def test_decode_token(self):
# Check invalid tokens
with self.assertRaises(TokenException):
auth_utils.decode_token(None)
with self.assertRaises(TokenException):
auth_utils.decode_token("asfafsasf1241243124")
good_user = {
"username": "******",
"roles": ["role"]
}
token = auth_utils.create_token(good_user)
try:
auth_utils.decode_token(token)
except Exception:
self.fail("Should not be here")
# test modified token not acceptable
tokenlist = list(token)
if tokenlist[0] != '?':
tokenlist[0] = '?'
else:
tokenlist[0] = 'a'
token = "".join(tokenlist)
with self.assertRaises(TokenException):
auth_utils.decode_token(token)
def test_get_authenticated_user(self):
headername = "Authorization"
request = testing.DummyRequest()
good_user = {"username": "******", "roles": ["role"]}
token = auth_utils.create_token(good_user)
request.headers[headername] = token
self.assertIsNone(auth_utils.get_authenticated_user(
request)) # with current impl. we don't have the user "user"
def test_get_authenticated_user(self):
headername = "Authorization"
request = testing.DummyRequest()
good_user = {
"username": "******",
"roles": ["role"]
}
token = auth_utils.create_token(good_user)
request.headers[headername] = token
self.assertIsNone(auth_utils.get_authenticated_user(request)) # with current impl. we don't have the user "user"
def test_valid_token(self):
request = testing.DummyRequest()
with self.assertRaises(HTTPBadRequest):
auth_utils.valid_token(request)
headername = "Authorization"
request.headers[headername] = "asfasfasfasf"
with self.assertRaises(HTTPBadRequest):
auth_utils.valid_token(request)
good_user = {"username": "******", "roles": ["role"]}
token = auth_utils.create_token(good_user)
request.headers[headername] = token
auth_utils.valid_token(request)
def authenticate(request):
"""Registers a new token for the user"""
authentitcationrequest = AuthenticationRequest().deserialize(request.json)
user = userdao.find_by_username(authentitcationrequest["username"])
if user is None:
raise HTTPBadRequest
logger.debug("Creating new token for user {}".format(user["username"]))
if verify_password_hash(authentitcationrequest["password"], user["password"]):
token = auth_utils.create_token(user)
logger.debug("Token created: {}".format(token))
return {'token': token}
raise HTTPBadRequest
def authenticate(request):
"""Registers a new token for the user"""
authentitcationrequest = AuthenticationRequest().deserialize(request.json)
user = userdao.find_by_username(authentitcationrequest["username"])
if user is None:
raise HTTPBadRequest
logger.debug("Creating new token for user {}".format(user["username"]))
if verify_password_hash(authentitcationrequest["password"],
user["password"]):
token = auth_utils.create_token(user)
logger.debug("Token created: {}".format(token))
return {'token': token}
raise HTTPBadRequest
def test_valid_token(self):
request = testing.DummyRequest()
with self.assertRaises(HTTPBadRequest):
auth_utils.valid_token(request)
headername = "Authorization"
request.headers[headername] = "asfasfasfasf"
with self.assertRaises(HTTPBadRequest):
auth_utils.valid_token(request)
good_user = {
"username": "******",
"roles": ["role"]
}
token = auth_utils.create_token(good_user)
request.headers[headername] = token
auth_utils.valid_token(request)
def test_decode_token(self):
# Check invalid tokens
with self.assertRaises(TokenException):
auth_utils.decode_token(None)
with self.assertRaises(TokenException):
auth_utils.decode_token("asfafsasf1241243124")
good_user = {"username": "******", "roles": ["role"]}
token = auth_utils.create_token(good_user)
try:
auth_utils.decode_token(token)
except Exception:
self.fail("Should not be here")
# test modified token not acceptable
tokenlist = list(token)
if tokenlist[0] != '?':
tokenlist[0] = '?'
else:
tokenlist[0] = 'a'
token = "".join(tokenlist)
with self.assertRaises(TokenException):
auth_utils.decode_token(token)
def test_create_token(self):
with self.assertRaises(TokenException):
auth_utils.create_token(None)
bad_user = {"username": None, "roles": ["cool"]}
with self.assertRaises(TokenException):
auth_utils.create_token(bad_user)
bad_user = {"username": "******", "roles": []}
with self.assertRaises(TokenException):
auth_utils.create_token(bad_user)
bad_user = {"username": "******", "roles": None}
with self.assertRaises(TokenException):
auth_utils.create_token(bad_user)
bad_user = {
"username": "******",
}
with self.assertRaises(TokenException):
auth_utils.create_token(bad_user)
bad_user = {"roles": ["role"]}
with self.assertRaises(TokenException):
auth_utils.create_token(bad_user)
good_user = {"username": "******", "roles": ["role"]}
token = auth_utils.create_token(good_user)
self.assertIsNotNone(token)
try:
tokenuser = auth_utils.decode_token(token)
self.assertEqual(good_user["username"], tokenuser["user"])
except TokenException:
self.fail()
def test_create_token(self):
with self.assertRaises(TokenException):
auth_utils.create_token(None)
bad_user = {
"username": None,
"roles": ["cool"]
}
with self.assertRaises(TokenException):
auth_utils.create_token(bad_user)
bad_user = {
"username": "******",
"roles": []
}
with self.assertRaises(TokenException):
auth_utils.create_token(bad_user)
bad_user = {
"username": "******",
"roles": None
}
with self.assertRaises(TokenException):
auth_utils.create_token(bad_user)
bad_user = {
"username": "******",
}
with self.assertRaises(TokenException):
auth_utils.create_token(bad_user)
bad_user = {
"roles": ["role"]
}
with self.assertRaises(TokenException):
auth_utils.create_token(bad_user)
good_user = {
"username": "******",
"roles": ["role"]
}
token = auth_utils.create_token(good_user)
self.assertIsNotNone(token)
try:
tokenuser = auth_utils.decode_token(token)
self.assertEqual(good_user["username"], tokenuser["user"])
except TokenException:
self.fail()
