diff options
Diffstat (limited to 'tests/test_auth')
-rw-r--r-- | tests/test_auth/__init__.py | 0 | ||||
-rw-r--r-- | tests/test_auth/test_auth_cookie.py | 46 | ||||
-rw-r--r-- | tests/test_auth/test_auth_digest.py | 93 |
3 files changed, 139 insertions, 0 deletions
diff --git a/tests/test_auth/__init__.py b/tests/test_auth/__init__.py new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/tests/test_auth/__init__.py diff --git a/tests/test_auth/test_auth_cookie.py b/tests/test_auth/test_auth_cookie.py new file mode 100644 index 0000000..38e37b8 --- /dev/null +++ b/tests/test_auth/test_auth_cookie.py @@ -0,0 +1,46 @@ +# (c) 2005 Clark C. Evans +# This module is part of the Python Paste Project and is released under +# the MIT License: http://www.opensource.org/licenses/mit-license.php + +from six.moves import xrange +import six + +from paste.auth import cookie +from paste.wsgilib import raw_interactive, dump_environ +from paste.response import header_value +from paste.httpexceptions import * + +def build(application,setenv, *args, **kwargs): + def setter(environ, start_response): + save = environ['paste.auth.cookie'].append + for (k,v) in setenv.items(): + save(k) + environ[k] = v + return application(environ, start_response) + return cookie.middleware(setter,*args,**kwargs) + +def test_noop(): + app = build(dump_environ,{}) + (status,headers,content,errors) = \ + raw_interactive(app) + assert not header_value(headers,'Set-Cookie') + +def test_basic(key='key', val='bingles'): + app = build(dump_environ,{key:val}) + (status,headers,content,errors) = \ + raw_interactive(app) + value = header_value(headers,'Set-Cookie') + assert "Path=/;" in value + assert "expires=" not in value + cookie = value.split(";")[0] + (status,headers,content,errors) = \ + raw_interactive(app,{'HTTP_COOKIE': cookie}) + expected = ("%s: %s" % (key,val.replace("\n","\n "))) + if six.PY3: + expected = expected.encode('utf8') + assert expected in content + +def test_roundtrip(): + roundtrip = str('').join(map(chr, xrange(256))) + test_basic(roundtrip,roundtrip) + diff --git a/tests/test_auth/test_auth_digest.py b/tests/test_auth/test_auth_digest.py new file mode 100644 index 0000000..1d44038 --- /dev/null +++ b/tests/test_auth/test_auth_digest.py @@ -0,0 +1,93 @@ +# (c) 2005 Clark C. Evans +# This module is part of the Python Paste Project and is released under +# the MIT License: http://www.opensource.org/licenses/mit-license.php + +from paste.auth.digest import * +from paste.wsgilib import raw_interactive +from paste.httpexceptions import * +from paste.httpheaders import AUTHORIZATION, WWW_AUTHENTICATE, REMOTE_USER +import os +import six + +def application(environ, start_response): + content = REMOTE_USER(environ) + start_response("200 OK",(('Content-Type', 'text/plain'), + ('Content-Length', len(content)))) + + if six.PY3: + content = content.encode('utf8') + return [content] + +realm = "tag:clarkevans.com,2005:testing" + +def backwords(environ, realm, username): + """ dummy password hash, where user password is just reverse """ + password = list(username) + password.reverse() + password = "".join(password) + return digest_password(realm, username, password) + +application = AuthDigestHandler(application,realm,backwords) +application = HTTPExceptionHandler(application) + +def check(username, password, path="/"): + """ perform two-stage authentication to verify login """ + (status,headers,content,errors) = \ + raw_interactive(application,path, accept='text/html') + assert status.startswith("401") + challenge = WWW_AUTHENTICATE(headers) + response = AUTHORIZATION(username=username, password=password, + challenge=challenge, path=path) + assert "Digest" in response and username in response + (status,headers,content,errors) = \ + raw_interactive(application,path, + HTTP_AUTHORIZATION=response) + if status.startswith("200"): + return content + if status.startswith("401"): + return None + assert False, "Unexpected Status: %s" % status + +def test_digest(): + assert b'bing' == check("bing","gnib") + assert check("bing","bad") is None + +# +# The following code uses sockets to test the functionality, +# to enable use: +# +# $ TEST_SOCKET py.test +# + +if os.environ.get("TEST_SOCKET",""): + from six.moves.urllib.error import HTTPError + from six.moves.urllib.request import build_opener, HTTPDigestAuthHandler + from paste.debug.testserver import serve + server = serve(application) + + def authfetch(username,password,path="/",realm=realm): + server.accept(2) + import socket + socket.setdefaulttimeout(5) + uri = ("http://%s:%s" % server.server_address) + path + auth = HTTPDigestAuthHandler() + auth.add_password(realm,uri,username,password) + opener = build_opener(auth) + result = opener.open(uri) + return result.read() + + def test_success(): + assert "bing" == authfetch('bing','gnib') + + def test_failure(): + # urllib tries 5 more times before it gives up + server.accept(5) + try: + authfetch('bing','wrong') + assert False, "this should raise an exception" + except HTTPError as e: + assert e.code == 401 + + def test_shutdown(): + server.stop() + |