diff options
author | Sviatoslav Sydorenko <wk@sydorenko.org.ua> | 2018-04-22 05:05:27 +0200 |
---|---|---|
committer | Sviatoslav Sydorenko <wk@sydorenko.org.ua> | 2018-04-22 12:45:05 +0200 |
commit | 13fc4f198fd056e6b06bd28261f567c2c6ba653f (patch) | |
tree | b5ce98dc4e8eb4f0e54d7f40a43e456ec06e4f36 | |
parent | 78e0df8ad6becb5078f0cd453448aa28caa7a266 (diff) | |
download | cherrypy-git-13fc4f198fd056e6b06bd28261f567c2c6ba653f.tar.gz |
Reuse repeatable code in test_auth_digest
-rw-r--r-- | cherrypy/test/test_auth_digest.py | 105 |
1 files changed, 30 insertions, 75 deletions
diff --git a/cherrypy/test/test_auth_digest.py b/cherrypy/test/test_auth_digest.py index 7784e216..0387e33e 100644 --- a/cherrypy/test/test_auth_digest.py +++ b/cherrypy/test/test_auth_digest.py @@ -53,17 +53,17 @@ class DigestAuthTest(helper.CPWebCase): self.assertHeader('Content-Type', 'text/html;charset=utf-8') assert self.body == b'This is public.' - def testDigest(self): + def _test_parametric_digest(self, username, realm): self.getPage('/digest/') assert self.status_code == 401 - + msg = 'Digest authentification scheme was not found' www_auth_digest = tuple(filter( lambda kv: kv[0].lower() == 'www-authenticate' and kv[1].startswith('Digest '), self.headers, )) - assert len(www_auth_digest) == 1, 'Digest authentification scheme was not found' + assert len(www_auth_digest) == 1, msg items = www_auth_digest[0][-1][7:].split(', ') tokens = {} @@ -71,27 +71,16 @@ class DigestAuthTest(helper.CPWebCase): key, value = item.split('=') tokens[key.lower()] = value - missing_msg = '%s is missing' - bad_value_msg = "'%s' was expecting '%s' but found '%s'" - nonce = None - assert 'realm' in tokens, missing_msg % 'realm' - assert tokens['realm'] == '"localhost"', bad_value_msg % ( - 'realm', '"localhost"', tokens['realm'], - ) - assert 'nonce' in tokens, missing_msg % 'nonce' + assert tokens['realm'] == '"localhost"' + assert tokens['algorithm'] == '"MD5"' + assert tokens['qop'] == '"auth"' + assert tokens['charset'] == '"UTF-8"' + nonce = tokens['nonce'].strip('"') - assert 'algorithm' in tokens, missing_msg % 'algorithm' - assert tokens['algorithm'] == '"MD5"', bad_value_msg % ( - 'algorithm', '"MD5"', tokens['algorithm'], - ) - assert 'qop' in tokens, missing_msg % 'qop' - assert tokens['qop'] == '"auth"', bad_value_msg % ( - 'qop', '"auth"', tokens['qop'], - ) # Test user agent response with a wrong value for 'realm' - base_auth = ('Digest username="test", ' - 'realm="wrong realm", ' + base_auth = ('Digest username="%s", ' + 'realm="%s", ' 'nonce="%s", ' 'uri="/digest/", ' 'algorithm=MD5, ' @@ -100,68 +89,34 @@ class DigestAuthTest(helper.CPWebCase): 'nc=%s, ' 'cnonce="1522e61005789929"') + encoded_user = urlencode(username, 'utf-8') auth_header = base_auth % ( - nonce, '11111111111111111111111111111111', '00000001') + encoded_user, realm, nonce, + '11111111111111111111111111111111', '00000001', + ) auth = auth_digest.HttpDigestAuthorization(auth_header, 'GET') # calculate the response digest - ha1 = get_ha1(auth.realm, 'test') + ha1 = get_ha1(auth.realm, auth.username) response = auth.request_digest(ha1) - # send response with correct response digest, but wrong realm - auth_header = base_auth % (nonce, response, '00000001') + auth_header = base_auth % ( + encoded_user, realm, + nonce, response, '00000001', + ) self.getPage('/digest/', [('Authorization', auth_header)]) - assert self.status_code == 401 - www_auth_unicode = tuple(filter( - lambda kv: kv[0].lower() == 'www-authenticate' - and kv[1].endswith(', charset="UTF-8"'), - self.headers, - )) - assert len(www_auth_unicode) == 1 - # Test that must pass - base_auth = ('Digest username="test", ' - 'realm="localhost", ' - 'nonce="%s", ' - 'uri="/digest/", ' - 'algorithm=MD5, ' - 'response="%s", ' - 'qop=auth, ' - 'nc=%s, ' - 'cnonce="1522e61005789929"') + def test_wrong_realm(self): + # send response with correct response digest, but wrong realm + self._test_parametric_digest(username='test', realm='wrong realm') + assert self.status_code == 401 - auth_header = base_auth % ( - nonce, '11111111111111111111111111111111', '00000001') - auth = auth_digest.HttpDigestAuthorization(auth_header, 'GET') - # calculate the response digest - ha1 = get_ha1(auth.realm, 'test') - response = auth.request_digest(ha1) - # send response with correct response digest - auth_header = base_auth % (nonce, response, '00000001') - self.getPage('/digest/', [('Authorization', auth_header)]) + def test_ascii_user(self): + self._test_parametric_digest(username='test', realm='localhost') assert self.status == '200 OK' assert self.body == b"Hello test, you've been authorized." - # Test with unicode username that must pass - base_auth = ('Digest username="%s", ' - 'realm="localhost", ' - 'nonce="%s", ' - 'uri="/digest/", ' - 'algorithm=MD5, ' - 'response="%s", ' - 'qop=auth, ' - 'nc=%s, ' - 'cnonce="1522e61005789929"') - - encoded_user = urlencode('йюзер', 'utf-8') - auth_header = base_auth % ( - encoded_user, nonce, - '11111111111111111111111111111111', '00000001', - ) - auth = auth_digest.HttpDigestAuthorization(auth_header, 'GET') - # calculate the response digest - ha1 = get_ha1(auth.realm, 'йюзер') - response = auth.request_digest(ha1) - # send response with correct response digest - auth_header = base_auth % (encoded_user, nonce, response, '00000001') - self.getPage('/digest/', [('Authorization', auth_header)]) + def test_unicode_user(self): + self._test_parametric_digest(username='йюзер', realm='localhost') assert self.status == '200 OK' - assert self.body == ntob("Hello йюзер, you've been authorized.", 'utf-8') + assert self.body == ntob( + "Hello йюзер, you've been authorized.", 'utf-8', + ) |