def test_verifyURL(self): r = Storage() r.application = 'a' r.controller = 'c' r.function = 'f' r.extension = 'html' r.env = {} r.get_vars = Storage() # missing signature as request.get_vars returns False rtn = verifyURL(r, 'key') self.assertEqual(rtn, False) # reverse tests from previous testcase with hash_vars combinations r.args = ['x', 'y', 'z'] r.get_vars = Storage(p=(1, 3), q=2) # add signature r.get_vars['_signature'] = 'a32530f0d0caa80964bb92aad2bedf8a4486a31f' rtn = verifyURL(r, 'key') self.assertEqual(rtn, True) r.get_vars['_signature'] = 'a32530f0d0caa80964bb92aad2bedf8a4486a31f' rtn = verifyURL(r, 'key', hash_vars=True) self.assertEqual(rtn, True) r.get_vars['_signature'] = '0b5a0702039992aad23c82794b8496e5dcd59a5b' rtn = verifyURL(r, 'key', hash_vars=False) self.assertEqual(rtn, True) r.get_vars['_signature'] = '5d01b982fd72b39674b012e0288071034e156d7a' rtn = verifyURL(r, 'key', hash_vars=['p']) self.assertEqual(rtn, True) r.get_vars['_signature'] = '5d01b982fd72b39674b012e0288071034e156d7a' rtn = verifyURL(r, 'key', hash_vars='p') self.assertEqual(rtn, True) # without session, user_signature returns always False rtn = verifyURL(r, user_signature=True) self.assertEqual(rtn, False) # same goes if you don't use an hmac_key rtn = verifyURL(r) self.assertEqual(rtn, False) # emulate user signature from gluon.globals import current current.session = Storage(auth=Storage(hmac_key='key')) r.get_vars['_signature'] = 'a32530f0d0caa80964bb92aad2bedf8a4486a31f' rtn = verifyURL(r, user_signature=True) self.assertEqual(rtn, True)