Ejemplo n.º 1
0
    def _gen_request(self,
                     method,
                     url,
                     params=None,
                     headers=None,
                     extra_environ=None,
                     status=None,
                     upload_files=None,
                     expect_errors=False,
                     content_type=None):
        headers = {} if headers is None else headers.copy()
        if self.auth:
            headers["X-Devpi-Auth"] = b64encode("%s:%s" % self.auth)

        # fill headers with defaults
        for name, val in self.headers.items():
            headers.setdefault(name, val)

        kw = dict(headers=headers)
        if params and params is not webtest.utils.NoDefault:
            if method.lower() in ('post', 'put', 'patch'):
                kw['data'] = params
            else:
                kw['params'] = params
        meth = getattr(requests, method.lower())
        if '://' not in url:
            url = self.base_url + url
        r = meth(url, **kw)
        return FunctionalResponseWrapper(r)
Ejemplo n.º 2
0
 def test_expired(self, blank_request, mock, policy, xom):
     from pyramid.authentication import b64encode
     with mock.patch('time.time') as timemock:
         timemock.return_code = 0.0
         passwd = policy.auth.serializer.dumps(('foo', []))
     blank_request.headers['X-Devpi-Auth'] = b64encode(
         'foo:%s' % passwd).decode("ascii")
     assert policy.callback('foo', blank_request) is None
Ejemplo n.º 3
0
 def _gen_request(self, method, url, **kw):
     if self.auth:
         headers = kw.get("headers")
         if not headers:
             headers = kw["headers"] = {}
         headers["X-Devpi-Auth"] = b64encode("%s:%s" % self.auth)
         #print ("setting auth header %r %s %s" % (auth, method, url))
     return super(MyTestApp, self)._gen_request(method, url, **kw)
Ejemplo n.º 4
0
 def _gen_request(self, method, url, **kw):
     if self.auth:
         headers = kw.get("headers")
         if not headers:
             headers = kw["headers"] = {}
         headers["X-Devpi-Auth"] = b64encode("%s:%s" % self.auth)
         #print ("setting auth header %r %s %s" % (auth, method, url))
     return super(MyTestApp, self)._gen_request(method, url, **kw)
Ejemplo n.º 5
0
 def test_nouser_basic(self, blank_request, policy, xom):
     from devpi_server.views import HTTPException
     from pyramid.authentication import b64encode
     blank_request.headers['Authorization'] = 'BASIC ' + b64encode(
         'foo:bar').decode("ascii")
     with pytest.raises(HTTPException) as e:
         policy.callback('foo', blank_request)
     assert e.value.status_code == 401
     assert e.value.title == "user 'foo' does not exist"
Ejemplo n.º 6
0
 def test_expired(self, blank_request, mock, policy, xom):
     from devpi_server.views import HTTPException
     from pyramid.authentication import b64encode
     with mock.patch('time.time') as timemock:
         timemock.return_code = 0.0
         passwd = policy.auth.serializer.dumps(('foo', []))
     blank_request.headers['X-Devpi-Auth'] = b64encode(
         'foo:%s' % passwd).decode("ascii")
     with pytest.raises(HTTPException) as e:
         policy.callback('foo', blank_request)
     assert e.value.status_code == 401
     assert e.value.title == "auth expired for 'foo'"
Ejemplo n.º 7
0
def with_user(request, user):
    from pyramid.authentication import b64encode
    if user is None:
        request.headers.pop('Authorization', None)
    else:
        if user == 'root':
            auth = "root:"
        else:
            auth = "%s:123" % user
        request.headers['Authorization'] = 'Basic %s' % b64encode(
            auth.encode('utf-8')).decode('ascii')
    return request
Ejemplo n.º 8
0
def with_user(request, user):
    from pyramid.authentication import b64encode
    if user is None:
        request.headers.pop('Authorization', None)
    else:
        if user == 'root':
            auth = "root:"
        else:
            auth = "%s:123" % user
        request.headers['Authorization'] = 'Basic %s' % b64encode(
            auth.encode('utf-8')).decode('ascii')
    return request
Ejemplo n.º 9
0
    def _gen_request(self, method, url, params=None, headers=None, **kw):
        headers = {} if headers is None else headers.copy()
        if self.auth:
            if not headers:
                headers = kw["headers"] = {}
            headers["X-Devpi-Auth"] = b64encode("%s:%s" % self.auth)
            #print ("setting auth header %r %s %s" % (auth, method, url))

