def test_nonce_uniqueness(self):
init = OAuth.get_nonce()
l = []
for i in range(0, 100000):
l.append(init + OAuth.get_nonce())
self.assertEqual(self.list_duplicates(l), [])
def test_signature_base_string2(self):
body = "<?xml version=\"1.0\" encoding=\"Windows-1252\"?><ns2:TerminationInquiryRequest xmlns:ns2=\"http://mastercard.com/termination\"><AcquirerId>1996</AcquirerId><TransactionReferenceNumber>1</TransactionReferenceNumber><Merchant><Name>TEST</Name><DoingBusinessAsName>TEST</DoingBusinessAsName><PhoneNumber>5555555555</PhoneNumber><NationalTaxId>1234567890</NationalTaxId><Address><Line1>5555 Test Lane</Line1><City>TEST</City><CountrySubdivision>XX</CountrySubdivision><PostalCode>12345</PostalCode><Country>USA</Country></Address><Principal><FirstName>John</FirstName><LastName>Smith</LastName><NationalId>1234567890</NationalId><PhoneNumber>5555555555</PhoneNumber><Address><Line1>5555 Test Lane</Line1><City>TEST</City><CountrySubdivision>XX</CountrySubdivision><PostalCode>12345</PostalCode><Country>USA</Country></Address><DriversLicense><Number>1234567890</Number><CountrySubdivision>XX</CountrySubdivision></DriversLicense></Principal></Merchant></ns2:TerminationInquiryRequest>"
url = "https://sandbox.api.mastercard.com/fraud/merchant/v1/termination-inquiry?Format=XML&PageOffset=0&PageLength=10"
method = "POST"
oauth_parameters = OAuthParameters()
oauth_parameters.set_oauth_consumer_key(
"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")
oauth_parameters.set_oauth_nonce("1111111111111111111")
oauth_parameters.set_oauth_timestamp("1111111111")
oauth_parameters.set_oauth_version("1.0")
oauth_parameters.set_oauth_body_hash("body/hash")
encoded_hash = Util.base64_encode(Util.sha256_encode(body))
oauth_parameters.set_oauth_body_hash(encoded_hash)
oauth_parameters_base = oauth_parameters.get_base_parameters_dict()
merge_parameters = oauth_parameters_base.copy()
norm_params = Util.normalize_params("", merge_parameters)
# print(oauth_parameters_base)
query_params = OAuth.get_query_params(url)
# print(query_params)
normalize_params = Util.normalize_params("", query_params)
base_string = OAuth.get_base_string(
url, method, oauth_parameters,
oauth_parameters.get_base_parameters_dict())
expected = "POST&https%3A%2F%2Fsandbox.api.mastercard.com%2Ffraud%2Fmerchant%2Fv1%2Ftermination-inquiry&Format%3DXML%26PageLength%3D10%26PageOffset%3D0%26oauth_body_hash%3Dh2Pd7zlzEZjZVIKB4j94UZn%2FxxoR3RoCjYQ9%2FJdadGQ%253D%26oauth_consumer_key%3Dxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx%26oauth_nonce%3D1111111111111111111%26oauth_timestamp%3D1111111111%26oauth_version%3D1.0"
self.maxDiff = None
self.assertEqual(expected, base_string)
def test_oauth_parameters(self):
uri = "https://sandbox.api.mastercard.com/fraud/merchant/v1/termination-inquiry?Format=XML&PageOffset=0"
