def setUp(self):
app = Flask(__name__)
app.config['TESTING'] = True
app.config['HMAC_KEYS'] = {'a': 'aa', 'b': 'bb'}
self.hmac = Hmac(app)
self.app = app.test_client()
@app.route('/autodecorated')
def autodecorated():
return 'autodecorated'
@app.before_request
def before_request():
try:
self.hmac.validate_signature(request)
except HmacException:
return abort(400)
class TestHmacSignatureFlaskBeforeQuestClientSecrets(unittest.TestCase):
def setUp(self):
app = Flask(__name__)
app.config['TESTING'] = True
app.config['HMAC_KEYS'] = {'a': 'aa', 'b': 'bb'}
self.hmac = Hmac(app)
self.app = app.test_client()
@app.route('/autodecorated')
def autodecorated():
return 'autodecorated'
@app.before_request
def before_request():
try:
self.hmac.validate_signature(request)
except HmacException:
return abort(400)
def test_signature_hook(self):
response = self.app.get('/autodecorated')
assert 400 == response.status_code
def test_valid_signature(self):
sig = self.hmac.make_hmac_for('a')
response = self.app.get('/autodecorated',
headers={self.hmac.header: sig})
assert 200 == response.status_code
def test_invalid_generated_signature(self):
sig = self.hmac.make_hmac_for('a', 'some data')
response = self.app.get('/autodecorated',
headers={self.hmac.header: sig})
assert 400 == response.status_code
def test_invalid_signature(self):
response = self.app.get('/autodecorated',
headers={self.hmac.header: '00'})
assert 400 == response.status_code
class TestHmacSignatureFlaskBeforeQuestClientSecrets(unittest.TestCase):
def setUp(self):
app = Flask(__name__)
app.config['TESTING'] = True
app.config['HMAC_KEYS'] = {'a': 'aa', 'b': 'bb'}
self.hmac = Hmac(app)
self.app = app.test_client()
@app.route('/autodecorated')
def autodecorated():
return 'autodecorated'
@app.before_request
def before_request():
try:
self.hmac.validate_signature(request)
except HmacException:
return abort(400)
def test_signature_hook(self):
response = self.app.get('/autodecorated')
assert 400 == response.status_code
def test_valid_signature(self):
sig = self.hmac.make_hmac_for('a')
response = self.app.get('/autodecorated', headers={self.hmac.header: sig})
assert 200 == response.status_code
def test_invalid_generated_signature(self):
sig = self.hmac.make_hmac_for('a', 'some data')
response = self.app.get('/autodecorated', headers={self.hmac.header: sig})
assert 400 == response.status_code
def test_invalid_signature(self):
response = self.app.get('/autodecorated', headers={self.hmac.header: '00'})
assert 400 == response.status_code
class TestHmacSignatureFlaskBeforeQuest(unittest.TestCase):
def setUp(self):
app = Flask(__name__)
app.config['TESTING'] = True
app.config['HMAC_KEY'] = 's3cr3tk3y'
self.hmac = Hmac(app)
@app.route('/autodecorated')
def autodecorated():
return 'autodecorated'
@app.before_request
def before_request():
try:
self.hmac.validate_signature(request)
except HmacException:
return abort(400)
self.app = app.test_client()
def test_signature_hook(self):
response = self.app.get('/autodecorated')
assert 400 == response.status_code
class TestHmacSignatureFlaskBeforeQuest(unittest.TestCase):
def setUp(self):
app = Flask(__name__)
app.config['TESTING'] = True
app.config['HMAC_KEY'] = 's3cr3tk3y'
self.hmac = Hmac(app)
@app.route('/autodecorated')
def autodecorated():
return 'autodecorated'
@app.before_request
def before_request():
try:
self.hmac.validate_signature(request)
except HmacException:
return abort(400)
self.app = app.test_client()
def test_signature_hook(self):
response = self.app.get('/autodecorated')
assert 400 == response.status_code
def setUp(self):
app = Flask(__name__)
app.config['TESTING'] = True
app.config['HMAC_KEYS'] = {'a': 'aa', 'b': 'bb'}
self.hmac = Hmac(app)
self.app = app.test_client()
@app.route('/autodecorated')
def autodecorated():
return 'autodecorated'
@app.before_request
def before_request():
try:
self.hmac.validate_signature(request)
except HmacException:
return abort(400)
# Standard Libs
import json
import unittest
# Third Party Libs
from flask import Flask, abort, request
# First Party Libs
from flask_hmac import Hmac
from flask_hmac.exceptions import HmacException, UnknownKeyName
hmac = Hmac()
def create_app(disable_hmac=None):
app = Flask(__name__)
app.config['TESTING'] = True
app.config['HMAC_KEY'] = 's3cr3tk3y'
app.config['HMAC_KEYS'] = {
'a': 'f00',
'b': 'b4r',
}
if disable_hmac:
app.config['HMAC_DISARM'] = disable_hmac
hmac.init_app(app)
@app.route('/no_auth_view')
def no_auth_view():
return 'no_auth_view'
@app.route('/hmac_auth_view', methods=['GET', 'POST'])
