def cookie_encode(data, key=settings.SECRET, digestmod=None): """ Encode and sign a json object. Return a (byte) string """ digestmod = digestmod or hashlib.sha256 msg = base64.b64encode(json.dumps(data, -1)) sig = base64.b64encode(hmac.new(tob(key), msg, digestmod=digestmod).digest()) return tob('!') + sig + tob('?') + msg
def urlopen(self, path, method='GET', post='', env=None): result = {'code':0, 'status':'error', 'header':{}, 'body':tob('')} def start_response(status, header): result['code'] = int(status.split()[0]) result['status'] = status.split(None, 1)[-1] for name, value in header: name = name.title() if name in result['header']: result['header'][name] += ', ' + value else: result['header'][name] = value env = env if env else {} wsgiref.util.setup_testing_defaults(env) env['REQUEST_METHOD'] = wsgistr(method.upper().strip()) env['PATH_INFO'] = wsgistr(path) env['QUERY_STRING'] = wsgistr('') if post: env['REQUEST_METHOD'] = 'POST' env['CONTENT_LENGTH'] = str(len(tob(post))) env['wsgi.input'].write(tob(post)) env['wsgi.input'].seek(0) response = self.wsgiapp(env, start_response) for part in response: try: result['body'] += part except TypeError: raise TypeError('WSGI app yielded non-byte object %s', type(part)) if hasattr(response, 'close'): response.close() del response return result
def urlopen(self, path, method="GET", post="", env=None): result = {"code": 0, "status": "error", "header": {}, "body": tob("")} def start_response(status, header): result["code"] = int(status.split()[0]) result["status"] = status.split(None, 1)[-1] for name, value in header: name = name.title() if name in result["header"]: result["header"][name] += ", " + value else: result["header"][name] = value env = env if env else {} wsgiref.util.setup_testing_defaults(env) env["REQUEST_METHOD"] = method.upper().strip() env["PATH_INFO"] = path env["QUERY_STRING"] = "" if post: env["REQUEST_METHOD"] = "POST" env["CONTENT_LENGTH"] = str(len(tob(post))) env["wsgi.input"].write(tob(post)) env["wsgi.input"].seek(0) response = self.wsgiapp(env, start_response) for part in response: try: result["body"] += part except TypeError: raise TypeError("WSGI app yielded non-byte object %s", type(part)) if hasattr(response, "close"): response.close() del response return result
def test_multipart(self): """ Environ: POST (multipart files and multible values per key) """ fields = [('field1','value1'), ('field2','value2'), ('field2','value3')] files = [('file1','filename1.txt','content1'), ('file2','filename2.py',touni('ä\nö\rü'))] e = tools.multipart_environ(fields=fields, files=files) request = BaseRequest(e) # File content self.assertTrue('file1' in request.POST) self.assertTrue('file1' in request.files) self.assertTrue('file1' not in request.forms) cmp = tob('content1') if sys.version_info >= (3,2,0) else 'content1' self.assertEqual(cmp, request.POST['file1'].file.read()) # File name and meta data self.assertTrue('file2' in request.POST) self.assertTrue('file2' in request.files) self.assertTrue('file2' not in request.forms) self.assertEqual('filename2.py', request.POST['file2'].filename) # UTF-8 files x = request.POST['file2'].file.read() if (3,2,0) > sys.version_info >= (3,0,0): x = x.encode('ISO-8859-1') self.assertEqual(tob('ä\nö\rü'), x) # No file self.assertTrue('file3' not in request.POST) self.assertTrue('file3' not in request.files) self.assertTrue('file3' not in request.forms) # Field (single) self.assertEqual('value1', request.POST['field1']) self.assertTrue('field1' not in request.files) self.assertEqual('value1', request.forms['field1']) # Field (multi) self.assertEqual(2, len(request.POST.getall('field2'))) self.assertEqual(['value2', 'value3'], request.POST.getall('field2')) self.assertEqual(['value2', 'value3'], request.forms.getall('field2')) self.assertTrue('field2' not in request.files)