method = "POST"
parameters = OAuth().get_oauth_parameters(uri, method, "payload",
self.consumer_key,
self.signing_key)
# print(parameters)
consumer_key = parameters.get_oauth_consumer_key()
def test_oauth_parameters(self):
uri = "https://sandbox.api.mastercard.com/fraud/merchant/v1/termination-inquiry?Format=XML&PageOffset=0"
method = "POST"
parameters = OAuth().get_oauth_parameters(uri, method, 'payload',
'dummy',
OAuthTest.signing_key)
consumer_key = parameters.get_oauth_consumer_key()
self.assertEqual("dummy", consumer_key)
def test_get_authorization_header_should_return_empty_string_body_hash(
self):
header = OAuth().get_authorization_header('https://www.example.com',
'GET', None, 'dummy',
OAuthTest.signing_key)
self.assertTrue(
'47DEQpj8HBSa%2B%2FTImW%2B5JCeuQeRkm5NMpJWZG3hSuFU%3D' in header)
def test_sign_signature_base_string(self):
# expectedSignatureString = "IJeNKYGfUhFtj5OAPRI92uwfjJJLCej3RCMLbp7R6OIYJhtwxnTkloHQ2bgV7fks4GT/A7rkqrgUGk0ewbwIC6nS3piJHyKVc7rvQXZuCQeeeQpFzLRiH3rsb+ZS+AULK+jzDje4Fb+BQR6XmxuuJmY6YrAKkj13Ln4K6bZJlSxOizbNvt+Htnx+hNd4VgaVBeJKcLhHfZbWQxK76nMnjY7nDcM/2R6LUIR2oLG1L9m55WP3bakAvmOr392ulv1+mWCwDAZZzQ4lakDD2BTu0ZaVsvBW+mcKFxYeTq7SyTQMM4lEwFPJ6RLc8jJJ+veJXHekLVzWg4qHRtzNBLz1mA=="
expectedSignatureString = "vA7b0GT6r3GrS7Zpvy7PDMKocmG79yvpnp77GK8znpTKcY9xwKP5n4BfoP26068TyIZk9qx5TEzc4FzOKhWZF5pxN77Hne0A7gHNkaueYmfy95qxUBxLRMCevwjs5A0aW1bTW+gu7VL1cLtBYgO9Ks2axUcvxAq6aVRZvMGvFukxaZd+2XD8hE/tBwyEmvQwWO9gr5KJAFslkykjID9zs4gZ+gK0adRCvpcobRfcff+RxbtQctq3cjXwH/Fp3ZymoFtB2J+4hJ3aX4uCkIhJCV4dyWUkvx81vNyf1J5nBjqRtAoOEXOxNrz4o+kzAfcT46EUSQUTjouCO6hJfOVlaA=="
signing_string = OAuth.sign_message(self, "baseString",
self.signing_key)
self.maxDiff = None
self.assertEqual(expectedSignatureString, signing_string)
def test_get_authorization_header_should_return_empty_string_body_hash(
self):
header = OAuth().get_authorization_header(OAuthTest.uri, 'GET', None,
'dummy',
OAuthTest.signing_key)
self.assertTrue(
'47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' in header)
def test_oauth_parameters(self):
if os.path.exists('./test_key_container.p12'):
signing_key = authenticationutils.load_signing_key(
"./test_key_container.p12", "Password1")
consumer_key = OAuthSigner("YOUR CONSUMER KEY", signing_key)
uri = "https://sandbox.api.mastercard.com/fraud/merchant/v1/termination-inquiry?Format=XML&PageOffset=0"
method = "POST"
parameters = OAuth().get_oauth_parameters(uri, method, "payload",
consumer_key,
signing_key)
# print(parameters)
consumer_key = parameters.get_oauth_consumer_key()
else:
print(
"Please add a ./test_key_container.p12 file to enable key tests"
)
def test_sign_message(self):
