def test_bad_signature(self): # do not allow anonymous and signature is not good context = BaseContext() context.logger = logging.getLogger(__name__) context.config = { 'auth': { 'puk-file': os.path.join(os.path.dirname(os.path.realpath(__file__)), "passwd"), 'allow-only-registered': True } } s = Session() s.client_id = "client_using_secp256k1" # secp256k1 public key from int(hashlib.sha256(b"secret").digets()) # puk = '030cfbf62534dfa5f32e37145b27d2875c1a1ecf884e39f0b098e962acc7aeaaa7' # prk = '2c495f4933631f014d93f059c15b03bac6eaaead53a675e09574c4bcccab09d6' s.username = "******" # the puk actually prk = binascii.unhexlify( "2c495f4933631f014d93f059c15b03bac6eaaead53a675e09574c4bcccab09d6") msg = schnorr.hash_sha256( datetime.datetime.utcnow().isoformat()[:18] + s.client_id[1:] ) # remove first char of client_id to generate a bad signature s.password = binascii.hexlify(schnorr.sign(msg, prk)) auth_plugin = EcdsaAuthPlugin(context) ret = self.loop.run_until_complete(auth_plugin.authenticate(session=s)) self.assertFalse(ret)
def test_bad_anonymous(self): # do not allow anonymous and signature is not good context = BaseContext() context.logger = logging.getLogger(__name__) context.config = { 'auth': { 'puk-file': os.path.join(os.path.dirname(os.path.realpath(__file__)), "passwd"), 'allow-only-registered': False } } s = Session() s.client_id = "client_using_secp256k1" # secp256k1 public key from int(hashlib.sha256(b"other secret").digets()) # puk = '02d3a9b4022ab24b9218ae3290d2cbecf6d773ef70769afe9f15e7055a79cc90c4' # prk = 'fffc49122308b5e5666e6874ff4535d5a0e3f270a3a7545703c59da25378cbb3' s.username = "******" prk = binascii.unhexlify( "fffc49122308b5e5666e6874ff4535d5a0e3f270a3a7545703c59da25378cbb3") msg = schnorr.hash_sha256(datetime.datetime.utcnow().isoformat()[:18] + s.client_id[1:]) s.password = binascii.hexlify(schnorr.sign(msg, prk)) auth_plugin = EcdsaAuthPlugin(context) ret = self.loop.run_until_complete(auth_plugin.authenticate(session=s)) self.assertFalse(ret)
def test_allow_nonanonymous(self): context = BaseContext() context.logger = logging.getLogger(__name__) context.config = {'auth': {'allow-anonymous': False}} s = Session() s.username = "******" auth_plugin = AnonymousAuthPlugin(context) ret = self.loop.run_until_complete(auth_plugin.authenticate(session=s)) self.assertTrue(ret)
def test_allow_anonymous(self): context = BaseContext() context.logger = logging.getLogger(__name__) context.config = {"auth": {"allow-anonymous": True}} s = Session() s.username = "" auth_plugin = AnonymousAuthPlugin(context) ret = self.loop.run_until_complete(auth_plugin.authenticate(session=s)) assert ret
def test_allow_nonanonymous(self): context = BaseContext() context.logger = logging.getLogger(__name__) context.config = {'auth': {'allow-anonymous': False}} async def coro(): s = Session(None) s.username = "******" auth_plugin = AnonymousAuthPlugin(context) ret = await auth_plugin.authenticate(session=s) self.assertTrue(ret) anyio.run(coro)
def test_allow_nonanonymous(self): context = BaseContext() context.logger = logging.getLogger(__name__) context.config = { 'auth': { 'allow-anonymous': False } } s = Session() s.username = "******" auth_plugin = AnonymousAuthPlugin(context) ret = self.loop.run_until_complete(auth_plugin.authenticate(session=s)) self.assertTrue(ret)
def test_create_tables(self): dbfile = os.path.join(os.path.dirname(os.path.realpath(__file__)), "test.db") context = BaseContext() context.logger = logging.getLogger(__name__) context.config = {"persistence": {"file": dbfile}} SQLitePlugin(context) conn = sqlite3.connect(dbfile) cursor = conn.cursor() rows = cursor.execute("SELECT name FROM sqlite_master where type = 'table'") tables = [] for row in rows: tables.append(row[0]) self.assertIn("session", tables)
def test_unknown_password(self): context = BaseContext() context.logger = logging.getLogger(__name__) context.config = { 'auth': { 'password-file': os.path.join(os.path.dirname(os.path.realpath(__file__)), "passwd") } } s = Session() s.username = "******" s.password = "******" auth_plugin = FileAuthPlugin(context) ret = self.loop.run_until_complete(auth_plugin.authenticate(session=s)) self.assertFalse(ret)
def test_allow(self): context = BaseContext() context.logger = logging.getLogger(__name__) context.config = { "auth": { "password-file": os.path.join(os.path.dirname(os.path.realpath(__file__)), "passwd") } } s = Session() s.username = "******" s.password = "******" auth_plugin = FileAuthPlugin(context) ret = self.loop.run_until_complete(auth_plugin.authenticate(session=s)) self.assertTrue(ret)
def test_create_tables(self): dbfile = os.path.join(os.path.dirname(os.path.realpath(__file__)), "test.db") context = BaseContext() context.logger = logging.getLogger(__name__) context.config = { 'persistence': { 'file': dbfile } } sql_plugin = SQLitePlugin(context) conn = sqlite3.connect(dbfile) cursor = conn.cursor() rows = cursor.execute("SELECT name FROM sqlite_master where type = 'table'") tables = [] for row in rows: tables.append(row[0]) self.assertIn("session", tables)
def test_wrong_password(self): context = BaseContext() context.logger = logging.getLogger(__name__) context.config = { 'auth': { 'password-file': os.path.join(os.path.dirname(os.path.realpath(__file__)), "passwd") } } async def coro(): s = Session(None) s.username = "******" s.password = "******" auth_plugin = FileAuthPlugin(context) ret = await auth_plugin.authenticate(session=s) self.assertFalse(ret) anyio.run(coro)