1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
|
# Copyright (c) 2015 Thales Services SAS
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from oslo_config import fixture as config
from oslotest import base
import webob
from oslo_middleware import ssl
class SSLMiddlewareTest(base.BaseTestCase):
def setUp(self):
super(SSLMiddlewareTest, self).setUp()
self.useFixture(config.Config())
def _test_scheme(self, expected, headers, secure_proxy_ssl_header=None):
middleware = ssl.SSLMiddleware(None)
if secure_proxy_ssl_header:
middleware.oslo_conf.set_override(
'secure_proxy_ssl_header', secure_proxy_ssl_header,
group='oslo_middleware')
request = webob.Request.blank('http://example.com/', headers=headers)
# Ensure ssl middleware does not stop pipeline execution
self.assertIsNone(middleware.process_request(request))
self.assertEqual(expected, request.scheme)
def test_without_forwarded_protocol(self):
self._test_scheme('http', {})
def test_with_forwarded_protocol(self):
headers = {'X-Forwarded-Proto': 'https'}
self._test_scheme('https', headers)
def test_with_custom_header(self):
headers = {'X-Forwarded-Proto': 'https'}
self._test_scheme('http', headers,
secure_proxy_ssl_header='X-My-Header')
def test_with_custom_header_and_forwarded_protocol(self):
headers = {'X-My-Header': 'https'}
self._test_scheme('https', headers,
secure_proxy_ssl_header='X-My-Header')
|
