summaryrefslogtreecommitdiff
path: root/tests/test_auth
diff options
context:
space:
mode:
Diffstat (limited to 'tests/test_auth')
-rw-r--r--tests/test_auth/__init__.py0
-rw-r--r--tests/test_auth/test_auth_cookie.py46
-rw-r--r--tests/test_auth/test_auth_digest.py93
3 files changed, 139 insertions, 0 deletions
diff --git a/tests/test_auth/__init__.py b/tests/test_auth/__init__.py
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/test_auth/__init__.py
diff --git a/tests/test_auth/test_auth_cookie.py b/tests/test_auth/test_auth_cookie.py
new file mode 100644
index 0000000..38e37b8
--- /dev/null
+++ b/tests/test_auth/test_auth_cookie.py
@@ -0,0 +1,46 @@
+# (c) 2005 Clark C. Evans
+# This module is part of the Python Paste Project and is released under
+# the MIT License: http://www.opensource.org/licenses/mit-license.php
+
+from six.moves import xrange
+import six
+
+from paste.auth import cookie
+from paste.wsgilib import raw_interactive, dump_environ
+from paste.response import header_value
+from paste.httpexceptions import *
+
+def build(application,setenv, *args, **kwargs):
+ def setter(environ, start_response):
+ save = environ['paste.auth.cookie'].append
+ for (k,v) in setenv.items():
+ save(k)
+ environ[k] = v
+ return application(environ, start_response)
+ return cookie.middleware(setter,*args,**kwargs)
+
+def test_noop():
+ app = build(dump_environ,{})
+ (status,headers,content,errors) = \
+ raw_interactive(app)
+ assert not header_value(headers,'Set-Cookie')
+
+def test_basic(key='key', val='bingles'):
+ app = build(dump_environ,{key:val})
+ (status,headers,content,errors) = \
+ raw_interactive(app)
+ value = header_value(headers,'Set-Cookie')
+ assert "Path=/;" in value
+ assert "expires=" not in value
+ cookie = value.split(";")[0]
+ (status,headers,content,errors) = \
+ raw_interactive(app,{'HTTP_COOKIE': cookie})
+ expected = ("%s: %s" % (key,val.replace("\n","\n ")))
+ if six.PY3:
+ expected = expected.encode('utf8')
+ assert expected in content
+
+def test_roundtrip():
+ roundtrip = str('').join(map(chr, xrange(256)))
+ test_basic(roundtrip,roundtrip)
+
diff --git a/tests/test_auth/test_auth_digest.py b/tests/test_auth/test_auth_digest.py
new file mode 100644
index 0000000..1d44038
--- /dev/null
+++ b/tests/test_auth/test_auth_digest.py
@@ -0,0 +1,93 @@
+# (c) 2005 Clark C. Evans
+# This module is part of the Python Paste Project and is released under
+# the MIT License: http://www.opensource.org/licenses/mit-license.php
+
+from paste.auth.digest import *
+from paste.wsgilib import raw_interactive
+from paste.httpexceptions import *
+from paste.httpheaders import AUTHORIZATION, WWW_AUTHENTICATE, REMOTE_USER
+import os
+import six
+
+def application(environ, start_response):
+ content = REMOTE_USER(environ)
+ start_response("200 OK",(('Content-Type', 'text/plain'),
+ ('Content-Length', len(content))))
+
+ if six.PY3:
+ content = content.encode('utf8')
+ return [content]
+
+realm = "tag:clarkevans.com,2005:testing"
+
+def backwords(environ, realm, username):
+ """ dummy password hash, where user password is just reverse """
+ password = list(username)
+ password.reverse()
+ password = "".join(password)
+ return digest_password(realm, username, password)
+
+application = AuthDigestHandler(application,realm,backwords)
+application = HTTPExceptionHandler(application)
+
+def check(username, password, path="/"):
+ """ perform two-stage authentication to verify login """
+ (status,headers,content,errors) = \
+ raw_interactive(application,path, accept='text/html')
+ assert status.startswith("401")
+ challenge = WWW_AUTHENTICATE(headers)
+ response = AUTHORIZATION(username=username, password=password,
+ challenge=challenge, path=path)
+ assert "Digest" in response and username in response
+ (status,headers,content,errors) = \
+ raw_interactive(application,path,
+ HTTP_AUTHORIZATION=response)
+ if status.startswith("200"):
+ return content
+ if status.startswith("401"):
+ return None
+ assert False, "Unexpected Status: %s" % status
+
+def test_digest():
+ assert b'bing' == check("bing","gnib")
+ assert check("bing","bad") is None
+
+#
+# The following code uses sockets to test the functionality,
+# to enable use:
+#
+# $ TEST_SOCKET py.test
+#
+
+if os.environ.get("TEST_SOCKET",""):
+ from six.moves.urllib.error import HTTPError
+ from six.moves.urllib.request import build_opener, HTTPDigestAuthHandler
+ from paste.debug.testserver import serve
+ server = serve(application)
+
+ def authfetch(username,password,path="/",realm=realm):
+ server.accept(2)
+ import socket
+ socket.setdefaulttimeout(5)
+ uri = ("http://%s:%s" % server.server_address) + path
+ auth = HTTPDigestAuthHandler()
+ auth.add_password(realm,uri,username,password)
+ opener = build_opener(auth)
+ result = opener.open(uri)
+ return result.read()
+
+ def test_success():
+ assert "bing" == authfetch('bing','gnib')
+
+ def test_failure():
+ # urllib tries 5 more times before it gives up
+ server.accept(5)
+ try:
+ authfetch('bing','wrong')
+ assert False, "this should raise an exception"
+ except HTTPError as e:
+ assert e.code == 401
+
+ def test_shutdown():
+ server.stop()
+