def test_get_to_get_records_returns_records(): body = "name=cliff" bottle.request.environ['CONTENT_LENGTH'] = str(len(bottle.tob(body))) bottle.request.environ['wsgi.input'] = BytesIO() bottle.request.environ['wsgi.input'].write(bottle.tob(body)) bottle.request.environ['wsgi.input'].seek(0) results = api.get_records("new") assert len(results) == 1
def test_delete_to_delete_record_deletes_a_record(): body = "name=cliff" bottle.request.environ['CONTENT_LENGTH'] = str(len(bottle.tob(body))) bottle.request.environ['wsgi.input'] = BytesIO() bottle.request.environ['wsgi.input'].write(bottle.tob(body)) bottle.request.environ['wsgi.input'].seek(0) results = api.delete_record("new") assert len(api.collections["new"]) == 0
def cookie_decode(data, key=settings.SECRET, digestmod=None): """ Verify and decode an encoded string. Return an object or None.""" data = tob(data) sig, msg = data.split(tob("?"), 1) digestmod = digestmod or hashlib.sha256 hashed = hmac.new(tob(key), msg, digestmod=digestmod).digest() if _lscmp(sig[1:], base64.b64encode(hashed)): return json.loads(base64.b64decode(msg)) return None
def test_post(self): body = {"hello": "world"} json_body = json.dumps(body) request.environ['CONTENT_LENGTH'] = int(len(tob(json_body))) request.environ['wsgi.input'] = BytesIO() request.environ['wsgi.input'].write(tob(json_body)) request.environ['wsgi.input'].seek(0) ret = _TestApp().post() self.assertDictEqual(ret, {"data": ({"foo":"bar"},), "total": 1})
def fake_request_json(body): """helper function to set the fake request body.""" request.environ['CONTENT_LENGTH'] = str(len(tob(body))) request.environ['CONTENT_TYPE'] = 'application/json' if 'wsgi.input' not in request.environ: request.environ['wsgi.input'] = BytesIO() request.environ['wsgi.input'].seek(0) request.environ['wsgi.input'].write(tob(body)) request.environ['wsgi.input'].seek(0)
def test_route1(self): body = "abc" request.environ['CONTENT_LENGTH'] = str(len(tob(body))) request.environ['wsgi.input'] = BytesIO() request.environ['wsgi.input'].write(tob(body)) request.environ['wsgi.input'].seek(0) result = TestRouter().route_1("bob") self.assertEqual(result, dict(msg="bob", len=3))
def _test_chunked(self, body, expect): e = {} wsgiref.util.setup_testing_defaults(e) e['wsgi.input'].write(tob(body)) e['wsgi.input'].seek(0) e['HTTP_TRANSFER_ENCODING'] = 'chunked' if isinstance(expect, str): self.assertEquals(tob(expect), BaseRequest(e).body.read()) else: self.assertRaises(expect, lambda: BaseRequest(e).body)
def test_post_to_post_record_adds_a_record_to_collection(): body = '{"name": "cliff", "email": "*****@*****.**"}' bottle.request.environ['CONTENT_LENGTH'] = str(len(bottle.tob(body))) bottle.request.environ['CONTENT_TYPE'] = "application/json" bottle.request.environ['wsgi.input'] = BytesIO() bottle.request.environ['wsgi.input'].write(bottle.tob(body)) bottle.request.environ['wsgi.input'].seek(0) api.post_record("new") assert "new" in data.store.api.collections assert len(data.store.api.collections["new"]) == 1
def test_update_record_updates_a_record(): api.collections["new"].add_record({"name": "Cliff", "_id": "test"}) body = '{"email": "*****@*****.**"}' bottle.request.environ['CONTENT_LENGTH'] = str(len(bottle.tob(body))) bottle.request.environ['CONTENT_TYPE'] = "application/json" bottle.request.environ['wsgi.input'] = BytesIO() bottle.request.environ['wsgi.input'].write(bottle.tob(body)) bottle.request.environ['wsgi.input'].seek(0) results = api.update_record("new", "test") assert api.collections["new"].find({"_id": "test"})[0]["email"] == "*****@*****.**"
def test_body(self): """ Environ: Request.body should behave like a file object factory """ e = {} wsgiref.util.setup_testing_defaults(e) e['wsgi.input'].write(tob('abc')) e['wsgi.input'].seek(0) e['CONTENT_LENGTH'] = str(3) request = BaseRequest(e) self.assertEqual(tob('abc'), request.body.read()) self.assertEqual(tob('abc'), request.body.read(3)) self.assertEqual(tob('abc'), request.body.readline()) self.assertEqual(tob('abc'), request.body.readline(3))
