
394ea6	309	% new_val))
TS	310	self.assertEqual(result[2],
	311	('Set-Cookie',
7f9907	312	'auth_tkt="%s"; '
TS	313	'Path=/; '
	314	'Domain=.localhost'
394ea6	315	% new_val))
TS	316
fc9a88	317	def test_remember_creds_different_with_tokens(self):
394ea6	318	plugin = self._makeOne('secret')
TS	319	old_val = self._makeTicket(userid='userid')
	320	environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % old_val})
fc9a88	321	new_val = self._makeTicket(userid='userid',
394ea6	322	userdata='userdata',
fc9a88	323	tokens=['foo', 'bar'],
394ea6	324	)
fc9a88	325	result = plugin.remember(environ, {'repoze.who.userid': 'userid',
394ea6	326	'userdata': 'userdata',
TS	327	'tokens': ['foo', 'bar'],
	328	})
	329	self.assertEqual(len(result), 3)
	330	self.assertEqual(result[0],
	331	('Set-Cookie',
7f9907	332	'auth_tkt="%s"; '
TS	333	'Path=/' % new_val))
394ea6	334	self.assertEqual(result[1],
TS	335	('Set-Cookie',
7f9907	336	'auth_tkt="%s"; '
TS	337	'Path=/; Domain=localhost'
394ea6	338	% new_val))
TS	339	self.assertEqual(result[2],
	340	('Set-Cookie',
7f9907	341	'auth_tkt="%s"; '
TS	342	'Path=/; '
	343	'Domain=.localhost'
394ea6	344	% new_val))
TS	345
fc9a88	346	def test_remember_creds_different_with_tuple_tokens(self):
BS	347	plugin = self._makeOne('secret')
	348	old_val = self._makeTicket(userid='userid')
	349	environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % old_val})
	350	new_val = self._makeTicket(userid='userid',
	351	userdata='userdata',
	352	tokens=['foo', 'bar'],
	353	)
	354	result = plugin.remember(environ, {'repoze.who.userid': 'userid',
	355	'userdata': 'userdata',
	356	'tokens': ('foo', 'bar'),
	357	})
	358	self.assertEqual(len(result), 3)
	359	self.assertEqual(result[0],
	360	('Set-Cookie',
7f9907	361	'auth_tkt="%s"; '
TS	362	'Path=/' % new_val))
fc9a88	363	self.assertEqual(result[1],
BS	364	('Set-Cookie',
7f9907	365	'auth_tkt="%s"; '
TS	366	'Path=/; '
	367	'Domain=localhost'
fc9a88	368	% new_val))
BS	369	self.assertEqual(result[2],
	370	('Set-Cookie',
7f9907	371	'auth_tkt="%s"; '
TS	372	'Path=/; '
	373	'Domain=.localhost'
fc9a88	374	% new_val))
BS	375
496fcf	376	def test_remember_creds_different_int_userid(self):
TS	377	plugin = self._makeOne('secret')
	378	old_val = self._makeTicket(userid='userid')
	379	environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % old_val})
	380	new_val = self._makeTicket(userid='1', userdata='userid_type:int')
	381	result = plugin.remember(environ, {'repoze.who.userid':1,
	382	'userdata':''})
	383
	384	self.assertEqual(len(result), 3)
	385	self.assertEqual(result[0],
	386	('Set-Cookie',
d6fa0a	387	'auth_tkt="%s"; Path=/' % new_val))
496fcf	388
TS	389	def test_remember_creds_different_long_userid(self):
6a32cd	390	try:
TS	391	long
	392	except NameError: #pragma NO COVER Python >= 3.0
	393	return
496fcf	394	plugin = self._makeOne('secret')
TS	395	old_val = self._makeTicket(userid='userid')
	396	environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % old_val})
	397	new_val = self._makeTicket(userid='1', userdata='userid_type:int')
	398	result = plugin.remember(environ, {'repoze.who.userid':long(1),
	399	'userdata':''})
	400	self.assertEqual(len(result), 3)
	401	self.assertEqual(result[0],
	402	('Set-Cookie',
d6fa0a	403	'auth_tkt="%s"; Path=/' % new_val))
496fcf	404
TS	405	def test_remember_creds_different_unicode_userid(self):
	406	plugin = self._makeOne('secret')
	407	old_val = self._makeTicket(userid='userid')
	408	environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % old_val})
6a32cd	409	userid = b'\xc2\xa9'.decode('utf-8')
d6fa0a	410	if type(b'') == type(''):
TS	411	userdata = 'userid_type:unicode'
