def test_wrong_signature(self):
''' Messages must be signed by the right actor.
(cat cannot sign messages on behalf of mouse)
'''
now = http_date()
signature = make_signature(self.cat, self.rat.inbox, now)
assert self.send_follow(self.mouse, signature, now).status_code == 401
def send_test_request(self,
sender,
signer=None,
send_data=None,
digest=None,
date=None):
now = date or http_date()
data = get_follow_data(sender, self.rat)
signature = make_signature(signer or sender, self.rat.inbox, now,
digest or make_digest(data))
return self.send(signature, now, send_data or data)
def test_nonexistent_signer(self):
responses.add(
responses.GET,
self.fake_remote.remote_id,
json={'error': 'not found'},
status=404)
now = http_date()
sender = self.fake_remote
signature = make_signature(sender, self.rat.inbox, now)
response = self.send_follow(sender, signature, now)
self.assertEqual(response.status_code, 401)
def test_remote_signer(self):
responses.add(
responses.GET,
self.fake_remote.remote_id,
json={'publicKey': {
'publicKeyPem': self.fake_remote.public_key
}},
status=200)
now = http_date()
sender = self.fake_remote
signature = make_signature(sender, self.rat.inbox, now)
response = self.send_follow(sender, signature, now)
self.assertEqual(response.status_code, 200)
def sign_and_send(sender, activity, destination):
''' crpyto whatever and http junk '''
now = http_date()
if not sender.private_key:
# this shouldn't happen. it would be bad if it happened.
raise ValueError('No private key found for sender')
response = requests.post(
destination,
data=json.dumps(activity),
headers={
'Date': now,
'Signature': make_signature(sender, destination, now),
'Content-Type': 'application/activity+json; charset=utf-8',
},
)
if not response.ok:
response.raise_for_status()
return response
def test_correct_signature(self):
now = http_date()
signature = make_signature(self.mouse, self.rat.inbox, now)
return self.send_follow(self.mouse, signature, now).status_code == 200
