Example #1
0
 def test_obeys_token_with_proxied_auth(self):
     user = data_setup.create_user()
     proxy = data_setup.create_user()
     cookie = self.acquire_cookie(user, proxy)
     with app.test_request_context(headers={'Cookie': cookie}):
         identity.check_authentication()
         self.assertEqual(identity.current.user, user)
         self.assertEqual(identity.current.proxied_by_user, proxy)
Example #2
0
 def test_obeys_token_with_proxied_auth(self):
     user = data_setup.create_user()
     proxy = data_setup.create_user()
     cookie = self.acquire_cookie(user, proxy)
     with app.test_request_context(headers={'Cookie': cookie}):
         identity.check_authentication()
         self.assertEqual(identity.current.user, user)
         self.assertEqual(identity.current.proxied_by_user, proxy)
Example #3
0
 def test_token_is_ignored_if_proxy_does_not_exist(self):
     # As above, this should never actually happen.
     user = data_setup.create_user()
     proxy = data_setup.create_user()
     cookie = self.acquire_cookie(user, proxy)
     session.delete(proxy)
     session.flush()
     with app.test_request_context(headers={'Cookie': cookie}):
         identity.check_authentication()
         self.assertIsNone(identity.current.user)
         self.assertIsNone(identity.current.proxied_by_user)
Example #4
0
 def test_token_is_ignored_if_proxy_does_not_exist(self):
     # As above, this should never actually happen.
     user = data_setup.create_user()
     proxy = data_setup.create_user()
     cookie = self.acquire_cookie(user, proxy)
     session.delete(proxy)
     session.flush()
     with app.test_request_context(headers={'Cookie': cookie}):
         identity.check_authentication()
         self.assertIsNone(identity.current.user)
         self.assertIsNone(identity.current.proxied_by_user)
Example #5
0
 def test_REMOTE_USER_takes_precedence_over_cookie(self):
     # This could happen if the user somehow reauthenticates to Apache as
     # a different user but an existing session cookie is left behind
     # because they didn't log out of Beaker.
     old_user = data_setup.create_user()
     new_user = data_setup.create_user()
     cookie = self.acquire_cookie(old_user)
     environ = {'REMOTE_USER': new_user.user_name}
     with app.test_request_context(environ_overrides=environ,
                                   headers={'Cookie': cookie}):
         identity.check_authentication()
         self.assertEqual(identity.current.user, new_user)
Example #6
0
 def test_REMOTE_USER_takes_precedence_over_cookie(self):
     # This could happen if the user somehow reauthenticates to Apache as 
     # a different user but an existing session cookie is left behind 
     # because they didn't log out of Beaker.
     old_user = data_setup.create_user()
     new_user = data_setup.create_user()
     cookie = self.acquire_cookie(old_user)
     environ = {'REMOTE_USER': new_user.user_name}
     with app.test_request_context(environ_overrides=environ,
             headers={'Cookie': cookie}):
         identity.check_authentication()
         self.assertEqual(identity.current.user, new_user)
Example #7
0
 def test_obeys_REMOTE_USER(self):
     # REMOTE_USER will be set if Apache is configured to do external
     # authentication and the authentication was successful for this
     # request.
     user = data_setup.create_user()
     environ = {'REMOTE_USER': user.user_name}
     with app.test_request_context(environ_overrides=environ):
         identity.check_authentication()
         self.assertEqual(identity.current.user, user)
         self.assertIsNone(identity.current.proxied_by_user)
Example #8
0
 def test_authentication_is_ignored_if_user_is_disabled(self):
     user = data_setup.create_user()
     cookie = self.acquire_cookie(user)
     environ = {'REMOTE_USER': user.user_name}
     user.disabled = True
     with app.test_request_context(environ_overrides=environ,
                                   headers={'Cookie': cookie}):
         identity.check_authentication()
         self.assertIsNone(identity.current.user)
         self.assertIsNone(identity.current.proxied_by_user)
Example #9
0
 def test_obeys_REMOTE_USER(self):
     # REMOTE_USER will be set if Apache is configured to do external 
     # authentication and the authentication was successful for this 
     # request.
     user = data_setup.create_user()
     environ = {'REMOTE_USER': user.user_name}
     with app.test_request_context(environ_overrides=environ):
         identity.check_authentication()
         self.assertEqual(identity.current.user, user)
         self.assertIsNone(identity.current.proxied_by_user)
Example #10
0
 def test_authentication_is_ignored_if_user_is_disabled(self):
     user = data_setup.create_user()
     cookie = self.acquire_cookie(user)
     environ = {'REMOTE_USER': user.user_name}
     user.disabled = True
     with app.test_request_context(environ_overrides=environ,
             headers={'Cookie': cookie}):
         identity.check_authentication()
         self.assertIsNone(identity.current.user)
         self.assertIsNone(identity.current.proxied_by_user)
Example #11
0
 def test_token_is_ignored_if_user_does_not_exist(self):
     # This should be impossible since we don't allow deleting User objects.
     # But let's test it for completeness' sake.
     user = data_setup.create_user()
     cookie = self.acquire_cookie(user)
     session.delete(user)
     session.flush()
     with app.test_request_context(headers={'Cookie': cookie}):
         identity.check_authentication()
         self.assertIsNone(identity.current.user)
         self.assertIsNone(identity.current.proxied_by_user)
Example #12
0
 def test_token_is_ignored_if_user_does_not_exist(self):
     # This should be impossible since we don't allow deleting User objects. 
     # But let's test it for completeness' sake.
     user = data_setup.create_user()
     cookie = self.acquire_cookie(user)
     session.delete(user)
     session.flush()
     with app.test_request_context(headers={'Cookie': cookie}):
         identity.check_authentication()
         self.assertIsNone(identity.current.user)
         self.assertIsNone(identity.current.proxied_by_user)