import unittest class TestAuthTktCookiePlugin(unittest.TestCase): tempdir = None _now_testing = None def setUp(self): pass def tearDown(self): if self.tempdir is not None: import shutil shutil.rmtree(self.tempdir) if self._now_testing is not None: self._setNowTesting(self._now_testing) def _getTargetClass(self): from repoze.who.plugins.auth_tkt import AuthTktCookiePlugin return AuthTktCookiePlugin def _makeEnviron(self, kw=None): from wsgiref.util import setup_testing_defaults environ = {} setup_testing_defaults(environ) if kw is not None: environ.update(kw) environ['REMOTE_ADDR'] = '1.1.1.1' environ['HTTP_HOST'] = 'localhost' return environ def _makeOne(self, secret='s33kr3t', *arg, **kw): plugin = self._getTargetClass()(secret, *arg, **kw) return plugin def _makeTicket(self, userid='userid', remote_addr='0.0.0.0', tokens = [], userdata='userdata', cookie_name='auth_tkt', secure=False, time=None, digest_algo="md5"): import repoze.who._auth_tkt as auth_tkt ticket = auth_tkt.AuthTicket( 'secret', userid, remote_addr, tokens=tokens, user_data=userdata, time=time, cookie_name=cookie_name, secure=secure, digest_algo=digest_algo) return ticket.cookie_value() def _setNowTesting(self, value): from repoze.who.plugins import auth_tkt auth_tkt._UTCNOW, self._now_testing = value, auth_tkt._UTCNOW def test_class_conforms_to_IIdentifier(self): from zope.interface.verify import verifyClass from repoze.who.interfaces import IIdentifier klass = self._getTargetClass() verifyClass(IIdentifier, klass) def test_instance_conforms_to_IIdentifier(self): from zope.interface.verify import verifyObject from repoze.who.interfaces import IIdentifier klass = self._getTargetClass() verifyObject(IIdentifier, self._makeOne()) def test_class_conforms_to_IAuthenticator(self): from zope.interface.verify import verifyClass from repoze.who.interfaces import IAuthenticator klass = self._getTargetClass() verifyClass(IAuthenticator, klass) def test_instance_conforms_to_IAuthenticator(self): from zope.interface.verify import verifyObject from repoze.who.interfaces import IAuthenticator klass = self._getTargetClass() verifyObject(IAuthenticator, self._makeOne()) def test_timeout_no_reissue(self): self.assertRaises(ValueError, self._makeOne, 'userid', timeout=1) def test_timeout_lower_than_reissue(self): self.assertRaises(ValueError, self._makeOne, 'userid', timeout=1, reissue_time=2) def test_identify_nocookie(self): plugin = self._makeOne('secret') environ = self._makeEnviron() result = plugin.identify(environ) self.assertEqual(result, None) def test_identify_good_cookie_include_ip(self): plugin = self._makeOne('secret', include_ip=True) val = self._makeTicket(remote_addr='1.1.1.1', userdata='foo=123') environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % val}) result = plugin.identify(environ) self.assertEqual(len(result), 4) self.assertEqual(result['tokens'], ['']) self.assertEqual(result['repoze.who.plugins.auth_tkt.userid'], 'userid') self.assertEqual(result['userdata'], {'foo': '123'}) self.assertTrue('timestamp' in result) self.assertEqual(environ['REMOTE_USER_TOKENS'], ['']) self.assertEqual(environ['REMOTE_USER_DATA'],'foo=123') self.assertEqual(environ['AUTH_TYPE'],'cookie') def test_identify_good_cookie_dont_include_ip(self): plugin = self._makeOne('secret', include_ip=False) val = self._makeTicket(userdata='foo=123') environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % val}) result = plugin.identify(environ) self.assertEqual(len(result), 4) self.assertEqual(result['tokens'], ['']) self.assertEqual(result['repoze.who.plugins.auth_tkt.userid'], 'userid') self.assertEqual(result['userdata'], {'foo': '123'}) self.assertTrue('timestamp' in result) self.assertEqual(environ['REMOTE_USER_TOKENS'], ['']) self.assertEqual(environ['REMOTE_USER_DATA'],'foo=123') self.assertEqual(environ['AUTH_TYPE'],'cookie') def test_identify_good_cookie_int_useridtype(self): plugin = self._makeOne('secret', include_ip=False) val = self._makeTicket(userid='1', userdata='userid_type=int') environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % val}) result = plugin.identify(environ) self.assertEqual(len(result), 4) self.assertEqual(result['tokens'], ['']) self.assertEqual(result['repoze.who.plugins.auth_tkt.userid'], 1) self.assertEqual(result['userdata'], {'userid_type': 'int'}) self.assertTrue('timestamp' in result) self.assertEqual(environ['REMOTE_USER_TOKENS'], ['']) self.assertEqual(environ['REMOTE_USER_DATA'],'userid_type=int') self.assertEqual(environ['AUTH_TYPE'],'cookie') def test_identify_good_cookie_unknown_useridtype(self): plugin = self._makeOne('secret', include_ip=False) val = self._makeTicket(userid='userid', userdata='userid_type=unknown') environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % val}) result = plugin.identify(environ) self.assertEqual(len(result), 4) self.assertEqual(result['tokens'], ['']) self.assertEqual(result['repoze.who.plugins.auth_tkt.userid'], 'userid') self.assertEqual(result['userdata'], {'userid_type':'unknown'}) self.assertTrue('timestamp' in result) self.assertEqual(environ['REMOTE_USER_TOKENS'], ['']) self.assertEqual(environ['REMOTE_USER_DATA'],'userid_type=unknown') self.assertEqual(environ['AUTH_TYPE'],'cookie') def test_identify_bad_cookie(self): plugin = self._makeOne('secret', include_ip=True) environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=bogus'}) result = plugin.identify(environ) self.assertEqual(result, None) def test_identify_bad_cookie_expired(self): import time plugin = self._makeOne('secret', timeout=2, reissue_time=1) val = self._makeTicket(userid='userid', time=time.time()-3) environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % val}) result = plugin.identify(environ) self.assertEqual(result, None) def test_identify_with_checker_and_existing_account(self): plugin = self._makeOne('secret', userid_checker=dummy_userid_checker) val = self._makeTicket(userid='existing', userdata='foo=123') environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % val}) result = plugin.identify(environ) self.assertEqual(len(result), 4) self.assertEqual(result['tokens'], ['']) self.assertEqual(result['repoze.who.plugins.auth_tkt.userid'], 'existing') self.assertEqual(result['userdata'], {'foo': '123'}) self.assertTrue('timestamp' in result) self.assertEqual(environ['REMOTE_USER_TOKENS'], ['']) self.assertEqual(environ['REMOTE_USER_DATA'],'foo=123') self.assertEqual(environ['AUTH_TYPE'],'cookie') def test_identify_with_alternate_hash(self): plugin = self._makeOne('secret', include_ip=False, digest_algo="sha256") val = self._makeTicket(userdata='foo=123', digest_algo="sha256") md5_val = self._makeTicket(userdata='foo=123') self.assertNotEqual(val, md5_val) # md5 is 16*2 characters long, sha256 is 32*2 self.assertEqual(len(val), len(md5_val)+32) environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % val}) result = plugin.identify(environ) self.assertEqual(len(result), 4) self.assertEqual(result['tokens'], ['']) self.assertEqual(result['repoze.who.plugins.auth_tkt.userid'], 'userid') self.assertEqual(result['userdata'], {'foo': '123'}) self.assertTrue('timestamp' in result) self.assertEqual(environ['REMOTE_USER_TOKENS'], ['']) self.assertEqual(environ['REMOTE_USER_DATA'],'foo=123') self.assertEqual(environ['AUTH_TYPE'],'cookie') def test_identify_bad_cookie_with_alternate_hash(self): plugin = self._makeOne('secret', include_ip=True, digest_algo="sha256") environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=bogus'}) result = plugin.identify(environ) self.assertEqual(result, None) def test_remember_creds_same(self): plugin = self._makeOne('secret') val = self._makeTicket(userid='userid', userdata='foo=123') environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % val}) result = plugin.remember(environ, {'repoze.who.userid':'userid', 'userdata':{'foo': '123'}}) self.assertEqual(result, None) def test_remember_creds_same_alternate_hash(self): plugin = self._makeOne('secret', digest_algo="sha1") val = self._makeTicket(userid='userid', userdata='foo=123', digest_algo="sha1") environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % val}) result = plugin.remember(environ, {'repoze.who.userid':'userid', 'userdata':{'foo': '123'}}) self.assertEqual(result, None) def test_remember_creds_hash_mismatch(self): plugin = self._makeOne('secret', digest_algo="sha1") old_val = self._makeTicket(userid='userid', userdata='foo=123', digest_algo="md5") new_val = self._makeTicket(userid='userid', userdata='foo=123', digest_algo="sha1") environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % old_val}) result = plugin.remember(environ, {'repoze.who.userid':'userid', 'userdata':{'foo': '123'}}) self.assertEqual(len(result), 3) self.assertEqual(result[0], ('Set-Cookie', 'auth_tkt="%s"; ' 'Path=/' % new_val)) self.assertEqual(result[1], ('Set-Cookie', 'auth_tkt="%s"; ' 'Path=/; ' 'Domain=localhost' % new_val)) self.assertEqual(result[2], ('Set-Cookie', 'auth_tkt="%s"; ' 'Path=/; ' 'Domain=.localhost' % new_val)) def test_remember_creds_secure_alternate_hash(self): plugin = self._makeOne('secret', secure=True, digest_algo="sha512") val = self._makeTicket(userid='userid', secure=True, userdata='foo=123', digest_algo="sha512") environ = self._makeEnviron() result = plugin.remember(environ, {'repoze.who.userid':'userid', 'userdata':{'foo':'123'}}) self.assertEqual(len(result), 3) self.assertEqual(result[0], ('Set-Cookie', 'auth_tkt="%s"; ' 'Path=/; ' 'secure; ' 'HttpOnly' % val)) self.assertEqual(result[1], ('Set-Cookie', 'auth_tkt="%s"; ' 'Path=/; ' 'Domain=localhost; ' 'secure; HttpOnly' % val)) self.assertEqual(result[2], ('Set-Cookie', 'auth_tkt="%s"; ' 'Path=/; ' 'Domain=.localhost; ' 'secure; HttpOnly' % val)) def test_remember_creds_secure(self): plugin = self._makeOne('secret', secure=True) val = self._makeTicket(userid='userid', secure=True, userdata='foo=123') environ = self._makeEnviron() result = plugin.remember(environ, {'repoze.who.userid':'userid', 'userdata':{'foo':'123'}}) self.assertEqual(len(result), 3) self.assertEqual(result[0], ('Set-Cookie', 'auth_tkt="%s"; ' 'Path=/; ' 'secure; ' 'HttpOnly' % val)) self.assertEqual(result[1], ('Set-Cookie', 'auth_tkt="%s"; ' 'Path=/; ' 'Domain=localhost; ' 