def test_get(self): """ Environ: GET data """ qs = tonat(tob('a=a&a=1&b=b&c=c&cn=%e7%93%b6'), 'latin1') request = BaseRequest({'QUERY_STRING':qs}) self.assertTrue('a' in request.query) self.assertTrue('b' in request.query) self.assertEqual(['a','1'], request.query.getall('a')) self.assertEqual(['b'], request.query.getall('b')) self.assertEqual('1', request.query['a']) self.assertEqual('b', request.query['b']) self.assertEqual(tonat(tob('瓶'), 'latin1'), request.query['cn']) self.assertEqual(touni('瓶'), request.query.cn)
def custom_error_handler(self, res, error): ''' Monkey patch method for json formatting error responses ''' # when the accept type matches the jsonFormatting configuration if self.in_supported_types(request.headers.get('Accept', '')): message=error.body if message==None: message=error.status_line if message==None: message="None" response_object = { "success":False, "message":message, } #response_object = self.get_response_object(1) #response_object['error'] = { # 'status_code': error.status_code, # 'status': error.status_line, # 'message': error.body, # } if self.debug: response_object['debug'] = { 'exception': repr(error.exception), 'traceback': error.traceback, } json_response = json.dumps(response_object,indent=self.indent) response.content_type = 'application/json' return json_response else: return tob(template(ERROR_PAGE_TEMPLATE, e=error))
def test_iterator_with_close(self): class MyIter(object): def __init__(self, data): self.data = data self.closed = False def close(self): self.closed = True def __iter__(self): return iter(self.data) byte_iter = MyIter([tob('abc'), tob('def')]) unicode_iter = MyIter([touni('abc'), touni('def')]) for test_iter in (byte_iter, unicode_iter): @self.app.route('/') def test(): return test_iter self.assertInBody('abcdef') self.assertTrue(byte_iter.closed)
def wsgi(self, environ, start_response): """ The bottle WSGI-interface. """ try: out = self._cast((yield from self._handle(environ))) # rfc2616 section 4.3 if response._status_code in (100, 101, 204, 304)\ or environ['REQUEST_METHOD'] == 'HEAD': if hasattr(out, 'close'): out.close() out = [] start_response(response._status_line, response.headerlist) return out except (KeyboardInterrupt, SystemExit, MemoryError): raise except Exception: if not self.catchall: raise err = '<h1>Critical error while processing request: %s</h1>' \ % html_escape(environ.get('PATH_INFO', '/')) if DEBUG: err += '<h2>Error:</h2>\n<pre>\n%s\n</pre>\n' \ '<h2>Traceback:</h2>\n<pre>\n%s\n</pre>\n' \ % (html_escape(repr(_e())), html_escape(format_exc())) environ['wsgi.errors'].write(err) headers = [('Content-Type', 'text/html; charset=UTF-8')] start_response('500 INTERNAL SERVER ERROR', headers, sys.exc_info()) return [tob(err)]
def test_multipart(self): """ Environ: POST (multipart files and multible values per key) """ fields = [("field1", "value1"), ("field2", "value2"), ("field2", "value3")] files = [("file1", "filename1.txt", "content1"), ("file2", "filename2.py", u"ä\nö\rü")] e = tools.multipart_environ(fields=fields, files=files) request.bind(e) # File content self.assertTrue("file1" in request.POST) cmp = tob("content1") if sys.version_info >= (3, 2, 0) else "content1" self.assertEqual(cmp, request.POST["file1"].file.read()) # File name and meta data self.assertTrue("file2" in request.POST) self.assertEqual("filename2.py", request.POST["file2"].filename) # UTF-8 files x = request.POST["file2"].file.read() if (3, 2, 0) > sys.version_info >= (3, 0, 0): x = x.encode("ISO-8859-1") self.assertEqual(u"ä\nö\rü".encode("utf8"), x) # No file self.assertTrue("file3" not in request.POST) # Field (single) self.assertEqual("value1", request.POST["field1"]) # Field (multi) self.assertEqual(2, len(request.POST.getall("field2"))) self.assertEqual(["value2", "value3"], request.POST.getall("field2"))
def test_decode_method(self): """ FomsDict.attribute returs u'' on UnicodeError. """ data = tob('äöü') d = FormsDict(py2=data, py3=data.decode('latin1')) d = d.decode() self.assertFalse(d.recode_unicode) self.assertEqual(unicode, type(list(d.keys())[0])) self.assertEqual(unicode, type(list(d.values())[0]))
