Beispiel #1
0
    def test_plain_http_no_args_fails(self):
        """The default behaviour should be to refuse to send credentials over HTTP"""
        transport = HTTPSTransport()
        transport.session = self.mocked_session

        with self.assertRaises((SSLError, TransportError)):
            transport.open(make_request('http://example.com/'))
Beispiel #2
0
    def test_plain_http_rewrite_rewritten(self):
        transport = HTTPSTransport(rewrite_to_https=True)
        transport.session = self.mocked_session
        return_value = mock.MagicMock()
        return_value.content = b''
        transport.session.get.return_value = return_value

        transport.open(make_request('http://example.com'))
        # mock.MagicMock.assert_called_with does not allow specifying interest in a single argument
        self.assertEqual(
            transport.session.get.call_args[1].get('url'),
            'https://example.com'
        )
Beispiel #3
0
    def test_plain_http_no_rewrite_fails(self):
        """
        Some buggy SOAP servers reference plain HTTP urls in the WSDL
        even when served over HTTPS.
        The ``SudsClientStrictSSL`` Transport has an option to rewrite urls to HTTPS
        before making the request.  If this is `False`, and `verify_ssl == True`
        We expect the request to fail.
        Assert that the default behaviour of the transport is strict.
        Does not allow plain HTTP unless overriden with verify_ssl=False"""
        transport = HTTPSTransport(rewrite_to_https=False)
        transport.session = self.mocked_session

        with self.assertRaises((SSLError, TransportError)):
            transport.open(make_request('http://example.com/'))
Beispiel #4
0
class TestSSLCertificateHandling(unittest.TestCase):
    """
    urllib<3 is deficient in SSL handling.
    It does not do verification of the server certificate, which amounts to
    *no security at all*.  This test is here to make sure that failure does not
    make it into our suds transport that is meant to be checking certificates.
    See https://bitbucket.org/jurko/suds/issue/23/ssl-certificate-verification
    for the discussion.
    """

    def setUp(self):
        self.transport = HTTPSTransport()

    def test_certname_handling(self):
        with HTTPSServerProcess(
            cert=os.path.join(os.path.dirname(__file__), 'certs/selfsigned.pem')
        ) as server:
            url = 'https://localhost:%s/' % (server.server_address[1],)
            data = 'thisdataissecret'
            request = suds.transport.Request(url, data)
            with self.assertRaises((ssl.SSLError, TransportError)):
                self.transport.open(request)
Beispiel #5
0
 def setUp(self):
     self.transport = HTTPSTransport()