def test_generate_from_key_string(self):
private1, public1 = generate_key_pair()
private2, public2 = generate_key_pair()
header = create_auth_header('foo', key=private1)
self.assertTrue(header.startswith('JWT '))
token = header.split(' ', 1)[1]
self.assertFalse(verify(token, public2))
self.assertTrue(verify(token, public1))
def test_generate_from_encrypted_key_file(self):
header = create_auth_header('foo',
key_file=KEY2_PRIVATE,
key_password=KEY2_PASSWORD)
self.assertTrue(header.startswith('JWT '))
token = header.split(' ', 1)[1]
with open(KEY2_PUBLIC, 'r') as public:
self.assertTrue(verify(token, public.read()))
def test_generate_from_key_string(self):
private1, public1 = generate_key_pair()
private2, public2 = generate_key_pair()
header = create_auth_header('foo', key=private1)
self.assertTrue(header.startswith('JWT '))
token = header.split(' ', 1)[1]
self.assertFalse(verify(token, public2))
self.assertTrue(verify(token, public1))
def test_remove_challenge(self):
matrix = (
('', '', status.HTTP_403_FORBIDDEN),
('joe', self.priv_key_joe, status.HTTP_403_FORBIDDEN),
('certbot', self.priv_key_joe, status.HTTP_403_FORBIDDEN),
('certbot', self.priv_key_certbot, status.HTTP_204_NO_CONTENT),
)
for username, private_key, expected_status in matrix:
AcmeChallenge.objects.get_or_create(challenge='foo',
response='bar')
url = reverse('acmechallenge-detail', args=('foo', ))
headers = {}
if username:
headers['HTTP_AUTHORIZATION'] = create_auth_header(
username=username, key=private_key)
response = self.client.delete(url, **headers)
self.assertEquals(response.status_code, expected_status)
def test_add_challenge(self):
matrix = (
('', '', status.HTTP_403_FORBIDDEN),
('joe', self.priv_key_joe, status.HTTP_403_FORBIDDEN),
('certbot', self.priv_key_joe, status.HTTP_403_FORBIDDEN),
('certbot', self.priv_key_certbot, status.HTTP_201_CREATED),
)
url = reverse('acmechallenge-list')
data = {
'challenge': 'foo',
'response': 'bar',
}
for username, private_key, expected_status in matrix:
headers = {}
if username:
headers['HTTP_AUTHORIZATION'] = create_auth_header(
username=username, key=private_key)
response = self.client.post(url, data=data, **headers)
self.assertEquals(response.status_code, expected_status)
def test_generate_from_encrypted_key_file(self):
header = create_auth_header('foo', key_file=KEY2_PRIVATE, key_password=KEY2_PASSWORD)
self.assertTrue(header.startswith('JWT '))
token = header.split(' ', 1)[1]
with open(KEY2_PUBLIC, 'r') as public:
self.assertTrue(verify(token, public.read()))
def _get_headers(self, domain):
private_key = self._get_private_key(domain)
headers = {
'Authorization': create_auth_header(username=self._get_username(), key=private_key)
}
return headers