def test_utf8_url(self): """ WSGI: Exceptions within handler code (HTTP 500) """ @bottle.route("/my/:string") def test(string): return string self.assertBody(tob("urf8-öäü"), "/my/urf8-öäü")
def test_range(self): request.environ['HTTP_RANGE'] = 'bytes=10-25,-80' f = static_file(basename, root=root) c = open(__file__, 'rb'); c.seek(10) self.assertEqual(c.read(16), tob('').join(f.body)) self.assertEqual('bytes 10-25/%d' % len(open(__file__, 'rb').read()), f.headers['Content-Range']) self.assertEqual('bytes', f.headers['Accept-Ranges'])
def test_json_forged_header_issue616(self): test = dict(a=5, b='test', c=[1,2,3]) e = {'CONTENT_TYPE': 'text/plain;application/json'} wsgiref.util.setup_testing_defaults(e) e['wsgi.input'].write(tob(json_dumps(test))) e['wsgi.input'].seek(0) e['CONTENT_LENGTH'] = str(len(json_dumps(test))) self.assertEqual(BaseRequest(e).json, None)
def test_utf8_url(self): """ WSGI: UTF-8 Characters in the URL """ @bottle.route("/my-öäü/:string") def test(string): return string self.assertBody(tob("urf8-öäü"), "/my-öäü/urf8-öäü")
def test_json_noheader(self): """ Environ: Request.json property with missing content-type header. """ test = dict(a=5, b='test', c=[1,2,3]) e = {} wsgiref.util.setup_testing_defaults(e) e['wsgi.input'].write(tob(json_dumps(test))) e['wsgi.input'].seek(0) e['CONTENT_LENGTH'] = str(len(json_dumps(test))) self.assertEqual(BaseRequest(e).json, None)
def test_json_tobig(self): """ Environ: Request.json property with huge body. """ test = dict(a=5, tobig='x' * bottle.BaseRequest.MEMFILE_MAX) e = {'CONTENT_TYPE': 'application/json'} wsgiref.util.setup_testing_defaults(e) e['wsgi.input'].write(tob(json_dumps(test))) e['wsgi.input'].seek(0) e['CONTENT_LENGTH'] = str(len(json_dumps(test))) self.assertRaises(HTTPError, lambda: BaseRequest(e).json)
def test_json_valid(self): """ Environ: Request.json property. """ test = dict(a=5, b='test', c=[1,2,3]) e = {'CONTENT_TYPE': 'application/json; charset=UTF-8'} wsgiref.util.setup_testing_defaults(e) e['wsgi.input'].write(tob(json_dumps(test))) e['wsgi.input'].seek(0) e['CONTENT_LENGTH'] = str(len(json_dumps(test))) self.assertEqual(BaseRequest(e).json, test)
def test_json_tobig(self): """ Environ: Request.json property with huge body. """ test = dict(a=5, tobig="x" * bottle.BaseRequest.MEMFILE_MAX) e = {"CONTENT_TYPE": "application/json"} wsgiref.util.setup_testing_defaults(e) e["wsgi.input"].write(tob(json_dumps(test))) e["wsgi.input"].seek(0) e["CONTENT_LENGTH"] = str(len(json_dumps(test))) self.assertEqual(BaseRequest(e).json, None)
def test_bodypost(self): sq = tob('foobar') e = {} wsgiref.util.setup_testing_defaults(e) e['wsgi.input'].write(sq) e['wsgi.input'].seek(0) e['CONTENT_LENGTH'] = str(len(sq)) e['REQUEST_METHOD'] = "POST" request = BaseRequest(e) self.assertEqual('', request.POST['foobar'])
def test_auth(self): user, pwd = 'marc', 'secret' basic = touni(base64.b64encode(tob('%s:%s' % (user, pwd)))) r = BaseRequest({}) self.assertEqual(r.auth, None) r.environ['HTTP_AUTHORIZATION'] = 'basic %s' % basic self.assertEqual(r.auth, (user, pwd)) r.environ['REMOTE_USER'] = user self.assertEqual(r.auth, (user, pwd)) del r.environ['HTTP_AUTHORIZATION'] self.assertEqual(r.auth, (user, None))
def test_tobigbody(self): """ Environ: Request.body should truncate to Content-Length bytes """ e = {} wsgiref.util.setup_testing_defaults(e) e['wsgi.input'].write(tob('x') * 1024) e['wsgi.input'].seek(0) e['CONTENT_LENGTH'] = '42' request = BaseRequest(e) self.assertEqual(42, len(request.body.read())) self.assertEqual(42, len(request.body.read(1024))) self.assertEqual(42, len(request.body.readline())) self.assertEqual(42, len(request.body.readline(1024)))
def test_getpostleak(self): """ Environ: GET and POST should not leak into each other """ e = {} wsgiref.util.setup_testing_defaults(e) e['wsgi.input'].write(tob('b=b')) e['wsgi.input'].seek(0) e['CONTENT_LENGTH'] = '3' e['QUERY_STRING'] = 'a=a' e['REQUEST_METHOD'] = "POST" request = BaseRequest(e) self.assertEqual(['a'], list(request.GET.keys())) self.assertEqual(['b'], list(request.POST.keys()))
