def test_well_known_doc_with_no_public_key(self):
def urlopen(url, data):
class response(object):
@staticmethod
def read():
return "{}"
return response
with patched_urlopen(urlopen):
self.assertRaises(InvalidIssuerError,
self.verifier.verify, EXPIRED_ASSERTION, now=0)
def test_handling_of_invalid_json_from_server(self):
def urlopen(url, data):
class response(object):
@staticmethod
def read():
return "SERVER RETURNS SOMETHING THAT ISNT JSON"
return response
with patched_urlopen(urlopen):
self.assertRaises(ConnectionError,
self.verifier.verify, EXPIRED_ASSERTION)
def test_malformed_well_known_document(self):
# patch urlopen
def urlopen(url, data):
class response(object):
@staticmethod
def read():
return "I AINT NO JSON, FOOL!"
return response
with patched_urlopen(urlopen):
self.assertRaises(InvalidIssuerError,
self.verifier.verify, EXPIRED_ASSERTION, now=0)
def test_handling_of_invalid_json_from_server(self):
def urlopen(url, data):
class response(object):
@staticmethod
def read():
return "SERVER RETURNS SOMETHING THAT ISNT JSON"
return response
with patched_urlopen(urlopen):
self.assertRaises(ConnectionError, self.verifier.verify,
EXPIRED_ASSERTION)
def test_handling_of_incorrect_audience_returned_by_server(self):
def urlopen(url, data):
class response(object):
@staticmethod
def read():
return '{"email": "*****@*****.**", '\
' "status": "okay", '\
'"audience": "WRONG"}'
return response
with patched_urlopen(urlopen):
self.assertRaises(AudienceMismatchError,
self.verifier.verify, EXPIRED_ASSERTION)
def test_handling_of_valid_response_from_server(self):
def urlopen(url, data):
class response(object):
@staticmethod
def read():
return '{"email": "*****@*****.**", '\
' "status": "okay", '\
' "audience": "http://myfavoritebeer.org"}'
return response
with patched_urlopen(urlopen):
data = self.verifier.verify(EXPIRED_ASSERTION)
self.assertEquals(data["email"], "*****@*****.**")
def test_handling_of_valid_response_from_server(self):
def urlopen(url, data):
class response(object):
@staticmethod
def read():
return '{"email": "*****@*****.**", '\
' "status": "okay", '\
' "audience": "http://myfavoritebeer.org"}'
return response
with patched_urlopen(urlopen):
data = self.verifier.verify(EXPIRED_ASSERTION)
self.assertEquals(data["email"], "*****@*****.**")
def test_well_known_doc_with_no_public_key(self):
def urlopen(url, data):
class response(object):
@staticmethod
def read():
return "{}"
return response
with patched_urlopen(urlopen):
self.assertRaises(InvalidIssuerError,
self.verifier.verify,
EXPIRED_ASSERTION,
now=0)
def test_handling_of_incorrect_audience_returned_by_server(self):
def urlopen(url, data):
class response(object):
@staticmethod
def read():
return '{"email": "*****@*****.**", '\
' "status": "okay", '\
'"audience": "WRONG"}'
return response
with patched_urlopen(urlopen):
self.assertRaises(AudienceMismatchError, self.verifier.verify,
EXPIRED_ASSERTION)
def test_well_known_doc_with_public_key(self):
# The browserid.org server doesn't currently have /.well-known/browserid.
# This simulates it with a dummy key.
def urlopen(url, data): # NOQA
class response(object):
@staticmethod
def read():
key = fetch_public_key("browserid.org")
return json.dumps({"public-key": key})
return response
with patched_urlopen(urlopen):
assertion = make_assertion("*****@*****.**", "http://e.com")
self.assertTrue(self.verifier.verify(assertion))
def test_handling_of_invalid_content_length_header_from_server(self):
def urlopen(url, data):
class response(object):
@staticmethod
def info():
return {"Content-Length": "forty-two"}
@staticmethod # NOQA
def read(size):
raise RuntimeError # pragma: nocover
return response
with patched_urlopen(urlopen):
self.assertRaises(ConnectionError,
self.verifier.verify, EXPIRED_ASSERTION)
def test_malformed_well_known_document(self):
# patch urlopen
def urlopen(url, data):
class response(object):
@staticmethod
def read():
return "I AINT NO JSON, FOOL!"
