def testHandleSimplePrivateRequest(self):
authentication = BasicAuthentication(realm='Test Realm')
interceptor = CallTrace('httphandler',
returnValues={
'isValidLogin': True,
'getUser': {
'name': 'aUser'
}
},
methods={'handleRequest': handleRequest})
authentication.addObserver(interceptor)
headers = {'Authorization': b'Basic ' + b64encode(b'aUser:aPassword')}
response = authentication.handleRequest(port='8080',
RequestURI='/private',
Method='GET',
Headers=headers)
list(compose(response))
self.assertEqual('isValidLogin', interceptor.calledMethods[0].name)
self.assertEqual(('aUser', 'aPassword'),
interceptor.calledMethods[0].args)
self.assertEqual('getUser', interceptor.calledMethods[1].name)
self.assertEqual(('aUser', ), interceptor.calledMethods[1].args)
self.assertEqual('handleRequest', interceptor.calledMethods[2].name)
self.assertEqual({'name': 'aUser'},
interceptor.calledMethods[2].kwargs['user'])
def testFailedLogin(self):
authentication = BasicAuthentication(realm='Test Realm')
interceptor = CallTrace('httphandler', returnValues={'isValidLogin': False}, methods={'handleRequest': handleRequest})
authentication.addObserver(interceptor)
headers = {'Authorization': 'Basic ' + b64encode('aUser:aPassword')}
response = ''.join(authentication.handleRequest(port='8080', RequestURI='/private', Method='GET', Headers=headers))
self.assertEquals('isValidLogin', interceptor.calledMethods[0].name)
self.assertTrue('WWW-Authenticate: Basic realm="Test Realm"\r\n' in response, response)
self.assertTrue('Username or password are not valid.' in response)
def testParseHeaderWeirdCases(self):
authentication = BasicAuthentication(realm='Test Realm')
self.assertEqual(None, authentication._parseHeader(b"bla bla bla"))
self.assertEqual(
None,
authentication._parseHeader(
b"NonsenseInPart0 QWxhZGRpbjpvcGVuIHNlc2FtZQ=="))
self.assertEqual(
None,
authentication._parseHeader(b"Basic " + b64encode(b"nonsense")))
def testDetectValidUserWithPasswordAndUserName(self):
authentication = BasicAuthentication(realm='Test Realm')
interceptor = CallTrace('httphandler', returnValues={'isValidLogin': True}, methods={'handleRequest': lambda *a, **kw: (x for x in 'response')})
authentication.addObserver(interceptor)
headers = {'Authorization': 'Basic ' + b64encode('aUser:aPassword')}
results = authentication.handleRequest(port='8080', RequestURI='/private', Method='GET', Headers=headers)
response = ''.join(compose(results))
self.assertFalse('WWW-Authenticate: Basic realm="Test Realm"\r\n' in response, response)
interceptor.returnValues['isValidLogin'] = False
headers = {'Authorization': 'Basic ' + b64encode('aUser:aCompletelyWrongPassword')}
response = ''.join(authentication.handleRequest(port='8080', RequestURI='/private', Method='GET', Headers=headers))
self.assertTrue('WWW-Authenticate: Basic realm="Test Realm"\r\n' in response, response)
def testHandleSimplePrivateRequest(self):
authentication = BasicAuthentication(realm='Test Realm')
interceptor = CallTrace('httphandler', returnValues={'isValidLogin': True, 'getUser':{'name':'aUser'}}, methods={'handleRequest': handleRequest})
authentication.addObserver(interceptor)
headers = {'Authorization': 'Basic ' + b64encode('aUser:aPassword')}
response = authentication.handleRequest(port='8080', RequestURI='/private', Method='GET', Headers=headers)
list(compose(response))
self.assertEquals('isValidLogin', interceptor.calledMethods[0].name)
self.assertEquals(('aUser', 'aPassword'), interceptor.calledMethods[0].args)
self.assertEquals('getUser', interceptor.calledMethods[1].name)
self.assertEquals(('aUser',), interceptor.calledMethods[1].args)
self.assertEquals('handleRequest', interceptor.calledMethods[2].name)
self.assertEquals({'name': 'aUser'}, interceptor.calledMethods[2].kwargs['user'])
def testServerSendsChallenge(self):
authentication = BasicAuthentication(realm='Test Realm')
interceptor = CallTrace('httphandler',
returnValues={'isValidLogin': True},
methods={'handleRequest': handleRequest})