def test_params(self): """ Environ: GET and POST are combined in request.param """ e = {} wsgiref.util.setup_testing_defaults(e) e['wsgi.input'].write(tob('b=b&c=p')) e['wsgi.input'].seek(0) e['CONTENT_LENGTH'] = '7' e['QUERY_STRING'] = 'a=a&c=g' e['REQUEST_METHOD'] = "POST" request = BaseRequest(e) self.assertEqual(['a', 'b', 'c'], sorted(request.params.keys())) self.assertEqual('p', request.params['c'])
def test_multipart(self): """ Environ: POST (multipart files and multible values per key) """ fields = [('field1','value1'), ('field2','value2'), ('field2','万难')] files = [('file1','filename1.txt','content1'), ('万难','万难foo.py', 'ä\nö\rü')] e = tools.multipart_environ(fields=fields, files=files) request = BaseRequest(e) # File content self.assertTrue('file1' in request.POST) self.assertTrue('file1' in request.files) self.assertTrue('file1' not in request.forms) cmp = tob('content1') if sys.version_info >= (3,2,0) else 'content1' self.assertEqual(cmp, request.POST['file1'].file.read()) # File name and meta data self.assertTrue('万难' in request.POST) self.assertTrue('万难' in request.files) self.assertTrue('万难' not in request.forms) self.assertEqual('foo.py', request.POST['万难'].filename) self.assertTrue(request.files['万难']) self.assertFalse(request.files.file77) # UTF-8 files x = request.POST['万难'].file.read() if (3,2,0) > sys.version_info >= (3,0,0): x = x.encode('utf8') self.assertEqual(tob('ä\nö\rü'), x) # No file self.assertTrue('file3' not in request.POST) self.assertTrue('file3' not in request.files) self.assertTrue('file3' not in request.forms) # Field (single) self.assertEqual('value1', request.POST['field1']) self.assertTrue('field1' not in request.files) self.assertEqual('value1', request.forms['field1']) print(request.forms.dict, request.forms.recode_unicode) self.assertEqual('万难', request.forms['field2']) self.assertEqual(touni('万难'), request.forms.field2) # Field (multi) self.assertEqual(2, len(request.POST.getall('field2'))) self.assertEqual(['value2', '万难'], request.POST.getall('field2')) self.assertEqual(['value2', '万难'], request.forms.getall('field2')) self.assertTrue('field2' not in request.files)
def test_body_noclose(self): """ Test that the body file handler is not closed after request.POST """ sq = tob('a=a&a=1&b=b&c=&d') e = {} wsgiref.util.setup_testing_defaults(e) e['wsgi.input'].write(sq) e['wsgi.input'].seek(0) e['CONTENT_LENGTH'] = str(len(sq)) e['REQUEST_METHOD'] = "POST" request = BaseRequest(e) self.assertEqual(sq, request.body.read()) request.POST # This caused a body.close() with Python 3.x self.assertEqual(sq, request.body.read())
def test_bigbody(self): """ Environ: Request.body should handle big uploads using files """ e = {} wsgiref.util.setup_testing_defaults(e) e['wsgi.input'].write(tob('x') * 1024 * 1000) e['wsgi.input'].seek(0) e['CONTENT_LENGTH'] = str(1024 * 1000) request = BaseRequest(e) self.assertTrue(hasattr(request.body, 'fileno')) self.assertEqual(1024 * 1000, len(request.body.read())) self.assertEqual(1024, len(request.body.read(1024))) self.assertEqual(1024 * 1000, len(request.body.readline())) self.assertEqual(1024, len(request.body.readline(1024)))
def tearDown(cls): ''' Finaliza o servidor bottle para fazer os testes. Código obtido e adaptado de: https://github.com/bottlepy/bottle/blob/master/test/test_server.py ''' if cls.skip: return # pragma: no cover if cls.p.poll() is None: os.kill(cls.p.pid, signal.SIGINT) time.sleep(0.5) while cls.p.poll() is None: # pragma: no cover os.kill(cls.p.pid, signal.SIGTERM) time.sleep(1) for stream in (cls.p.stdout, cls.p.stderr): # pragma: no cover for line in stream: if tob('warning') in line.lower(): cls.warn(line.strip().decode('utf8')) elif tob('error') in line.lower(): raise AssertionError(line.strip().decode('utf8'))