'secure; HttpOnly' % val)) self.assertEqual(result[2], ('Set-Cookie', 'auth_tkt="%s"; ' 'Path=/; ' 'Domain=.localhost; ' 'secure; HttpOnly' % val)) def test_remember_creds_different(self): plugin = self._makeOne('secret') old_val = self._makeTicket(userid='userid') environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % old_val}) new_val = self._makeTicket(userid='other', userdata='foo=123') result = plugin.remember(environ, {'repoze.who.userid':'other', 'userdata':{'foo':'123'}}) self.assertEqual(len(result), 3) self.assertEqual(result[0], ('Set-Cookie', 'auth_tkt="%s"; ' 'Path=/' % new_val)) self.assertEqual(result[1], ('Set-Cookie', 'auth_tkt="%s"; ' 'Path=/; ' 'Domain=localhost' % new_val)) self.assertEqual(result[2], ('Set-Cookie', 'auth_tkt="%s"; ' 'Path=/; ' 'Domain=.localhost' % new_val)) def test_remember_creds_different_strips_port(self): plugin = self._makeOne('secret') old_val = self._makeTicket(userid='userid') environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % old_val, 'HTTP_HOST': 'localhost:8080', }) new_val = self._makeTicket(userid='other', userdata='foo=123') result = plugin.remember(environ, {'repoze.who.userid':'other', 'userdata':{'foo': '123'}}) self.assertEqual(len(result), 3) self.assertEqual(result[0], ('Set-Cookie', 'auth_tkt="%s"; ' 'Path=/' % new_val)) self.assertEqual(result[1], ('Set-Cookie', 'auth_tkt="%s"; ' 'Path=/; ' 'Domain=localhost' % new_val)) self.assertEqual(result[2], ('Set-Cookie', 'auth_tkt="%s"; ' 'Path=/; ' 'Domain=.localhost' % new_val)) def test_remember_creds_different_include_ip(self): plugin = self._makeOne('secret', include_ip=True) old_val = self._makeTicket(userid='userid', remote_addr='1.1.1.1') environ = self._makeEnviron({'HTTP_COOKIE': 'auth_tkt=%s' % old_val}) new_val = self._makeTicket(userid='other', userdata='foo=123', remote_addr='1.1.1.1') result = plugin.remember(environ, {'repoze.who.userid':'other', 'userdata':{'foo': '123'}}) self.assertEqual(len(result), 3) self.assertEqual(result[0], ('Set-Cookie', 'auth_tkt="%s"; ' 'Path=/' % new_val)) self.assertEqual(result[1], ('Set-Cookie', 'auth_tkt="%s"; ' 'Path=/; ' 'Domain=localhost' % new_val)) self.assertEqual(result[2], ('Set-Cookie', 'auth_tkt="%s"; ' 'Path=/; ' 'Domain=.localhost' % new_val)) def test_remember_creds_different_bad_old_cookie(self): plugin = self._makeOne('secret') old_val = 'BOGUS' environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % old_val}) new_val = self._makeTicket(userid='other', userdata='foo=123') result = plugin.remember(environ, {'repoze.who.userid':'other', 'userdata':{'foo': '123'}}) self.assertEqual(len(result), 3) self.assertEqual(result[0], ('Set-Cookie', 'auth_tkt="%s"; ' 'Path=/' % new_val)) self.assertEqual(result[1], ('Set-Cookie', 'auth_tkt="%s"; ' 'Path=/; ' 'Domain=localhost' % new_val)) self.assertEqual(result[2], ('Set-Cookie', 'auth_tkt="%s"; ' 'Path=/; ' 'Domain=.localhost' % new_val)) def test_remember_creds_different_with_tokens(self): plugin = self._makeOne('secret') old_val = self._makeTicket(userid='userid') environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % old_val}) new_val = self._makeTicket(userid='userid', userdata='foo=123', tokens=['foo', 'bar'], ) result = plugin.remember(environ, {'repoze.who.userid': 'userid', 'userdata': {'foo': '123'}, 'tokens': ['foo', 'bar'], }) self.assertEqual(len(result), 3) self.assertEqual(result[0], ('Set-Cookie', 'auth_tkt="%s"; ' 