def test_bad_signature(self):
# do not allow anonymous and signature is not good
context = BaseContext()
context.logger = logging.getLogger(__name__)
context.config = {
'auth': {
'puk-file':
os.path.join(os.path.dirname(os.path.realpath(__file__)),
"passwd"),
'allow-only-registered':
True
}
}
s = Session()
s.client_id = "client_using_secp256k1"
# secp256k1 public key from int(hashlib.sha256(b"secret").digets())
# puk = '030cfbf62534dfa5f32e37145b27d2875c1a1ecf884e39f0b098e962acc7aeaaa7'
# prk = '2c495f4933631f014d93f059c15b03bac6eaaead53a675e09574c4bcccab09d6'
s.username = "******" # the puk actually
prk = binascii.unhexlify(
"2c495f4933631f014d93f059c15b03bac6eaaead53a675e09574c4bcccab09d6")
msg = schnorr.hash_sha256(
datetime.datetime.utcnow().isoformat()[:18] + s.client_id[1:]
) # remove first char of client_id to generate a bad signature
s.password = binascii.hexlify(schnorr.sign(msg, prk))
auth_plugin = EcdsaAuthPlugin(context)
ret = self.loop.run_until_complete(auth_plugin.authenticate(session=s))
self.assertFalse(ret)
def test_bad_anonymous(self):
# do not allow anonymous and signature is not good
context = BaseContext()
context.logger = logging.getLogger(__name__)
context.config = {
'auth': {
'puk-file':
os.path.join(os.path.dirname(os.path.realpath(__file__)),
"passwd"),
'allow-only-registered':
False
}
}
s = Session()
s.client_id = "client_using_secp256k1"
# secp256k1 public key from int(hashlib.sha256(b"other secret").digets())
# puk = '02d3a9b4022ab24b9218ae3290d2cbecf6d773ef70769afe9f15e7055a79cc90c4'
# prk = 'fffc49122308b5e5666e6874ff4535d5a0e3f270a3a7545703c59da25378cbb3'
s.username = "******"
prk = binascii.unhexlify(
"fffc49122308b5e5666e6874ff4535d5a0e3f270a3a7545703c59da25378cbb3")
msg = schnorr.hash_sha256(datetime.datetime.utcnow().isoformat()[:18] +
s.client_id[1:])
s.password = binascii.hexlify(schnorr.sign(msg, prk))
auth_plugin = EcdsaAuthPlugin(context)
ret = self.loop.run_until_complete(auth_plugin.authenticate(session=s))
self.assertFalse(ret)
def test_allow_nonanonymous(self):
context = BaseContext()
context.logger = logging.getLogger(__name__)
context.config = {'auth': {'allow-anonymous': False}}
s = Session()
s.username = "******"
auth_plugin = AnonymousAuthPlugin(context)
ret = self.loop.run_until_complete(auth_plugin.authenticate(session=s))
self.assertTrue(ret)
def test_allow_anonymous(self):
context = BaseContext()
context.logger = logging.getLogger(__name__)
context.config = {"auth": {"allow-anonymous": True}}
s = Session()
s.username = ""
auth_plugin = AnonymousAuthPlugin(context)
ret = self.loop.run_until_complete(auth_plugin.authenticate(session=s))
assert ret
def test_allow_nonanonymous(self):
context = BaseContext()
context.logger = logging.getLogger(__name__)
context.config = {'auth': {'allow-anonymous': False}}
async def coro():
s = Session(None)
s.username = "******"
auth_plugin = AnonymousAuthPlugin(context)
ret = await auth_plugin.authenticate(session=s)
self.assertTrue(ret)
anyio.run(coro)
def test_allow_nonanonymous(self):
context = BaseContext()
context.logger = logging.getLogger(__name__)
context.config = {
'auth': {
'allow-anonymous': False
}
}
s = Session()
s.username = "******"
auth_plugin = AnonymousAuthPlugin(context)
ret = self.loop.run_until_complete(auth_plugin.authenticate(session=s))
self.assertTrue(ret)
def test_create_tables(self):
dbfile = os.path.join(os.path.dirname(os.path.realpath(__file__)), "test.db")
context = BaseContext()
context.logger = logging.getLogger(__name__)
context.config = {"persistence": {"file": dbfile}}
SQLitePlugin(context)
conn = sqlite3.connect(dbfile)
cursor = conn.cursor()
rows = cursor.execute("SELECT name FROM sqlite_master where type = 'table'")
tables = []
for row in rows:
tables.append(row[0])
self.assertIn("session", tables)
def test_unknown_password(self):
context = BaseContext()
context.logger = logging.getLogger(__name__)
context.config = {
'auth': {
'password-file': os.path.join(os.path.dirname(os.path.realpath(__file__)), "passwd")
}
}
s = Session()
s.username = "******"
s.password = "******"
auth_plugin = FileAuthPlugin(context)
ret = self.loop.run_until_complete(auth_plugin.authenticate(session=s))
self.assertFalse(ret)
def test_unknown_password(self):
context = BaseContext()
context.logger = logging.getLogger(__name__)
context.config = {
'auth': {
'password-file':
os.path.join(os.path.dirname(os.path.realpath(__file__)),
"passwd")
}
}
s = Session()
s.username = "******"
s.password = "******"
auth_plugin = FileAuthPlugin(context)
ret = self.loop.run_until_complete(auth_plugin.authenticate(session=s))
self.assertFalse(ret)
def test_allow(self):
context = BaseContext()
context.logger = logging.getLogger(__name__)
context.config = {
"auth": {
"password-file":
os.path.join(os.path.dirname(os.path.realpath(__file__)),
"passwd")
}
}
s = Session()
s.username = "******"
s.password = "******"
auth_plugin = FileAuthPlugin(context)
ret = self.loop.run_until_complete(auth_plugin.authenticate(session=s))
self.assertTrue(ret)
def test_create_tables(self):
dbfile = os.path.join(os.path.dirname(os.path.realpath(__file__)), "test.db")
context = BaseContext()
context.logger = logging.getLogger(__name__)
context.config = {
'persistence': {
'file': dbfile
}
}
sql_plugin = SQLitePlugin(context)
conn = sqlite3.connect(dbfile)
cursor = conn.cursor()
rows = cursor.execute("SELECT name FROM sqlite_master where type = 'table'")
tables = []
for row in rows:
tables.append(row[0])
self.assertIn("session", tables)
def test_wrong_password(self):
context = BaseContext()
context.logger = logging.getLogger(__name__)
context.config = {
'auth': {
'password-file':
os.path.join(os.path.dirname(os.path.realpath(__file__)),
"passwd")
}
}
async def coro():
s = Session(None)
s.username = "******"
s.password = "******"
auth_plugin = FileAuthPlugin(context)
ret = await auth_plugin.authenticate(session=s)
self.assertFalse(ret)
anyio.run(coro)