	412	else: # XXX
	413	userdata = ''
496fcf	414	new_val = self._makeTicket(userid=userid.encode('utf-8'),
d6fa0a	415	userdata=userdata)
496fcf	416	result = plugin.remember(environ, {'repoze.who.userid':userid,
TS	417	'userdata':''})
	418	self.assertEqual(type(result[0][1]), str)
	419	self.assertEqual(len(result), 3)
	420	self.assertEqual(result[0],
	421	('Set-Cookie',
d6fa0a	422	'auth_tkt="%s"; Path=/' % new_val))
496fcf	423
cd1198	424	def test_remember_creds_reissue(self):
CM	425	import time
	426	plugin = self._makeOne('secret', reissue_time=1)
798feb	427	old_val = self._makeTicket(userid='userid', userdata='',
TS	428	time=time.time()-2)
cd1198	429	environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % old_val})
CM	430	new_val = self._makeTicket(userid='userid', userdata='')
	431	result = plugin.remember(environ, {'repoze.who.userid':'userid',
	432	'userdata':''})
	433	self.assertEqual(type(result[0][1]), str)
	434	self.assertEqual(len(result), 3)
	435	self.assertEqual(result[0],
	436	('Set-Cookie',
d6fa0a	437	'auth_tkt="%s"; Path=/' % new_val))
cd1198	438
b0f81f	439	def test_remember_max_age(self):
TS	440	plugin = self._makeOne('secret')
	441	environ = {'HTTP_HOST':'example.com'}
	442
	443	tkt = self._makeTicket(userid='chris', userdata='')
	444	result = plugin.remember(environ, {'repoze.who.userid':'chris',
	445	'max_age':'500'})
	446
	447	name,value = result.pop(0)
	448	self.assertEqual('Set-Cookie', name)
	449	self.failUnless(
	450	value.startswith('auth_tkt="%s"; Path=/; Max-Age=500' % tkt),
	451	value)
	452	self.failUnless('; Expires=' in value)
	453
	454	name,value = result.pop(0)
	455	self.assertEqual('Set-Cookie', name)
	456	self.failUnless(
	457	value.startswith(
	458	'auth_tkt="%s"; Path=/; Domain=example.com; Max-Age=500'
	459	% tkt), value)
	460	self.failUnless('; Expires=' in value)
	461
	462	name,value = result.pop(0)
	463	self.assertEqual('Set-Cookie', name)
	464	self.failUnless(
	465	value.startswith(
	466	'auth_tkt="%s"; Path=/; Domain=.example.com; Max-Age=500' % tkt),
	467	value)
	468	self.failUnless('; Expires=' in value)
	469
496fcf	470	def test_forget(self):
798feb	471	from datetime import datetime
TS	472	now = datetime(2009, 11, 5, 16, 15, 22)
	473	self._setNowTesting(now)
496fcf	474	plugin = self._makeOne('secret')
TS	475	environ = self._makeEnviron()
	476	headers = plugin.forget(environ, None)
	477	self.assertEqual(len(headers), 3)
	478	header = headers[0]
	479	name, value = header
	480	self.assertEqual(name, 'Set-Cookie')
798feb	481	self.assertEqual(value,
TS	482	'auth_tkt="INVALID"; Path=/; '
	483	'Max-Age=0; Expires=Thu, 05 Nov 2009 16:15:22'
	484	)
496fcf	485	header = headers[1]
TS	486	name, value = header
	487	self.assertEqual(name, 'Set-Cookie')
798feb	488	self.assertEqual(value,
TS	489	'auth_tkt="INVALID"; Path=/; Domain=localhost; '
	490	'Max-Age=0; Expires=Thu, 05 Nov 2009 16:15:22'
	491	)
496fcf	492	header = headers[2]
TS	493	name, value = header
	494	self.assertEqual(name, 'Set-Cookie')
798feb	495	self.assertEqual(value,
TS	496	'auth_tkt="INVALID"; Path=/; Domain=.localhost; '
	497	'Max-Age=0; Expires=Thu, 05 Nov 2009 16:15:22'
	498	)
b0f81f	499
TS	500	def test_authenticate_non_auth_tkt_credentials(self):
	501	plugin = self._makeOne()
	502	self.assertEqual(plugin.authenticate(environ={}, identity={}), None)
	503
	504	def test_authenticate_without_checker(self):
	505	plugin = self._makeOne()
	506	identity = {'repoze.who.plugins.auth_tkt.userid': 'phred'}
	507	self.assertEqual(plugin.authenticate({}, identity), 'phred')
	508
	509	def test_authenticate_with_checker_and_non_existing_account(self):