return response
with patched_urlopen(urlopen):
self.assertRaises(InvalidIssuerError,
self.verifier.verify,
EXPIRED_ASSERTION,
now=0)
def test_well_known_doc_with_public_key(self):
# The browserid.org server doesn't currently have /.well-known/browserid.
# This simulates it with a dummy key.
def urlopen(url, data): # NOQA
class response(object):
@staticmethod
def read():
key = fetch_public_key("browserid.org")
return json.dumps({"public-key": key})
return response
with patched_urlopen(urlopen):
assertion = make_assertion("*****@*****.**", "http://e.com")
self.assertTrue(self.verifier.verify(assertion))
def test_handling_of_invalid_content_length_header_from_server(self):
def urlopen(url, data):
class response(object):
@staticmethod
def info():
return {"Content-Length": "forty-two"}
@staticmethod # NOQA
def read(size):
raise RuntimeError # pragma: nocover
return response
with patched_urlopen(urlopen):
self.assertRaises(ConnectionError, self.verifier.verify,
EXPIRED_ASSERTION)
def test_malformed_pub_key_document(self):
called = []
def urlopen(url, data):
# First call must raise 404 so it will look for /pk.
# Second call must return invalid JSON.
class response(object):
@staticmethod
def read():
if not called:
called.append(True)
raise ValueError("404 Not Found")
return "I AINT NO JSON, FOOL!"
return response
with patched_urlopen(urlopen):
self.assertRaises(InvalidIssuerError,
self.verifier.verify, EXPIRED_ASSERTION, now=0)
def test_malformed_pub_key_document(self):
called = []
def urlopen(url, data):
# First call must raise 404 so it will look for /pk.
# Second call must return invalid JSON.
class response(object):
@staticmethod
def read():
if not called:
called.append(True)
raise ValueError("404 Not Found")
return "I AINT NO JSON, FOOL!"
return response
with patched_urlopen(urlopen):
self.assertRaises(InvalidIssuerError,
self.verifier.verify,
EXPIRED_ASSERTION,
now=0)
def setUp(self):
self.config = testing.setUp()
settings = {}
load_into_settings(self.get_ini(), settings)
self.config.add_settings(settings)
self.config.include("tokenserver")
load_and_register("tokenserver", self.config)
self.backend = self.config.registry.getUtility(INodeAssignment)
wsgiapp = self.config.make_wsgi_app()
wsgiapp = CatchErrors(wsgiapp)
self.app = TestApp(wsgiapp)
def urlopen(url, data): # NOQA
class response(object):
@staticmethod
def read():
key = fetch_public_key("browserid.org")
return json.dumps({"public-key": key})
return response
self.patched = patched_urlopen(urlopen)
self.patched.__enter__()
def test_missing_well_known_document(self):
with patched_urlopen(exc=RuntimeError("404 Not Found")):
self.assertRaises(InvalidIssuerError,
self.verifier.verify,
EXPIRED_ASSERTION,
now=0)
def test_missing_well_known_document(self):
with patched_urlopen(exc=RuntimeError("404 Not Found")):
self.assertRaises(InvalidIssuerError,
self.verifier.verify, EXPIRED_ASSERTION, now=0)
def test_error_while_fetching_public_key(self):
with patched_urlopen(exc=RuntimeError("TESTING")):
self.assertRaises(ConnectionError,
self.verifier.verify, EXPIRED_ASSERTION, now=0)
def test_error_while_fetching_public_key(self):
with patched_urlopen(exc=RuntimeError("TESTING")):
self.assertRaises(ConnectionError,
self.verifier.verify,
EXPIRED_ASSERTION,
now=0)
def test_handling_of_503_error_from_server(self):
with patched_urlopen(exc=ConnectionError("503 Back Off")):
self.assertRaises(ConnectionError, self.verifier.verify,
EXPIRED_ASSERTION)
def test_handling_of_503_error_from_server(self):
with patched_urlopen(exc=ConnectionError("503 Back Off")):
self.assertRaises(ConnectionError, self.verifier.verify,
EXPIRED_ASSERTION)