baseString = 'POST&https%3A%2F%2Fsandbox.api.mastercard.com%2Ffraud%2Fmerchant%2Fv1%2Ftermination-inquiry&Format%3DXML%26PageLength%3D10%26PageOffset%3D0%26oauth_body_hash%3DWhqqH%252BTU95VgZMItpdq78BWb4cE%253D%26oauth_consumer_key%3Dxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx%26oauth_nonce%3D1111111111111111111%26oauth_signature_method%3DRSA-SHA1%26oauth_timestamp%3D1111111111%26oauth_version%3D1.0'
signature = OAuth().sign_message(baseString, OAuthTest.signing_key)
signature = Util.uri_rfc3986_encode(signature)
self.assertEqual(
signature,
"DvyS3R795sUb%2FcvBfiFYZzPDU%2BRVefW6X%2BAfyu%2B9fxjudQft%2BShXhpounzJxYCwOkkjZWXOR0ICTMn6MOuG04TTtmPMrOxj5feGwD3leMBsi%2B3XxcFLPi8BhZKqgapcAqlGfjEhq0COZ%2FF9aYDcjswLu0zgrTMSTp4cqXYMr9mbQVB4HL%2FjiHni5ejQu9f6JB9wWW%2BLXYhe8F6b4niETtzIe5o77%2B%2BkKK67v9wFIZ9pgREz7ug8K5DlxX0DuwdUKFhsenA5z%2FNNCZrJE%2BtLu0tSjuF5Gsjw5GRrvW33MSoZ0AYfeleh5V3nLGgHrhVjl5%2BiS40pnG2po%2F5hIAUT5ag%3D%3D"
)
def sign_request(self, uri, request):
# Generates the OAuth header for the request, adds the header to the request and returns the request object
oauth_key = OAuth().get_authorization_header(uri, request.method,
request.data,
self.consumer_key,
self.signing_key)
request.headers["Authorization"] = oauth_key
return request
def test_signature_base_string(self):
uri = "https://api.mastercard.com"
base_uri = Util.normalize_url(uri)
oauth_parameters = OAuthParameters()
oauth_parameters.set_oauth_body_hash("body/hash")
oauth_parameters.set_oauth_nonce("randomnonce")
base_string = OAuth.get_base_string(base_uri, "POST", oauth_parameters.get_base_parameters_dict())
self.assertEqual("POST&https%3A%2F%2Fapi.mastercard.com%2F&oauth_body_hash%3Dbody%2Fhash%26oauth_nonce%3Drandomnonce", base_string);
def test_from_readme(self):
if os.path.exists('./test_key_container.p12'):
uri = "https://sandbox.api.mastercard.com/fraud/merchant/v1/termination-inquiry?Format=XML&PageOffset=0"
method = "POST"
signing_key = authenticationutils.load_signing_key("./test_key_container.p12", "Password1")
consumer_key = OAuthSigner("uLXKmWNmIkzIGKfA2injnNQqpZaxaBSKxa3ixEVu2f283c95!33b9b2bd960147e387fa6f3f238f07170000000000000000", signing_key)
header = OAuth().get_authorization_header(uri, method, "payload", consumer_key, signing_key)
else:
print("Please add a ./test_key_container.p12 file to enable key tests")
def test_sign_message(self):
baseString = 'POST&https%3A%2F%2Fsandbox.api.mastercard.com%2Ffraud%2Fmerchant%2Fv1%2Ftermination-inquiry&Format%3DXML%26PageLength%3D10%26PageOffset%3D0%26oauth_body_hash%3DWhqqH%252BTU95VgZMItpdq78BWb4cE%253D%26oauth_consumer_key%3Dxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx%26oauth_nonce%3D1111111111111111111%26oauth_signature_method%3DRSA-SHA1%26oauth_timestamp%3D1111111111%26oauth_version%3D1.0'
signature = OAuth().sign_message(baseString, self.signing_key)
signature = Util.uri_rfc3986_encode(signature)
self.assertEqual(
signature,
