def getAssociation(self, server_url, handle=None):
if handle is not None:
assocs = OpenIDAssociation.objects.filter(server_url=server_url,
handle=handle)
else:
assocs = OpenIDAssociation.objects.filter(server_url=server_url)
active = []
expired = []
for a in assocs:
assoc = association.Association(
a.handle, base64.decodestring(a.secret.encode('utf-8')),
a.issued, a.lifetime, a.assoc_type)
expires_in = assoc.getExpiresIn()
if expires_in == 0:
expired.append(a)
else:
active.append((assoc.issued, assoc))
for e in expired:
e.delete()
if len(active) == 0:
return None
active.sort()
return active[-1][1]
def testValid(self):
assoc = association.Association('handle', b'secret', 'issued', 10000, 'HMAC-SHA1')
self.consumer.return_messages = [assoc]
with LogCapture() as logbook:
self.assertEqual(self.consumer._negotiateAssociation(self.endpoint), assoc)
self.assertEqual(logbook.records, [])
def testValid(self):
assoc = association.Association(
'handle', 'secret', 'issued', 10000, 'HMAC-SHA1')
self.consumer.return_messages = [assoc]
self.failUnless(self.consumer._negotiateAssociation(self.endpoint) is assoc)
self.failUnlessLogEmpty()
def _mkAssoc(self, doc):
return association.Association(handle=doc['handle'],
secret=oidutil.fromBase64(
doc['secret']),
issued=doc['issued'],
lifetime=doc['lifetime'],
assoc_type=doc['type'])
def testValid(self):
"""
Test the valid case, wherein an association is returned on the
first attempt to get one.
"""
assoc = association.Association('handle', b'secret', 'issued', 10000, 'HMAC-SHA1')
self.consumer.return_messages = [assoc]
with LogCapture() as logbook:
self.assertEqual(self.consumer._negotiateAssociation(self.endpoint), assoc)
self.assertEqual(logbook.records, [])
def testValid(self):
"""
Test the valid case, wherein an association is returned on the
first attempt to get one.
"""
assoc = association.Association(
'handle', 'secret', 'issued', 10000, 'HMAC-SHA1')
self.consumer.return_messages = [assoc]
self.failUnless(self.consumer._negotiateAssociation(self.endpoint) is assoc)
self.failUnlessLogEmpty()
def test_roundTrip(self):
issued = int(time.time())
lifetime = 600
assoc = association.Association('handle', b'secret', issued, lifetime, 'HMAC-SHA1')
s = assoc.serialize()
assoc2 = association.Association.deserialize(s)
self.assertEqual(assoc.handle, assoc2.handle)
self.assertEqual(assoc.issued, assoc2.issued)
self.assertEqual(assoc.secret, assoc2.secret)
self.assertEqual(assoc.lifetime, assoc2.lifetime)
self.assertEqual(assoc.assoc_type, assoc2.assoc_type)
def test_roundTrip(self):
issued = int(time.time())
lifetime = 600
handle = 'a-QoU6tM*#!*R\'q\\w<W>X`90>tj7d{[t~Wv@(j(V9(jcx:ZeGYbT0;N]"C}bxQ$aDjf{)"z6@+W<Wb$Vm`k9j0/tZ=\\J[0Qmp35ex[H9g<nUC9UGj4.Hlq7"Q]`w:w6Q'
assoc = association.Association(handle, 'secret', issued, lifetime,
'HMAC-SHA1')
s = assoc.serialize()
assoc2 = association.Association.deserialize(s)
self.assertEqual(assoc.handle, assoc2.handle)
self.assertEqual(assoc.issued, assoc2.issued)
self.assertEqual(assoc.secret, assoc2.secret)
self.assertEqual(assoc.lifetime, assoc2.lifetime)
self.assertEqual(assoc.assoc_type, assoc2.assoc_type)
def testUnsupportedWithRetry(self):
msg = Message(self.endpoint.preferredNamespace())
msg.setArg(OPENID_NS, 'error', 'Unsupported type')
msg.setArg(OPENID_NS, 'error_code', 'unsupported-type')
msg.setArg(OPENID_NS, 'assoc_type', 'HMAC-SHA1')
msg.setArg(OPENID_NS, 'session_type', 'DH-SHA1')
assoc = association.Association('handle', b'secret', 'issued', 10000, 'HMAC-SHA1')
self.consumer.return_messages = [msg, assoc]
with LogCapture() as logbook:
self.assertIsNone(self.consumer._negotiateAssociation(self.endpoint))
logbook.check(
('openid.consumer.consumer', 'ERROR', StringComparison('Server error when requesting an association .*')))
def testUnsupportedWithRetry(self):
msg = Message(self.endpoint.preferredNamespace())
msg.setArg(OPENID_NS, 'error', 'Unsupported type')
msg.setArg(OPENID_NS, 'error_code', 'unsupported-type')
msg.setArg(OPENID_NS, 'assoc_type', 'HMAC-SHA1')
msg.setArg(OPENID_NS, 'session_type', 'DH-SHA1')
assoc = association.Association(
'handle', 'secret', 'issued', 10000, 'HMAC-SHA1')
self.consumer.return_messages = [msg, assoc]
self.failUnless(self.consumer._negotiateAssociation(self.endpoint) is None)
self.failUnlessLogMatches('Server error when requesting an association')
def testUnsupportedWithRetry(self):
"""
Test the case where an unsupported-type response triggers a
retry to get an association with the new preferred type.
"""
msg = Message(self.endpoint.preferredNamespace())
msg.setArg(OPENID_NS, 'error', 'Unsupported type')
msg.setArg(OPENID_NS, 'error_code', 'unsupported-type')
msg.setArg(OPENID_NS, 'assoc_type', 'HMAC-SHA1')
msg.setArg(OPENID_NS, 'session_type', 'DH-SHA1')
assoc = association.Association('handle', b'secret', 'issued', 10000, 'HMAC-SHA1')
self.consumer.return_messages = [msg, assoc]
with LogCapture() as logbook:
self.assertEqual(self.consumer._negotiateAssociation(self.endpoint), assoc)
logbook.check(('openid.consumer.consumer', 'WARNING', StringComparison('Unsupported association type .*')))
def testUnsupportedWithRetry(self):
"""
Test the case where an unsupported-type response triggers a
retry to get an association with the new preferred type.
"""
msg = Message(self.endpoint.preferredNamespace())
msg.setArg(OPENID_NS, 'error', 'Unsupported type')
msg.setArg(OPENID_NS, 'error_code', 'unsupported-type')
msg.setArg(OPENID_NS, 'assoc_type', 'HMAC-SHA1')
msg.setArg(OPENID_NS, 'session_type', 'DH-SHA1')
assoc = association.Association(
'handle', 'secret', 'issued', 10000, 'HMAC-SHA1')
self.consumer.return_messages = [msg, assoc]
self.failUnless(self.consumer._negotiateAssociation(self.endpoint) is assoc)
self.failUnlessLogMatches('Unsupported association type')
def test_assoc_type_bytes(self):
assoc = association.Association('handle', b'secret', 1000, 1000,
b'HMAC-SHA1')
self.assertEqual(assoc.assoc_type, 'HMAC-SHA1')