	510	plugin = self._makeOne('secret', userid_checker=dummy_userid_checker)
	511	identity = {'repoze.who.plugins.auth_tkt.userid': 'phred'}
	512	self.assertEqual(plugin.authenticate({}, identity), None)
	513
	514	def test_authenticate_with_checker_and_existing_account(self):
	515	plugin = self._makeOne('secret', userid_checker=dummy_userid_checker)
	516	identity = {'repoze.who.plugins.auth_tkt.userid': 'existing'}
	517	self.assertEqual(plugin.authenticate({}, identity), 'existing')
496fcf	518
TS	519	def test_factory_wo_secret_wo_secretfile_raises_ValueError(self):
	520	from repoze.who.plugins.auth_tkt import make_plugin
	521	self.assertRaises(ValueError, make_plugin)
	522
	523	def test_factory_w_secret_w_secretfile_raises_ValueError(self):
	524	from repoze.who.plugins.auth_tkt import make_plugin
	525	self.assertRaises(ValueError, make_plugin, 'secret', 'secretfile')
	526
	527	def test_factory_w_bad_secretfile_raises_ValueError(self):
	528	from repoze.who.plugins.auth_tkt import make_plugin
	529	self.assertRaises(ValueError, make_plugin, secretfile='nonesuch.txt')
	530
	531	def test_factory_w_secret(self):
	532	from repoze.who.plugins.auth_tkt import make_plugin
	533	plugin = make_plugin('secret')
	534	self.assertEqual(plugin.cookie_name, 'auth_tkt')
	535	self.assertEqual(plugin.secret, 'secret')
	536	self.assertEqual(plugin.include_ip, False)
	537	self.assertEqual(plugin.secure, False)
	538
	539	def test_factory_w_secretfile(self):
1810b2	540	import os
TS	541	from tempfile import mkdtemp
496fcf	542	from repoze.who.plugins.auth_tkt import make_plugin
1810b2	543	tempdir = self.tempdir = mkdtemp()
TS	544	path = os.path.join(tempdir, 'who.secret')
	545	secret = open(path, 'w')
	546	secret.write('s33kr1t\n')
	547	secret.flush()
	548	secret.close()
	549	plugin = make_plugin(secretfile=path)
496fcf	550	self.assertEqual(plugin.secret, 's33kr1t')
TS	551
cd1198	552	def test_factory_with_timeout_and_reissue_time(self):
CM	553	from repoze.who.plugins.auth_tkt import make_plugin
	554	plugin = make_plugin('secret', timeout=5, reissue_time=1)
	555	self.assertEqual(plugin.timeout, 5)
	556	self.assertEqual(plugin.reissue_time, 1)
	557
a6f6dc	558	def test_factory_with_userid_checker(self):
CM	559	from repoze.who.plugins.auth_tkt import make_plugin
	560	plugin = make_plugin(
	561	'secret',
	562	userid_checker='repoze.who.plugins.auth_tkt:make_plugin')
	563	self.assertEqual(plugin.userid_checker, make_plugin)
299b4c	564
15e365	565	def test_remember_max_age_unicode(self):
6a32cd	566	from repoze.who._compat import u
15e365	567	plugin = self._makeOne('secret')
TS	568	environ = {'HTTP_HOST':'example.com'}
	569	tkt = self._makeTicket(userid='chris', userdata='')
	570	result = plugin.remember(environ, {'repoze.who.userid': 'chris',
6919cb	571	'max_age': u('500')})
TS	572	name, value = result.pop(0)
15e365	573	self.assertEqual('Set-Cookie', name)
TS	574	self.failUnless(isinstance(value, str))
	575	self.failUnless(
	576	value.startswith('auth_tkt="%s"; Path=/; Max-Age=500' % tkt),
	577	(value, tkt))
	578	self.failUnless('; Expires=' in value)
	579
	580	name,value = result.pop(0)
	581	self.assertEqual('Set-Cookie', name)
	582	self.failUnless(
	583	value.startswith(
	584	'auth_tkt="%s"; Path=/; Domain=example.com; Max-Age=500'
	585	% tkt), value)
	586	self.failUnless('; Expires=' in value)
	587
	588	name,value = result.pop(0)
	589	self.assertEqual('Set-Cookie', name)
	590	self.failUnless(
	591	value.startswith(
	592	'auth_tkt="%s"; Path=/; Domain=.example.com; Max-Age=500' % tkt),
	593	value)
	594	self.failUnless('; Expires=' in value)
	595
299b4c	596
a6f6dc	597	def dummy_userid_checker(userid):
CM	598	return userid == 'existing'