"nqxpgHpye%2BdOEkEbC%2FS3N1%2FCRFlZPHoyRztkRhkCoz7ISNmV9V60TQ7zwS8Q59SGQUGYuoNSVe8SWtNVQTEuRiZfXd6Eme%2BCdHfAt7%2BbNd3UsrcIHl3CJEvx7u70ItW8aOx4F7rjF%2BaIOq%2Bpc0rbuBugF%2BnElGKydpPiQrKKwE5kB3TZKVkYLLCsLU8Ry%2Fjg05d2TcnGTyfYZDchV4ui0uPzR5UH%2Fkb4ni8lchrtAeaGJwCimACIk6qNLoNnz7u9joKHtYeuZhORRVodxKB%2BAolgAQqJBMyLrseJDITmwIRTRSzQ3vclt%2BMvVs1CMbXYuvnDYd5NFv98emJgBC%2FX1A%3D%3D"
)
def test_from_readme(self):
uri = "https://sandbox.api.mastercard.com/fraud/merchant/v1/termination-inquiry?Format=XML&PageOffset=0"
method = "POST"
signing_key = authenticationutils.load_signing_key(
"./fake-key.p12", "fakepassword")
consumer_key = OAuthSigner(
"uLXKmWNmIkzIGKfA2injnNQqpZaxaBSKxa3ixEVu2f283c95!33b9b2bd960147e387fa6f3f238f07170000000000000000",
signing_key)
header = OAuth().get_authorization_header(uri, method, "payload",
consumer_key, signing_key)
def test_sign_json_body(self):
uri = "https://sandbox.api.mastercard.com/restservices/clients"
consumer_key = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
method = "POST"
body = {
"clientBaseAddressData": {
"addressLine1": "Testowa 5",
"city": "Warszawa",
"postalCode": "23-456"
},
"clientContactData": {
"phoneNumberMobile": "test"
},
"clientNumber": "2019102301",
"clientPersonalData": {
"countryCode": "BEL",
"shortName": "test"
},
"embossedData": {
"embossedFirstName": "Pavel",
"embossedLastName": "TEST"
},
"clientType": "PR"
}
oauth_parameters = OAuthParameters()
oauth_parameters.set_oauth_consumer_key(consumer_key)
oauth_parameters.set_oauth_nonce("1111111111111111111")
oauth_parameters.set_oauth_timestamp('1111111111')
oauth_parameters.set_oauth_signature_method("RSA-SHA256")
oauth_parameters.set_oauth_version("1.0")
oauth_parameters.set_oauth_body_hash(
OAuth().get_encoded_body_hash(body))
base_string = OAuth.get_base_string(
uri, method, oauth_parameters.get_base_parameters_dict())
signed_body = OAuth.sign_message(self, base_string, self.signing_key)
self.assertEqual(
"F3zw3Cqjqx3bsHM9BItsqwGkZx1esgsmyUIr8G1/ydbMSvnPzTJ6OeTBhlgln4R7MybyxErUbTaiuRRMD8z6P4WQ/QIRzZefqvcDBJ1e/jgmPIvGUZmM9FsQDRZ1EaTVNIGVfxZDbJS1b7114JtxeCWeAuM/O3Si3EzFNbzQSZr17Cma6qxojv63fKWqd8NqGmq3X5ngeA1/4bo8xveBZO3iSamFjJW9H6Gf8P++paP0+ORJ4YLQ1KQR5hmP53b53fPrXk5/06CmoMGltfHJvrUE8XUCBS/Y8bJehoCw4930VVCtCQ5FBmnX0W5kY/XEoWaHWiYmOIK7QmBztSd2zQ==",
signed_body)
def test_sign_signature_base_string(self):
if os.path.exists('./test_key_container.p12'):
signing_key = authenticationutils.load_signing_key(
"./test_key_container.p12", "Password1")
consumer_key = OAuthSigner("YOUR CONSUMER KEY", signing_key)
expectedSignatureString = "IJeNKYGfUhFtj5OAPRI92uwfjJJLCej3RCMLbp7R6OIYJhtwxnTkloHQ2bgV7fks4GT/A7rkqrgUGk0ewbwIC6nS3piJHyKVc7rvQXZuCQeeeQpFzLRiH3rsb+ZS+AULK+jzDje4Fb+BQR6XmxuuJmY6YrAKkj13Ln4K6bZJlSxOizbNvt+Htnx+hNd4VgaVBeJKcLhHfZbWQxK76nMnjY7nDcM/2R6LUIR2oLG1L9m55WP3bakAvmOr392ulv1+mWCwDAZZzQ4lakDD2BTu0ZaVsvBW+mcKFxYeTq7SyTQMM4lEwFPJ6RLc8jJJ+veJXHekLVzWg4qHRtzNBLz1mA=="