def test_override_response(self): @self.app.route('/foo') @self.oauth.create_authorization_response() def test(): return "my=custom&body=" with mock.patch("oauthlib.oauth2.Server.create_authorization_response", return_value=self.fake_response) as mocked: app_response = self.urlopen("/foo") self.assertEqual(app_response['code'], 200) self.assertEqual(app_response['status'], "FooOK") self.assertEqual(app_response['body'], tob("my=custom&body=")) self.assertEqual(app_response['header']['Content-Type'], "application/x-www-form-urlencoded") mocked.assert_called_once()
def test_valid_response(self): @self.app.route('/foo') @self.oauth.create_authorization_response() def test(): return None with mock.patch("oauthlib.oauth2.Server.create_authorization_response", return_value=self.fake_response) as mocked: app_response = self.urlopen("/foo", method="GET", query="scope=admin%20view%20write") self.assertEqual(app_response['code'], 200) self.assertEqual(app_response['status'], "FooOK") self.assertEqual(app_response['body'], tob("a=b&c=d")) self.assertEqual(app_response['header']['Content-Type'], "application/x-www-form-urlencoded") mocked.assert_called_once() self.assertEqual(mocked.call_args[1]["scopes"], ['admin', 'view', 'write'])
def test_filename(self): self.assertFilename('with space', 'with-space') self.assertFilename('with more \t\n\r space', 'with-more-space') self.assertFilename('UpperCase', 'uppercase') self.assertFilename('with/path', 'path') self.assertFilename('../path', 'path') self.assertFilename('..\\path', 'path') self.assertFilename('..', 'empty') self.assertFilename('.name.', 'name') self.assertFilename(' . na me . ', 'na-me') self.assertFilename('path/', 'empty') self.assertFilename(bottle.tob('ümläüts$'), 'mlts') self.assertFilename(bottle.touni('ümläüts$'), 'umlauts') self.assertFilename('', 'empty')
def test_valid_response(self): @bottle.route('/foo') @self.oauth.create_introspect_response() def test(): return None with mock.patch("oauthlib.oauth2.Server.create_introspect_response", return_value=self.fake_response) as mocked: app_response = self.urlopen("/foo") self.assertEqual(app_response['code'], 200) self.assertEqual(app_response['status'], "FooOK") self.assertEqual(app_response['body'], tob("a=b&c=d")) self.assertEqual(app_response['header']['Content-Type'], "application/x-www-form-urlencoded") mocked.assert_called_once()
def test_valid_request(self): @self.app.route('/foo') @self.oauth.verify_request() def test(): self.assertEqual(bottle.request.oauth['client'], 'foo') self.assertEqual(bottle.request.oauth['user'], 'bar') self.assertEqual(bottle.request.oauth['scopes'], ['banana', 'pinapple']) return "authorized_access" with mock.patch("oauthlib.oauth2.Server.verify_request", return_value=(True, self.fake_request)) as mocked: app_response = self.urlopen("/foo") self.assertEqual(app_response['code'], 200, app_response['body']) self.assertEqual(app_response['status'], "OK") self.assertEqual(app_response['body'], tob("authorized_access")) mocked.assert_called_once()
def test_filename(self): self.assertFilename('with space', 'with-space') self.assertFilename('with more \t\n\r space', 'with-more-space') self.assertFilename('with/path', 'path') self.assertFilename('../path', 'path') self.assertFilename('..\\path', 'path') self.assertFilename('..', 'empty') self.assertFilename('.name.', 'name') self.assertFilename('.name.cfg', 'name.cfg') self.assertFilename(' . na me . ', 'na-me') self.assertFilename('path/', 'empty') self.assertFilename(bottle.tob('ümläüts$'), 'umlauts') self.assertFilename(bottle.touni('ümläüts$'), 'umlauts') self.assertFilename('', 'empty') self.assertFilename('a'+'b'*1337+'c', 'a'+'b'*254)
def tearDown(self): if self.skip: return if self.p.poll() == None: os.kill(self.p.pid, signal.SIGINT) time.sleep(0.5) if self.p.poll() == None: os.kill(self.p.pid, signal.SIGTERM) time.sleep(0.5) while self.p.poll() == None: tools.warn("Trying to kill server %r with pid %d." % (self.server, self.p.pid)) os.kill(self.p.pid, signal.SIGKILL) time.sleep(1) lines = [ line for stream in (self.p.stdout, self.p.stderr) for line in stream ] for line in lines: if tob('warning') in line.lower(): tools.warn(line.strip().decode('utf8')) elif tob('error') in line.lower(): raise AssertionError(line.strip().decode('utf8'))