        # fill headers with defaults
        for name, val in self.headers.items():
            headers.setdefault(name, val)

        kw["headers"] = headers
        if params is not None:
            kw["params"] = params
        return super(MyTestApp, self)._gen_request(method, url, **kw)
Ejemplo n.º 10
0
    def _gen_request(self, method, url, params=None, headers=None, **kw):
        headers = {} if headers is None else headers.copy()
        if self.auth:
            if not headers:
                headers = kw["headers"] = {}
            headers["X-Devpi-Auth"] = b64encode("%s:%s" % self.auth)
            #print ("setting auth header %r %s %s" % (auth, method, url))

        # fill headers with defaults
        for name, val in self.headers.items():
            headers.setdefault(name, val)

        kw["headers"] = headers
        if params is not None:
            kw["params"] = params
        return super(MyTestApp, self)._gen_request(method, url, **kw)
    def test_me(self):  # /api/me.json
        # Test unauthenticated/unauthorized access
        headers = {'Accept': 'application/json'}
        res = self.testapp.get('/api/me.json', headers=headers, status=200)
        self.assertEqual(res.json, {'data': None})

        # Test unauthenticated access -- invalid scheme
        headers = {'Accept': 'application/json', 'Authorization': 'Test Test'}
        res = self.testapp.get('/api/me.json', headers=headers, status=200)
        self.assertEqual(res.json, {'data': None})

        # Test unauthenticated access -- missing token
        headers = {'Accept': 'application/json', 'Authorization': 'Token'}
        res = self.testapp.get('/api/me.json', headers=headers, status=200)
        self.assertEqual(res.json, {'data': None})

        # Test unauthenticated access -- mangled traditional token
        headers = {'Accept': 'application/json', 'Authorization': 'Token +='}
        res = self.testapp.get('/api/me.json', headers=headers, status=200)
        self.assertEqual(res.json, {'data': None})

        token = b64encode('%s%s' %
                          (self.user_user.email, self.user_user.api_token))
        headers = {
            'Accept': 'application/json',
            'Authorization': 'Token %s' % native_(token)
        }
        res = self.testapp.get('/api/me.json', headers=headers, status=200)
        self.assertEqual(res.json, {'data': None})

        # Test authenticated/authorized access
        token = self.user_user.authorization_token
        headers = {
            'Accept': 'application/json',
            'Authorization': 'Token %s' % token
        }
        res = self.testapp.get('/api/me.json', headers=headers, status=200)
        self.assertIn('data', res.json)
        self.assertIn('email', res.json['data'])
        self.assertEqual(res.json['data']['email'], '*****@*****.**')
    def test_me(self): # /api/me.json
        # Test unauthenticated/unauthorized access
        headers = {'Accept': 'application/json'}
        res = self.testapp.get('/api/me.json', headers=headers, status=200)
        self.assertEqual(res.json, {'data': None})

        # Test unauthenticated access -- invalid scheme
        headers = {'Accept': 'application/json',
                   'Authorization': 'Test Test'}
        res = self.testapp.get('/api/me.json', headers=headers, status=200)
        self.assertEqual(res.json, {'data': None})

        # Test unauthenticated access -- missing token
        headers = {'Accept': 'application/json',
                   'Authorization': 'Token'}
        res = self.testapp.get('/api/me.json', headers=headers, status=200)
        self.assertEqual(res.json, {'data': None})

        # Test unauthenticated access -- mangled traditional token
        headers = {'Accept': 'application/json',
                   'Authorization': 'Token +='}
        res = self.testapp.get('/api/me.json', headers=headers, status=200)
        self.assertEqual(res.json, {'data': None})

        token = b64encode('%s%s' % (self.user_user.email,
                                    self.user_user.api_token))
        headers = {'Accept': 'application/json',
                   'Authorization': 'Token %s' % native_(token)}
        res = self.testapp.get('/api/me.json', headers=headers, status=200)
        self.assertEqual(res.json, {'data': None})

        # Test authenticated/authorized access
        token = self.user_user.authorization_token
        headers = {'Accept': 'application/json',
                   'Authorization': 'Token %s' % token}
        res = self.testapp.get('/api/me.json', headers=headers, status=200)
        self.assertIn('data', res.json)
        self.assertIn('email', res.json['data'])
        self.assertEqual(res.json['data']['email'], '*****@*****.**')
Ejemplo n.º 13
0
 def test_nouser_basic(self, blank_request, policy, xom):
     from pyramid.authentication import b64encode
     blank_request.headers['Authorization'] = 'BASIC ' + b64encode(
         'foo:bar').decode("ascii")
     assert policy.callback('foo', blank_request) is None
Ejemplo n.º 14
0
 def authorization_token(self):
     return native_(b64encode("%s:%s" % (self.email, self.api_token)))