signing_string = OAuth.sign_message(self, "baseString",
signing_key)
self.maxDiff = None
self.assertEqual(expectedSignatureString, signing_string)
else:
print(
"Please add a ./test_key_container.p12 file to enable key tests"
)
def request_function(*args, **kwargs): # pragma: no cover
in_body = kwargs.get("body", None)
query_params = kwargs.get("query_params", None)
uri = args[1]
if query_params:
uri += '?' + urlencode(query_params)
auth_header = OAuth().get_authorization_header(
uri, args[0], in_body, self.consumer_key, self.signing_key)
in_headers = kwargs.get("headers", None)
if not in_headers:
in_headers = dict()
kwargs["headers"] = in_headers
in_headers["Authorization"] = auth_header
return func(*args, **kwargs)
def test_get_timestamp(self):
timestamp = OAuth.get_timestamp()
self.assertEqual(len(str(timestamp)), 10)
def test_get_nonce(self):
nonce = OAuth.get_nonce()
self.assertEqual(len(nonce), 16)
def test_get_authorization_header(self):
uri = "https://sandbox.api.mastercard.com/fraud/merchant/v1/termination-inquiry?Format=XML&PageOffset=0"
method = "POST"
header = OAuth().get_authorization_header(uri, method, "payload",
self.consumer_key,
self.signing_key)
def test_get_authorization_header_should_compute_body_hash(self):
header = OAuth().get_authorization_header('https://www.example.com',
'POST', '{}', 'dummy',
OAuthTest.signing_key)
self.assertTrue(
'RBNvo1WzZ4oRRq0W9%2BhknpT7T8If536DEMBg9hyq%2F4o%3D' in header)
def test_get_authorization_header_nominal(self):
header = OAuth().get_authorization_header('https://www.example.com',
'POST', 'payload', 'dummy',
OAuthTest.signing_key)
self.assertTrue("OAuth" in header)
self.assertTrue("dummy" in header)
def test_nonce_length(self):
nonce = OAuth.get_nonce()
self.assertEqual(16, len(nonce))
def test_get_authorization_header_should_compute_body_hash(self):
header = OAuth().get_authorization_header(OAuthTest.uri, 'POST', '{}',
'dummy',
OAuthTest.signing_key)
self.assertTrue(
'RBNvo1WzZ4oRRq0W9+hknpT7T8If536DEMBg9hyq/4o=' in header)
def test_get_authorization_header_nominal(self):
header = OAuth().get_authorization_header(OAuthTest.uri, 'POST',
'payload', 'dummy',
OAuthTest.signing_key)
self.assertTrue("OAuth" in header)
self.assertTrue("dummy" in header)
def test_sign_signature_base_string(self):
expectedSignatureString = "IJeNKYGfUhFtj5OAPRI92uwfjJJLCej3RCMLbp7R6OIYJhtwxnTkloHQ2bgV7fks4GT/A7rkqrgUGk0ewbwIC6nS3piJHyKVc7rvQXZuCQeeeQpFzLRiH3rsb+ZS+AULK+jzDje4Fb+BQR6XmxuuJmY6YrAKkj13Ln4K6bZJlSxOizbNvt+Htnx+hNd4VgaVBeJKcLhHfZbWQxK76nMnjY7nDcM/2R6LUIR2oLG1L9m55WP3bakAvmOr392ulv1+mWCwDAZZzQ4lakDD2BTu0ZaVsvBW+mcKFxYeTq7SyTQMM4lEwFPJ6RLc8jJJ+veJXHekLVzWg4qHRtzNBLz1mA=="
signing_string = OAuth.sign_message(self, "baseString",
OAuthTest.signing_key)
self.assertEqual(expectedSignatureString, signing_string)