'Path=/' % new_val)) self.assertEqual(result[1], ('Set-Cookie', 'auth_tkt="%s"; ' 'Path=/; Domain=localhost' % new_val)) self.assertEqual(result[2], ('Set-Cookie', 'auth_tkt="%s"; ' 'Path=/; ' 'Domain=.localhost' % new_val)) def test_remember_creds_different_with_tuple_tokens(self): plugin = self._makeOne('secret') old_val = self._makeTicket(userid='userid') environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % old_val}) new_val = self._makeTicket(userid='userid', userdata='foo=123', tokens=['foo', 'bar'], ) result = plugin.remember(environ, {'repoze.who.userid': 'userid', 'userdata': {'foo': '123'}, 'tokens': ('foo', 'bar'), }) self.assertEqual(len(result), 3) self.assertEqual(result[0], ('Set-Cookie', 'auth_tkt="%s"; ' 'Path=/' % new_val)) self.assertEqual(result[1], ('Set-Cookie', 'auth_tkt="%s"; ' 'Path=/; ' 'Domain=localhost' % new_val)) self.assertEqual(result[2], ('Set-Cookie', 'auth_tkt="%s"; ' 'Path=/; ' 'Domain=.localhost' % new_val)) def test_remember_creds_different_int_userid(self): plugin = self._makeOne('secret') old_val = self._makeTicket(userid='userid') environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % old_val}) new_val = self._makeTicket(userid='1', userdata='userid_type=int') result = plugin.remember(environ, {'repoze.who.userid':1, 'userdata':{}}) self.assertEqual(len(result), 3) self.assertEqual(result[0], ('Set-Cookie', 'auth_tkt="%s"; Path=/' % new_val)) def test_remember_creds_different_long_userid(self): try: long except NameError: #pragma NO COVER Python >= 3.0 return plugin = self._makeOne('secret') old_val = self._makeTicket(userid='userid') environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % old_val}) new_val = self._makeTicket(userid='1', userdata='userid_type=int') result = plugin.remember(environ, {'repoze.who.userid':long(1), 'userdata':{}}) self.assertEqual(len(result), 3) self.assertEqual(result[0], ('Set-Cookie', 'auth_tkt="%s"; Path=/' % new_val)) def test_remember_creds_different_unicode_userid(self): plugin = self._makeOne('secret') old_val = self._makeTicket(userid='userid') environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % old_val}) userid = b'\xc2\xa9'.decode('utf-8') if type(b'') == type(''): userdata = 'userid_type=unicode' else: # pragma: no cover Py3k userdata = '' new_val = self._makeTicket(userid=userid.encode('utf-8'), userdata=userdata) result = plugin.remember(environ, {'repoze.who.userid':userid, 'userdata':{}}) self.assertEqual(type(result[0][1]), str) self.assertEqual(len(result), 3) self.assertEqual(result[0], ('Set-Cookie', 'auth_tkt="%s"; Path=/' % new_val)) def test_remember_creds_reissue(self): import time plugin = self._makeOne('secret', reissue_time=1) old_val = self._makeTicket(userid='userid', userdata='', time=time.time()-2) environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % old_val}) new_val = self._makeTicket(userid='userid', userdata='') result = plugin.remember(environ, {'repoze.who.userid':'userid', 'userdata':''}) self.assertEqual(type(result[0][1]), str) self.assertEqual(len(result), 3) self.assertEqual(result[0], ('Set-Cookie', 'auth_tkt="%s"; Path=/' % new_val)) def test_remember_creds_reissue_alternate_hash(self): import time plugin = self._makeOne('secret', reissue_time=1, digest_algo="sha256") old_val = self._makeTicket(userid='userid', userdata='', time=time.time()-2, digest_algo="sha256") environ = self._makeEnviron({'HTTP_COOKIE':'auth_tkt=%s' % old_val}) new_val = self._makeTicket(userid='userid', userdata='', digest_algo="sha256") result = plugin.remember(environ, {'repoze.who.userid':'userid', 'userdata':''}) self.assertEqual(type(result[0][1]), str) self.assertEqual(len(result), 3) self.assertEqual(result[0], ('Set-Cookie', 'auth_tkt="%s"; Path=/' % new_val)) def test_l10n_sane_cookie_date(self): from datetime import datetime now = datetime(2009, 11, 8, 16, 15, 22) self._setNowTesting(now) plugin = self._makeOne('secret') environ = {'HTTP_HOST': 'example.com'} tkt = self._makeTicket(userid='chris', userdata='') result = plugin.remember(environ, {'repoze.who.userid': 'chris', 'max_age': '500'}) name, value = result.pop(0) self.assertEqual('Set-Cookie', name) self.assertTrue( value.endswith('; Expires=Sun, 08 Nov 2009 16:23:42 GMT')) def test_remember_max_age(self): from datetime import datetime now = datetime(2009, 11, 8, 16, 15, 22) self._setNowTesting(now) plugin = self._makeOne('secret') environ = {'HTTP_HOST': 'example.com'} tkt = self._makeTicket(userid='chris', userdata='') result = plugin.remember(environ, {'repoze.who.userid': 'chris', 'max_age': '500'}) name, value = result.pop(0) self.assertEqual('Set-Cookie', name) self.assertTrue( value.startswith('auth_tkt="%s"; Path=/; Max-Age=500' % tkt), value) self.assertTrue( value.endswith('; Expires=Sun, 08 Nov 2009 16:23:42 GMT')) name, value = result.pop(0) self.assertEqual('Set-Cookie', name) self.assertTrue( value.startswith( 'auth_tkt="%s"; Path=/; Domain=example.com; Max-Age=500' % tkt), value) self.assertTrue( value.endswith('; Expires=Sun, 08 Nov 2009 16:23:42 GMT')) name, value = result.pop(0) self.assertEqual('Set-Cookie', name) self.assertTrue( value.startswith( 'auth_tkt="%s"; Path=/; Domain=.example.com; Max-Age=500' % tkt), value) self.assertTrue( value.endswith('; Expires=Sun, 08 Nov 2009 16:23:42 GMT')) def test_forget(self): from datetime import datetime now = datetime(2009, 11, 5, 16, 15, 22) self._setNowTesting(now) plugin = self._makeOne('secret') environ = self._makeEnviron() headers = plugin.forget(environ, None) self.assertEqual(len(headers), 3) header = headers[0] name, value = header self.assertEqual(name, 'Set-Cookie') self.assertEqual(value, 'auth_tkt="INVALID"; Path=/; ' 'Max-Age=0; Expires=Thu, 05 Nov 2009 16:15:22 GMT' ) header = headers[1] name, value = header self.assertEqual(name, 'Set-Cookie') self.assertEqual(value, 'auth_tkt="INVALID"; Path=/; Domain=localhost; ' 'Max-Age=0; Expires=Thu, 05 Nov 2009 16:15:22 GMT' ) header = headers[2] name, value = header self.assertEqual(name, 'Set-Cookie') self.assertEqual(value, 'auth_tkt="INVALID"; Path=/; Domain=.localhost; ' 'Max-Age=0; Expires=Thu, 05 Nov 2009 16:15:22 GMT' ) def test_authenticate_non_auth_tkt_credentials(self): plugin = self._makeOne() self.assertEqual(plugin.authenticate(environ={}, identity={}), None) def test_authenticate_without_checker(self): plugin = self._makeOne() identity = {'repoze.who.plugins.auth_tkt.userid': 'phred'} self.assertEqual(plugin.authenticate({}, identity), 'phred') def test_authenticate_with_checker_and_non_existing_account(self): plugin = self._makeOne('secret', userid_checker=dummy_userid_checker) identity = {'repoze.who.plugins.auth_tkt.userid': 'phred'} self.assertEqual(plugin.authenticate({}, identity), None) def test_authenticate_with_checker_and_existing_account(self): plugin = self._makeOne('secret', userid_checker=dummy_userid_checker) identity = {'repoze.who.plugins.auth_tkt.userid': 'existing'} self.assertEqual(plugin.authenticate({}, identity), 'existing') def test_factory_wo_secret_wo_secretfile_raises_ValueError(self): from repoze.who.plugins.auth_tkt import make_plugin self.assertRaises(ValueError, make_plugin) def test_factory_w_secret_w_secretfile_raises_ValueError(self): from repoze.who.plugins.auth_tkt import make_plugin self.assertRaises(ValueError, make_plugin, 'secret', 'secretfile') def test_factory_w_bad_secretfile_raises_ValueError(self): from repoze.who.plugins.auth_tkt import make_plugin self.assertRaises(ValueError, make_plugin, secretfile='nonesuch.txt') def test_factory_w_secret(self): from repoze.who.plugins.auth_tkt import make_plugin plugin = make_plugin('secret') self.assertEqual(plugin.cookie_name, 'auth_tkt') self.assertEqual(plugin.secret, 'secret') self.assertEqual(plugin.include_ip, False) self.assertEqual(plugin.secure, False) def test_factory_w_secretfile(self): import os from tempfile import mkdtemp from repoze.who.plugins.auth_tkt import make_plugin tempdir = self.tempdir = mkdtemp() path = os.path.join(tempdir, 'who.secret') secret = open(path, 'w') secret.write('s33kr1t\n') secret.flush() secret.close() plugin = make_plugin(secretfile=path) self.assertEqual(plugin.secret, 's33kr1t') def test_factory_with_timeout_and_reissue_time(self): from repoze.who.plugins.auth_tkt import make_plugin plugin = make_plugin('secret', timeout=5, reissue_time=1) self.assertEqual(plugin.timeout, 5) self.assertEqual(plugin.reissue_time, 1) def test_factory_with_userid_checker(self): from repoze.who.plugins.auth_tkt import make_plugin plugin = make_plugin( 'secret', userid_checker='repoze.who.plugins.auth_tkt:make_plugin') self.assertEqual(plugin.userid_checker, make_plugin) def test_factory_with_alternate_hash(self): from repoze.who.plugins.auth_tkt import make_plugin import hashlib plugin = make_plugin('secret', digest_algo="sha1") self.assertEqual(plugin.digest_algo, hashlib.sha1) def test_factory_with_alternate_hash_func(self): from repoze.who.plugins.auth_tkt import make_plugin import hashlib plugin = make_plugin('secret', digest_algo=hashlib.sha1) self.assertEqual(plugin.digest_algo, hashlib.sha1) def test_factory_with_bogus_hash(self): from repoze.who.plugins.auth_tkt import make_plugin self.assertRaises(ValueError, make_plugin, secret="fiddly", digest_algo='foo23') def test_remember_max_age_unicode(self): from repoze.who._compat import u plugin = self._makeOne('secret') environ = {'HTTP_HOST':'example.com'} tkt = self._makeTicket(userid='chris', userdata='') result = plugin.remember(environ, {'repoze.who.userid': 'chris', 'max_age': u('500')}) name, value = result.pop(0) self.assertEqual('Set-Cookie', name) self.assertTrue(isinstance(value, str)) self.assertTrue( value.startswith('auth_tkt="%s"; Path=/; Max-Age=500' % tkt), (value, tkt)) self.assertTrue('; Expires=' in value) name,value = result.pop(0) self.assertEqual('Set-Cookie', name) self.assertTrue( value.startswith( 'auth_tkt="%s"; Path=/; Domain=example.com; Max-Age=500' % tkt), value) self.assertTrue('; Expires=' in value) name,value = result.pop(0) self.assertEqual('Set-Cookie', name) self.assertTrue( value.startswith( 'auth_tkt="%s"; Path=/; Domain=.example.com; Max-Age=500' % tkt), value) self.assertTrue('; Expires=' in value) def dummy_userid_checker(userid): return userid == 'existing'