def test_override_response(self): @bottle.route('/foo') @self.oauth.create_introspect_response() def test(): return "{'valid': false}" with mock.patch("oauthlib.oauth2.Server.create_introspect_response", return_value=self.fake_response) as mocked: app_response = self.urlopen("/foo") self.assertEqual(app_response['code'], 200) self.assertEqual(app_response['status'], "FooOK") self.assertEqual(app_response['body'], tob("{'valid': false}")) self.assertEqual(app_response['header']['Content-Type'], "application/json") mocked.assert_called_once()
def test_maxparam(self): ips = ['1.2.3.4', '2.3.4.5', '3.4.5.6'] e = {} wsgiref.util.setup_testing_defaults(e) e['wsgi.input'].write(tob('a=a&b=b&c=c')) e['wsgi.input'].seek(0) e['CONTENT_LENGTH'] = '11' e['REQUEST_METHOD'] = "POST" e['HTTP_COOKIE'] = 'a=1,b=1,c=1;d=1' e['QUERY_STRING'] = 'a&b&c&d' r = BaseRequest(e) r.MAX_PARAMS = 2 self.assertEqual(len(list(r.query.allitems())), 2) self.assertEqual(len(list(r.cookies.allitems())), 2) self.assertEqual(len(list(r.forms.allitems())), 2) self.assertEqual(len(list(r.params.allitems())), 4)
def handle_markdown_output(filepath, filename): """Output processed markdown. """ from bottle import parse_date, tob headers = {} # check 304 stats = os.stat(filename) headers['Last-Modified'] = email.utils.formatdate(stats.st_mtime, usegmt=True) getenv = request.environ.get etag = '%d:%d:%d:%d:%s' % (stats.st_dev, stats.st_ino, stats.st_mtime, stats.st_size, filename) etag = hashlib.sha1(tob(etag)).hexdigest() headers['ETag'] = etag check = getenv('HTTP_IF_NONE_MATCH') if check and check == etag: return HTTPResponse(status=304, **headers) if not check: ims = getenv('HTTP_IF_MODIFIED_SINCE') if ims: ims = parse_date(ims.split(";")[0].strip()) if ims is not None and ims >= int(stats.st_mtime): return HTTPResponse(status=304, **headers) # output processed content with open(filename, 'r', encoding='UTF-8') as f: body = f.read() f.close() body = template( 'markdown', sitename=runtime['name'], is_local=is_local_access(), base=get_base(), path=request.path, content=commonmark.commonmark(body), ) return HTTPResponse(body, **headers)
def test_post(self): """ Environ: POST data """ sq = tob('a=a&a=1&b=b&c=&d') e = {} wsgiref.util.setup_testing_defaults(e) e['wsgi.input'].write(sq) e['wsgi.input'].seek(0) e['CONTENT_LENGTH'] = str(len(sq)) e['REQUEST_METHOD'] = "POST" request = BaseRequest(e) self.assertTrue('a' in request.POST) self.assertTrue('b' in request.POST) self.assertEqual(['a','1'], request.POST.getall('a')) self.assertEqual(['b'], request.POST.getall('b')) self.assertEqual('1', request.POST['a']) self.assertEqual('b', request.POST['b']) self.assertEqual('', request.POST['c']) self.assertEqual('', request.POST['d'])
def custom_error_handler(self, res, error): ''' Monkey patch method for json formatting error responses ''' # when the accept type matches the jsonFormatting configuration if self.in_supported_types(request.headers.get('Accept', '')): response_object = self.get_response_object(1) response_object['error'] = { 'status_code': error.status_code, 'status': error.status_line, 'message': error.body, } if self.debug: response_object['debug'] = { 'exception': repr(error.exception), 'traceback': error.traceback, } json_response = json_dumps(response_object) response.content_type = 'application/json' return json_response else: return tob(template(ERROR_PAGE_TEMPLATE, e=error))
def test_maxparam(self): ips = ['1.2.3.4', '2.3.4.5', '3.4.5.6'] e = {} wsgiref.util.setup_testing_defaults(e) e['wsgi.input'].write(tob('a=a&b=b&c=c')) e['wsgi.input'].seek(0) e['CONTENT_LENGTH'] = '11' e['REQUEST_METHOD'] = "POST" e['HTTP_COOKIE'] = 'a=1;b=1;c=1;d=1' e['QUERY_STRING'] = 'a&b&c&d' old_value = BaseRequest.MAX_PARAMS r = BaseRequest(e) try: BaseRequest.MAX_PARAMS = 2 self.assertRaises(HTTPError, lambda: r.query) self.assertRaises(HTTPError, lambda: r.cookies) self.assertRaises(HTTPError, lambda: r.forms) self.assertRaises(HTTPError, lambda: r.params) finally: BaseRequest.MAX_PARAMS = old_value