authentication.addObserver(interceptor)
response = ''.join(
authentication.handleRequest(port='8080',
RequestURI='/private',
Method='GET'))
self.assertTrue(
'WWW-Authenticate: Basic realm="Test Realm"\r\n' in response,
response)
def testHandleDifferentUsers(self):
authentication = BasicAuthentication(realm='Test Realm')
userdata = {'name':'aUser'}
interceptor = CallTrace('httphandler', returnValues={'isValidLogin': True, 'getUser':userdata}, methods={'handleRequest': handleRequest})
authentication.addObserver(interceptor)
headers = {'Authorization': 'Basic ' + b64encode('aUser:aPassword')}
response = authentication.handleRequest(port='8080', RequestURI='/private', Method='GET', Headers=headers)
list(compose(response))
self.assertEquals({'name': 'aUser'}, interceptor.calledMethods[2].kwargs['user'])
headers = {'Authorization': 'Basic ' + b64encode('anotherUser:anotherPassword')}
userdata['name'] = 'anotherUser'
response = authentication.handleRequest(port='8080', RequestURI='/private', Method='GET', Headers=headers)
list(compose(response))
self.assertEquals({'name': 'anotherUser'}, interceptor.calledMethods[5].kwargs['user'])
def testHandleDifferentUsers(self):
authentication = BasicAuthentication(realm='Test Realm')
userdata = {'name': 'aUser'}
interceptor = CallTrace('httphandler',
returnValues={
'isValidLogin': True,
'getUser': userdata
},
methods={'handleRequest': handleRequest})
authentication.addObserver(interceptor)
headers = {'Authorization': b'Basic ' + b64encode(b'aUser:aPassword')}
response = authentication.handleRequest(port='8080',
RequestURI='/private',
Method='GET',
Headers=headers)
list(compose(response))
self.assertEqual({'name': 'aUser'},
interceptor.calledMethods[2].kwargs['user'])
headers = {
'Authorization':
b'Basic ' + b64encode(b'anotherUser:anotherPassword')
}
userdata['name'] = 'anotherUser'
response = authentication.handleRequest(port='8080',
RequestURI='/private',
Method='GET',
Headers=headers)
list(compose(response))
self.assertEqual({'name': 'anotherUser'},
interceptor.calledMethods[5].kwargs['user'])
def testDetectValidUserWithPasswordAndUserName(self):
authentication = BasicAuthentication(realm='Test Realm')
interceptor = CallTrace('httphandler',
returnValues={'isValidLogin': True},
methods={
'handleRequest':
lambda *a, **kw: (x for x in 'response')
})
authentication.addObserver(interceptor)
headers = {'Authorization': b'Basic ' + b64encode(b'aUser:aPassword')}
results = authentication.handleRequest(port='8080',
RequestURI='/private',
Method='GET',
Headers=headers)
response = ''.join(compose(results))
self.assertFalse(
'WWW-Authenticate: Basic realm="Test Realm"\r\n' in response,
response)
interceptor.returnValues['isValidLogin'] = False
headers = {
'Authorization':
b'Basic ' + b64encode(b'aUser:aCompletelyWrongPassword')
}
response = ''.join(
authentication.handleRequest(port='8080',
RequestURI='/private',
Method='GET',
Headers=headers))
self.assertTrue(
'WWW-Authenticate: Basic realm="Test Realm"\r\n' in response,
response)
def testServerSendsChallenge(self):
authentication = BasicAuthentication(realm='Test Realm')
interceptor = CallTrace('httphandler', returnValues={'isValidLogin': True}, methods={'handleRequest': handleRequest})
authentication.addObserver(interceptor)
response = ''.join(authentication.handleRequest(port='8080', RequestURI='/private', Method='GET'))
self.assertTrue('WWW-Authenticate: Basic realm="Test Realm"\r\n' in response, response)
def testParseHeaderWeirdCases(self):
authentication = BasicAuthentication(realm='Test Realm')
self.assertEquals(None, authentication._parseHeader("bla bla bla"))
self.assertEquals(None, authentication._parseHeader("NonsenseInPart0 QWxhZGRpbjpvcGVuIHNlc2FtZQ=="))
self.assertEquals(None, authentication._parseHeader("Basic " + b64encode("nonsense")))
def testParseHeader(self):
authentication = BasicAuthentication(realm='Test Realm')
self.assertEquals(("username", "password"), authentication._parseHeader("Basic " + b64encode("username:password")))