def __call__(self, environ, start_response): try: return self.app(environ, start_response) except Exception: template_vars = {} if 'bottle.request.post' in environ: environ['bottle.request.post'] = dict( filter_sensitive_params(environ['bottle.request.post'], self.sensitive_params)) template_vars['environ'] = html_escape(pformat(environ)) template_vars['error'] = html_escape(repr(_e())) template_vars['trace'] = html_escape(format_exc()) template_vars['dump_file'] = self.dump_file environ['wsgi.errors'].write(format_exc()) headers = [('Content-Type', 'text/html; charset=UTF-8')] err = ERROR_TEMPLATE % template_vars start_response('500 INTERNAL SERVER ERROR', headers) with open("/tmp/%s" % self.dump_file, "w") as f: f.write(err) return [tob(err)]
def test_loop_bottle_request(self): import base64 import bottle from bottle import tob from bottle import touni import wsgiref.util payload = b'token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJmb28iOiJiYXIifQ.6OIg9riYNt9tZ2aMM_CK6TyMKN3OAk0j1W2XDfqfYPU' e = {} wsgiref.util.setup_testing_defaults(e) e['wsgi.input'].write(payload) e['wsgi.input'].seek(0) e['REQUEST_METHOD'] = "POST" e['CONTENT_TYPE'] = "application/x-www-form-urlencoded; charset=utf-8" e['CONTENT_LENGTH'] = str(len(payload)) e['HTTP_AUTHORIZATION'] = 'basic %s' % touni(base64.b64encode(tob('%s:%s' % ('foobar', 'barsecret')))) request = bottle.BaseRequest(e) for i in range(0, loop_iterations): self.assertAuth(request)
def __call__(self, environ, start_response): try: return self.app(environ, start_response) except (Exception, ExceptionInBackend) as e: template_vars = {} if 'bottle.request.post' in environ: environ['bottle.request.post'] = dict( filter_sensitive_params(environ['bottle.request.post'], self.sensitive_params)) # update environ environ["foris.version"] = current_state.foris_version environ["foris.language"] = current_state.language environ["foris.backend"] = current_state.backend template_vars['environ'] = html_escape(pformat(environ)) # Handles backend exceptions in same manner as if isinstance(e, ExceptionInBackend): error = "Remote Exception: %s" % e.remote_description extra = "<h3>Remote request</h3><pre>%s</pre>" % html_escape( json.dumps(e.query)) trace = e.remote_stacktrace else: error = repr(_e()) trace = format_exc() extra = "" template_vars['error'] = html_escape(error) template_vars['trace'] = html_escape(trace) template_vars['extra'] = extra template_vars['dump_file'] = "%s/%s" % (get_root(), self.dump_file) environ['wsgi.errors'].write(format_exc()) headers = [('Content-Type', 'text/html; charset=UTF-8')] err = ERROR_TEMPLATE % template_vars start_response('500 INTERNAL SERVER ERROR', headers) with open("/tmp/%s" % self.dump_file, "wb") as f: f.write(err.encode("UTF-8")) return [tob(err)]
def testIsEncoded(self): cookie = bottle.cookie_encode(self.data, self.key) self.assertTrue(bottle.cookie_is_encoded(cookie)) self.assertFalse(bottle.cookie_is_encoded(tob('some string')))
def testDeEncode(self): cookie = bottle.cookie_encode(self.data, self.key) decoded = bottle.cookie_decode(cookie, self.key) self.assertEqual(self.data, decoded) decoded = bottle.cookie_decode(cookie+tob('x'), self.key) self.assertEqual(None, decoded)
def setUp(self): self.data = dict(a=5, b=touni('υηι¢σ∂є'), c=[1,2,3,4,tob('bytestring')]) self.key = tob('secret')
def test_utf8_url(self): """ WSGI: UTF-8 Characters in the URL """ @bottle.route('/my-öäü/:string') def test(string): return string self.assertBody(tob('urf8-öäü'), '/my-öäü/urf8-öäü')
def test_bytes(self): self.env['HTTP_TEST_HEADER'] = tob('foobar') self.assertEqual(self.headers['Test-Header'], 'foobar')
def setUp(self): self.data = dict(a=5, b=touni('υηι¢σ∂є'), c=[1,2,3,4,tob('bytestring')]) self.secret = tob('secret') bottle.app.push() bottle.response.bind()